EKS Blueprints Addons Terraform Module

🚧 Currently under development 🚧

See here for more details on the changes to EKS Blueprints. While we work on incorprating the changes requested by users, we want to avoid unecessary disruptive changes. Therefore, we are working to incorporate as many changes as possible into the release of this module so that users only need to make this change once. Please feel free to try out the module as we develop it and leave any feedback, comments, requests. We look forward to providing an improved experience very soon! Thank you for your patience for for using EKS Blueprints!

Please note: not all addons will be supported as they are today in the main EKS Blueprints repository. We will have guidance and documentation that explains the changes, how to migrate/upgrade, and demonstrates the different options for addons that are no longer natively supported in this project.

Requirements

Name	Version
terraform	>= 1.0
aws	>= 4.47

Providers

Name	Version
aws	>= 4.47

Modules

Name	Source	Version
argo_rollouts	./modules/eks-blueprints-addon	n/a
argo_workflows	./modules/eks-blueprints-addon	n/a
argocd	./modules/argocd	n/a
aws_for_fluent_bit	./modules/aws-for-fluentbit	n/a
aws_fsx_csi_driver	./modules/aws-fsx-csi-driver	n/a
aws_load_balancer_controller	./modules/eks-blueprints-addon	n/a
aws_node_termination_handler	./modules/aws-node-termination-handler	n/a
aws_privateca_issuer	./modules/aws-privateca-issuer	n/a
cert_manager	./modules/cert-manager	n/a
cloudwatch_metrics	./modules/eks-blueprints-addon	n/a
cluster_autoscaler	./modules/eks-blueprints-addon	n/a
csi_secrets_store_provider_aws	./modules/csi-secrets-store-provider-aws	n/a
efs_csi_driver	./modules/eks-blueprints-addon	n/a
external_dns	./modules/eks-blueprints-addon	n/a
external_secrets	./modules/eks-blueprints-addon	n/a
fargate_fluentbit	./modules/fargate-fluentbit	n/a
gatekeeper	./modules/gatekeeper	n/a
grafana	./modules/grafana	n/a
ingress_nginx	./modules/ingress-nginx	n/a
karpenter	./modules/karpenter	n/a
kube_prometheus_stack	./modules/kube-prometheus-stack	n/a
metrics_server	./modules/metrics-server	n/a
opentelemetry_operator	./modules/opentelemetry-operator	n/a
prometheus	./modules/prometheus	n/a
promtail	./modules/promtail	n/a
secrets_store_csi_driver	./modules/secrets-store-csi-driver	n/a
velero	./modules/velero	n/a
vpa	./modules/vpa	n/a

Resources

Name	Type
aws_eks_addon.this	resource
aws_caller_identity.current	data source
aws_eks_addon_version.this	data source
aws_iam_policy_document.aws_load_balancer_controller	data source
aws_iam_policy_document.cluster_autoscaler	data source
aws_iam_policy_document.efs_csi_driver	data source
aws_iam_policy_document.external_dns	data source
aws_iam_policy_document.external_secrets	data source
aws_partition.current	data source
aws_region.current	data source

Inputs

Name	Description	Type	Default	Required
amazon_eks_adot_config	Configuration for Amazon EKS ADOT add-on	`any`	`{}`	no
amazon_prometheus_workspace_endpoint	AWS Managed Prometheus WorkSpace Endpoint	`string`	`null`	no
argo_rollouts	Argo Rollouts addon configuration values	`any`	`{}`	no
argo_workflows	Argo Workflows addon configuration values	`any`	`{}`	no
argocd_applications	Argo CD Applications config to bootstrap the cluster	`any`	`{}`	no
argocd_helm_config	Argo CD Kubernetes add-on config	`any`	`{}`	no
argocd_manage_add_ons	Enable managing add-on configuration via ArgoCD App of Apps	`bool`	`false`	no
argocd_projects	Argo CD Project config to bootstrap the cluster	`any`	`{}`	no
auto_scaling_group_names	List of self-managed node groups autoscaling group names	`list(string)`	`[]`	no
aws_for_fluentbit_create_cw_log_group	Set to false to use existing CloudWatch log group supplied via the cw_log_group_name variable.	`bool`	`true`	no
aws_for_fluentbit_cw_log_group_kms_key_arn	FluentBit CloudWatch Log group KMS Key	`string`	`null`	no
aws_for_fluentbit_cw_log_group_name	FluentBit CloudWatch Log group name	`string`	`null`	no
aws_for_fluentbit_cw_log_group_retention	FluentBit CloudWatch Log group retention period	`number`	`90`	no
aws_for_fluentbit_cw_log_group_skip_destroy	Set to true if you do not wish the log group (and any logs it may contain) to be deleted at destroy time	`bool`	`true`	no
aws_for_fluentbit_helm_config	AWS for FluentBit Helm Chart config	`any`	`{}`	no
aws_for_fluentbit_irsa_policies	Additional IAM policies for a IAM role for service accounts	`list(string)`	`[]`	no
aws_fsx_csi_driver_helm_config	AWS FSx CSI driver Helm Chart config	`any`	`{}`	no
aws_fsx_csi_driver_irsa_policies	Additional IAM policies for a IAM role for service accounts	`list(string)`	`[]`	no
aws_load_balancer_controller	AWS Loadbalancer Controller addon configuration values	`any`	`{}`	no
aws_node_termination_handler_helm_config	AWS Node Termination Handler Helm Chart config	`any`	`{}`	no
aws_node_termination_handler_irsa_policies	Additional IAM policies for a IAM role for service accounts	`list(string)`	`[]`	no
aws_privateca_acmca_arn	ARN of AWS ACM PCA	`string`	`""`	no
aws_privateca_issuer_helm_config	PCA Issuer Helm Chart config	`any`	`{}`	no
aws_privateca_issuer_irsa_policies	IAM policy ARNs for AWS ACM PCA IRSA	`list(string)`	`[]`	no
cert_manager_domain_names	Domain names of the Route53 hosted zone to use with cert-manager	`list(string)`	`[]`	no
cert_manager_helm_config	Cert Manager Helm Chart config	`any`	`{}`	no
cert_manager_install_letsencrypt_issuers	Install Let's Encrypt Cluster Issuers	`bool`	`true`	no
cert_manager_irsa_policies	Additional IAM policies for a IAM role for service accounts	`list(string)`	`[]`	no
cert_manager_kubernetes_svc_image_pull_secrets	list(string) of kubernetes imagePullSecrets	`list(string)`	`[]`	no
cert_manager_letsencrypt_email	Email address for expiration emails from Let's Encrypt	`string`	`""`	no
cloudwatch_metrics	Cloudwatch Metrics addon configuration values	`any`	`{}`	no
cluster_autoscaler	Cluster Autoscaler addon configuration values	`any`	`{}`	no
cluster_endpoint	Endpoint for your Kubernetes API server	`string`	n/a	yes
cluster_name	Name of the EKS cluster	`string`	n/a	yes
cluster_version	Kubernetes `<major>.<minor>` version to use for the EKS cluster (i.e.: `1.24`)	`string`	n/a	yes
csi_secrets_store_provider_aws_helm_config	CSI Secrets Store Provider AWS Helm Configurations	`any`	`null`	no
efs_csi_driver	EFS CSI Driver addon configuration values	`any`	`{}`	no
eks_addons	Map of EKS addon configurations to enable for the cluster. Addon name can be the map keys or set with `name`	`any`	`{}`	no
eks_addons_timeouts	Create, update, and delete timeout configurations for the EKS addons	`map(string)`	`{}`	no
enable_amazon_eks_adot	Enable Amazon EKS ADOT addon	`bool`	`false`	no
enable_amazon_prometheus	Enable AWS Managed Prometheus service	`bool`	`false`	no
enable_argo_rollouts	Enable Argo Rollouts add-on	`bool`	`false`	no
enable_argo_rollouts_gitops	Enable Argo Rollouts using GitOps add-on	`bool`	`false`	no
enable_argo_workflows	Enable Argo workflows add-on	`bool`	`false`	no
enable_argo_workflows_gitops	Enable Argo Workflows using GitOps add-on	`bool`	`false`	no
enable_argocd	Enable Argo CD Kubernetes add-on	`bool`	`false`	no
enable_aws_for_fluentbit	Enable AWS for FluentBit add-on	`bool`	`false`	no
enable_aws_fsx_csi_driver	Enable AWS FSx CSI driver add-on	`bool`	`false`	no
enable_aws_load_balancer_controller	Enable AWS Load Balancer Controller add-on	`bool`	`false`	no
enable_aws_load_balancer_controller_gitops	AWS Load Balancer Controllerusing GitOps add-on	`bool`	`false`	no
enable_aws_node_termination_handler	Enable AWS Node Termination Handler add-on	`bool`	`false`	no
enable_aws_privateca_issuer	Enable PCA Issuer	`bool`	`false`	no
enable_cert_manager	Enable Cert Manager add-on	`bool`	`false`	no
enable_cloudwatch_metrics	Enable AWS Cloudwatch Metrics add-on for Container Insights	`bool`	`false`	no
enable_cloudwatch_metrics_gitops	Enable Cloudwatch Metrics using GitOps add-on	`bool`	`false`	no
enable_cluster_autoscaler	Enable Cluster autoscaler add-on	`bool`	`false`	no
enable_cluster_autoscaler_gitops	Enable Cluster Autoscaler using GitOps add-on	`bool`	`false`	no
enable_efs_csi_driver	Enable AWS EFS CSI Driver add-on	`bool`	`false`	no
enable_efs_csi_driver_gitops	Enable EFS CSI Driver using GitOps add-on	`bool`	`false`	no
enable_external_dns	Enable external-dns operator add-on	`bool`	`false`	no
enable_external_dns_gitops	Enable external-dns using GitOps add-on	`bool`	`false`	no
enable_external_secrets	Enable External Secrets operator add-on	`bool`	`false`	no
enable_fargate_fluentbit	Enable Fargate FluentBit add-on	`bool`	`false`	no
enable_gatekeeper	Enable Gatekeeper add-on	`bool`	`false`	no
enable_grafana	Enable Grafana add-on	`bool`	`false`	no
enable_ingress_nginx	Enable Ingress Nginx add-on	`bool`	`false`	no
enable_karpenter	Enable Karpenter autoscaler add-on	`bool`	`false`	no
enable_kube_prometheus_stack	Enable Community kube-prometheus-stack add-on	`bool`	`false`	no
enable_metrics_server	Enable metrics server add-on	`bool`	`false`	no
enable_opentelemetry_operator	Enable opentelemetry operator add-on	`bool`	`false`	no
enable_prometheus	Enable Community Prometheus add-on	`bool`	`false`	no
enable_promtail	Enable Promtail add-on	`bool`	`false`	no
enable_secrets_store_csi_driver	Enable CSI Secrets Store Provider	`bool`	`false`	no
enable_secrets_store_csi_driver_provider_aws	Enable AWS CSI Secrets Store Provider	`bool`	`false`	no
enable_velero	Enable Kubernetes Dashboard add-on	`bool`	`false`	no
enable_vpa	Enable Vertical Pod Autoscaler add-on	`bool`	`false`	no
external_dns	external-dns addon configuration values	`any`	`{}`	no
external_dns_route53_zone_arns	List of Route53 zones ARNs which external-dns will have access to create/manage records (if using Route53)	`list(string)`	`[]`	no
external_secrets	External Secrets addon configuration values	`any`	`{}`	no
external_secrets_kms_key_arns	List of KMS Key ARNs that are used by Secrets Manager that contain secrets to mount using External Secrets	`list(string)`	[ "arn:aws:kms:::key/*" ]	no
external_secrets_secrets_manager_arns	List of Secrets Manager ARNs that contain secrets to mount using External Secrets	`list(string)`	[ "arn:aws:secretsmanager:::secret:*" ]	no
external_secrets_ssm_parameter_arns	List of Systems Manager Parameter ARNs that contain secrets to mount using External Secrets	`list(string)`	[ "arn:aws:ssm:::parameter/*" ]	no
fargate_fluentbit_addon_config	Fargate fluentbit add-on config	`any`	`{}`	no
gatekeeper_helm_config	Gatekeeper Helm Chart config	`any`	`{}`	no
grafana_helm_config	Kubernetes Grafana Helm Chart config	`any`	`null`	no
grafana_irsa_policies	IAM policy ARNs for grafana IRSA	`list(string)`	`[]`	no
ingress_nginx_helm_config	Ingress Nginx Helm Chart config	`any`	`{}`	no
irsa_iam_permissions_boundary	IAM permissions boundary for IRSA roles	`string`	`""`	no
irsa_iam_role_path	IAM role path for IRSA roles	`string`	`"/"`	no
karpenter_enable_spot_termination_handling	Determines whether to enable native spot termination handling	`bool`	`false`	no
karpenter_event_rule_name_prefix	Prefix used for karpenter event bridge rules	`string`	`""`	no
karpenter_helm_config	Karpenter autoscaler add-on config	`any`	`{}`	no
karpenter_irsa_policies	Additional IAM policies for a IAM role for service accounts	`list(string)`	`[]`	no
karpenter_node_iam_instance_profile	Karpenter Node IAM Instance profile id	`string`	`""`	no
kube_prometheus_stack_helm_config	Community kube-prometheus-stack Helm Chart config	`any`	`{}`	no
metrics_server_helm_config	Metrics Server Helm Chart config	`any`	`{}`	no
oidc_provider	The OpenID Connect identity provider (issuer URL without leading `https://`)	`string`	n/a	yes
oidc_provider_arn	The ARN of the cluster OIDC Provider	`string`	n/a	yes
opentelemetry_operator_helm_config	Opentelemetry Operator Helm Chart config	`any`	`{}`	no
prometheus_helm_config	Community Prometheus Helm Chart config	`any`	`{}`	no
promtail_helm_config	Promtail Helm Chart config	`any`	`{}`	no
secrets_store_csi_driver_helm_config	CSI Secrets Store Provider Helm Configurations	`any`	`null`	no
sqs_queue_kms_data_key_reuse_period_seconds	The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again	`number`	`null`	no
sqs_queue_kms_master_key_id	The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK	`string`	`null`	no
sqs_queue_managed_sse_enabled	Enable server-side encryption (SSE) for a SQS queue	`bool`	`true`	no
tags	A map of tags to add to all resources	`map(string)`	`{}`	no
velero_backup_s3_bucket	Bucket name for velero bucket	`string`	`""`	no
velero_helm_config	Kubernetes Velero Helm Chart config	`any`	`null`	no
velero_irsa_policies	IAM policy ARNs for velero IRSA	`list(string)`	`[]`	no
vpa_helm_config	VPA Helm Chart config	`any`	`null`	no

Outputs

Name	Description
argo_rollouts	Map of attributes of the Helm release created
argo_workflows	Map of attributes of the Helm release created
argocd	Map of attributes of the Helm release created
argocd_addon_config	ArgoCD addon config options
aws_for_fluent_bit	Map of attributes of the Helm release and IRSA created
aws_fsx_csi_driver	Map of attributes of the Helm release and IRSA created
aws_load_balancer_controller	Map of attributes of the Helm release and IRSA created
aws_node_termination_handler	Map of attributes of the Helm release and IRSA created
aws_privateca_issuer	Map of attributes of the Helm release and IRSA created
cert_manager	Map of attributes of the Helm release and IRSA created
cloudwatch_metrics	Map of attributes of the Helm release and IRSA created
cluster_autoscaler	Map of attributes of the Helm release and IRSA created
csi_secrets_store_provider_aws	Map of attributes of the Helm release and IRSA created
efs_csi_driver	Map of attributes of the Helm release and IRSA created
eks_addons	Map of attributes for each EKS addons enabled
external_dns	Map of attributes of the Helm release and IRSA created
external_secrets	Map of attributes of the Helm release and IRSA created
fargate_fluentbit	Map of attributes of the Helm release and IRSA created
gatekeeper	Map of attributes of the Helm release and IRSA created
grafana	Map of attributes of the Helm release and IRSA created
ingress_nginx	Map of attributes of the Helm release and IRSA created
karpenter	Map of attributes of the Helm release and IRSA created
kube_prometheus_stack	Map of attributes of the Helm release and IRSA created
metrics_server	Map of attributes of the Helm release and IRSA created
opentelemetry_operator	Map of attributes of the Helm release and IRSA created
prometheus	Map of attributes of the Helm release and IRSA created
promtail	Map of attributes of the Helm release and IRSA created
secrets_store_csi_driver	Map of attributes of the Helm release and IRSA created
velero	Map of attributes of the Helm release and IRSA created
vpa	Map of attributes of the Helm release and IRSA created

pacobart / terraform-aws-eks-blueprints-addons Goto Github PK

terraform-aws-eks-blueprints-addons's Introduction

EKS Blueprints Addons Terraform Module

🚧 Currently under development 🚧

Requirements

Providers

Modules

Resources

Inputs

Outputs

terraform-aws-eks-blueprints-addons's People

Contributors

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent

Jobs