* feat: Add support for enabling EFA resources
* feat: Add support for creating placement group and ensuring subnet ID used supports the instance type provided
* chore: Update README and examples
* feat: Update AWS provider MSV to support `maximum_network_cards` attribute
* fix: Update self-managed example after last round of testing; improve EFA support wording
* feat: Replace `resolve_conflicts` with `resolve_conflicts_on_create`/`delete`; raise MSV of AWS provider to `v5.0` to support
* fix: Replace dynamic DNS suffix for `sts:AssumeRole` API calls for static suffix
* feat: Add module tag
* feat: Align Karpenter permissions with Karpenter v1beta1/v0.32 permissions from upstream
* refactor: Move `aws-auth` ConfigMap functionality to its own sub-module
* chore: Update examples
* feat: Add state `moved` block for Karpenter Pod Identity role re-name
* fix: Correct variable `create` description
* feat: Add support for cluster access entries
* chore: Bump MSV of Terraform to `1.3`
* fix: Replace defunct kubectl provider with an updated forked equivalent
* chore: Update and validate examples for access entry; clean up provider usage
* docs: Correct double redundant variable descriptions
* feat: Add support for Cloudwatch log group class argument
* fix: Update usage tag placement, fix Karpenter event spelling, add upcoming changes section to upgrade guide
* feat: Update Karpenter module to generalize naming used and align policy with the upstream Karpenter policy
* feat: Add native support for Windows based managed nodegroups similar to AL2 and Bottlerocket
* feat: Update self-managed nodegroup module to use latest features of ASG
* docs: Update and simplify docs
* fix: Correct variable description for AMI types
* fix: Update upgrade guide with changes; rename Karpenter controller resource names to support migrating for users
* docs: Complete upgrade guide docs for migration and changes applied
* Update examples/karpenter/README.md
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
* Update examples/outposts/README.md
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
* Update modules/karpenter/README.md
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
---------
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
* fix: Allow OIDC root CA thumbprint to be included/excluded
* chore: Consolidate conditional logic within local conditional
---------
Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
BREAKING CHANGES: The private endpoint security group rule has been renamed to allow the use of CIDR blocks and Security Groups as source. This will delete the `cluster_private_access` Security Group Rule for existing cluster. Please rename by `aws_security_group_rule.cluster_private_access[0]` into `aws_security_group_rule.cluster_private_access_cidrs_source[0]`.
Co-authored-by: Thierno IB. BARRY <ibrahima.br@gmail.com>
BREAKING CHANGES: The variable `config_output_path` is renamed into `kubeconfig_output_path` for naming consistency. Please upgrade your configuration accordingly.
NOTES: The kubeconfig file permission is not world and group readable anymore. The default permission is now `600`. This value can be changed with the variable `var.kubeconfig_file_permission`.
NOTES: Using the [terraform-aws-modules/http](https://registry.terraform.io/providers/terraform-aws-modules/http/latest) provider is a more platform agnostic way to wait for the cluster availability than using a local-exec. With this change we're able to provision EKS clusters and manage the `aws_auth` configmap while still using the `hashicorp/tfc-agent` docker image.
