github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-03-11 21:11:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: Allow users to selectively attach the EKS created cluster primary security group to nodes (#1952)

Browse Source
This commit is contained in:
Bryant Biggs
2022-03-23 10:41:39 -04:00
committed by GitHub
parent 9528619aca
commit e21db83d8f
9 changed files with 45 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
modules/eks-managed-node-group/README.md
View File

@@ -93,6 +93,7 @@ module "eks_managed_node_group" {
| <a name="input_cluster_endpoint"></a> [cluster\_endpoint](#input\_cluster\_endpoint) | Endpoint of associated EKS cluster | `string` | `""` | no |
| <a name="input_cluster_ip_family"></a> [cluster\_ip\_family](#input\_cluster\_ip\_family) | The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6` | `string` | `null` | no |
| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Name of associated EKS cluster | `string` | `null` | no |
| <a name="input_cluster_primary_security_group_id"></a> [cluster\_primary\_security\_group\_id](#input\_cluster\_primary\_security\_group\_id) | The ID of the EKS cluster primary security group to associate with the instance(s). This is the security group that is automatically created by the EKS service | `string` | `null` | no |
| <a name="input_cluster_security_group_id"></a> [cluster\_security\_group\_id](#input\_cluster\_security\_group\_id) | Cluster control plane security group ID | `string` | `null` | no |
| <a name="input_cluster_service_ipv4_cidr"></a> [cluster\_service\_ipv4\_cidr](#input\_cluster\_service\_ipv4\_cidr) | The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks | `string` | `null` | no |
| <a name="input_cluster_version"></a> [cluster\_version](#input\_cluster\_version) | Kubernetes version. Defaults to EKS Cluster Kubernetes version | `string` | `null` | no |

2
modules/eks-managed-node-group/main.tf
View File

@@ -54,7 +54,7 @@ resource "aws_launch_template" "this" {
key_name = var.key_name
user_data = module.user_data.user_data
vpc_security_group_ids = compact(concat([try(aws_security_group.this[0].id, "")], var.vpc_security_group_ids))
vpc_security_group_ids = compact(concat([try(aws_security_group.this[0].id, ""), var.cluster_primary_security_group_id], var.vpc_security_group_ids))
default_version = var.launch_template_default_version
update_default_version = var.update_launch_template_default_version

6
modules/eks-managed-node-group/variables.tf
View File

@@ -126,6 +126,12 @@ variable "vpc_security_group_ids" {
default = []
}
variable "cluster_primary_security_group_id" {
description = "The ID of the EKS cluster primary security group to associate with the instance(s). This is the security group that is automatically created by the EKS service"
type = string
default = null
}
variable "launch_template_default_version" {
description = "Default version of the launch template"
type = string