feat: Add nitro enclave support for EKS (#1185)

2026-01-15 16:23:58 +01:00 · 2021-01-28 14:45:41 -08:00
parent 6c08a92463
commit 4fc609bd22
4 changed files with 12 additions and 3 deletions
--- a/README.md
+++ b/README.md
@@ -145,7 +145,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | Name | Version |
 |------|---------|
 | terraform | >= 0.12.9, != 0.13.0 |
-| aws | >= 3.21.0 |
+| aws | >= 3.22.0 |
 | kubernetes | >= 1.11.1 |
 | local | >= 1.4 |
 | null | >= 2.1 |
@@ -156,7 +156,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a

 | Name | Version |
 |------|---------|
-| aws | >= 3.21.0 |
+| aws | >= 3.22.0 |
 | kubernetes | >= 1.11.1 |
 | local | >= 1.4 |
 | null | >= 2.1 |
--- a/local.tf
+++ b/local.tf
@@ -54,6 +54,7 @@ locals {
    additional_userdata           = ""                          # userdata to append to the default userdata.
    ebs_optimized                 = true                        # sets whether to use ebs optimization on supported types.
    enable_monitoring             = true                        # Enables/disables detailed monitoring.
+    enclave_support               = false                       # Enables/disables enclave support
    public_ip                     = false                       # Associate a public ip address with a worker
    kubelet_extra_args            = ""                          # This string is passed directly to kubelet if set. Useful for adding labels or taints.
    subnets                       = var.subnets                 # A list of subnets to place the worker nodes in. i.e. ["subnet-123", "subnet-456", "subnet-789"]
--- a/versions.tf
+++ b/versions.tf
@@ -2,7 +2,7 @@ terraform {
  required_version = ">= 0.12.9, != 0.13.0"

  required_providers {
-    aws        = ">= 3.21.0"
+    aws        = ">= 3.22.0"
    local      = ">= 1.4"
    null       = ">= 2.1"
    template   = ">= 2.1"
--- a/workers_launch_template.tf
+++ b/workers_launch_template.tf
@@ -272,6 +272,14 @@ resource "aws_launch_template" "workers_launch_template" {
    )[count.index]
  }

+  enclave_options {
+    enabled = lookup(
+      var.worker_groups_launch_template[count.index],
+      "enclave_support",
+      local.workers_group_defaults["enclave_support"],
+    )
+  }
+
  image_id = lookup(
    var.worker_groups_launch_template[count.index],
    "ami_id",