terraform-aws-eks

mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-01-19 18:17:48 +01:00

Author	SHA1	Message	Date
Bryant Biggs	1ac67b8a60	fix: Revert changes to disabling auto mode #3253 (#3255 )	2024-12-20 16:26:52 -06:00
Bryant Biggs	2a6a57a9bb	fix: Correct Auto Mode disable (#3253 )	2024-12-20 12:36:19 -06:00
Bryant Biggs	a07013a1f4	fix: Auto Mode custom tag policy should apply to cluster role, not node role (#3242 )	2024-12-14 07:28:52 -06:00
Bryant Biggs	ce34f1db3f	fix: Avoid trying to attach the node role when Auto Mode nodepools are not specified (#3239 )	2024-12-12 07:14:15 -06:00
Bryant Biggs	e2846be8b1	fix: Create EKS Auto Mode role when Auto Mode is enabled, regardless of built-in node pool use (#3234 )	2024-12-08 22:42:11 -06:00
Bryant Biggs	3b974d33ad	feat: Add support for EKS Auto Mode and EKS Hybrid nodes (#3225 ) * feat: Add support for EKS hybrid nodes * feat: Add support for EKS Auto Mode * chore: Update test directory names * chore: Clean up examples and tests * fix: Clean up and last minute changes for GA * chore: Formatting * chore: Bump min required version for new features * fix: Corrects from test/validation on existing clusters * feat: Add policy for custom tags on EKS Auto Mode, validate examples * chore: Expand on `CAM` acronym * chore: Update README to match examples	2024-12-04 09:24:21 -06:00
Bryant Biggs	35388bb8c4	fix: Coalesce local `resolve_conflicts_on_create_default` value to a boolean since default is `null` (#3221 )	2024-11-26 14:35:31 -06:00
Bryant Biggs	ab2207d509	feat: Improve addon dependency chain and decrease time to provision addons (due to retries) (#3218 ) * feat: Improve addon dependency chain and decrease time to provision addons (due to retries) * fix: Run pre-commit to clean up docs	2024-11-26 13:31:42 -06:00
Bryant Biggs	a224334fc8	feat: Add support for pod identity association on EKS addons (#3203 )	2024-11-08 15:56:56 -06:00
Bryant Biggs	1b0ac83264	feat: Add support for zonal shift (#3195 )	2024-11-01 16:50:19 -05:00
Bryant Biggs	8b90872983	fix: Remove deprecated `inline_policy` from cluster role (#3163 )	2024-09-21 09:45:50 -05:00
Loren Gordon	6124a08578	fix: Eliminates null check on tag values to fix for_each error about unknown keys (#3119 ) Eliminates null check on tag values to fix for_each error about unknown keys Fixes #3118 Related #2760 Related #2681 Related #2337	2024-08-09 17:23:01 -05:00
Bryant Biggs	e12ab7a5de	feat: Add support for `upgrade_policy` (#3112 ) * feat: Add support for `upgrade_policy` * chore: Update test and validate	2024-08-05 09:07:13 -05:00
Taehyun Kim	af88e7d2f8	feat: Support `bootstrap_self_managed_addons` (#3099 ) Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>	2024-07-15 19:55:09 -04:00
Bryant Biggs	93ffdfc6fa	fix: Revert #3058 - fix: Invoke aws_iam_session_context data source only when required (#3092 ) fix: Revert #3058	2024-07-05 14:36:49 -04:00
Király Ádám	f02df92b66	fix: Invoke `aws_iam_session_context` data source only when required (#3058 ) * fix: Call `aws_iam_session_context` data resource only if needed * Typo. * Move index. * Fix condition. --------- Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>	2024-07-05 13:12:21 -04:00
Bryant Biggs	1e31929044	fix: Correct syntax for correctly ignoring `bootstrap_cluster_creator_admin_permissions` and not all of `access_config` (#3056 )	2024-06-04 07:08:47 -04:00
Bryant Biggs	00f076ada4	feat: Starting with `1.30`, do not use the cluster OIDC issuer URL by default in the identity provider config (#3055 ) fix: Starting with `1.30`, do not use the cluster OIDC issuer URL by default in the identity provider config	2024-05-31 13:01:16 -04:00
William Paul Evans	c65d308503	fix: Ignore changes to `bootstrap_cluster_creator_admin_permissions` which is disabled by default (#3042 ) * Ignore changes to bootstrap_cluster_creator_admin_permissions to allow upgrading module and importing existing clusters * Update main.tf Co-authored-by: Igor Brites <igor@brites.dev> * fix attribute reffernce --------- Co-authored-by: Igor Brites <igor@brites.dev>	2024-05-21 15:01:04 -04:00
Bryant Biggs	f6255c49e4	feat: Add support for addon and identity provider custom tags (#2938 ) feat: Add support for addon and OIDC provider custom tags	2024-02-21 17:33:59 -05:00
Bourne-ID	1e32e6a9f8	fix: Update access entries `kubernetes_groups` default value to `null` (#2897 ) fix: Update default groups from [] to null Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>	2024-02-06 09:04:22 -05:00
Bryant Biggs	417791374c	fix: Correct cluster access entry to create multiple policy associations per access entry (#2892 )	2024-02-03 06:47:15 -05:00
Bryant Biggs	6b40bdbb1d	feat!: Replace the use of `aws-auth` configmap with EKS cluster access entry (#2858 ) * feat: Replace `resolve_conflicts` with `resolve_conflicts_on_create`/`delete`; raise MSV of AWS provider to `v5.0` to support * fix: Replace dynamic DNS suffix for `sts:AssumeRole` API calls for static suffix * feat: Add module tag * feat: Align Karpenter permissions with Karpenter v1beta1/v0.32 permissions from upstream * refactor: Move `aws-auth` ConfigMap functionality to its own sub-module * chore: Update examples * feat: Add state `moved` block for Karpenter Pod Identity role re-name * fix: Correct variable `create` description * feat: Add support for cluster access entries * chore: Bump MSV of Terraform to `1.3` * fix: Replace defunct kubectl provider with an updated forked equivalent * chore: Update and validate examples for access entry; clean up provider usage * docs: Correct double redundant variable descriptions * feat: Add support for Cloudwatch log group class argument * fix: Update usage tag placement, fix Karpenter event spelling, add upcoming changes section to upgrade guide * feat: Update Karpenter module to generalize naming used and align policy with the upstream Karpenter policy * feat: Add native support for Windows based managed nodegroups similar to AL2 and Bottlerocket * feat: Update self-managed nodegroup module to use latest features of ASG * docs: Update and simplify docs * fix: Correct variable description for AMI types * fix: Update upgrade guide with changes; rename Karpenter controller resource names to support migrating for users * docs: Complete upgrade guide docs for migration and changes applied * Update examples/karpenter/README.md Co-authored-by: Anton Babenko <anton@antonbabenko.com> * Update examples/outposts/README.md Co-authored-by: Anton Babenko <anton@antonbabenko.com> * Update modules/karpenter/README.md Co-authored-by: Anton Babenko <anton@antonbabenko.com> --------- Co-authored-by: Anton Babenko <anton@antonbabenko.com>	2024-02-02 09:36:25 -05:00
BlacksmithJoe	4c5c97b5d4	feat: Add tags for CloudWatch log group only (#2841 ) * feature: added cloudwatch log group tags input * fix: terraform docs run	2023-12-11 09:54:19 -05:00
Daniel Frankcom	091c68051d	feat: Allow OIDC root CA thumbprint to be included/excluded (#2778 ) * fix: Allow OIDC root CA thumbprint to be included/excluded * chore: Consolidate conditional logic within local conditional --------- Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>	2023-11-14 10:07:47 -05:00
Bryant Biggs	0732bea85f	feat: Update KMS module to avoid calling data sources when `create_kms_key = false` (#2804 )	2023-11-04 08:41:59 -04:00
Daniel Frankcom	7e5de1566c	fix: Only include CA thumbprint in OIDC provider list (#2769 ) As per #2732 and #32847, only the CA thumbprint should be included in the OIDC provider thumbprint list.	2023-10-06 19:26:35 -04:00
Angel Moctezuma	adb47f46dc	feat: Add `node_iam_role_arns` local variable to check for Windows platform on EKS managed nodegroups (#2477 ) Update node_iam_role_arns locals to check for Windows Managed Node Groups Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>	2023-08-03 19:23:36 -04:00
Roberto Devesa	c86f8d4db3	fix: Use `coalesce` when desired default value is not `null` (#2696 ) Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>	2023-07-27 07:58:01 -04:00
Bryant Biggs	e23139ad2d	fix: Revert changes to ignore `role_last_used` (#2629 )	2023-05-24 17:54:33 -04:00
Eric Bailey	f8ea3d08ad	feat: Ignore changes to .aws_iam_role..role_last_used (#2628 )	2023-05-24 13:46:52 -04:00
visokoo	e64a490d8d	fix: Add Name tag for EKS cloudwatch log group (#2500 ) Co-authored-by: Vivian Ta <vivianta@rivian.com> Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>	2023-03-23 11:56:42 -04:00
Bryant Biggs	78027f37e4	feat: Add support for enabling addons before data plane compute is created (#2478 )	2023-02-17 07:28:03 -05:00
Matt Parkes	5015b429e6	feat: Ignore changes to labels and annotations on on `aws-auth` ConfigMap (#2380 ) Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com> Fixes https://github.com/terraform-aws-modules/terraform-aws-eks/issues/2379	2023-01-05 12:32:23 -05:00
Bryant Biggs	71b8ecaa87	fix: Use IAM session context data source to resolve the identities role when using `assumed_role` (#2347 )	2022-12-17 07:32:04 -05:00
Bryant Biggs	3b62f6c316	feat: Add support for addon `configuration_values` (#2345 ) Resolves undefined	2022-12-16 14:44:21 -05:00
Bryant Biggs	ca03fd9ec1	docs: Correct spelling mistakes (#2334 ) Resolves undefined	2022-12-08 09:35:28 -05:00
Carlos Santana	b83f6d98bf	fix: Ensure that custom KMS key is not created if encryption is not enabled, support computed values in cluster name (#2328 ) Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com> Resolves undefined Resolved undefined Closes undefined	2022-12-07 11:05:49 -05:00
Sebastian Melchior	3f6d915eef	fix: `public_access_cidrs` require a value even if public endpoint is disabled (#2320 ) Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>	2022-12-06 16:55:02 -05:00
Adam Staudt	7bc4a2743f	fix: Call to lookup() closed too early, breaks sg rule creation in cluster sg if custom source sg is defined. (#2319 ) Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>	2022-12-06 14:10:29 -05:00
Bryant Biggs	b2e97ca3dc	feat!: Add support for Outposts, remove node security group, add support for addon `preserve` and `most_recent` configurations (#2250 ) Co-authored-by: Anton Babenko <anton@antonbabenko.com> Resolves undefined	2022-12-05 16:26:23 -05:00
ThetaSinner	7436178cc1	fix: Include all certificate fingerprints in the OIDC provider thumbprint list (#2307 ) Co-authored-by: gdjensen <gjensen@tradewelltech.co>	2022-11-22 11:16:39 -05:00
Bryant Biggs	28ccecefe2	fix: Disable creation of cluster security group rules that map to node security group when `create_node_security_group` = `false` (#2274 ) * fix: Disable creation of cluster security group rules that map to node security group when `create_node_security_group` = `false` * feat: Update Fargate example to run only Fargate and show disabling of both cluster and node security groups * fix: Ensure CoreDNS changes are made ahead of install	2022-10-14 09:16:57 -04:00
Zvika Nadav	ac4d549629	fix: Update CloudWatch log group creation deny policy to use wildcard (#2267 ) Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>	2022-10-11 16:28:06 -04:00
Bryant Biggs	a74e98017b	feat: Add output for cluster TLS certificate SHA1 fingerprint and provider tags to cluster primary security group (#2249 )	2022-09-29 15:34:20 -04:00
Igor Brites	93065fabdf	feat: Default to clusters OIDC issuer URL for `aws_eks_identity_provider_config` (#2190 ) feat: setting oidc issuer as default option for aws_eks_identity_provider_config Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>	2022-08-09 15:06:39 -04:00
Bryant Biggs	d990ea8aff	fix: Pin TLS provider version to 3.x versions only (#2174 )	2022-07-22 08:29:00 -04:00
Pedro Fragoso	0fd1ab1db9	fix: Bump kms module to 1.0.2 to fix malformed policy document when not specifying key_owners (#2163 )	2022-07-20 14:05:47 -04:00
Bryant Biggs	bc04cd3a0a	fix: Update KMS module version which aligns on module version requirements (#2127 )	2022-06-29 07:51:44 -04:00
Bryant Biggs	75acb09ec5	feat: Add support for creating KMS key for cluster secret encryption (#2121 ) * feat: Add support for creating KMS key for cluster secret encryption * fix: Update naming scheme to include `kms_`	2022-06-28 10:55:39 -04:00

1 2 3

103 Commits