| ami_id |
The AMI from which to launch the instance. If not supplied, EKS will use its own default image |
string |
"" |
no |
| ami_release_version |
The AMI version. Defaults to latest AMI release version for the given Kubernetes version and AMI type |
string |
null |
no |
| ami_type |
Type of Amazon Machine Image (AMI) associated with the EKS Node Group. See the AWS documentation for valid values |
string |
null |
no |
| block_device_mappings |
Specify volumes to attach to the instance besides the volumes specified by the AMI |
any |
{} |
no |
| bootstrap_extra_args |
Additional arguments passed to the bootstrap script. When ami_type = BOTTLEROCKET_*; these are additional settings that are provided to the Bottlerocket user data |
string |
"" |
no |
| capacity_reservation_specification |
Targeting for EC2 capacity reservations |
any |
{} |
no |
| capacity_type |
Type of capacity associated with the EKS Node Group. Valid values: ON_DEMAND, SPOT |
string |
"ON_DEMAND" |
no |
| cloudinit_post_nodeadm |
Array of cloud-init document parts that are created after the nodeadm document part |
list(object({
content = string
content_type = optional(string)
filename = optional(string)
merge_type = optional(string)
})) |
[] |
no |
| cloudinit_pre_nodeadm |
Array of cloud-init document parts that are created before the nodeadm document part |
list(object({
content = string
content_type = optional(string)
filename = optional(string)
merge_type = optional(string)
})) |
[] |
no |
| cluster_auth_base64 |
Base64 encoded CA of associated EKS cluster |
string |
"" |
no |
| cluster_endpoint |
Endpoint of associated EKS cluster |
string |
"" |
no |
| cluster_ip_family |
The IP family used to assign Kubernetes pod and service addresses. Valid values are ipv4 (default) and ipv6 |
string |
"ipv4" |
no |
| cluster_name |
Name of associated EKS cluster |
string |
null |
no |
| cluster_primary_security_group_id |
The ID of the EKS cluster primary security group to associate with the instance(s). This is the security group that is automatically created by the EKS service |
string |
null |
no |
| cluster_service_cidr |
The CIDR block (IPv4 or IPv6) used by the cluster to assign Kubernetes service IP addresses. This is derived from the cluster itself |
string |
"" |
no |
| cluster_service_ipv4_cidr |
[Deprecated] The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks |
string |
null |
no |
| cluster_version |
Kubernetes version. Defaults to EKS Cluster Kubernetes version |
string |
null |
no |
| cpu_options |
The CPU options for the instance |
map(string) |
{} |
no |
| create |
Determines whether to create EKS managed node group or not |
bool |
true |
no |
| create_iam_role |
Determines whether an IAM role is created or to use an existing IAM role |
bool |
true |
no |
| create_iam_role_policy |
Determines whether an IAM role policy is created or not |
bool |
true |
no |
| create_launch_template |
Determines whether to create a launch template or not. If set to false, EKS will use its own default launch template |
bool |
true |
no |
| create_placement_group |
Determines whether a placement group is created & used by the node group |
bool |
false |
no |
| create_schedule |
Determines whether to create autoscaling group schedule or not |
bool |
true |
no |
| credit_specification |
Customize the credit specification of the instance |
map(string) |
{} |
no |
| desired_size |
Desired number of instances/nodes |
number |
1 |
no |
| disable_api_termination |
If true, enables EC2 instance termination protection |
bool |
null |
no |
| disk_size |
Disk size in GiB for nodes. Defaults to 20. Only valid when use_custom_launch_template = false |
number |
null |
no |
| ebs_optimized |
If true, the launched EC2 instance(s) will be EBS-optimized |
bool |
null |
no |
| efa_indices |
The indices of the network interfaces that should be EFA-enabled. Only valid when enable_efa_support = true |
list(number) |
[
0
] |
no |
| elastic_gpu_specifications |
The elastic GPU to attach to the instance |
any |
{} |
no |
| elastic_inference_accelerator |
Configuration block containing an Elastic Inference Accelerator to attach to the instance |
map(string) |
{} |
no |
| enable_bootstrap_user_data |
Determines whether the bootstrap configurations are populated within the user data template. Only valid when using a custom AMI via ami_id |
bool |
false |
no |
| enable_efa_only |
Determines whether to enable EFA (false, default) or EFA and EFA-only (true) network interfaces. Note: requires vpc-cni version v1.18.4 or later |
bool |
false |
no |
| enable_efa_support |
Determines whether to enable Elastic Fabric Adapter (EFA) support |
bool |
false |
no |
| enable_monitoring |
Enables/disables detailed monitoring |
bool |
true |
no |
| enclave_options |
Enable Nitro Enclaves on launched instances |
map(string) |
{} |
no |
| force_update_version |
Force version update if existing pods are unable to be drained due to a pod disruption budget issue |
bool |
null |
no |
| iam_role_additional_policies |
Additional policies to be added to the IAM role |
map(string) |
{} |
no |
| iam_role_arn |
Existing IAM role ARN for the node group. Required if create_iam_role is set to false |
string |
null |
no |
| iam_role_attach_cni_policy |
Whether to attach the AmazonEKS_CNI_Policy/AmazonEKS_CNI_IPv6_Policy IAM policy to the IAM IAM role. WARNING: If set false the permissions must be assigned to the aws-node DaemonSet pods via another method or nodes will not be able to join the cluster |
bool |
true |
no |
| iam_role_description |
Description of the role |
string |
null |
no |
| iam_role_name |
Name to use on IAM role created |
string |
null |
no |
| iam_role_path |
IAM role path |
string |
null |
no |
| iam_role_permissions_boundary |
ARN of the policy that is used to set the permissions boundary for the IAM role |
string |
null |
no |
| iam_role_policy_statements |
A list of IAM policy statements - used for adding specific IAM permissions as needed |
any |
[] |
no |
| iam_role_tags |
A map of additional tags to add to the IAM role created |
map(string) |
{} |
no |
| iam_role_use_name_prefix |
Determines whether the IAM role name (iam_role_name) is used as a prefix |
bool |
true |
no |
| instance_market_options |
The market (purchasing) option for the instance |
any |
{} |
no |
| instance_types |
Set of instance types associated with the EKS Node Group. Defaults to ["t3.medium"] |
list(string) |
null |
no |
| kernel_id |
The kernel ID |
string |
null |
no |
| key_name |
The key name that should be used for the instance(s) |
string |
null |
no |
| labels |
Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed |
map(string) |
null |
no |
| launch_template_default_version |
Default version of the launch template |
string |
null |
no |
| launch_template_description |
Description of the launch template |
string |
null |
no |
| launch_template_id |
The ID of an existing launch template to use. Required when create_launch_template = false and use_custom_launch_template = true |
string |
"" |
no |
| launch_template_name |
Name of launch template to be created |
string |
null |
no |
| launch_template_tags |
A map of additional tags to add to the tag_specifications of launch template created |
map(string) |
{} |
no |
| launch_template_use_name_prefix |
Determines whether to use launch_template_name as is or create a unique name beginning with the launch_template_name as the prefix |
bool |
true |
no |
| launch_template_version |
Launch template version number. The default is $Default |
string |
null |
no |
| license_specifications |
A map of license specifications to associate with |
any |
{} |
no |
| maintenance_options |
The maintenance options for the instance |
any |
{} |
no |
| max_size |
Maximum number of instances/nodes |
number |
3 |
no |
| metadata_options |
Customize the metadata options for the instance |
map(string) |
{
"http_endpoint": "enabled",
"http_put_response_hop_limit": 2,
"http_tokens": "required"
} |
no |
| min_size |
Minimum number of instances/nodes |
number |
0 |
no |
| name |
Name of the EKS managed node group |
string |
"" |
no |
| network_interfaces |
Customize network interfaces to be attached at instance boot time |
list(any) |
[] |
no |
| node_repair_config |
The node auto repair configuration for the node group |
object({
enabled = optional(bool, true)
}) |
null |
no |
| placement |
The placement of the instance |
map(string) |
{} |
no |
| placement_group_az |
Availability zone where placement group is created (ex. eu-west-1c) |
string |
null |
no |
| placement_group_strategy |
The placement group strategy |
string |
"cluster" |
no |
| platform |
[DEPRECATED - use ami_type instead. Will be removed in v21.0] Identifies the OS platform as bottlerocket, linux (AL2), al2023, or windows |
string |
"linux" |
no |
| post_bootstrap_user_data |
User data that is appended to the user data script after of the EKS bootstrap script. Not used when ami_type = BOTTLEROCKET_* |
string |
"" |
no |
| pre_bootstrap_user_data |
User data that is injected into the user data script ahead of the EKS bootstrap script. Not used when ami_type = BOTTLEROCKET_* |
string |
"" |
no |
| private_dns_name_options |
The options for the instance hostname. The default values are inherited from the subnet |
map(string) |
{} |
no |
| ram_disk_id |
The ID of the ram disk |
string |
null |
no |
| remote_access |
Configuration block with remote access settings. Only valid when use_custom_launch_template = false |
any |
{} |
no |
| schedules |
Map of autoscaling group schedule to create |
map(any) |
{} |
no |
| subnet_ids |
Identifiers of EC2 Subnets to associate with the EKS Node Group. These subnets must have the following resource tag: kubernetes.io/cluster/CLUSTER_NAME |
list(string) |
null |
no |
| tag_specifications |
The tags to apply to the resources during launch |
list(string) |
[
"instance",
"volume",
"network-interface"
] |
no |
| tags |
A map of tags to add to all resources |
map(string) |
{} |
no |
| taints |
The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group |
any |
{} |
no |
| timeouts |
Create, update, and delete timeout configurations for the node group |
map(string) |
{} |
no |
| update_config |
Configuration block of settings for max unavailable resources during node group updates |
map(string) |
{
"max_unavailable_percentage": 33
} |
no |
| update_launch_template_default_version |
Whether to update the launch templates default version on each update. Conflicts with launch_template_default_version |
bool |
true |
no |
| use_custom_launch_template |
Determines whether to use a custom launch template or not. If set to false, EKS will use its own default launch template |
bool |
true |
no |
| use_latest_ami_release_version |
Determines whether to use the latest AMI release version for the given ami_type (except for CUSTOM). Note: ami_type and cluster_version must be supplied in order to enable this feature |
bool |
false |
no |
| use_name_prefix |
Determines whether to use name as is or create a unique name beginning with the name as the prefix |
bool |
true |
no |
| user_data_template_path |
Path to a local, custom user data template file to use when rendering user data |
string |
"" |
no |
| vpc_security_group_ids |
A list of security group IDs to associate |
list(string) |
[] |
no |
681a868d62