From 95986471f04d116ab3d3276c37d2e5e8abfafa8c Mon Sep 17 00:00:00 2001 From: Max Williams Date: Tue, 5 Mar 2019 14:54:46 +0100 Subject: [PATCH] Adding optional name filter variable to be able to pin worker AMI to a release --- README.md | 5 +++-- data.tf | 6 ++++-- variables.tf | 9 +++++++-- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 59d211e..ad407db 100644 --- a/README.md +++ b/README.md @@ -135,6 +135,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a | tags | A map of tags to add to all resources. | map | `{}` | no | | vpc\_id | VPC where the cluster and workers will be deployed. | string | n/a | yes | | worker\_additional\_security\_group\_ids | A list of additional security group ids to attach to worker instances | list | `[]` | no | +| worker\_ami\_name\_filter | Additional name filter for AWS EKS worker AMI. Default behaviour will get latest for the cluster_version but could be set to a release from amazon-eks-ami, e.g. "v20190220" | string | `"v*"` | no | | worker\_create\_security\_group | Whether to create a security group for the workers or attach the workers to `worker_security_group_id`. | string | `"true"` | no | | worker\_group\_count | The number of maps contained within the worker_groups list. | string | `"1"` | no | | worker\_group\_launch\_template\_count | The number of maps contained within the worker_groups_launch_template list. | string | `"0"` | no | @@ -155,9 +156,9 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a |------|-------------| | cluster\_certificate\_authority\_data | Nested attribute containing certificate-authority-data for your cluster. This is the base64 encoded certificate data required to communicate with your cluster. | | cluster\_endpoint | The endpoint for your EKS Kubernetes API. | +| cluster\_iam\_role\_arn | IAM role ARN of the EKS cluster. | +| cluster\_iam\_role\_name | IAM role name of the EKS cluster. | | cluster\_id | The name/id of the EKS cluster. | -| cluster\_role\_arn | IAM role ARN of the EKS cluster role. | -| cluster\_role\_name | IAM role name of the EKS cluster role. | | cluster\_security\_group\_id | Security group ID attached to the EKS cluster. | | cluster\_version | The Kubernetes server version for the EKS cluster. | | config\_map\_aws\_auth | A kubernetes configuration to authenticate to this EKS cluster. | diff --git a/data.tf b/data.tf index c28e692..2be3858 100644 --- a/data.tf +++ b/data.tf @@ -18,11 +18,13 @@ data "aws_iam_policy_document" "workers_assume_role_policy" { data "aws_ami" "eks_worker" { filter { name = "name" - values = ["amazon-eks-node-${var.cluster_version}-v*"] + values = ["amazon-eks-node-${var.cluster_version}-${var.worker_ami_name_filter}"] } most_recent = true - owners = ["602401143452"] + + # Owner ID of AWS EKS team + owners = ["602401143452"] } data "aws_iam_policy_document" "cluster_assume_role_policy" { diff --git a/variables.tf b/variables.tf index 77d0f0a..77e04af 100644 --- a/variables.tf +++ b/variables.tf @@ -101,7 +101,7 @@ variable "worker_group_count" { } variable "workers_group_defaults" { - description = "Override default values for target groups. See workers_group_defaults_defaults in locals.tf for valid keys." + description = "Override default values for target groups. See workers_group_defaults_defaults in local.tf for valid keys." type = "map" default = {} } @@ -133,7 +133,7 @@ variable "worker_group_launch_template_count" { } variable "workers_group_launch_template_defaults" { - description = "Override default values for target groups. See workers_group_defaults_defaults in locals.tf for valid keys." + description = "Override default values for target groups. See workers_group_defaults_defaults in local.tf for valid keys." type = "map" default = {} } @@ -152,6 +152,11 @@ variable "worker_security_group_id" { default = "" } +variable "worker_ami_name_filter" { + description = "Additional name filter for AWS EKS worker AMI. Default behaviour will get latest for the cluster_version but could be set to a release from amazon-eks-ami, e.g. \"v20190220\"" + default = "v*" +} + variable "worker_additional_security_group_ids" { description = "A list of additional security group ids to attach to worker instances" type = "list"