README.md

AWS EKS ACK Addons Terraform module

Terraform module which provisions AWS controllers for Kubernetes on EKS.

Usage

module "eks_ack_addons" {
  source = "aws-ia/eks-ack-addons/aws"

  # Cluster Info
  cluster_name      = "<cluster name>"
  cluster_endpoint  = "<cluster endpoint>"
  oidc_provider_arn = "<oidc provider arn>"

  # ECR Credentials
  ecrpublic_username = "<ecr user name>"
  ecrpublic_token    = "<ecr token>"

  # Controllers to enable
  enable_networkfirewall        = true
  enable_cloudwatchlogs         = true
  enable_kinesis                = true
  enable_secretsmanager         = true
  enable_route53resolver        = true
  enable_route53                = true
  enable_organizations          = true
  enable_mq                     = true
  enable_cloudwatch             = true
  enable_keyspaces              = true
  enable_kafka                  = true
  enable_efs                    = true
  enable_ecs                    = true
  enable_cloudtrail             = true
  enable_cloudfront             = true
  enable_applicationautoscaling = true
  enable_sagemaker              = true
  enable_memorydb               = true
  enable_opensearchservice      = true
  enable_ecr                    = true
  enable_sns                    = true
  enable_sqs                    = true
  enable_lambda                 = true
  enable_iam                    = true
  enable_ec2                    = true
  enable_eks                    = true
  enable_kms                    = true
  enable_acm                    = true
  enable_apigatewayv2           = true
  enable_dynamodb               = true
  enable_s3                     = true
  enable_elasticache            = true
  enable_rds                    = true
  enable_prometheusservice      = true
  enable_emrcontainers          = true
  enable_sfn                    = true
  enable_eventbridge            = true

  tags = {
    Environment = "dev"
  }
}

Support & Feedback

Important

EKS Blueprints for Terraform is maintained by AWS Solution Architects. It is not part of an AWS service and support is provided as a best-effort by the EKS Blueprints community. To provide feedback, please use the issues templates provided. If you are interested in contributing to EKS Blueprints, see the Contribution guide.

Tests

Tests codified under the tests are intended to give users references for how to use the module as well as testing/validating changes to the source code of the module. If contributing to the project, please be sure to make any appropriate updates to the relevant tests to allow maintainers to test your changes and to keep the tests up to date for users. Thank you!

• Complete

Requirements

Name	Version
terraform	>= 1.0
aws	>= 5.0
time	>= 0.9

Providers

Name	Version
aws	>= 5.0
time	>= 0.9

Modules

Name	Source	Version
acm	aws-ia/eks-blueprints-addon/aws	1.1.1
apigatewayv2	aws-ia/eks-blueprints-addon/aws	1.1.1
applicationautoscaling	aws-ia/eks-blueprints-addon/aws	1.1.1
cloudfront	aws-ia/eks-blueprints-addon/aws	1.1.1
cloudtrail	aws-ia/eks-blueprints-addon/aws	1.1.1
cloudwatch	aws-ia/eks-blueprints-addon/aws	1.1.1
cloudwatchlogs	aws-ia/eks-blueprints-addon/aws	1.1.1
dynamodb	aws-ia/eks-blueprints-addon/aws	1.1.1
ec2	aws-ia/eks-blueprints-addon/aws	1.1.1
ecr	aws-ia/eks-blueprints-addon/aws	1.1.1
ecs	aws-ia/eks-blueprints-addon/aws	1.1.1
efs	aws-ia/eks-blueprints-addon/aws	1.1.1
eks	aws-ia/eks-blueprints-addon/aws	1.1.1
elasticache	aws-ia/eks-blueprints-addon/aws	1.1.1
emrcontainers	aws-ia/eks-blueprints-addon/aws	1.1.1
eventbridge	aws-ia/eks-blueprints-addon/aws	1.1.1
iam	aws-ia/eks-blueprints-addon/aws	1.1.1
kafka	aws-ia/eks-blueprints-addon/aws	1.1.1
keyspaces	aws-ia/eks-blueprints-addon/aws	1.1.1
kinesis	aws-ia/eks-blueprints-addon/aws	1.1.1
kms	aws-ia/eks-blueprints-addon/aws	1.1.1
lambda	aws-ia/eks-blueprints-addon/aws	1.1.1
memorydb	aws-ia/eks-blueprints-addon/aws	1.1.1
mq	aws-ia/eks-blueprints-addon/aws	1.1.1
networkfirewall	aws-ia/eks-blueprints-addon/aws	1.1.1
opensearchservice	aws-ia/eks-blueprints-addon/aws	1.1.1
organizations	aws-ia/eks-blueprints-addon/aws	1.1.1
prometheusservice	aws-ia/eks-blueprints-addon/aws	1.1.1
rds	aws-ia/eks-blueprints-addon/aws	1.1.1
route53	aws-ia/eks-blueprints-addon/aws	1.1.1
route53resolver	aws-ia/eks-blueprints-addon/aws	1.1.1
s3	aws-ia/eks-blueprints-addon/aws	1.1.1
sagemaker	aws-ia/eks-blueprints-addon/aws	1.1.1
secretsmanager	aws-ia/eks-blueprints-addon/aws	1.1.1
sfn	aws-ia/eks-blueprints-addon/aws	1.1.1
sns	aws-ia/eks-blueprints-addon/aws	1.1.1
sqs	aws-ia/eks-blueprints-addon/aws	1.1.1

Resources

Name	Type
time_sleep.this	resource
aws_caller_identity.current	data source
aws_iam_policy_document.acm	data source
aws_iam_policy_document.cloudwatchlogs	data source
aws_iam_policy_document.eks	data source
aws_iam_policy_document.emrcontainers	data source
aws_iam_policy_document.iam	data source
aws_iam_policy_document.kinesis	data source
aws_iam_policy_document.kms	data source
aws_iam_policy_document.lambda	data source
aws_iam_policy_document.networkfirewall	data source
aws_iam_policy_document.prometheusservice	data source
aws_iam_policy_document.sfn	data source
aws_partition.current	data source
aws_region.current	data source

Inputs

Name	Description	Type	Default	Required
acm	ACK acm Helm Chart config	any	{}	no
apigatewayv2	ACK API gateway v2 Helm Chart config	any	{}	no
applicationautoscaling	ACK Application Autoscaling Helm Chart config	any	{}	no
cloudfront	ACK cloudfront Helm Chart config	any	{}	no
cloudtrail	ACK Cloudtrail Helm Chart config	any	{}	no
cloudwatch	ACK CloudWatch Helm Chart config	any	{}	no
cloudwatchlogs	ACK CloudWatch Logs Helm Chart config	any	{}	no
cluster_endpoint	Endpoint for your Kubernetes API server	string	n/a	yes
cluster_name	Name of the EKS cluster	string	n/a	yes
create_delay_dependencies	Dependency attribute which must be resolved before starting the create_delay_duration	list(string)	[]	no
create_delay_duration	The duration to wait before creating resources	string	"30s"	no
create_kubernetes_resources	Create Kubernetes resource with Helm or Kubernetes provider	bool	true	no
dynamodb	ACK dynamodb Helm Chart config	any	{}	no
ec2	ACK ec2 Helm Chart config	any	{}	no
ecr	ACK ECR Helm Chart config	any	{}	no
ecrpublic_token	Password decoded from the authorization token for accessing public ECR	string	""	no
ecrpublic_username	User name decoded from the authorization token for accessing public ECR	string	""	no
ecs	ACK ECS Helm Chart config	any	{}	no
efs	ACK EFS Helm Chart config	any	{}	no
eks	ACK eks Helm Chart config	any	{}	no
elasticache	ACK elasticache Helm Chart config	any	{}	no
emrcontainers	ACK EMR container Helm Chart config	any	{}	no
enable_acm	Enable ACK acm add-on	bool	false	no
enable_apigatewayv2	Enable ACK API gateway v2 add-on	bool	false	no
enable_applicationautoscaling	Enable ACK Application Autoscaling add-on	bool	false	no
enable_cloudfront	Enable ACK Cloudfront add-on	bool	false	no
enable_cloudtrail	Enable ACK Cloudtrail add-on	bool	false	no
enable_cloudwatch	Enable ACK CloudWatch add-on	bool	false	no
enable_cloudwatchlogs	Enable ACK CloudWatch Logs add-on	bool	false	no
enable_dynamodb	Enable ACK dynamodb add-on	bool	false	no
enable_ec2	Enable ACK ec2 add-on	bool	false	no
enable_ecr	Enable ACK ECR add-on	bool	false	no
enable_ecs	Enable ACK ECS add-on	bool	false	no
enable_efs	Enable ACK EFS add-on	bool	false	no
enable_eks	Enable ACK eks add-on	bool	false	no
enable_elasticache	Enable ACK elasticache add-on	bool	false	no
enable_emrcontainers	Enable ACK EMR container add-on	bool	false	no
enable_eventbridge	Enable ACK EventBridge add-on	bool	false	no
enable_iam	Enable ACK iam add-on	bool	false	no
enable_kafka	Enable ACK Kafka add-on	bool	false	no
enable_keyspaces	Enable ACK Keyspaces add-on	bool	false	no
enable_kinesis	Enable ACK Kinesis add-on	bool	false	no
enable_kms	Enable ACK kms add-on	bool	false	no
enable_lambda	Enable ACK Lambda add-on	bool	false	no
enable_memorydb	Enable ACK MemoryDB add-on	bool	false	no
enable_mq	Enable ACK MQ add-on	bool	false	no
enable_networkfirewall	Enable ACK Network Firewall add-on	bool	false	no
enable_opensearchservice	Enable ACK Opensearch Service add-on	bool	false	no
enable_organizations	Enable ACK Organizations add-on	bool	false	no
enable_prometheusservice	Enable ACK prometheusservice add-on	bool	false	no
enable_rds	Enable ACK rds add-on	bool	false	no
enable_route53	Enable ACK Route 53 add-on	bool	false	no
enable_route53resolver	Enable ACK Route 53 Resolver add-on	bool	false	no
enable_s3	Enable ACK s3 add-on	bool	false	no
enable_sagemaker	Enable ACK Sagemaker add-on	bool	false	no
enable_secretsmanager	Enable ACK Secrets Manager add-on	bool	false	no
enable_sfn	Enable ACK step functions add-on	bool	false	no
enable_sns	Enable ACK SNS add-on	bool	false	no
enable_sqs	Enable ACK SQS add-on	bool	false	no
eventbridge	ACK EventBridge Helm Chart config	any	{}	no
iam	ACK iam Helm Chart config	any	{}	no
kafka	ACK Kafka Helm Chart config	any	{}	no
keyspaces	ACK Keyspaces Helm Chart config	any	{}	no
kinesis	ACK Kinesis Helm Chart config	any	{}	no
kms	ACK kms Helm Chart config	any	{}	no
lambda	ACK Lambda Helm Chart config	any	{}	no
memorydb	ACK MemoryDB Helm Chart config	any	{}	no
mq	ACK MQ Helm Chart config	any	{}	no
networkfirewall	ACK Network Firewall Helm Chart config	any	{}	no
oidc_provider_arn	The ARN of the cluster OIDC Provider	string	n/a	yes
opensearchservice	ACK Opensearch Service Helm Chart config	any	{}	no
organizations	ACK Organizations Helm Chart config	any	{}	no
prometheusservice	ACK prometheusservice Helm Chart config	any	{}	no
rds	ACK rds Helm Chart config	any	{}	no
route53	ACK Route 53 Helm Chart config	any	{}	no
route53resolver	ACK Route 53 Resolver Helm Chart config	any	{}	no
s3	ACK s3 Helm Chart config	any	{}	no
sagemaker	ACK Sagemaker Helm Chart config	any	{}	no
secretsmanager	ACK Secrets Manager Helm Chart config	any	{}	no
sfn	ACK step functions Helm Chart config	any	{}	no
sns	ACK SNS Helm Chart config	any	{}	no
sqs	ACK SQS Helm Chart config	any	{}	no
tags	Additional tags (e.g. map('BusinessUnit,XYZ)	map(string)	{}	no

Outputs

Name	Description
gitops_metadata	GitOps Bridge metadata

Community

• Code of conduct
• Contributing
• Security issue notifications

License

Apache-2.0 Licensed. See LICENSE.