This example shows how to install working EKS cluster with terraform. It’s snippet from actual usage, but not all things have been included.
module "eks-app" {
source = "terraform-aws-modules/eks/aws"
version = "~> 18.0"
create = true
cluster_name = local.eks_cluster_name
cluster_version = "1.23"
cluster_endpoint_private_access = true
cluster_endpoint_public_access = true
cluster_addons = {
coredns = {
resolve_conflicts = "OVERWRITE"
addon_version = "v1.8.7-eksbuild.3"
}
kube-proxy = {
addon_version = "v1.23.8-eksbuild.2"
resolve_conflicts = "OVERWRITE"
}
vpc-cni = {
resolve_conflicts = "OVERWRITE"
addon_version = "v1.11.4-eksbuild.1"
}
}
cluster_encryption_config = [
{
provider_key_arn = aws_kms_key.eks-logs.arn
resources = ["secrets"]
}
]
vpc_id = var.vpc_id
subnet_ids = var.subnets
# Self Managed Node Group(s)
self_managed_node_groups = {}
# EKS Managed Node Group(s)
eks_managed_node_group_defaults = {}
eks_managed_node_groups = var.eks_app_managed_node_groups
# Fargate Profile(s)
fargate_profiles = {
}
node_security_group_additional_rules = merge(local.additional_security_group_rules, var.node_security_group_additional_rules)
cluster_security_group_additional_rules = var.cluster_security_group_additional_rules
# aws-auth configmap
manage_aws_auth_configmap = true
tags = merge(local.tag_defaults, {
"EKS-Cluster" = local.eks_sidecar_cluster_name
})
aws_auth_roles = [
{
rolearn = data.aws_iam_role.role_system_master.arn
username = data.aws_iam_role.role_system_master.name
groups = ["system:masters"]
},
]
providers = {
kubernetes = kubernetes.sidecar
}
}
data "aws_eks_cluster_auth" "sidecar" {
name = local.eks_sidecar_cluster_name
}
provider "kubernetes" {
alias = "sidecar"
host = module.eks-app.cluster_endpoint
cluster_ca_certificate = base64decode(module.eks-app.cluster_certificate_authority_data)
token = data.aws_eks_cluster_auth.sidecar.token
}