Created
August 26, 2021 10:25
-
-
Save kerin/f1208b2f62a3b7a80253359e79472531 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# module.vpc.aws_eip.nat[0]: | |
resource "aws_eip" "nat" { | |
domain = "vpc" | |
id = "eipalloc-0019409e6a452d71f" | |
network_border_group = "eu-west-1" | |
public_dns = "ec2-54-194-159-48.eu-west-1.compute.amazonaws.com" | |
public_ip = "54.194.159.48" | |
public_ipv4_pool = "amazon" | |
tags = { | |
"Name" = "eks-test-eu-west-1a" | |
} | |
tags_all = { | |
"Name" = "eks-test-eu-west-1a" | |
} | |
vpc = true | |
} | |
# module.vpc.aws_internet_gateway.this[0]: | |
resource "aws_internet_gateway" "this" { | |
arn = "arn:aws:ec2:eu-west-1:908197663318:internet-gateway/igw-0a339f61817e85fd6" | |
id = "igw-0a339f61817e85fd6" | |
owner_id = "908197663318" | |
tags = { | |
"Name" = "eks-test" | |
} | |
tags_all = { | |
"Name" = "eks-test" | |
} | |
vpc_id = "vpc-0b47010594b87e398" | |
} | |
# module.vpc.aws_nat_gateway.this[0]: | |
resource "aws_nat_gateway" "this" { | |
allocation_id = "eipalloc-0019409e6a452d71f" | |
connectivity_type = "public" | |
id = "nat-0f8aff259c1ab771f" | |
network_interface_id = "eni-0167d446d2a7c0175" | |
private_ip = "10.0.101.176" | |
public_ip = "54.194.159.48" | |
subnet_id = "subnet-095e362cb1654c57d" | |
tags = { | |
"Name" = "eks-test-eu-west-1a" | |
} | |
tags_all = { | |
"Name" = "eks-test-eu-west-1a" | |
} | |
} | |
# module.vpc.aws_route.private_nat_gateway[0]: | |
resource "aws_route" "private_nat_gateway" { | |
destination_cidr_block = "0.0.0.0/0" | |
id = "r-rtb-0c69e6e9030cd1e751080289494" | |
nat_gateway_id = "nat-0f8aff259c1ab771f" | |
origin = "CreateRoute" | |
route_table_id = "rtb-0c69e6e9030cd1e75" | |
state = "active" | |
timeouts { | |
create = "5m" | |
} | |
} | |
# module.vpc.aws_route.public_internet_gateway[0]: | |
resource "aws_route" "public_internet_gateway" { | |
destination_cidr_block = "0.0.0.0/0" | |
gateway_id = "igw-0a339f61817e85fd6" | |
id = "r-rtb-081f4017c10b2d1e71080289494" | |
origin = "CreateRoute" | |
route_table_id = "rtb-081f4017c10b2d1e7" | |
state = "active" | |
timeouts { | |
create = "5m" | |
} | |
} | |
# module.vpc.aws_route_table.private[0]: | |
resource "aws_route_table" "private" { | |
arn = "arn:aws:ec2:eu-west-1:908197663318:route-table/rtb-0c69e6e9030cd1e75" | |
id = "rtb-0c69e6e9030cd1e75" | |
owner_id = "908197663318" | |
propagating_vgws = [] | |
route = [] | |
tags = { | |
"Name" = "eks-test-private" | |
} | |
tags_all = { | |
"Name" = "eks-test-private" | |
} | |
vpc_id = "vpc-0b47010594b87e398" | |
} | |
# module.vpc.aws_route_table.public[0]: | |
resource "aws_route_table" "public" { | |
arn = "arn:aws:ec2:eu-west-1:908197663318:route-table/rtb-081f4017c10b2d1e7" | |
id = "rtb-081f4017c10b2d1e7" | |
owner_id = "908197663318" | |
propagating_vgws = [] | |
route = [] | |
tags = { | |
"Name" = "eks-test-public" | |
} | |
tags_all = { | |
"Name" = "eks-test-public" | |
} | |
vpc_id = "vpc-0b47010594b87e398" | |
} | |
# module.vpc.aws_route_table_association.private[0]: | |
resource "aws_route_table_association" "private" { | |
id = "rtbassoc-0f47c7246703b7d60" | |
route_table_id = "rtb-0c69e6e9030cd1e75" | |
subnet_id = "subnet-0dc4d5c2198372b64" | |
} | |
# module.vpc.aws_route_table_association.private[1]: | |
resource "aws_route_table_association" "private" { | |
id = "rtbassoc-02a9d7f04a701e7e6" | |
route_table_id = "rtb-0c69e6e9030cd1e75" | |
subnet_id = "subnet-0f16df45eb1d05294" | |
} | |
# module.vpc.aws_route_table_association.private[2]: | |
resource "aws_route_table_association" "private" { | |
id = "rtbassoc-0603f98d47123155a" | |
route_table_id = "rtb-0c69e6e9030cd1e75" | |
subnet_id = "subnet-0106be880448dd046" | |
} | |
# module.vpc.aws_route_table_association.public[2]: | |
resource "aws_route_table_association" "public" { | |
id = "rtbassoc-009befc57fc36de04" | |
route_table_id = "rtb-081f4017c10b2d1e7" | |
subnet_id = "subnet-0647cda3ecec7bcc0" | |
} | |
# module.vpc.aws_route_table_association.public[0]: | |
resource "aws_route_table_association" "public" { | |
id = "rtbassoc-0e7386035127840d6" | |
route_table_id = "rtb-081f4017c10b2d1e7" | |
subnet_id = "subnet-095e362cb1654c57d" | |
} | |
# module.vpc.aws_route_table_association.public[1]: | |
resource "aws_route_table_association" "public" { | |
id = "rtbassoc-01f1f4a1a6ee704ec" | |
route_table_id = "rtb-081f4017c10b2d1e7" | |
subnet_id = "subnet-0b34a7460e2079c57" | |
} | |
# module.vpc.aws_subnet.private[0]: | |
resource "aws_subnet" "private" { | |
arn = "arn:aws:ec2:eu-west-1:908197663318:subnet/subnet-0dc4d5c2198372b64" | |
assign_ipv6_address_on_creation = false | |
availability_zone = "eu-west-1a" | |
availability_zone_id = "euw1-az2" | |
cidr_block = "10.0.1.0/24" | |
id = "subnet-0dc4d5c2198372b64" | |
map_customer_owned_ip_on_launch = false | |
map_public_ip_on_launch = false | |
owner_id = "908197663318" | |
tags = { | |
"Name" = "eks-test-private-eu-west-1a" | |
"kubernetes.io/cluster/eks-test" = "shared" | |
"kubernetes.io/role/internal-elb" = "1" | |
} | |
tags_all = { | |
"Name" = "eks-test-private-eu-west-1a" | |
"kubernetes.io/cluster/eks-test" = "shared" | |
"kubernetes.io/role/internal-elb" = "1" | |
} | |
vpc_id = "vpc-0b47010594b87e398" | |
} | |
# module.vpc.aws_subnet.private[1]: | |
resource "aws_subnet" "private" { | |
arn = "arn:aws:ec2:eu-west-1:908197663318:subnet/subnet-0f16df45eb1d05294" | |
assign_ipv6_address_on_creation = false | |
availability_zone = "eu-west-1b" | |
availability_zone_id = "euw1-az1" | |
cidr_block = "10.0.2.0/24" | |
id = "subnet-0f16df45eb1d05294" | |
map_customer_owned_ip_on_launch = false | |
map_public_ip_on_launch = false | |
owner_id = "908197663318" | |
tags = { | |
"Name" = "eks-test-private-eu-west-1b" | |
"kubernetes.io/cluster/eks-test" = "shared" | |
"kubernetes.io/role/internal-elb" = "1" | |
} | |
tags_all = { | |
"Name" = "eks-test-private-eu-west-1b" | |
"kubernetes.io/cluster/eks-test" = "shared" | |
"kubernetes.io/role/internal-elb" = "1" | |
} | |
vpc_id = "vpc-0b47010594b87e398" | |
} | |
# module.vpc.aws_subnet.private[2]: | |
resource "aws_subnet" "private" { | |
arn = "arn:aws:ec2:eu-west-1:908197663318:subnet/subnet-0106be880448dd046" | |
assign_ipv6_address_on_creation = false | |
availability_zone = "eu-west-1c" | |
availability_zone_id = "euw1-az3" | |
cidr_block = "10.0.3.0/24" | |
id = "subnet-0106be880448dd046" | |
map_customer_owned_ip_on_launch = false | |
map_public_ip_on_launch = false | |
owner_id = "908197663318" | |
tags = { | |
"Name" = "eks-test-private-eu-west-1c" | |
"kubernetes.io/cluster/eks-test" = "shared" | |
"kubernetes.io/role/internal-elb" = "1" | |
} | |
tags_all = { | |
"Name" = "eks-test-private-eu-west-1c" | |
"kubernetes.io/cluster/eks-test" = "shared" | |
"kubernetes.io/role/internal-elb" = "1" | |
} | |
vpc_id = "vpc-0b47010594b87e398" | |
} | |
# module.vpc.aws_subnet.public[1]: | |
resource "aws_subnet" "public" { | |
arn = "arn:aws:ec2:eu-west-1:908197663318:subnet/subnet-0b34a7460e2079c57" | |
assign_ipv6_address_on_creation = false | |
availability_zone = "eu-west-1b" | |
availability_zone_id = "euw1-az1" | |
cidr_block = "10.0.102.0/24" | |
id = "subnet-0b34a7460e2079c57" | |
map_customer_owned_ip_on_launch = false | |
map_public_ip_on_launch = true | |
owner_id = "908197663318" | |
tags = { | |
"Name" = "eks-test-public-eu-west-1b" | |
"kubernetes.io/cluster/eks-test" = "shared" | |
"kubernetes.io/role/elb" = "1" | |
} | |
tags_all = { | |
"Name" = "eks-test-public-eu-west-1b" | |
"kubernetes.io/cluster/eks-test" = "shared" | |
"kubernetes.io/role/elb" = "1" | |
} | |
vpc_id = "vpc-0b47010594b87e398" | |
} | |
# module.vpc.aws_subnet.public[2]: | |
resource "aws_subnet" "public" { | |
arn = "arn:aws:ec2:eu-west-1:908197663318:subnet/subnet-0647cda3ecec7bcc0" | |
assign_ipv6_address_on_creation = false | |
availability_zone = "eu-west-1c" | |
availability_zone_id = "euw1-az3" | |
cidr_block = "10.0.103.0/24" | |
id = "subnet-0647cda3ecec7bcc0" | |
map_customer_owned_ip_on_launch = false | |
map_public_ip_on_launch = true | |
owner_id = "908197663318" | |
tags = { | |
"Name" = "eks-test-public-eu-west-1c" | |
"kubernetes.io/cluster/eks-test" = "shared" | |
"kubernetes.io/role/elb" = "1" | |
} | |
tags_all = { | |
"Name" = "eks-test-public-eu-west-1c" | |
"kubernetes.io/cluster/eks-test" = "shared" | |
"kubernetes.io/role/elb" = "1" | |
} | |
vpc_id = "vpc-0b47010594b87e398" | |
} | |
# module.vpc.aws_subnet.public[0]: | |
resource "aws_subnet" "public" { | |
arn = "arn:aws:ec2:eu-west-1:908197663318:subnet/subnet-095e362cb1654c57d" | |
assign_ipv6_address_on_creation = false | |
availability_zone = "eu-west-1a" | |
availability_zone_id = "euw1-az2" | |
cidr_block = "10.0.101.0/24" | |
id = "subnet-095e362cb1654c57d" | |
map_customer_owned_ip_on_launch = false | |
map_public_ip_on_launch = true | |
owner_id = "908197663318" | |
tags = { | |
"Name" = "eks-test-public-eu-west-1a" | |
"kubernetes.io/cluster/eks-test" = "shared" | |
"kubernetes.io/role/elb" = "1" | |
} | |
tags_all = { | |
"Name" = "eks-test-public-eu-west-1a" | |
"kubernetes.io/cluster/eks-test" = "shared" | |
"kubernetes.io/role/elb" = "1" | |
} | |
vpc_id = "vpc-0b47010594b87e398" | |
} | |
# module.vpc.aws_vpc.this[0]: | |
resource "aws_vpc" "this" { | |
arn = "arn:aws:ec2:eu-west-1:908197663318:vpc/vpc-0b47010594b87e398" | |
assign_generated_ipv6_cidr_block = false | |
cidr_block = "10.0.0.0/16" | |
default_network_acl_id = "acl-0c187822002680819" | |
default_route_table_id = "rtb-0575b772f12770c7b" | |
default_security_group_id = "sg-0d46e5a5f1b9cf5a7" | |
dhcp_options_id = "dopt-5eaea03b" | |
enable_classiclink = false | |
enable_classiclink_dns_support = false | |
enable_dns_hostnames = true | |
enable_dns_support = true | |
id = "vpc-0b47010594b87e398" | |
instance_tenancy = "default" | |
main_route_table_id = "rtb-0575b772f12770c7b" | |
owner_id = "908197663318" | |
tags = { | |
"Name" = "eks-test" | |
} | |
tags_all = { | |
"Name" = "eks-test" | |
} | |
} | |
# data.aws_availability_zones.current: | |
data "aws_availability_zones" "current" { | |
group_names = [ | |
"eu-west-1", | |
] | |
id = "eu-west-1" | |
names = [ | |
"eu-west-1a", | |
"eu-west-1b", | |
"eu-west-1c", | |
] | |
zone_ids = [ | |
"euw1-az2", | |
"euw1-az1", | |
"euw1-az3", | |
] | |
} | |
# data.aws_eks_cluster.cluster: | |
data "aws_eks_cluster" "cluster" { | |
arn = "arn:aws:eks:eu-west-1:908197663318:cluster/eks-test" | |
certificate_authority = [ | |
{ | |
data = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM1ekNDQWMrZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeE1EZ3lOakE1TkRRME0xb1hEVE14TURneU5EQTVORFEwTTFvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTGNOCmtvTHFWMlljSTgvM3ovbjZjRUozOUx4aXQ2enlrdG40b05HQlArbENGM2xMVHdTcGxGTVcvU2JxOGFRTjU3bVkKRzVpMm9aeFlLRVFkN0xMWkl4aWJPWThic0x2amk1dWNYRms2dUlHbUIrV3dvbk1IMHlUa0VUQzVScnBKOUlRNwpubGNNamZ1NExhTVZMWEVqZi9HRUlTY3NtQXh1RVZuZytlZzJ6N0I4eDFyaUc4ZWpBQVc5Tm1mWFJnRXJuczBFCmYzd3NMVXZncmUwNllkaXhJeUE1K1kwa28xVzlvdnBRbWNIZVQwTnZXZkMzZHRqYWFXZU5MS3NveThwZE5pZ3AKTDF3a2xLajg4SlFtUDBqQ2lSYWNRSGFDZnRRU0pTV1drUG5JdVpYanZMUHpoMk9vaWkwQWZ2cmdTZkVndUlUaApiLytKdHhHcjJrTU0vVTV4enprQ0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZKNXlmNjJrdUVSemFZNkQzbDVJcjRRMER0TWJNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFCdkQrSHZZZjdRaldLcDBmeHl5aDZJRWp3QzlIRFhlampVTTB3SWRBdmhLRThNYisxRApQNkhkblQrQ09NNWxXQ0dQQnVQSno0V3dDNC8xOGN0dEJDaUM2ZTZkdDhKR0ZFM0RHRkJxTldnRloyUXFxZy9xCkFYSEJKZ2NIYVpjUE1xMURiOFh6MzcxZHNpRlJVWkh4ck1JWkpGZmRsV21vNWxHNGxadlljbFZ2ZzJ4OFAwWWoKNkl1VlVZWjF3L1A5REl3SkZFODBaT1d5dE9OY0M4QlVuQzlTWmRwaVh5aUZqMzNxVEl1Sy9RSzcwT1RlV1VuNQpiOW0wZlpHL01rYmVhY0txbnFqTnNqSUNvREQxS0VVRmFnY0V0a0g4UnMrQU9jN3RWdnhyM0JyV1h6RWNNTXdFCm1LVzlpaUlGeHd3YWpIRWVmcitpRXlpN05BbU9wallURnNuZgotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==" | |
}, | |
] | |
created_at = "2021-08-26 09:38:20.558 +0000 UTC" | |
enabled_cluster_log_types = [] | |
endpoint = "https://D17369FE68611E699E94CF7E0BCF0E11.sk1.eu-west-1.eks.amazonaws.com" | |
id = "eks-test" | |
identity = [ | |
{ | |
oidc = [ | |
{ | |
issuer = "https://oidc.eks.eu-west-1.amazonaws.com/id/D17369FE68611E699E94CF7E0BCF0E11" | |
}, | |
] | |
}, | |
] | |
kubernetes_network_config = [ | |
{ | |
service_ipv4_cidr = "172.20.0.0/16" | |
}, | |
] | |
name = "eks-test" | |
platform_version = "eks.2" | |
role_arn = "arn:aws:iam::908197663318:role/eks-test20210826093803983000000002" | |
status = "ACTIVE" | |
tags = {} | |
version = "1.21" | |
vpc_config = [ | |
{ | |
cluster_security_group_id = "sg-0b0db2cfa6af87466" | |
endpoint_private_access = false | |
endpoint_public_access = true | |
public_access_cidrs = [ | |
"0.0.0.0/0", | |
] | |
security_group_ids = [ | |
"sg-0804c37e8426788a9", | |
] | |
subnet_ids = [ | |
"subnet-0106be880448dd046", | |
"subnet-0dc4d5c2198372b64", | |
"subnet-0f16df45eb1d05294", | |
] | |
vpc_id = "vpc-0b47010594b87e398" | |
}, | |
] | |
} | |
# data.aws_eks_cluster_auth.cluster: | |
data "aws_eks_cluster_auth" "cluster" { | |
id = "eks-test" | |
name = "eks-test" | |
token = (sensitive value) | |
} | |
# module.cluster.aws_autoscaling_group.workers[0]: | |
resource "aws_autoscaling_group" "workers" { | |
arn = "arn:aws:autoscaling:eu-west-1:908197663318:autoScalingGroup:d636463a-96a0-4b35-8835-38d1f1854d7e:autoScalingGroupName/eks-test-02021082609493882990000000f" | |
availability_zones = [ | |
"eu-west-1a", | |
"eu-west-1b", | |
"eu-west-1c", | |
] | |
capacity_rebalance = false | |
default_cooldown = 300 | |
desired_capacity = 3 | |
force_delete = false | |
force_delete_warm_pool = false | |
health_check_grace_period = 300 | |
health_check_type = "EC2" | |
id = "eks-test-02021082609493882990000000f" | |
launch_configuration = "eks-test-02021082609492981710000000e" | |
max_instance_lifetime = 0 | |
max_size = 3 | |
metrics_granularity = "1Minute" | |
min_size = 3 | |
name = "eks-test-02021082609493882990000000f" | |
name_prefix = "eks-test-0" | |
protect_from_scale_in = false | |
service_linked_role_arn = "arn:aws:iam::908197663318:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling" | |
suspended_processes = [ | |
"AZRebalance", | |
] | |
termination_policies = [] | |
vpc_zone_identifier = [ | |
"subnet-0106be880448dd046", | |
"subnet-0dc4d5c2198372b64", | |
"subnet-0f16df45eb1d05294", | |
] | |
wait_for_capacity_timeout = "10m" | |
tag { | |
key = "Name" | |
propagate_at_launch = true | |
value = "eks-test-0-eks_asg" | |
} | |
tag { | |
key = "k8s.io/cluster/eks-test" | |
propagate_at_launch = true | |
value = "owned" | |
} | |
tag { | |
key = "kubernetes.io/cluster/eks-test" | |
propagate_at_launch = true | |
value = "owned" | |
} | |
} | |
# module.cluster.aws_eks_cluster.this[0]: | |
resource "aws_eks_cluster" "this" { | |
arn = "arn:aws:eks:eu-west-1:908197663318:cluster/eks-test" | |
certificate_authority = [ | |
{ | |
data = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM1ekNDQWMrZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeE1EZ3lOakE1TkRRME0xb1hEVE14TURneU5EQTVORFEwTTFvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTGNOCmtvTHFWMlljSTgvM3ovbjZjRUozOUx4aXQ2enlrdG40b05HQlArbENGM2xMVHdTcGxGTVcvU2JxOGFRTjU3bVkKRzVpMm9aeFlLRVFkN0xMWkl4aWJPWThic0x2amk1dWNYRms2dUlHbUIrV3dvbk1IMHlUa0VUQzVScnBKOUlRNwpubGNNamZ1NExhTVZMWEVqZi9HRUlTY3NtQXh1RVZuZytlZzJ6N0I4eDFyaUc4ZWpBQVc5Tm1mWFJnRXJuczBFCmYzd3NMVXZncmUwNllkaXhJeUE1K1kwa28xVzlvdnBRbWNIZVQwTnZXZkMzZHRqYWFXZU5MS3NveThwZE5pZ3AKTDF3a2xLajg4SlFtUDBqQ2lSYWNRSGFDZnRRU0pTV1drUG5JdVpYanZMUHpoMk9vaWkwQWZ2cmdTZkVndUlUaApiLytKdHhHcjJrTU0vVTV4enprQ0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZKNXlmNjJrdUVSemFZNkQzbDVJcjRRMER0TWJNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFCdkQrSHZZZjdRaldLcDBmeHl5aDZJRWp3QzlIRFhlampVTTB3SWRBdmhLRThNYisxRApQNkhkblQrQ09NNWxXQ0dQQnVQSno0V3dDNC8xOGN0dEJDaUM2ZTZkdDhKR0ZFM0RHRkJxTldnRloyUXFxZy9xCkFYSEJKZ2NIYVpjUE1xMURiOFh6MzcxZHNpRlJVWkh4ck1JWkpGZmRsV21vNWxHNGxadlljbFZ2ZzJ4OFAwWWoKNkl1VlVZWjF3L1A5REl3SkZFODBaT1d5dE9OY0M4QlVuQzlTWmRwaVh5aUZqMzNxVEl1Sy9RSzcwT1RlV1VuNQpiOW0wZlpHL01rYmVhY0txbnFqTnNqSUNvREQxS0VVRmFnY0V0a0g4UnMrQU9jN3RWdnhyM0JyV1h6RWNNTXdFCm1LVzlpaUlGeHd3YWpIRWVmcitpRXlpN05BbU9wallURnNuZgotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==" | |
}, | |
] | |
created_at = "2021-08-26 09:38:20.558 +0000 UTC" | |
endpoint = "https://D17369FE68611E699E94CF7E0BCF0E11.sk1.eu-west-1.eks.amazonaws.com" | |
id = "eks-test" | |
identity = [ | |
{ | |
oidc = [ | |
{ | |
issuer = "https://oidc.eks.eu-west-1.amazonaws.com/id/D17369FE68611E699E94CF7E0BCF0E11" | |
}, | |
] | |
}, | |
] | |
name = "eks-test" | |
platform_version = "eks.2" | |
role_arn = "arn:aws:iam::908197663318:role/eks-test20210826093803983000000002" | |
status = "ACTIVE" | |
tags_all = {} | |
version = "1.21" | |
encryption_config { | |
resources = [ | |
"secrets", | |
] | |
provider { | |
key_arn = "arn:aws:kms:eu-west-1:908197663318:key/22aa1760-8637-41e2-80d0-46ca01040030" | |
} | |
} | |
kubernetes_network_config { | |
service_ipv4_cidr = "172.20.0.0/16" | |
} | |
timeouts { | |
create = "30m" | |
delete = "15m" | |
} | |
vpc_config { | |
cluster_security_group_id = "sg-0b0db2cfa6af87466" | |
endpoint_private_access = false | |
endpoint_public_access = true | |
public_access_cidrs = [ | |
"0.0.0.0/0", | |
] | |
security_group_ids = [ | |
"sg-0804c37e8426788a9", | |
] | |
subnet_ids = [ | |
"subnet-0106be880448dd046", | |
"subnet-0dc4d5c2198372b64", | |
"subnet-0f16df45eb1d05294", | |
] | |
vpc_id = "vpc-0b47010594b87e398" | |
} | |
} | |
# module.cluster.aws_iam_instance_profile.workers[0]: | |
resource "aws_iam_instance_profile" "workers" { | |
arn = "arn:aws:iam::908197663318:instance-profile/eks-test2021082609492865530000000a" | |
create_date = "2021-08-26T09:49:29Z" | |
id = "eks-test2021082609492865530000000a" | |
name = "eks-test2021082609492865530000000a" | |
name_prefix = "eks-test" | |
path = "/" | |
role = "eks-test20210826094927147700000009" | |
tags_all = {} | |
unique_id = "AIPA5G5GMSJLEXGHUHCBN" | |
} | |
# module.cluster.aws_iam_openid_connect_provider.oidc_provider[0]: | |
resource "aws_iam_openid_connect_provider" "oidc_provider" { | |
arn = "arn:aws:iam::908197663318:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/D17369FE68611E699E94CF7E0BCF0E11" | |
client_id_list = [ | |
"sts.amazonaws.com", | |
] | |
id = "arn:aws:iam::908197663318:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/D17369FE68611E699E94CF7E0BCF0E11" | |
tags = { | |
"Name" = "eks-test-eks-irsa" | |
} | |
tags_all = { | |
"Name" = "eks-test-eks-irsa" | |
} | |
thumbprint_list = [ | |
"9e99a48a9960b14926bb7f3b02e22da2b0ab7280", | |
] | |
url = "oidc.eks.eu-west-1.amazonaws.com/id/D17369FE68611E699E94CF7E0BCF0E11" | |
} | |
# module.cluster.aws_iam_policy.cluster_elb_sl_role_creation[0]: | |
resource "aws_iam_policy" "cluster_elb_sl_role_creation" { | |
arn = "arn:aws:iam::908197663318:policy/eks-test-elb-sl-role-creation20210826093803982800000001" | |
description = "Permissions for EKS to create AWSServiceRoleForElasticLoadBalancing service-linked role" | |
id = "arn:aws:iam::908197663318:policy/eks-test-elb-sl-role-creation20210826093803982800000001" | |
name = "eks-test-elb-sl-role-creation20210826093803982800000001" | |
name_prefix = "eks-test-elb-sl-role-creation" | |
path = "/" | |
policy = jsonencode( | |
{ | |
Statement = [ | |
{ | |
Action = [ | |
"ec2:DescribeInternetGateways", | |
"ec2:DescribeAddresses", | |
"ec2:DescribeAccountAttributes", | |
] | |
Effect = "Allow" | |
Resource = "*" | |
Sid = "" | |
}, | |
] | |
Version = "2012-10-17" | |
} | |
) | |
policy_id = "ANPA5G5GMSJLLGMIF3F6J" | |
tags_all = {} | |
} | |
# module.cluster.aws_iam_role.cluster[0]: | |
resource "aws_iam_role" "cluster" { | |
arn = "arn:aws:iam::908197663318:role/eks-test20210826093803983000000002" | |
assume_role_policy = jsonencode( | |
{ | |
Statement = [ | |
{ | |
Action = "sts:AssumeRole" | |
Effect = "Allow" | |
Principal = { | |
Service = "eks.amazonaws.com" | |
} | |
Sid = "EKSClusterAssumeRole" | |
}, | |
] | |
Version = "2012-10-17" | |
} | |
) | |
create_date = "2021-08-26T09:38:04Z" | |
force_detach_policies = true | |
id = "eks-test20210826093803983000000002" | |
managed_policy_arns = [] | |
max_session_duration = 3600 | |
name = "eks-test20210826093803983000000002" | |
name_prefix = "eks-test" | |
path = "/" | |
tags_all = {} | |
unique_id = "AROA5G5GMSJLGDA4HLDJ6" | |
inline_policy {} | |
} | |
# module.cluster.aws_iam_role.workers[0]: | |
resource "aws_iam_role" "workers" { | |
arn = "arn:aws:iam::908197663318:role/eks-test20210826094927147700000009" | |
assume_role_policy = jsonencode( | |
{ | |
Statement = [ | |
{ | |
Action = "sts:AssumeRole" | |
Effect = "Allow" | |
Principal = { | |
Service = "ec2.amazonaws.com" | |
} | |
Sid = "EKSWorkerAssumeRole" | |
}, | |
] | |
Version = "2012-10-17" | |
} | |
) | |
create_date = "2021-08-26T09:49:27Z" | |
force_detach_policies = true | |
id = "eks-test20210826094927147700000009" | |
managed_policy_arns = [] | |
max_session_duration = 3600 | |
name = "eks-test20210826094927147700000009" | |
name_prefix = "eks-test" | |
path = "/" | |
tags_all = {} | |
unique_id = "AROA5G5GMSJLF4IES7GOM" | |
inline_policy {} | |
} | |
# module.cluster.aws_iam_role_policy_attachment.cluster_AmazonEKSClusterPolicy[0]: | |
resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSClusterPolicy" { | |
id = "eks-test20210826093803983000000002-20210826093805891300000004" | |
policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy" | |
role = "eks-test20210826093803983000000002" | |
} | |
# module.cluster.aws_iam_role_policy_attachment.cluster_AmazonEKSServicePolicy[0]: | |
resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSServicePolicy" { | |
id = "eks-test20210826093803983000000002-20210826093805895400000006" | |
policy_arn = "arn:aws:iam::aws:policy/AmazonEKSServicePolicy" | |
role = "eks-test20210826093803983000000002" | |
} | |
# module.cluster.aws_iam_role_policy_attachment.cluster_AmazonEKSVPCResourceControllerPolicy[0]: | |
resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSVPCResourceControllerPolicy" { | |
id = "eks-test20210826093803983000000002-20210826093805893600000005" | |
policy_arn = "arn:aws:iam::aws:policy/AmazonEKSVPCResourceController" | |
role = "eks-test20210826093803983000000002" | |
} | |
# module.cluster.aws_iam_role_policy_attachment.cluster_elb_sl_role_creation[0]: | |
resource "aws_iam_role_policy_attachment" "cluster_elb_sl_role_creation" { | |
id = "eks-test20210826093803983000000002-20210826093805882600000003" | |
policy_arn = "arn:aws:iam::908197663318:policy/eks-test-elb-sl-role-creation20210826093803982800000001" | |
role = "eks-test20210826093803983000000002" | |
} | |
# module.cluster.aws_iam_role_policy_attachment.workers_AmazonEC2ContainerRegistryReadOnly[0]: | |
resource "aws_iam_role_policy_attachment" "workers_AmazonEC2ContainerRegistryReadOnly" { | |
id = "eks-test20210826094927147700000009-2021082609492903590000000d" | |
policy_arn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly" | |
role = "eks-test20210826094927147700000009" | |
} | |
# module.cluster.aws_iam_role_policy_attachment.workers_AmazonEKSWorkerNodePolicy[0]: | |
resource "aws_iam_role_policy_attachment" "workers_AmazonEKSWorkerNodePolicy" { | |
id = "eks-test20210826094927147700000009-2021082609492903400000000b" | |
policy_arn = "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy" | |
role = "eks-test20210826094927147700000009" | |
} | |
# module.cluster.aws_iam_role_policy_attachment.workers_AmazonEKS_CNI_Policy[0]: | |
resource "aws_iam_role_policy_attachment" "workers_AmazonEKS_CNI_Policy" { | |
id = "eks-test20210826094927147700000009-2021082609492903430000000c" | |
policy_arn = "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy" | |
role = "eks-test20210826094927147700000009" | |
} | |
# module.cluster.aws_launch_configuration.workers[0]: | |
resource "aws_launch_configuration" "workers" { | |
arn = "arn:aws:autoscaling:eu-west-1:908197663318:launchConfiguration:08c4b64f-0583-41e6-b2b3-99cbe004718a:launchConfigurationName/eks-test-02021082609492981710000000e" | |
associate_public_ip_address = false | |
ebs_optimized = true | |
enable_monitoring = true | |
iam_instance_profile = "eks-test2021082609492865530000000a" | |
id = "eks-test-02021082609492981710000000e" | |
image_id = "ami-0b1c217770f6cd7ca" | |
instance_type = "t3.small" | |
name = "eks-test-02021082609492981710000000e" | |
name_prefix = "eks-test-0" | |
security_groups = [ | |
"sg-0b823b63b771b5c76", | |
] | |
user_data_base64 = "IyEvYmluL2Jhc2ggLWUKCiMgQWxsb3cgdXNlciBzdXBwbGllZCBwcmUgdXNlcmRhdGEgY29kZQoKCiMgQm9vdHN0cmFwIGFuZCBqb2luIHRoZSBjbHVzdGVyCi9ldGMvZWtzL2Jvb3RzdHJhcC5zaCAtLWI2NC1jbHVzdGVyLWNhICdMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VNMWVrTkRRV01yWjBGM1NVSkJaMGxDUVVSQlRrSm5hM0ZvYTJsSE9YY3dRa0ZSYzBaQlJFRldUVkpOZDBWUldVUldVVkZFUlhkd2NtUlhTbXdLWTIwMWJHUkhWbnBOUWpSWVJGUkplRTFFWjNsT2FrRTFUa1JSTUUweGIxaEVWRTE0VFVSbmVVNUVRVFZPUkZFd1RURnZkMFpVUlZSTlFrVkhRVEZWUlFwQmVFMUxZVE5XYVZwWVNuVmFXRkpzWTNwRFEwRlRTWGRFVVZsS1MyOWFTV2gyWTA1QlVVVkNRbEZCUkdkblJWQkJSRU5EUVZGdlEyZG5SVUpCVEdOT0NtdHZUSEZXTWxsalNUZ3ZNM292YmpaalJVb3pPVXg0YVhRMmVubHJkRzQwYjA1SFFsQXJiRU5HTTJ4TVZIZFRjR3hHVFZjdlUySnhPR0ZSVGpVM2JWa0tSelZwTW05YWVGbExSVkZrTjB4TVdrbDRhV0pQV1RoaWMweDJhbWsxZFdOWVJtczJkVWxIYlVJclYzZHZiazFJTUhsVWEwVlVRelZTY25CS09VbFJOd3B1YkdOTmFtWjFORXhoVFZaTVdFVnFaaTlIUlVsVFkzTnRRWGgxUlZadVp5dGxaeko2TjBJNGVERnlhVWM0WldwQlFWYzVUbTFtV0ZKblJYSnVjekJGQ21ZemQzTk1WWFpuY21Vd05sbGthWGhKZVVFMUsxa3dhMjh4VnpsdmRuQlJiV05JWlZRd1RuWlhaa016WkhScVlXRlhaVTVNUzNOdmVUaHdaRTVwWjNBS1RERjNhMnhMYWpnNFNsRnRVREJxUTJsU1lXTlJTR0ZEWm5SUlUwcFRWMWRyVUc1SmRWcFlhblpNVUhwb01rOXZhV2t3UVdaMmNtZFRaa1ZuZFVsVWFBcGlMeXRLZEhoSGNqSnJUVTB2VlRWNGVucHJRMEYzUlVGQllVNURUVVZCZDBSbldVUldVakJRUVZGSUwwSkJVVVJCWjB0clRVRTRSMEV4VldSRmQwVkNDaTkzVVVaTlFVMUNRV1k0ZDBoUldVUldVakJQUWtKWlJVWktOWGxtTmpKcmRVVlNlbUZaTmtRemJEVkpjalJSTUVSMFRXSk5RVEJIUTFOeFIxTkpZak1LUkZGRlFrTjNWVUZCTkVsQ1FWRkNka1FyU0haWlpqZFJhbGRMY0RCbWVIbDVhRFpKUldwM1F6bElSRmhsYW1wVlRUQjNTV1JCZG1oTFJUaE5ZaXN4UkFwUU5raGtibFFyUTA5Tk5XeFhRMGRRUW5WUVNubzBWM2RETkM4eE9HTjBkRUpEYVVNMlpUWmtkRGhLUjBaRk0wUkhSa0p4VGxkblJsb3lVWEZ4Wnk5eENrRllTRUpLWjJOSVlWcGpVRTF4TVVSaU9GaDZNemN4WkhOcFJsSlZXa2g0Y2sxSldrcEdabVJzVjIxdk5XeEhOR3hhZGxsamJGWjJaeko0T0ZBd1dXb0tOa2wxVmxWWldqRjNMMUE1UkVsM1NrWkZPREJhVDFkNWRFOU9ZME00UWxWdVF6bFRXbVJ3YVZoNWFVWnFNek54VkVsMVN5OVJTemN3VDFSbFYxVnVOUXBpT1cwd1pscEhMMDFyWW1WaFkwdHhibkZxVG5OcVNVTnZSRVF4UzBWVlJtRm5ZMFYwYTBnNFVuTXJRVTlqTjNSV2RuaHlNMEp5VjFoNlJXTk5UWGRGQ20xTFZ6bHBhVWxHZUhkM1lXcElSV1ZtY2l0cFJYbHBOMDVCYlU5d2FsbFVSbk51WmdvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2c9PScgLS1hcGlzZXJ2ZXItZW5kcG9pbnQgJ2h0dHBzOi8vRDE3MzY5RkU2ODYxMUU2OTlFOTRDRjdFMEJDRjBFMTEuc2sxLmV1LXdlc3QtMS5la3MuYW1hem9uYXdzLmNvbScgIC0ta3ViZWxldC1leHRyYS1hcmdzICIiICdla3MtdGVzdCcKCiMgQWxsb3cgdXNlciBzdXBwbGllZCB1c2VyZGF0YSBjb2RlCgo=" | |
metadata_options { | |
http_endpoint = "enabled" | |
http_put_response_hop_limit = 1 | |
http_tokens = "optional" | |
} | |
root_block_device { | |
delete_on_termination = true | |
encrypted = false | |
iops = 0 | |
throughput = 0 | |
volume_size = 100 | |
volume_type = "gp2" | |
} | |
} | |
# module.cluster.aws_security_group.cluster[0]: | |
resource "aws_security_group" "cluster" { | |
arn = "arn:aws:ec2:eu-west-1:908197663318:security-group/sg-0804c37e8426788a9" | |
description = "EKS cluster security group." | |
egress = [] | |
id = "sg-0804c37e8426788a9" | |
ingress = [] | |
name = "eks-test20210826093816521300000008" | |
name_prefix = "eks-test" | |
owner_id = "908197663318" | |
revoke_rules_on_delete = false | |
tags = { | |
"Name" = "eks-test-eks_cluster_sg" | |
} | |
tags_all = { | |
"Name" = "eks-test-eks_cluster_sg" | |
} | |
vpc_id = "vpc-0b47010594b87e398" | |
} | |
# module.cluster.aws_security_group.workers[0]: | |
resource "aws_security_group" "workers" { | |
arn = "arn:aws:ec2:eu-west-1:908197663318:security-group/sg-0b823b63b771b5c76" | |
description = "Security group for all nodes in the cluster." | |
egress = [] | |
id = "sg-0b823b63b771b5c76" | |
ingress = [] | |
name = "eks-test20210826093815961000000007" | |
name_prefix = "eks-test" | |
owner_id = "908197663318" | |
revoke_rules_on_delete = false | |
tags = { | |
"Name" = "eks-test-eks_worker_sg" | |
"kubernetes.io/cluster/eks-test" = "owned" | |
} | |
tags_all = { | |
"Name" = "eks-test-eks_worker_sg" | |
"kubernetes.io/cluster/eks-test" = "owned" | |
} | |
vpc_id = "vpc-0b47010594b87e398" | |
} | |
# module.cluster.aws_security_group_rule.cluster_egress_internet[0]: | |
resource "aws_security_group_rule" "cluster_egress_internet" { | |
cidr_blocks = [ | |
"0.0.0.0/0", | |
] | |
description = "Allow cluster egress access to the Internet." | |
from_port = 0 | |
id = "sgrule-380666626" | |
protocol = "-1" | |
security_group_id = "sg-0804c37e8426788a9" | |
self = false | |
to_port = 0 | |
type = "egress" | |
} | |
# module.cluster.aws_security_group_rule.cluster_https_worker_ingress[0]: | |
resource "aws_security_group_rule" "cluster_https_worker_ingress" { | |
description = "Allow pods to communicate with the EKS cluster API." | |
from_port = 443 | |
id = "sgrule-2248505601" | |
protocol = "tcp" | |
security_group_id = "sg-0804c37e8426788a9" | |
self = false | |
source_security_group_id = "sg-0b823b63b771b5c76" | |
to_port = 443 | |
type = "ingress" | |
} | |
# module.cluster.aws_security_group_rule.workers_egress_internet[0]: | |
resource "aws_security_group_rule" "workers_egress_internet" { | |
cidr_blocks = [ | |
"0.0.0.0/0", | |
] | |
description = "Allow nodes all egress to the Internet." | |
from_port = 0 | |
id = "sgrule-1231839037" | |
protocol = "-1" | |
security_group_id = "sg-0b823b63b771b5c76" | |
self = false | |
to_port = 0 | |
type = "egress" | |
} | |
# module.cluster.aws_security_group_rule.workers_ingress_cluster[0]: | |
resource "aws_security_group_rule" "workers_ingress_cluster" { | |
description = "Allow workers pods to receive communication from the cluster control plane." | |
from_port = 1025 | |
id = "sgrule-3703879795" | |
protocol = "tcp" | |
security_group_id = "sg-0b823b63b771b5c76" | |
self = false | |
source_security_group_id = "sg-0804c37e8426788a9" | |
to_port = 65535 | |
type = "ingress" | |
} | |
# module.cluster.aws_security_group_rule.workers_ingress_cluster_https[0]: | |
resource "aws_security_group_rule" "workers_ingress_cluster_https" { | |
description = "Allow pods running extension API servers on port 443 to receive communication from cluster control plane." | |
from_port = 443 | |
id = "sgrule-4009699383" | |
protocol = "tcp" | |
security_group_id = "sg-0b823b63b771b5c76" | |
self = false | |
source_security_group_id = "sg-0804c37e8426788a9" | |
to_port = 443 | |
type = "ingress" | |
} | |
# module.cluster.aws_security_group_rule.workers_ingress_self[0]: | |
resource "aws_security_group_rule" "workers_ingress_self" { | |
description = "Allow node to communicate with each other." | |
from_port = 0 | |
id = "sgrule-603670105" | |
protocol = "-1" | |
security_group_id = "sg-0b823b63b771b5c76" | |
self = false | |
source_security_group_id = "sg-0b823b63b771b5c76" | |
to_port = 65535 | |
type = "ingress" | |
} | |
# module.cluster.data.aws_ami.eks_worker[0]: | |
data "aws_ami" "eks_worker" { | |
architecture = "x86_64" | |
arn = "arn:aws:ec2:eu-west-1::image/ami-0b1c217770f6cd7ca" | |
block_device_mappings = [ | |
{ | |
device_name = "/dev/xvda" | |
ebs = { | |
"delete_on_termination" = "true" | |
"encrypted" = "false" | |
"iops" = "0" | |
"snapshot_id" = "snap-068b7fcffebfd1ca3" | |
"throughput" = "0" | |
"volume_size" = "20" | |
"volume_type" = "gp2" | |
} | |
no_device = "" | |
virtual_name = "" | |
}, | |
] | |
creation_date = "2021-08-13T17:45:15.000Z" | |
description = "EKS Kubernetes Worker AMI with AmazonLinux2 image, (k8s: 1.21.2, docker: 19.03.13ce-1.amzn2, containerd: 1.4.6-2.amzn2)" | |
ena_support = true | |
hypervisor = "xen" | |
id = "ami-0b1c217770f6cd7ca" | |
image_id = "ami-0b1c217770f6cd7ca" | |
image_location = "amazon/amazon-eks-node-1.21-v20210813" | |
image_owner_alias = "amazon" | |
image_type = "machine" | |
most_recent = true | |
name = "amazon-eks-node-1.21-v20210813" | |
owner_id = "602401143452" | |
owners = [ | |
"amazon", | |
] | |
platform_details = "Linux/UNIX" | |
product_codes = [] | |
public = true | |
root_device_name = "/dev/xvda" | |
root_device_type = "ebs" | |
root_snapshot_id = "snap-068b7fcffebfd1ca3" | |
sriov_net_support = "simple" | |
state = "available" | |
state_reason = { | |
"code" = "UNSET" | |
"message" = "UNSET" | |
} | |
tags = {} | |
usage_operation = "RunInstances" | |
virtualization_type = "hvm" | |
filter { | |
name = "name" | |
values = [ | |
"amazon-eks-node-1.21-v*", | |
] | |
} | |
} | |
# module.cluster.data.aws_caller_identity.current: | |
data "aws_caller_identity" "current" { | |
account_id = "908197663318" | |
arn = "arn:aws:iam::908197663318:user/kerin" | |
id = "908197663318" | |
user_id = "AIDAITGJQXJFIRITARVJG" | |
} | |
# module.cluster.data.aws_iam_policy_document.cluster_assume_role_policy: | |
data "aws_iam_policy_document" "cluster_assume_role_policy" { | |
id = "2764486067" | |
json = jsonencode( | |
{ | |
Statement = [ | |
{ | |
Action = "sts:AssumeRole" | |
Effect = "Allow" | |
Principal = { | |
Service = "eks.amazonaws.com" | |
} | |
Sid = "EKSClusterAssumeRole" | |
}, | |
] | |
Version = "2012-10-17" | |
} | |
) | |
version = "2012-10-17" | |
statement { | |
actions = [ | |
"sts:AssumeRole", | |
] | |
effect = "Allow" | |
not_actions = [] | |
not_resources = [] | |
resources = [] | |
sid = "EKSClusterAssumeRole" | |
principals { | |
identifiers = [ | |
"eks.amazonaws.com", | |
] | |
type = "Service" | |
} | |
} | |
} | |
# module.cluster.data.aws_iam_policy_document.cluster_elb_sl_role_creation[0]: | |
data "aws_iam_policy_document" "cluster_elb_sl_role_creation" { | |
id = "3709839417" | |
json = jsonencode( | |
{ | |
Statement = [ | |
{ | |
Action = [ | |
"ec2:DescribeInternetGateways", | |
"ec2:DescribeAddresses", | |
"ec2:DescribeAccountAttributes", | |
] | |
Effect = "Allow" | |
Resource = "*" | |
Sid = "" | |
}, | |
] | |
Version = "2012-10-17" | |
} | |
) | |
version = "2012-10-17" | |
statement { | |
actions = [ | |
"ec2:DescribeAccountAttributes", | |
"ec2:DescribeAddresses", | |
"ec2:DescribeInternetGateways", | |
] | |
effect = "Allow" | |
not_actions = [] | |
not_resources = [] | |
resources = [ | |
"*", | |
] | |
} | |
} | |
# module.cluster.data.aws_iam_policy_document.workers_assume_role_policy: | |
data "aws_iam_policy_document" "workers_assume_role_policy" { | |
id = "3778018924" | |
json = jsonencode( | |
{ | |
Statement = [ | |
{ | |
Action = "sts:AssumeRole" | |
Effect = "Allow" | |
Principal = { | |
Service = "ec2.amazonaws.com" | |
} | |
Sid = "EKSWorkerAssumeRole" | |
}, | |
] | |
Version = "2012-10-17" | |
} | |
) | |
version = "2012-10-17" | |
statement { | |
actions = [ | |
"sts:AssumeRole", | |
] | |
effect = "Allow" | |
not_actions = [] | |
not_resources = [] | |
resources = [] | |
sid = "EKSWorkerAssumeRole" | |
principals { | |
identifiers = [ | |
"ec2.amazonaws.com", | |
] | |
type = "Service" | |
} | |
} | |
} | |
# module.cluster.data.aws_partition.current: | |
data "aws_partition" "current" { | |
dns_suffix = "amazonaws.com" | |
id = "aws" | |
partition = "aws" | |
reverse_dns_prefix = "com.amazonaws" | |
} | |
# module.cluster.data.http.wait_for_cluster[0]: | |
data "http" "wait_for_cluster" { | |
body = "ok" | |
ca_certificate = <<-EOT | |
-----BEGIN CERTIFICATE----- | |
MIIC5zCCAc+gAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl | |
cm5ldGVzMB4XDTIxMDgyNjA5NDQ0M1oXDTMxMDgyNDA5NDQ0M1owFTETMBEGA1UE | |
AxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALcN | |
koLqV2YcI8/3z/n6cEJ39Lxit6zyktn4oNGBP+lCF3lLTwSplFMW/Sbq8aQN57mY | |
G5i2oZxYKEQd7LLZIxibOY8bsLvji5ucXFk6uIGmB+WwonMH0yTkETC5RrpJ9IQ7 | |
nlcMjfu4LaMVLXEjf/GEIScsmAxuEVng+eg2z7B8x1riG8ejAAW9NmfXRgErns0E | |
f3wsLUvgre06YdixIyA5+Y0ko1W9ovpQmcHeT0NvWfC3dtjaaWeNLKsoy8pdNigp | |
L1wklKj88JQmP0jCiRacQHaCftQSJSWWkPnIuZXjvLPzh2Ooii0AfvrgSfEguITh | |
b/+JtxGr2kMM/U5xzzkCAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB | |
/wQFMAMBAf8wHQYDVR0OBBYEFJ5yf62kuERzaY6D3l5Ir4Q0DtMbMA0GCSqGSIb3 | |
DQEBCwUAA4IBAQBvD+HvYf7QjWKp0fxyyh6IEjwC9HDXejjUM0wIdAvhKE8Mb+1D | |
P6HdnT+COM5lWCGPBuPJz4WwC4/18cttBCiC6e6dt8JGFE3DGFBqNWgFZ2Qqqg/q | |
AXHBJgcHaZcPMq1Db8Xz371dsiFRUZHxrMIZJFfdlWmo5lG4lZvYclVvg2x8P0Yj | |
6IuVUYZ1w/P9DIwJFE80ZOWytONcC8BUnC9SZdpiXyiFj33qTIuK/QK70OTeWUn5 | |
b9m0fZG/MkbeacKqnqjNsjICoDD1KEUFagcEtkH8Rs+AOc7tVvxr3BrWXzEcMMwE | |
mKW9iiIFxwwajHEefr+iEyi7NAmOpjYTFsnf | |
-----END CERTIFICATE----- | |
EOT | |
id = "https://D17369FE68611E699E94CF7E0BCF0E11.sk1.eu-west-1.eks.amazonaws.com/healthz" | |
insecure = false | |
response_headers = { | |
"Cache-Control" = "no-cache, private" | |
"Content-Length" = "2" | |
"Content-Type" = "text/plain; charset=utf-8" | |
"Date" = "Thu, 26 Aug 2021 09:49:27 GMT" | |
"X-Content-Type-Options" = "nosniff" | |
"X-Kubernetes-Pf-Flowschema-Uid" = "c2bf0ba2-916e-4e96-be1e-ade16d8dd939" | |
"X-Kubernetes-Pf-Prioritylevel-Uid" = "9b351283-4e16-47e7-ae6a-1b70d6bfac5e" | |
} | |
timeout = 300 | |
url = "https://D17369FE68611E699E94CF7E0BCF0E11.sk1.eu-west-1.eks.amazonaws.com/healthz" | |
} | |
# module.cluster.kubernetes_config_map.aws_auth[0]: | |
resource "kubernetes_config_map" "aws_auth" { | |
data = { | |
"mapAccounts" = jsonencode([]) | |
"mapRoles" = <<-EOT | |
- "groups": | |
- "system:bootstrappers" | |
- "system:nodes" | |
"rolearn": "arn:aws:iam::908197663318:role/eks-test20210826094927147700000009" | |
"username": "system:node:{{EC2PrivateDNSName}}" | |
EOT | |
"mapUsers" = jsonencode([]) | |
} | |
id = "kube-system/aws-auth" | |
metadata { | |
generation = 0 | |
labels = { | |
"app.kubernetes.io/managed-by" = "Terraform" | |
"terraform.io/module" = "terraform-aws-modules.eks.aws" | |
} | |
name = "aws-auth" | |
namespace = "kube-system" | |
resource_version = "761" | |
uid = "9e28a145-1697-4645-8527-3647c206caa1" | |
} | |
} | |
# module.irsa.aws_iam_role.nginx_deployment: | |
resource "aws_iam_role" "nginx_deployment" { | |
arn = "arn:aws:iam::908197663318:role/K8sNginxDeploymentRole" | |
assume_role_policy = jsonencode( | |
{ | |
Statement = [ | |
{ | |
Action = "sts:AssumeRoleWithWebIdentity" | |
Condition = { | |
StringEquals = { | |
oidc.eks.eu-west-1.amazonaws.com/id/D17369FE68611E699E94CF7E0BCF0E11:sub = "system:serviceaccount:default:nginx-deployment" | |
} | |
} | |
Effect = "Allow" | |
Principal = { | |
Federated = "arn:aws:iam::908197663318:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/D17369FE68611E699E94CF7E0BCF0E11" | |
} | |
}, | |
] | |
Version = "2012-10-17" | |
} | |
) | |
create_date = "2021-08-26T09:49:27Z" | |
force_detach_policies = false | |
id = "K8sNginxDeploymentRole" | |
managed_policy_arns = [] | |
max_session_duration = 3600 | |
name = "K8sNginxDeploymentRole" | |
path = "/" | |
tags_all = {} | |
unique_id = "AROA5G5GMSJLK3IPD5OAN" | |
inline_policy { | |
name = "K8sNginxDeploymentPolicy" | |
policy = jsonencode( | |
{ | |
Statement = [ | |
{ | |
Action = [ | |
"secretsmanager:GetSecretValue", | |
"secretsmanager:DescribeSecret", | |
] | |
Effect = "Allow" | |
Resource = [ | |
"arn:aws:secretsmanager:eu-west-1:908197663318:secret:nginx/simple-FPXS97", | |
"arn:aws:secretsmanager:eu-west-1:908197663318:secret:nginx/json-2NQmg8", | |
] | |
}, | |
] | |
Version = "2012-10-17" | |
} | |
) | |
} | |
} | |
# module.irsa.data.aws_caller_identity.current: | |
data "aws_caller_identity" "current" { | |
account_id = "908197663318" | |
arn = "arn:aws:iam::908197663318:user/kerin" | |
id = "908197663318" | |
user_id = "AIDAITGJQXJFIRITARVJG" | |
} | |
# module.kms.aws_kms_key.eks: | |
resource "aws_kms_key" "eks" { | |
arn = "arn:aws:kms:eu-west-1:908197663318:key/22aa1760-8637-41e2-80d0-46ca01040030" | |
customer_master_key_spec = "SYMMETRIC_DEFAULT" | |
description = "EKS Secret Encryption Key" | |
enable_key_rotation = false | |
id = "22aa1760-8637-41e2-80d0-46ca01040030" | |
is_enabled = true | |
key_id = "22aa1760-8637-41e2-80d0-46ca01040030" | |
key_usage = "ENCRYPT_DECRYPT" | |
policy = jsonencode( | |
{ | |
Id = "key-default-1" | |
Statement = [ | |
{ | |
Action = "kms:*" | |
Effect = "Allow" | |
Principal = { | |
AWS = "arn:aws:iam::908197663318:root" | |
} | |
Resource = "*" | |
Sid = "Enable IAM User Permissions" | |
}, | |
] | |
Version = "2012-10-17" | |
} | |
) | |
tags_all = {} | |
} | |
# module.kms.aws_kms_key.secrets_manager: | |
resource "aws_kms_key" "secrets_manager" { | |
arn = "arn:aws:kms:eu-west-1:908197663318:key/60216583-44e9-49c9-b447-9ddef2cabcf9" | |
customer_master_key_spec = "SYMMETRIC_DEFAULT" | |
description = "Secrets Manager key" | |
enable_key_rotation = false | |
id = "60216583-44e9-49c9-b447-9ddef2cabcf9" | |
is_enabled = true | |
key_id = "60216583-44e9-49c9-b447-9ddef2cabcf9" | |
key_usage = "ENCRYPT_DECRYPT" | |
policy = jsonencode( | |
{ | |
Id = "auto-secretsmanager-1" | |
Statement = [ | |
{ | |
Action = [ | |
"kms:Encrypt", | |
"kms:Decrypt", | |
"kms:ReEncrypt*", | |
"kms:GenerateDataKey*", | |
"kms:CreateGrant", | |
"kms:DescribeKey", | |
] | |
Condition = { | |
StringEquals = { | |
kms:CallerAccount = "908197663318" | |
kms:ViaService = "secretsmanager.eu-west-1.amazonaws.com" | |
} | |
} | |
Effect = "Allow" | |
Principal = { | |
AWS = "*" | |
} | |
Resource = "*" | |
Sid = "Allow access through AWS Secrets Manager for all principals in the account that are authorized to use AWS Secrets Manager" | |
}, | |
{ | |
Action = "kms:*" | |
Effect = "Allow" | |
Principal = { | |
AWS = "arn:aws:iam::908197663318:root" | |
} | |
Resource = "*" | |
Sid = "Allow direct access to key metadata to the account" | |
}, | |
] | |
Version = "2012-10-17" | |
} | |
) | |
tags_all = {} | |
} | |
# module.kms.data.aws_caller_identity.current: | |
data "aws_caller_identity" "current" { | |
account_id = "908197663318" | |
arn = "arn:aws:iam::908197663318:user/kerin" | |
id = "908197663318" | |
user_id = "AIDAITGJQXJFIRITARVJG" | |
} | |
# module.kms.data.aws_region.current: | |
data "aws_region" "current" { | |
description = "Europe (Ireland)" | |
endpoint = "ec2.eu-west-1.amazonaws.com" | |
id = "eu-west-1" | |
name = "eu-west-1" | |
} | |
# module.secrets.aws_secretsmanager_secret.json: | |
resource "aws_secretsmanager_secret" "json" { | |
arn = "arn:aws:secretsmanager:eu-west-1:908197663318:secret:nginx/json-2NQmg8" | |
force_overwrite_replica_secret = false | |
id = "arn:aws:secretsmanager:eu-west-1:908197663318:secret:nginx/json-2NQmg8" | |
kms_key_id = "arn:aws:kms:eu-west-1:908197663318:key/60216583-44e9-49c9-b447-9ddef2cabcf9" | |
name = "nginx/json" | |
recovery_window_in_days = 0 | |
rotation_enabled = false | |
tags_all = {} | |
} | |
# module.secrets.aws_secretsmanager_secret.simple: | |
resource "aws_secretsmanager_secret" "simple" { | |
arn = "arn:aws:secretsmanager:eu-west-1:908197663318:secret:nginx/simple-FPXS97" | |
force_overwrite_replica_secret = false | |
id = "arn:aws:secretsmanager:eu-west-1:908197663318:secret:nginx/simple-FPXS97" | |
kms_key_id = "arn:aws:kms:eu-west-1:908197663318:key/60216583-44e9-49c9-b447-9ddef2cabcf9" | |
name = "nginx/simple" | |
recovery_window_in_days = 0 | |
rotation_enabled = false | |
tags_all = {} | |
} | |
# module.secrets.aws_secretsmanager_secret_version.json: | |
resource "aws_secretsmanager_secret_version" "json" { | |
arn = "arn:aws:secretsmanager:eu-west-1:908197663318:secret:nginx/json-2NQmg8" | |
id = "arn:aws:secretsmanager:eu-west-1:908197663318:secret:nginx/json-2NQmg8|3895E3D9-1200-4688-AE5C-275CC5DE60DE" | |
secret_id = "arn:aws:secretsmanager:eu-west-1:908197663318:secret:nginx/json-2NQmg8" | |
secret_string = (sensitive value) | |
version_id = "3895E3D9-1200-4688-AE5C-275CC5DE60DE" | |
version_stages = [ | |
"AWSCURRENT", | |
] | |
} | |
# module.secrets.aws_secretsmanager_secret_version.simple: | |
resource "aws_secretsmanager_secret_version" "simple" { | |
arn = "arn:aws:secretsmanager:eu-west-1:908197663318:secret:nginx/simple-FPXS97" | |
id = "arn:aws:secretsmanager:eu-west-1:908197663318:secret:nginx/simple-FPXS97|67101380-D2D7-405C-B317-48AA6A71BA13" | |
secret_id = "arn:aws:secretsmanager:eu-west-1:908197663318:secret:nginx/simple-FPXS97" | |
secret_string = (sensitive value) | |
version_id = "67101380-D2D7-405C-B317-48AA6A71BA13" | |
version_stages = [ | |
"AWSCURRENT", | |
] | |
} | |
Outputs: | |
cluster_arn = "arn:aws:eks:eu-west-1:908197663318:cluster/eks-test" | |
cluster_endpoint = "https://D17369FE68611E699E94CF7E0BCF0E11.sk1.eu-west-1.eks.amazonaws.com" | |
cluster_name = "eks-test" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment