variable "cluster_enabled_log_types" { default = [] description = "A list of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging documentation (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html)" type = list(string) } variable "cluster_log_kms_key_id" { default = "" description = "If a KMS Key ARN is set, this key will be used to encrypt the corresponding log group. Please be sure that the KMS Key has an appropriate key policy (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)" type = string } variable "cluster_log_retention_in_days" { default = 90 description = "Number of days to retain log events. Default retention - 90 days." type = number } variable "cluster_name" { description = "Name of the EKS cluster. Also used as a prefix in names of related resources." type = string } variable "cluster_security_group_id" { description = "If provided, the EKS cluster will be attached to this security group. If not given, a security group will be created with necessary ingres/egress to work with the workers and provide API access to your current IP/32." type = string default = "" } variable "cluster_version" { description = "Kubernetes version to use for the EKS cluster." type = string default = "1.13" } variable "config_output_path" { description = "Where to save the Kubectl config file (if `write_kubeconfig = true`). Should end in a forward slash `/` ." type = string default = "./" } variable "write_kubeconfig" { description = "Whether to write a Kubectl config file containing the cluster configuration. Saved to `config_output_path`." type = bool default = true } variable "manage_aws_auth" { description = "Whether to apply the aws-auth configmap file." default = true } variable "write_aws_auth_config" { description = "Whether to write the aws-auth configmap file." type = bool default = true } variable "map_accounts" { description = "Additional AWS account numbers to add to the aws-auth configmap. See examples/basic/variables.tf for example format." type = list(string) default = [] } variable "map_roles" { description = "Additional IAM roles to add to the aws-auth configmap. See examples/basic/variables.tf for example format." type = list(map(string)) default = [] } variable "map_users" { description = "Additional IAM users to add to the aws-auth configmap. See examples/basic/variables.tf for example format." type = list(map(string)) default = [] } variable "subnets" { description = "A list of subnets to place the EKS cluster and workers within." type = list(string) } variable "tags" { description = "A map of tags to add to all resources." type = map(string) default = {} } variable "vpc_id" { description = "VPC where the cluster and workers will be deployed." type = string } variable "worker_groups" { description = "A list of maps defining worker group configurations to be defined using AWS Launch Configurations. See workers_group_defaults for valid keys." type = any default = [] } variable "workers_group_defaults" { description = "Override default values for target groups. See workers_group_defaults_defaults in local.tf for valid keys." type = any default = {} } variable "worker_groups_launch_template" { description = "A list of maps defining worker group configurations to be defined using AWS Launch Templates. See workers_group_defaults for valid keys." type = any default = [] } variable "worker_groups_launch_template_mixed" { description = "A list of maps defining worker group configurations to be defined using AWS Launch Templates. See workers_group_defaults for valid keys." type = any default = [] } variable "worker_security_group_id" { description = "If provided, all workers will be attached to this security group. If not given, a security group will be created with necessary ingres/egress to work with the EKS cluster." type = string default = "" } variable "worker_ami_name_filter" { description = "Additional name filter for AWS EKS worker AMI. Default behaviour will get latest for the cluster_version but could be set to a release from amazon-eks-ami, e.g. \"v20190220\"" type = string default = "v*" } variable "worker_additional_security_group_ids" { description = "A list of additional security group ids to attach to worker instances" type = list(string) default = [] } variable "worker_sg_ingress_from_port" { description = "Minimum port number from which pods will accept communication. Must be changed to a lower value if some pods in your cluster will expose a port lower than 1025 (e.g. 22, 80, or 443)." type = number default = 1025 } variable "workers_additional_policies" { description = "Additional policies to be added to workers" type = list(string) default = [] } variable "kubeconfig_aws_authenticator_command" { description = "Command to use to fetch AWS EKS credentials." type = string default = "aws-iam-authenticator" } variable "kubeconfig_aws_authenticator_command_args" { description = "Default arguments passed to the authenticator command. Defaults to [token -i $cluster_name]." type = list(string) default = [] } variable "kubeconfig_aws_authenticator_additional_args" { description = "Any additional arguments to pass to the authenticator such as the role to assume. e.g. [\"-r\", \"MyEksRole\"]." type = list(string) default = [] } variable "kubeconfig_aws_authenticator_env_variables" { description = "Environment variables that should be used when executing the authenticator. e.g. { AWS_PROFILE = \"eks\"}." type = map(string) default = {} } variable "kubeconfig_name" { description = "Override the default name used for items kubeconfig." type = string default = "" } variable "cluster_create_timeout" { description = "Timeout value when creating the EKS cluster." type = string default = "15m" } variable "cluster_delete_timeout" { description = "Timeout value when deleting the EKS cluster." type = string default = "15m" } variable "local_exec_interpreter" { description = "Command to run for local-exec resources. Must be a shell-style interpreter. If you are on Windows Git Bash is a good choice." type = list(string) default = ["/bin/sh", "-c"] } variable "cluster_create_security_group" { description = "Whether to create a security group for the cluster or attach the cluster to `cluster_security_group_id`." type = bool default = true } variable "worker_create_security_group" { description = "Whether to create a security group for the workers or attach the workers to `worker_security_group_id`." type = bool default = true } variable "permissions_boundary" { description = "If provided, all IAM roles will be created with this permissions boundary attached." type = string default = "" } variable "iam_path" { description = "If provided, all IAM roles will be created on this path." type = string default = "/" } variable "cluster_endpoint_private_access" { description = "Indicates whether or not the Amazon EKS private API server endpoint is enabled." type = bool default = false } variable "cluster_endpoint_public_access" { description = "Indicates whether or not the Amazon EKS public API server endpoint is enabled." type = bool default = true } variable "manage_cluster_iam_resources" { description = "Whether to let the module manage cluster IAM resources. If set to false, cluster_iam_role_name must be specified." type = bool default = true } variable "cluster_iam_role_name" { description = "IAM role name for the cluster. Only applicable if manage_cluster_iam_resources is set to false." type = string default = "" } variable "manage_worker_iam_resources" { description = "Whether to let the module manage worker IAM resources. If set to false, iam_instance_profile_name must be specified for workers." type = bool default = true }