Home

Awesome

AWS EKS ACK Addons Terraform module

Terraform module which provisions AWS controllers for Kubernetes on EKS.

Usage

module "eks_ack_addons" {
  source = "aws-ia/eks-ack-addons/aws"

  # Cluster Info
  cluster_name      = "<cluster name>"
  cluster_endpoint  = "<cluster endpoint>"
  oidc_provider_arn = "<oidc provider arn>"

  # ECR Credentials
  ecrpublic_username = "<ecr user name>"
  ecrpublic_token    = "<ecr token>"

  # Controllers to enable
  enable_networkfirewall        = true
  enable_cloudwatchlogs         = true
  enable_kinesis                = true
  enable_secretsmanager         = true
  enable_route53resolver        = true
  enable_route53                = true
  enable_organizations          = true
  enable_mq                     = true
  enable_cloudwatch             = true
  enable_keyspaces              = true
  enable_kafka                  = true
  enable_efs                    = true
  enable_ecs                    = true
  enable_cloudtrail             = true
  enable_cloudfront             = true
  enable_applicationautoscaling = true
  enable_sagemaker              = true
  enable_memorydb               = true
  enable_opensearchservice      = true
  enable_ecr                    = true
  enable_sns                    = true
  enable_sqs                    = true
  enable_lambda                 = true
  enable_iam                    = true
  enable_ec2                    = true
  enable_eks                    = true
  enable_kms                    = true
  enable_acm                    = true
  enable_apigatewayv2           = true
  enable_dynamodb               = true
  enable_s3                     = true
  enable_elasticache            = true
  enable_rds                    = true
  enable_prometheusservice      = true
  enable_emrcontainers          = true
  enable_sfn                    = true
  enable_eventbridge            = true

  tags = {
    Environment = "dev"
  }
}

Support & Feedback

[!IMPORTANT] EKS Blueprints for Terraform is maintained by AWS Solution Architects. It is not part of an AWS service and support is provided as a best-effort by the EKS Blueprints community. To provide feedback, please use the issues templates provided. If you are interested in contributing to EKS Blueprints, see the Contribution guide.

Tests

Tests codified under the tests are intended to give users references for how to use the module as well as testing/validating changes to the source code of the module. If contributing to the project, please be sure to make any appropriate updates to the relevant tests to allow maintainers to test your changes and to keep the tests up to date for users. Thank you!

<!-- BEGIN_TF_DOCS -->

Requirements

NameVersion
<a name="requirement_terraform"></a> terraform>= 1.0
<a name="requirement_aws"></a> aws>= 5.0
<a name="requirement_time"></a> time>= 0.9

Providers

NameVersion
<a name="provider_aws"></a> aws>= 5.0
<a name="provider_time"></a> time>= 0.9

Modules

NameSourceVersion
<a name="module_acm"></a> acmaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_apigatewayv2"></a> apigatewayv2aws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_applicationautoscaling"></a> applicationautoscalingaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_cloudfront"></a> cloudfrontaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_cloudtrail"></a> cloudtrailaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_cloudwatch"></a> cloudwatchaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_cloudwatchlogs"></a> cloudwatchlogsaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_dynamodb"></a> dynamodbaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_ec2"></a> ec2aws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_ecr"></a> ecraws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_ecs"></a> ecsaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_efs"></a> efsaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_eks"></a> eksaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_elasticache"></a> elasticacheaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_emrcontainers"></a> emrcontainersaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_eventbridge"></a> eventbridgeaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_iam"></a> iamaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_kafka"></a> kafkaaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_keyspaces"></a> keyspacesaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_kinesis"></a> kinesisaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_kms"></a> kmsaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_lambda"></a> lambdaaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_memorydb"></a> memorydbaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_mq"></a> mqaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_networkfirewall"></a> networkfirewallaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_opensearchservice"></a> opensearchserviceaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_organizations"></a> organizationsaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_prometheusservice"></a> prometheusserviceaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_rds"></a> rdsaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_route53"></a> route53aws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_route53resolver"></a> route53resolveraws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_s3"></a> s3aws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_sagemaker"></a> sagemakeraws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_secretsmanager"></a> secretsmanageraws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_sfn"></a> sfnaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_sns"></a> snsaws-ia/eks-blueprints-addon/aws1.1.1
<a name="module_sqs"></a> sqsaws-ia/eks-blueprints-addon/aws1.1.1

Resources

NameType
time_sleep.thisresource
aws_caller_identity.currentdata source
aws_iam_policy_document.acmdata source
aws_iam_policy_document.cloudwatchlogsdata source
aws_iam_policy_document.eksdata source
aws_iam_policy_document.emrcontainersdata source
aws_iam_policy_document.iamdata source
aws_iam_policy_document.kinesisdata source
aws_iam_policy_document.kmsdata source
aws_iam_policy_document.lambdadata source
aws_iam_policy_document.networkfirewalldata source
aws_iam_policy_document.prometheusservicedata source
aws_iam_policy_document.sfndata source
aws_partition.currentdata source
aws_region.currentdata source

Inputs

NameDescriptionTypeDefaultRequired
<a name="input_acm"></a> acmACK acm Helm Chart configany{}no
<a name="input_apigatewayv2"></a> apigatewayv2ACK API gateway v2 Helm Chart configany{}no
<a name="input_applicationautoscaling"></a> applicationautoscalingACK Application Autoscaling Helm Chart configany{}no
<a name="input_cloudfront"></a> cloudfrontACK cloudfront Helm Chart configany{}no
<a name="input_cloudtrail"></a> cloudtrailACK Cloudtrail Helm Chart configany{}no
<a name="input_cloudwatch"></a> cloudwatchACK CloudWatch Helm Chart configany{}no
<a name="input_cloudwatchlogs"></a> cloudwatchlogsACK CloudWatch Logs Helm Chart configany{}no
<a name="input_cluster_endpoint"></a> cluster_endpointEndpoint for your Kubernetes API serverstringn/ayes
<a name="input_cluster_name"></a> cluster_nameName of the EKS clusterstringn/ayes
<a name="input_create_delay_dependencies"></a> create_delay_dependenciesDependency attribute which must be resolved before starting the create_delay_durationlist(string)[]no
<a name="input_create_delay_duration"></a> create_delay_durationThe duration to wait before creating resourcesstring"30s"no
<a name="input_create_kubernetes_resources"></a> create_kubernetes_resourcesCreate Kubernetes resource with Helm or Kubernetes providerbooltrueno
<a name="input_dynamodb"></a> dynamodbACK dynamodb Helm Chart configany{}no
<a name="input_ec2"></a> ec2ACK ec2 Helm Chart configany{}no
<a name="input_ecr"></a> ecrACK ECR Helm Chart configany{}no
<a name="input_ecrpublic_token"></a> ecrpublic_tokenPassword decoded from the authorization token for accessing public ECRstring""no
<a name="input_ecrpublic_username"></a> ecrpublic_usernameUser name decoded from the authorization token for accessing public ECRstring""no
<a name="input_ecs"></a> ecsACK ECS Helm Chart configany{}no
<a name="input_efs"></a> efsACK EFS Helm Chart configany{}no
<a name="input_eks"></a> eksACK eks Helm Chart configany{}no
<a name="input_elasticache"></a> elasticacheACK elasticache Helm Chart configany{}no
<a name="input_emrcontainers"></a> emrcontainersACK EMR container Helm Chart configany{}no
<a name="input_enable_acm"></a> enable_acmEnable ACK acm add-onboolfalseno
<a name="input_enable_apigatewayv2"></a> enable_apigatewayv2Enable ACK API gateway v2 add-onboolfalseno
<a name="input_enable_applicationautoscaling"></a> enable_applicationautoscalingEnable ACK Application Autoscaling add-onboolfalseno
<a name="input_enable_cloudfront"></a> enable_cloudfrontEnable ACK Cloudfront add-onboolfalseno
<a name="input_enable_cloudtrail"></a> enable_cloudtrailEnable ACK Cloudtrail add-onboolfalseno
<a name="input_enable_cloudwatch"></a> enable_cloudwatchEnable ACK CloudWatch add-onboolfalseno
<a name="input_enable_cloudwatchlogs"></a> enable_cloudwatchlogsEnable ACK CloudWatch Logs add-onboolfalseno
<a name="input_enable_dynamodb"></a> enable_dynamodbEnable ACK dynamodb add-onboolfalseno
<a name="input_enable_ec2"></a> enable_ec2Enable ACK ec2 add-onboolfalseno
<a name="input_enable_ecr"></a> enable_ecrEnable ACK ECR add-onboolfalseno
<a name="input_enable_ecs"></a> enable_ecsEnable ACK ECS add-onboolfalseno
<a name="input_enable_efs"></a> enable_efsEnable ACK EFS add-onboolfalseno
<a name="input_enable_eks"></a> enable_eksEnable ACK eks add-onboolfalseno
<a name="input_enable_elasticache"></a> enable_elasticacheEnable ACK elasticache add-onboolfalseno
<a name="input_enable_emrcontainers"></a> enable_emrcontainersEnable ACK EMR container add-onboolfalseno
<a name="input_enable_eventbridge"></a> enable_eventbridgeEnable ACK EventBridge add-onboolfalseno
<a name="input_enable_iam"></a> enable_iamEnable ACK iam add-onboolfalseno
<a name="input_enable_kafka"></a> enable_kafkaEnable ACK Kafka add-onboolfalseno
<a name="input_enable_keyspaces"></a> enable_keyspacesEnable ACK Keyspaces add-onboolfalseno
<a name="input_enable_kinesis"></a> enable_kinesisEnable ACK Kinesis add-onboolfalseno
<a name="input_enable_kms"></a> enable_kmsEnable ACK kms add-onboolfalseno
<a name="input_enable_lambda"></a> enable_lambdaEnable ACK Lambda add-onboolfalseno
<a name="input_enable_memorydb"></a> enable_memorydbEnable ACK MemoryDB add-onboolfalseno
<a name="input_enable_mq"></a> enable_mqEnable ACK MQ add-onboolfalseno
<a name="input_enable_networkfirewall"></a> enable_networkfirewallEnable ACK Network Firewall add-onboolfalseno
<a name="input_enable_opensearchservice"></a> enable_opensearchserviceEnable ACK Opensearch Service add-onboolfalseno
<a name="input_enable_organizations"></a> enable_organizationsEnable ACK Organizations add-onboolfalseno
<a name="input_enable_prometheusservice"></a> enable_prometheusserviceEnable ACK prometheusservice add-onboolfalseno
<a name="input_enable_rds"></a> enable_rdsEnable ACK rds add-onboolfalseno
<a name="input_enable_route53"></a> enable_route53Enable ACK Route 53 add-onboolfalseno
<a name="input_enable_route53resolver"></a> enable_route53resolverEnable ACK Route 53 Resolver add-onboolfalseno
<a name="input_enable_s3"></a> enable_s3Enable ACK s3 add-onboolfalseno
<a name="input_enable_sagemaker"></a> enable_sagemakerEnable ACK Sagemaker add-onboolfalseno
<a name="input_enable_secretsmanager"></a> enable_secretsmanagerEnable ACK Secrets Manager add-onboolfalseno
<a name="input_enable_sfn"></a> enable_sfnEnable ACK step functions add-onboolfalseno
<a name="input_enable_sns"></a> enable_snsEnable ACK SNS add-onboolfalseno
<a name="input_enable_sqs"></a> enable_sqsEnable ACK SQS add-onboolfalseno
<a name="input_eventbridge"></a> eventbridgeACK EventBridge Helm Chart configany{}no
<a name="input_iam"></a> iamACK iam Helm Chart configany{}no
<a name="input_kafka"></a> kafkaACK Kafka Helm Chart configany{}no
<a name="input_keyspaces"></a> keyspacesACK Keyspaces Helm Chart configany{}no
<a name="input_kinesis"></a> kinesisACK Kinesis Helm Chart configany{}no
<a name="input_kms"></a> kmsACK kms Helm Chart configany{}no
<a name="input_lambda"></a> lambdaACK Lambda Helm Chart configany{}no
<a name="input_memorydb"></a> memorydbACK MemoryDB Helm Chart configany{}no
<a name="input_mq"></a> mqACK MQ Helm Chart configany{}no
<a name="input_networkfirewall"></a> networkfirewallACK Network Firewall Helm Chart configany{}no
<a name="input_oidc_provider_arn"></a> oidc_provider_arnThe ARN of the cluster OIDC Providerstringn/ayes
<a name="input_opensearchservice"></a> opensearchserviceACK Opensearch Service Helm Chart configany{}no
<a name="input_organizations"></a> organizationsACK Organizations Helm Chart configany{}no
<a name="input_prometheusservice"></a> prometheusserviceACK prometheusservice Helm Chart configany{}no
<a name="input_rds"></a> rdsACK rds Helm Chart configany{}no
<a name="input_route53"></a> route53ACK Route 53 Helm Chart configany{}no
<a name="input_route53resolver"></a> route53resolverACK Route 53 Resolver Helm Chart configany{}no
<a name="input_s3"></a> s3ACK s3 Helm Chart configany{}no
<a name="input_sagemaker"></a> sagemakerACK Sagemaker Helm Chart configany{}no
<a name="input_secretsmanager"></a> secretsmanagerACK Secrets Manager Helm Chart configany{}no
<a name="input_sfn"></a> sfnACK step functions Helm Chart configany{}no
<a name="input_sns"></a> snsACK SNS Helm Chart configany{}no
<a name="input_sqs"></a> sqsACK SQS Helm Chart configany{}no
<a name="input_tags"></a> tagsAdditional tags (e.g. map('BusinessUnit,XYZ)map(string){}no

Outputs

NameDescription
<a name="output_gitops_metadata"></a> gitops_metadataGitOps Bridge metadata
<!-- END_TF_DOCS -->

Community

License

Apache-2.0 Licensed. See LICENSE.