github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-04-11 03:26:50 +02:00
Code Issues Packages Projects Releases Wiki Activity

chore: Update examples to better demonstrate questions raised through issues (#2294)

Browse Source 
Resolves undefined
This commit is contained in:
Bryant Biggs
2022-11-08 03:29:42 -05:00
committed by GitHub
parent 417788cc2b
commit 1bc86e19aa
1 changed files with 45 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
examples/complete/main.tf
View File

@@ -1,11 +1,5 @@
provider "aws" { provider "aws" {
region = local.region region = local.region
default_tags {
tags = {
ExampleDefaultTag = "ExampleDefaultValue"
}
}
} }
provider "kubernetes" { provider "kubernetes" {
@@ -196,12 +190,14 @@ module "eks" {
} }
} }
# OIDC Identity provider # Create a new cluster where both an identity provider and Fargate profile is created
cluster_identity_providers = { # will result in conflicts since only one can take place at a time
sts = { # # OIDC Identity provider
client_id = "sts.amazonaws.com" # cluster_identity_providers = {
} # sts = {
} # client_id = "sts.amazonaws.com"
# }
# }
# aws-auth configmap # aws-auth configmap
manage_aws_auth_configmap = true manage_aws_auth_configmap = true
@@ -216,10 +212,30 @@ module "eks" {
aws_auth_roles = [ aws_auth_roles = [
{ {
rolearn = "arn:aws:iam::66666666666:role/role1" rolearn = module.eks_managed_node_group.iam_role_arn
username = "role1" username = "system:node:{{EC2PrivateDNSName}}"
groups = ["system:masters"] groups = [
"system:bootstrappers",
"system:nodes",
]
}, },
{
rolearn = module.self_managed_node_group.iam_role_arn
username = "system:node:{{EC2PrivateDNSName}}"
groups = [
"system:bootstrappers",
"system:nodes",
]
},
{
rolearn = module.fargate_profile.fargate_profile_pod_execution_role_arn
username = "system:node:{{SessionName}}"
groups = [
"system:bootstrappers",
"system:nodes",
"system:node-proxier",
]
}
] ]
aws_auth_users = [ aws_auth_users = [
@@ -261,6 +277,20 @@ module "eks_managed_node_group" {
module.eks.cluster_security_group_id, module.eks.cluster_security_group_id,
] ]
ami_type = "BOTTLEROCKET_x86_64"
platform = "bottlerocket"
# this will get added to what AWS provides
bootstrap_extra_args = <<-EOT
# extra args added
[settings.kernel]
lockdown = "integrity"
[settings.kubernetes.node-labels]
"label1" = "foo"
"label2" = "bar"
EOT
tags = merge(local.tags, { Separate = "eks-managed-node-group" }) tags = merge(local.tags, { Separate = "eks-managed-node-group" })
} }
@@ -282,8 +312,6 @@ module "self_managed_node_group" {
module.eks.cluster_security_group_id, module.eks.cluster_security_group_id,
] ]
use_default_tags = true
tags = merge(local.tags, { Separate = "self-managed-node-group" }) tags = merge(local.tags, { Separate = "self-managed-node-group" })
} }