| ami_id |
The AMI from which to launch the instance. If not supplied, EKS will use its own default image |
string |
"" |
no |
| ami_release_version |
AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version |
string |
null |
no |
| ami_type |
Type of Amazon Machine Image (AMI) associated with the EKS Node Group. Valid values are AL2_x86_64, AL2_x86_64_GPU, AL2_ARM_64, CUSTOM, BOTTLEROCKET_ARM_64, BOTTLEROCKET_x86_64 |
string |
null |
no |
| block_device_mappings |
Specify volumes to attach to the instance besides the volumes specified by the AMI |
any |
{} |
no |
| bootstrap_extra_args |
Additional arguments passed to the bootstrap script. When platform = bottlerocket; these are additional settings that are provided to the Bottlerocket user data |
string |
"" |
no |
| capacity_reservation_specification |
Targeting for EC2 capacity reservations |
any |
null |
no |
| capacity_type |
Type of capacity associated with the EKS Node Group. Valid values: ON_DEMAND, SPOT |
string |
"ON_DEMAND" |
no |
| cluster_auth_base64 |
Base64 encoded CA of associated EKS cluster |
string |
"" |
no |
| cluster_endpoint |
Endpoint of associated EKS cluster |
string |
"" |
no |
| cluster_ip_family |
The IP family used to assign Kubernetes pod and service addresses. Valid values are ipv4 (default) and ipv6 |
string |
null |
no |
| cluster_name |
Name of associated EKS cluster |
string |
null |
no |
| cluster_security_group_id |
Cluster control plane security group ID |
string |
null |
no |
| cluster_service_ipv4_cidr |
The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks |
string |
null |
no |
| cluster_version |
Kubernetes version. Defaults to EKS Cluster Kubernetes version |
string |
null |
no |
| cpu_options |
The CPU options for the instance |
map(string) |
null |
no |
| create |
Determines whether to create EKS managed node group or not |
bool |
true |
no |
| create_iam_role |
Determines whether an IAM role is created or to use an existing IAM role |
bool |
true |
no |
| create_launch_template |
Determines whether to create a launch template or not. If set to false, EKS will use its own default launch template |
bool |
true |
no |
| create_security_group |
Determines whether to create a security group |
bool |
true |
no |
| credit_specification |
Customize the credit specification of the instance |
map(string) |
null |
no |
| desired_size |
Desired number of instances/nodes |
number |
1 |
no |
| disable_api_termination |
If true, enables EC2 instance termination protection |
bool |
null |
no |
| disk_size |
Disk size in GiB for nodes. Defaults to 20 |
number |
null |
no |
| ebs_optimized |
If true, the launched EC2 instance(s) will be EBS-optimized |
bool |
null |
no |
| elastic_gpu_specifications |
The elastic GPU to attach to the instance |
map(string) |
null |
no |
| elastic_inference_accelerator |
Configuration block containing an Elastic Inference Accelerator to attach to the instance |
map(string) |
null |
no |
| enable_bootstrap_user_data |
Determines whether the bootstrap configurations are populated within the user data template |
bool |
false |
no |
| enable_monitoring |
Enables/disables detailed monitoring |
bool |
true |
no |
| enclave_options |
Enable Nitro Enclaves on launched instances |
map(string) |
null |
no |
| force_update_version |
Force version update if existing pods are unable to be drained due to a pod disruption budget issue |
bool |
null |
no |
| iam_role_additional_policies |
Additional policies to be added to the IAM role |
list(string) |
[] |
no |
| iam_role_arn |
Existing IAM role ARN for the node group. Required if create_iam_role is set to false |
string |
null |
no |
| iam_role_attach_cni_policy |
Whether to attach the AmazonEKS_CNI_Policy/AmazonEKS_CNI_IPv6_Policy IAM policy to the IAM IAM role. WARNING: If set false the permissions must be assigned to the aws-node DaemonSet pods via another method or nodes will not be able to join the cluster |
bool |
true |
no |
| iam_role_description |
Description of the role |
string |
null |
no |
| iam_role_name |
Name to use on IAM role created |
string |
null |
no |
| iam_role_path |
IAM role path |
string |
null |
no |
| iam_role_permissions_boundary |
ARN of the policy that is used to set the permissions boundary for the IAM role |
string |
null |
no |
| iam_role_tags |
A map of additional tags to add to the IAM role created |
map(string) |
{} |
no |
| iam_role_use_name_prefix |
Determines whether the IAM role name (iam_role_name) is used as a prefix |
string |
true |
no |
| instance_market_options |
The market (purchasing) option for the instance |
any |
null |
no |
| instance_types |
Set of instance types associated with the EKS Node Group. Defaults to ["t3.medium"] |
list(string) |
null |
no |
| kernel_id |
The kernel ID |
string |
null |
no |
| key_name |
The key name that should be used for the instance(s) |
string |
null |
no |
| labels |
Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed |
map(string) |
null |
no |
| launch_template_default_version |
Default version of the launch template |
string |
null |
no |
| launch_template_description |
Description of the launch template |
string |
null |
no |
| launch_template_name |
Launch template name - either to be created (var.create_launch_template = true) or existing (var.create_launch_template = false) |
string |
"" |
no |
| launch_template_tags |
A map of additional tags to add to the tag_specifications of launch template created |
map(string) |
{} |
no |
| launch_template_use_name_prefix |
Determines whether to use launch_template_name as is or create a unique name beginning with the launch_template_name as the prefix |
bool |
true |
no |
| launch_template_version |
Launch template version number. The default is $Default |
string |
null |
no |
| license_specifications |
A list of license specifications to associate with |
map(string) |
null |
no |
| max_size |
Maximum number of instances/nodes |
number |
3 |
no |
| metadata_options |
Customize the metadata options for the instance |
map(string) |
{
"http_endpoint": "enabled",
"http_put_response_hop_limit": 2,
"http_tokens": "required"
} |
no |
| min_size |
Minimum number of instances/nodes |
number |
0 |
no |
| name |
Name of the EKS managed node group |
string |
"" |
no |
| network_interfaces |
Customize network interfaces to be attached at instance boot time |
list(any) |
[] |
no |
| placement |
The placement of the instance |
map(string) |
null |
no |
| platform |
Identifies if the OS platform is bottlerocket or linux based; windows is not supported |
string |
"linux" |
no |
| post_bootstrap_user_data |
User data that is appended to the user data script after of the EKS bootstrap script. Not used when platform = bottlerocket |
string |
"" |
no |
| pre_bootstrap_user_data |
User data that is injected into the user data script ahead of the EKS bootstrap script. Not used when platform = bottlerocket |
string |
"" |
no |
| ram_disk_id |
The ID of the ram disk |
string |
null |
no |
| remote_access |
Configuration block with remote access settings |
any |
{} |
no |
| security_group_description |
Description for the security group created |
string |
"EKS managed node group security group" |
no |
| security_group_name |
Name to use on security group created |
string |
null |
no |
| security_group_rules |
List of security group rules to add to the security group created |
any |
{} |
no |
| security_group_tags |
A map of additional tags to add to the security group created |
map(string) |
{} |
no |
| security_group_use_name_prefix |
Determines whether the security group name (security_group_name) is used as a prefix |
string |
true |
no |
| subnet_ids |
Identifiers of EC2 Subnets to associate with the EKS Node Group. These subnets must have the following resource tag: kubernetes.io/cluster/CLUSTER_NAME |
list(string) |
null |
no |
| tags |
A map of tags to add to all resources |
map(string) |
{} |
no |
| taints |
The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group |
any |
{} |
no |
| timeouts |
Create, update, and delete timeout configurations for the node group |
map(string) |
{} |
no |
| update_config |
Configuration block of settings for max unavailable resources during node group updates |
map(string) |
{} |
no |
| update_launch_template_default_version |
Whether to update the launch templates default version on each update. Conflicts with launch_template_default_version |
bool |
true |
no |
| use_name_prefix |
Determines whether to use name as is or create a unique name beginning with the name as the prefix |
bool |
true |
no |
| user_data_template_path |
Path to a local, custom user data template file to use when rendering user data |
string |
"" |
no |
| vpc_id |
ID of the VPC where the security group/nodes will be provisioned |
string |
null |
no |
| vpc_security_group_ids |
A list of security group IDs to associate |
list(string) |
[] |
no |
