| Name | Version |
|---|---|
| terraform | >= 0.14 |
| aws | >= 3.71.0 |
| kubernetes | >= 2.10 |
| Name | Version |
|---|---|
| aws | 3.71.0 |
| Name | Source | Version |
|---|---|---|
| eks | terraform-aws-modules/eks/aws | 17.18.0 |
| iam_assumable_role_cert_manager | github.com/ministryofjustice/ap-terraform-iam-roles//eks-role | v1.4.0 |
| iam_assumable_role_cluster_autoscaler | github.com/ministryofjustice/ap-terraform-iam-roles//eks-role | v1.4.0 |
| iam_assumable_role_ebs_csi_driver | github.com/ministryofjustice/ap-terraform-iam-roles//eks-role | v1.4.0 |
| iam_assumable_role_external_dns | github.com/ministryofjustice/ap-terraform-iam-roles//eks-role | v1.4.0 |
| iam_assumable_role_external_secrets | github.com/ministryofjustice/ap-terraform-iam-roles//eks-role | v1.4.0 |
| Name | Type |
|---|---|
| aws_eks_addon.coredns | resource |
| aws_eks_addon.ebs_csi | resource |
| aws_eks_addon.vpc_cni | resource |
| aws_eks_identity_provider_config.this | resource |
| aws_iam_policy.cert_manager | resource |
| aws_iam_policy.cluster_autoscaler | resource |
| aws_iam_policy.ebs_csi_driver | resource |
| aws_iam_policy.external_dns | resource |
| aws_iam_policy.external_secrets | resource |
| aws_iam_role_policy_attachment.eks_worker_cloudwatch_agent | resource |
| aws_kms_key.eks | resource |
| aws_caller_identity.current | data source |
| aws_iam_policy_document.cert_manager | data source |
| aws_iam_policy_document.cluster_autoscaler | data source |
| aws_iam_policy_document.ebs_csi_driver | data source |
| aws_iam_policy_document.external_dns | data source |
| aws_iam_policy_document.external_secrets | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| cluster_coredns_version | Version of the CoreDNS add on | string |
n/a | yes |
| cluster_ebs_csi_version | Version of the EBS CSI add on | string |
n/a | yes |
| cluster_name | The K8S version of the EKS control plane to provision | string |
n/a | yes |
| cluster_node_group_version | The K8S version of the EKS node group to provision | string |
n/a | yes |
| cluster_version | The K8S version of the EKS control plane to provision | string |
n/a | yes |
| cluster_vpc_cni_version | Version of the VPC CNI add on | string |
n/a | yes |
| core_infra_nodegroup_desired_capacity | The desired capacity for the EKS node group | number |
n/a | yes |
| core_infra_nodegroup_instance_types | EC2 instance types to be used for the core infra EKS nodegroup | string |
n/a | yes |
| core_infra_nodegroup_max_capacity | The maximum capacity for the EKS node group | number |
n/a | yes |
| core_infra_nodegroup_min_capacity | The minimum capacity for the EKS node group | number |
n/a | yes |
| create_timeout | value | string |
"60m" |
no |
| delete_timeout | value | string |
"60m" |
no |
| disk_size | The desired capacity for the EKS node group | number |
n/a | yes |
| main_nodegroup_desired_capacity | The desired capacity for the EKS node group | number |
n/a | yes |
| main_nodegroup_instance_types | EC2 instance types to be used for the main EKS nodegroup | string |
n/a | yes |
| main_nodegroup_max_capacity | The maximum capacity for the EKS node group | number |
n/a | yes |
| main_nodegroup_min_capacity | The minimum capacity for the EKS node group | number |
n/a | yes |
| map_roles | Additional IAM roles to add to the aws-auth configmap. | list(object({ |
n/a | yes |
| org_name | Organisation the EKS cluster should trust | string |
n/a | yes |
| route53_zone_arn | The route53 zone ID for the cluster's domain | string |
n/a | yes |
| subnets | List of private subnet address ranges in CIDR format | list(string) |
n/a | yes |
| vpc_id | ID of the VPC to create the cluster in | string |
n/a | yes |
| Name | Description |
|---|---|
| cluster_id | The ID of the cluster |
| cluster_oidc_issuer_url | The URL of the OIDC issuer created by the cluster |
| cluster_role_arns | ARNS of the roles created to support core K8S components |