devops-stack-module-cluster-eks

A DevOps Stack module to deploy and configure an EKS cluster on Amazon Web Services.

Technical Reference

Dependencies

Requirements

The following requirements are needed by this module:

Providers

The following providers are used by this module:

Modules

The following Modules are called:

cluster

Source: terraform-aws-modules/eks/aws

Version: ~> 19.0

iam_assumable_role_cluster_autoscaler

Source: terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc

Version: ~> 5.0

nlb

Source: terraform-aws-modules/alb/aws

Version: ~> 8.0

nlb_private

Source: terraform-aws-modules/alb/aws

Version: ~> 8.0

Resources

The following resources are used by this module:

Required Inputs

The following input variables are required:

cluster_name

Description: n/a

Type: string

private_subnet_ids

Description: List of IDs of private subnets that the EKS instances will be attached to.

Type: list(string)

vpc_cidr_block

Description: n/a

Type: string

vpc_id

Description: VPC where the cluster and nodes will be deployed.

Type: string

Optional Inputs

The following input variables are optional (have default values):

aws_auth_accounts

Description: Additional AWS account numbers to add to the aws-auth configmap. See examples/basic/variables.tf in the terraform-aws-eks module’s code for example format.

Type: list(string)

Default: []

aws_auth_roles

Description: Additional IAM roles to add to the aws-auth configmap. See examples/basic/variables.tf in the terraform-aws-eks module’s code for example format.

Type:

list(object({
    rolearn  = string
    username = string
    groups   = list(string)
  }))

Default: []

aws_auth_users

Description: Additional IAM users to add to the aws-auth configmap. See examples/basic/variables.tf in the terraform-aws-eks module’s code for example format.

Type:

list(object({
    userarn  = string
    username = string
    groups   = list(string)
  }))

Default: []

base_domain

Description: The base domain used for Ingresses.

Type: string

Default: null

cluster_autoscaler_role_arn

Description: Role ARN linked to the cluster autoscaler ServiceAccount

Type: string

Default: ""

cluster_endpoint_public_access_cidrs

Description: List of CIDR blocks which can access the Amazon EKS public API server endpoint.

Type: list(string)

Default:

[
  "0.0.0.0/0"
]

create_private_nlb

Description: Whether to create an internal NLB attached the private subnets

Type: bool

Default: false

create_public_nlb

Description: Whether to create an internet-facing NLB attached to the public subnets

Type: bool

Default: true

enable_cluster_autoscaler

Description: Whether to setup a cluster autoscaler

Type: bool

Default: false

extra_lb_http_tcp_listeners

Description: Additional load-balancer listeners

Type: list(any)

Default: []

extra_lb_target_groups

Description: Additional load-balancer target groups

Type: list(any)

Default: []

kubernetes_version

Description: Kubernetes version to use for the EKS cluster.

Type: string

Default: "1.25"

nlb_attached_node_groups

Description: List of node_groups indexes that the NLB(s) should be attached to

Type: list(any)

Default: []

node_groups

Description: A map of node group configurations to be created.

Type: any

Default: {}

public_subnet_ids

Description: List of IDs of public subnets the public NLB will be attached to if enabled with 'create_public_nlb'.

Type: list(string)

Default: []

Outputs

The following outputs are exported:

base_domain

Description: n/a

cluster_name

Description: n/a

cluster_oidc_issuer_url

Description: The URL on the EKS cluster OIDC Issuer

kubernetes

Description: n/a

kubernetes_host

Description: n/a

kubernetes_token

Description: n/a

nlb_target_groups

Description: n/a

node_groups

Description: Security group ID attached to the EKS nodes.

node_security_group_id

Description: n/a

Reference in table format

Show tables

= Requirements

Name Version

>= 1.0

>= 4

aws

>= 4

>= 2

>= 2

>= 2

>= 3

>= 3

>= 1

= Providers

Name Version

aws

>= 4

dns

n/a

= Modules

Name Source Version

terraform-aws-modules/eks/aws

~> 19.0

terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc

~> 5.0

nlb

terraform-aws-modules/alb/aws

~> 8.0

terraform-aws-modules/alb/aws

~> 8.0

= Resources

Name Type

resource

resource

data source

data source

data source

data source

data source

= Inputs

Name Description Type Default Required

Additional AWS account numbers to add to the aws-auth configmap. See examples/basic/variables.tf in the terraform-aws-eks module’s code for example format.

list(string)

[]

no

Additional IAM roles to add to the aws-auth configmap. See examples/basic/variables.tf in the terraform-aws-eks module’s code for example format.

list(object({
    rolearn  = string
    username = string
    groups   = list(string)
  }))

[]

no

Additional IAM users to add to the aws-auth configmap. See examples/basic/variables.tf in the terraform-aws-eks module’s code for example format.

list(object({
    userarn  = string
    username = string
    groups   = list(string)
  }))

[]

no

The base domain used for Ingresses.

string

null

no

Role ARN linked to the cluster autoscaler ServiceAccount

string

""

no

List of CIDR blocks which can access the Amazon EKS public API server endpoint.

list(string)

[
  "0.0.0.0/0"
]

no

n/a

string

n/a

yes

Whether to create an internal NLB attached the private subnets

bool

false

no

Whether to create an internet-facing NLB attached to the public subnets

bool

true

no

Whether to setup a cluster autoscaler

bool

false

no

Additional load-balancer listeners

list(any)

[]

no

Additional load-balancer target groups

list(any)

[]

no

Kubernetes version to use for the EKS cluster.

string

"1.25"

no

List of node_groups indexes that the NLB(s) should be attached to

list(any)

[]

no

A map of node group configurations to be created.

any

{}

no

List of IDs of private subnets that the EKS instances will be attached to.

list(string)

n/a

yes

List of IDs of public subnets the public NLB will be attached to if enabled with 'create_public_nlb'.

list(string)

[]

no

n/a

string

n/a

yes

VPC where the cluster and nodes will be deployed.

string

n/a

yes

= Outputs

Name Description

n/a

n/a

The URL on the EKS cluster OIDC Issuer

n/a

n/a

n/a

n/a

n/a

Security group ID attached to the EKS nodes.

n/a