terraform-aws-eks
A terraform module to create a managed Kubernetes cluster on AWS EKS. Available through the Terraform registry.
| Branch | Build status |
|---|---|
| master |  |
Assumptions
- You want to create a set of resources around an EKS cluster: namely an autoscaling group of workers and a security group for them.
- You've created a Virtual Private Cloud (VPC) and subnets where you intend to put this EKS.
It's recommended you use this module with terraform-aws-vpc, terraform-aws-security-group, and terraform-aws-autoscaling.
Usage example
A full example leveraging other community modules is contained in the examples/eks_test_fixture directory. Here's the gist of using it via the Terraform registry:
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "0.1.0"
cluster_name = "test-eks-cluster"
security_groups = ["sg-edcd9784", "sg-edcd9785"]
subnets = ["subnet-abcde012", "subnet-bcde012a"]
tags = "${map("Environment", "test")}"
vpc_id = "vpc-abcde012"
}
Testing
This module has been packaged with awspec tests through kitchen and kitchen-terraform. To run them:
-
Install bundler and the gems from our Gemfile:
gem install bundler && bundle install -
Ensure your AWS environment is configured (i.e. credentials and region) for test.
-
Test using
bundle exec kitchen testfrom the root of the repo.
Doc generation
Documentation should be modified within main.tf and generated using terraform-docs.
Generate them like so:
go get github.com/segmentio/terraform-docs
terraform-docs md ./ | cat -s | ghead -n -1 > README.md
Contributing
Report issues/questions/feature requests on in the issues section.
Full contributing guidelines are covered here.
IAM Permissions
Testing and using this repo requires a minimum set of IAM permissions. Test permissions are listed in the eks_test_fixture README.
Change log
The changelog captures all important release notes.
Authors
Created and maintained by Brandon O'Connor - brandon@atscale.run. Many thanks to the contributors listed here!
License
MIT Licensed. See LICENSE for full details.
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| cluster_name | Name of the EKS cluster. | string | - | yes |
| security_groups | The security groups to attach to the EKS cluster instances | list | - | yes |
| subnets | A list of subnets to associate with the cluster's underlying instances. | list | - | yes |
| tags | A map of tags to add to all resources | string | <map> |
no |
| vpc_id | VPC id where the cluster and other resources will be deployed. | string | - | yes |
Outputs
| Name | Description |
|---|---|
| cluster_arn | The Amazon Resource Name (ARN) of the cluster. |
| cluster_certificate_authority | Nested attribute containing certificate-authority-data for your cluster |
| cluster_data | The base64 encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster. |
| cluster_endpoint | The endpoint for your Kubernetes API server. |
| cluster_id | The name of the cluster. |
| cluster_version | The Kubernetes server version for the cluster. |
| cluster_vpc_config | description |
| config_map_aws_auth | description |
| kubeconfig | description |