This module was created due to the need for installing EKS cluster addons in the style of the EKS Blueprints Addons module, but with addressed issues and resolved limitations. Additionally, it aims to maintain backward compatibility with the original EKS Blueprints Addons module.
| Name | Version |
|---|---|
| terraform | >= 1.5.6 |
| aws | >= 5.84 |
| time | >= 0.8 |
| Name | Version |
|---|---|
| aws | >= 5.84 |
| time | >= 0.8 |
| Name | Source | Version |
|---|---|---|
| aws_for_fluent_bit | ./modules/aws-for-fluentbit | n/a |
| aws_load_balancer_controller | ./modules/aws-load-balancer-controller | n/a |
| cert_manager | ./modules/cert-manager | n/a |
| cluster_autoscaler | ./modules/cluster-autoscaler | n/a |
| datadog_operator | ./modules/datadog-operator | n/a |
| external_dns | ./modules/external-dns | n/a |
| external_secrets | ./modules/external-secrets | n/a |
| ingress_nginx | ./modules/ingress-nginx | n/a |
| metrics_server | ./modules/metrics-server | n/a |
| tetrate_istio | ./modules/tetrate-istio | n/a |
| Name | Type |
|---|---|
| time_sleep.dataplane | resource |
| aws_caller_identity.current | data source |
| aws_eks_cluster.eks_cluster | data source |
| aws_partition.current | data source |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| argocd_manage_add_ons | Enable managing add-on configuration via ArgoCD App of Apps | bool |
false |
no |
| aws_for_fluentbit_create_cw_log_group | Set to false to use existing CloudWatch log group supplied via the cw_log_group_name variable. | bool |
true |
no |
| aws_for_fluentbit_cw_log_group_kms_key_arn | FluentBit CloudWatch Log group KMS Key | string |
null |
no |
| aws_for_fluentbit_cw_log_group_name | FluentBit CloudWatch Log group name | string |
null |
no |
| aws_for_fluentbit_cw_log_group_retention | FluentBit CloudWatch Log group retention period | number |
90 |
no |
| aws_for_fluentbit_helm_config | AWS for FluentBit Helm Chart config | any |
{} |
no |
| aws_for_fluentbit_irsa_policies | Additional IAM policies for a IAM role for service accounts | list(string) |
[] |
no |
| aws_load_balancer_controller_helm_config | AWS Load Balancer Controller Helm Chart config | any |
{} |
no |
| cert_manager_domain_names | Domain names of the Route53 hosted zone to use with cert-manager | list(string) |
[] |
no |
| cert_manager_helm_config | Cert Manager Helm Chart config | any |
{} |
no |
| cert_manager_install_letsencrypt_issuers | Install Let's Encrypt Cluster Issuers | bool |
true |
no |
| cert_manager_irsa_policies | Additional IAM policies for a IAM role for service accounts | list(string) |
[] |
no |
| cert_manager_kubernetes_svc_image_pull_secrets | list(string) of kubernetes imagePullSecrets | list(string) |
[] |
no |
| cert_manager_letsencrypt_email | Email address for expiration emails from Let's Encrypt | string |
"" |
no |
| cluster_autoscaler_helm_config | Cluster Autoscaler Helm Chart config | any |
{} |
no |
| custom_image_registry_uri | Custom image registry URI map of {region = dkr.endpoint } |
map(string) |
{} |
no |
| data_plane_wait_arn | Addon deployment will not proceed until this value is known. Set to node group/Fargate profile ARN to wait for data plane to be ready before provisioning addons | string |
"" |
no |
| datadog_operator_helm_config | Datadog Operator Helm Chart config | any |
{} |
no |
| eks_cluster_domain | The domain for the EKS cluster | string |
"" |
no |
| eks_cluster_endpoint | Endpoint for your Kubernetes API server | string |
null |
no |
| eks_cluster_id | EKS Cluster Id | string |
n/a | yes |
| eks_cluster_version | The Kubernetes version for the cluster | string |
null |
no |
| eks_oidc_provider | The OpenID Connect identity provider (issuer URL without leading https://) |
string |
null |
no |
| enable_aws_for_fluentbit | Enable AWS for FluentBit add-on | bool |
false |
no |
| enable_aws_load_balancer_controller | Enable AWS Load Balancer Controller add-on | bool |
false |
no |
| enable_cert_manager | Enable Cert Manager add-on | bool |
false |
no |
| enable_cluster_autoscaler | Enable Cluster autoscaler add-on | bool |
false |
no |
| enable_datadog_operator | Enable Datadog Operator add-on | bool |
false |
no |
| enable_external_dns | External DNS add-on | bool |
false |
no |
| enable_external_secrets | Enable External Secrets operator add-on | bool |
false |
no |
| enable_ingress_nginx | Enable Ingress Nginx add-on | bool |
false |
no |
| enable_metrics_server | Enable metrics server add-on | bool |
false |
no |
| enable_tetrate_istio | Enable Tetrate Istio add-on | bool |
false |
no |
| external_dns_helm_config | External DNS Helm Chart config | any |
{} |
no |
| external_dns_irsa_policies | Additional IAM policies for a IAM role for service accounts | list(string) |
[] |
no |
| external_dns_private_zone | Determines if referenced Route53 zone is private. | bool |
false |
no |
| external_dns_route53_zone_arns | List of Route53 zones ARNs which external-dns will have access to create/manage records | list(string) |
[] |
no |
| external_secrets_helm_config | External Secrets operator Helm Chart config | any |
{} |
no |
| external_secrets_irsa_policies | Additional IAM policies for a IAM role for service accounts | list(string) |
[] |
no |
| external_secrets_secrets_manager_arns | List of Secrets Manager ARNs that contain secrets to mount using External Secrets | list(string) |
[ |
no |
| external_secrets_ssm_parameter_arns | List of Systems Manager Parameter ARNs that contain secrets to mount using External Secrets | list(string) |
[ |
no |
| ingress_nginx_helm_config | Ingress Nginx Helm Chart config | any |
{} |
no |
| irsa_iam_permissions_boundary | IAM permissions boundary for IRSA roles | string |
"" |
no |
| irsa_iam_role_path | IAM role path for IRSA roles | string |
"/" |
no |
| metrics_server_helm_config | Metrics Server Helm Chart config | any |
{} |
no |
| tags | Additional tags (e.g. map('BusinessUnit,XYZ) |
map(string) |
{} |
no |
| tetrate_istio_base_helm_config | Istio base Helm Chart config |
any |
{} |
no |
| tetrate_istio_cni_helm_config | Istio cni Helm Chart config |
any |
{} |
no |
| tetrate_istio_distribution | Istio distribution | string |
"TID" |
no |
| tetrate_istio_gateway_helm_config | Istio gateway Helm Chart config |
any |
{} |
no |
| tetrate_istio_install_base | Install Istio base Helm Chart |
bool |
true |
no |
| tetrate_istio_install_cni | Install Istio cni Helm Chart |
bool |
true |
no |
| tetrate_istio_install_gateway | Install Istio gateway Helm Chart |
bool |
true |
no |
| tetrate_istio_install_istiod | Install Istio istiod Helm Chart |
bool |
true |
no |
| tetrate_istio_istiod_helm_config | Istio istiod Helm Chart config |
any |
{} |
no |
| tetrate_istio_version | Istio version | string |
"" |
no |
| Name | Description |
|---|---|
| cert_manager | Map of attributes of the Helm release and IRSA created |
| external_dns | Map of attributes of the Helm release and IRSA created |
| external_secrets | Map of attributes of the Helm release and IRSA created |
This project is derived from terraform-aws-eks-blueprints version 4, which is licensed under the Apache License 2.0, has copyright 2016-2022 Amazon.com, Inc. or its affiliates.