AWS EKS Terraform Module

Terraform module that installs core add-ons to Elastic Kubernetes Service (EKS) cluster. This Terraform module is also used as part of the AWS-EKS Cluster.dev stack template to start and provision an EKS cluster with add-ons in AWS cloud.

Features

The module installs the following add-ons to an EKS cluster:

Argo CD: Continuous Delivery for Kubernetes.
Ingress-Nginx: A high-performance, production-ready HTTP and HTTPS Ingress controller for Kubernetes.
External-DNS: Automatically configure DNS records for your Kubernetes services.
Cluster Autoscaler: Automatically adjust the size of your worker node group based on resource utilization.
External-Secrets: Manage sensitive information securely in Kubernetes using AWS Secrets Manager.
Cert-Manager: Automate the management and issuance of TLS certificates for your applications.
EFS Driver: Mount Amazon Elastic File System (EFS) volumes to your pods.
AWS Load Balancer Controller: Automatically configure and manage AWS Load Balancers for your services.

Usage

To use this Terraform module to provision an EKS cluster with the specified add-ons, follow these steps:

Clone the repository:

git clone https://github.com/shalb/terraform-eks-addons.git

Configure variables: Create a terraform.tfvars file or provide variables inline to customize your EKS cluster and add-on configurations. For example:

cluster_name = "my-eks-cluster"
region       = "us-west-2"
# Add-on configuration
enable_argocd            = true
enable_ingress_nginx     = true
enable_external_dns      = true
enable_cluster_autoscaler = true
enable_external_secrets  = true
enable_cert_manager      = true
enable_efs_driver        = true
enable_aws_lb_controller = true

Apply the configuration:
```
terraform apply
```
Access Kubernetes cluster: After the provisioning is complete, you can access your EKS cluster using kubectl:
```
aws eks --region <region> update-kubeconfig --name <cluster_name>
```
Manage add-ons: The specified add-ons will be automatically deployed and configured in your EKS cluster.

Requirements

Name	Version
terraform	>= 1.2.0
aws	>= 4.60.0
helm	>= 2.9.0
kubernetes	>= 2.20.0
null	>= 3.2.0
random	>= 3.0.0

Providers

Name	Version
aws	4.66.1
helm	2.9.0
null	>= 3.2.0
random	>= 3.0.0

Modules

Name	Source	Version
attach_load_balancer_controller_policy	terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks	~> v5.11
iam_assumable_role_autoscaler	terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc	~> 5.11
iam_assumable_role_efs	terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc	~> v5.11
iam_assumable_role_external_secrets	terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc	~> v5.11
iam_assumable_role_route53	terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc	~> 5.11
iam_policy_autoscaler	terraform-aws-modules/iam/aws//modules/iam-policy	~> 5.11
iam_policy_route53	terraform-aws-modules/iam/aws//modules/iam-policy	~> 5.11

Resources

Name	Type
aws_iam_policy.efs	resource
aws_iam_policy.external_secrets	resource
helm_release.argocd	resource
helm_release.aws_lb_controller	resource
helm_release.cert_manager	resource
helm_release.cluster_autoscaler	resource
helm_release.efs	resource
helm_release.external_dns	resource
helm_release.external_secrets	resource
helm_release.ingress_nginx	resource
helm_release.kubernetes_metrics_server	resource
helm_release.reloader	resource
null_resource.cluster_issuers	resource
null_resource.lb_delete_delay	resource
random_id.id	resource
aws_eks_cluster.cluster	data source
aws_eks_cluster_auth.cluster	data source

Inputs

Name	Description	Type	Default	Required
argocd_chart_version	Argocd helm chart version	`string`	`"3.29.5"`	no
argocd_image_tag	Argocd docker image version	`string`	`"v2.2.2"`	no
argocd_password_bcrypted	Bctypted password (hash) for argocd web ui	`string`	`""`	no
cert_manager_version	Cert manager helm chart version	`string`	`"v1.5.4"`	no
cluster_autoscaler_version	Cluster utoscaler helm chart version	`string`	`"9.27.0"`	no
cluster_name	EKS cluster name	`string`	n/a	yes
cluster_oidc_issuer_url	The URL on the EKS cluster for the OpenID Connect identity provider	`string`	n/a	yes
cluster_oidc_provider_arn	The ARN of the OIDC Provider if enable_irsa = true	`string`	n/a	yes
cluster_subnets	Subnets where EKS worker nodes are spawned. Required for ingress controller.	`list(any)`	`[]`	no
efs_id	EFD FileSystem ID to use in efs drivers dynamyc storage class	`string`	`""`	no
email	Organization email for LE issuers	`string`	`""`	no
enable_argocd	Disable/enable ArgoCD addon	`bool`	`false`	no
enable_aws_lb_controller	Disable/enable AWS LB controller	`bool`	`true`	no
enable_cert_manager	Disable/enable cert manager	`bool`	`false`	no
enable_cert_manager_http_issuers	Disable/enable cert manager http issuers	`bool`	`false`	no
enable_cluster_autoscaler	Disable/enable AWS cluster autoscaler	`bool`	`true`	no
enable_efs	Disable/enable AWS EFS driver	`bool`	`false`	no
enable_external_dns	Disable/enable external dns	`bool`	`true`	no
enable_external_secrets	Disable/enable kubernetes external secrets addon	`bool`	`false`	no
enable_metrics_server	Disable/enable Metric Server	`bool`	`false`	no
enable_nginx	Disable/enable Nginx Ingress	`bool`	`false`	no
enable_reloader	Disable/enable reloader	`bool`	`false`	no
external_dns_version	External dns helm chart version	`string`	`"6.5.6"`	no
external_secrets_version	External secrets helm chart version	`string`	`"0.7.2"`	no
ingress_nginx_version	Ingress nginx helm chart version	`string`	`"4.2.5"`	no
metrics_server_version	Metrics Server helm chart version	`string`	`"6.0.8"`	no
nginx_default_cert	Define default ingress nginx cert in format namespace/certname, required for wildcard domains setup.	`string`	`"ingress-nginx/default"`	no
region	EKS cluster region	`string`	n/a	yes
reloader_version	Reloader chart version	`string`	`"v0.0.118"`	no
route53_domain	DNS domain to create apps DNS records for applications	`string`	n/a	yes
route53_zone_id	The id of the route53 to create apps DNS records (for external dns)	`string`	n/a	yes

Outputs

Name	Description
cluster_certificate_authority_data_raw	Base64 encoded certificate data required to communicate with the cluster
kubeconfig	The kubeconfig to use to authenticate with the cluster
kubeconfig_raw	The kubeconfig to use to authenticate with the cluster

Name		Name	Last commit message	Last commit date
Latest commit History 42 Commits
templates		templates
values		values
.gitignore		.gitignore
.markdownlint.yaml		.markdownlint.yaml
.pre-commit-config.yaml		.pre-commit-config.yaml
LICENSE		LICENSE
README.md		README.md
argocd.tf		argocd.tf
aws-lb-controller.tf		aws-lb-controller.tf
cert-manager.tf		cert-manager.tf
cluster-autoscaler.tf		cluster-autoscaler.tf
efs-driver.tf		efs-driver.tf
external-dns.tf		external-dns.tf
external-secrets.tf		external-secrets.tf
ingress-nginx.tf		ingress-nginx.tf
init.tf		init.tf
locals.tf		locals.tf
metric-server.tf		metric-server.tf
outputs.tf		outputs.tf
rand.tf		rand.tf
reloader.tf		reloader.tf
variables.tf		variables.tf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

AWS EKS Terraform Module

Features

Usage

Requirements

Providers

Modules

Resources

Inputs

Outputs

About

Releases 3

Packages

Contributors 4

Languages

License

shalb/terraform-eks-addons

Folders and files

Latest commit

History

Repository files navigation

AWS EKS Terraform Module

Features

Usage

Requirements

Providers

Modules

Resources

Inputs

Outputs

About

Resources

License

Stars

Watchers

Forks

Releases 3

Packages 0

Contributors 4

Languages

Packages