Foundation - Pelotech's GitOps K8s Cluster

This is the terraform module that helps bootstrap foundation in AWS

Requirements

Name	Version
terraform	>= 1.5.7
aws	>= 5.45.0

Providers

Name	Version
aws	>= 5.45.0

Modules

Name	Source	Version
cert_manager_irsa_role	terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks	5.51.0
ebs_csi_driver_irsa_role	terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks	5.51.0
eks	terraform-aws-modules/eks/aws	20.31.6
external_dns_irsa_role	terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks	5.51.0
karpenter	terraform-aws-modules/eks/aws//modules/karpenter	20.31.6
load_balancer_controller_irsa_role	terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks	5.51.0
s3_csi	terraform-aws-modules/s3-bucket/aws	4.3.0
s3_driver_irsa_role	terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks	5.51.0
vpc	terraform-aws-modules/vpc/aws	5.17.0

Resources

Name	Type
aws_vpc_endpoint.eks_vpc_endpoints	resource
aws_partition.current	data source
aws_region.current	data source

Inputs

Name	Description	Type	Default	Required
extra_access_entries	EKS access entries needed by IAM roles interacting with this cluster	list(object({ principal_arn = string kubernetes_groups = optional(list(string)) policy_arn = string access_scope_type = string access_scope_namespaces = optional(list(string)) }))	[]	no
initial_instance_types	instance types of the initial managed node group	list(string)	n/a	yes
initial_node_desired_size	desired size of the initial managed node group	number	3	no
initial_node_labels	labels for the initial managed node group	map(string)	{ "kube-ovn/role": "master" }	no
initial_node_max_size	max size of the initial managed node group	number	6	no
initial_node_min_size	minimum size of the initial managed node group	number	2	no
initial_node_taints	taints for the initial managed node group	list(object({ key = string, value = string, effect = string }))	[ { "effect": "NO_SCHEDULE", "key": "CriticalAddonsOnly", "value": "true" }, { "effect": "NO_SCHEDULE", "key": "nidhogg.uswitch.com/kube-system.kube-multus-ds", "value": "true" } ]	no
s3_csi_driver_bucket_arns	existing buckets the s3 CSI driver should have access to	list(string)	[]	no
s3_csi_driver_create_bucket	create a new bucket for use with the s3 CSI driver	bool	true	no
stack_admin_arns	arn to the roles for the cluster admins role	list(string)	[]	no
stack_ci_admin_arn	arn to the ci role	string	n/a	yes
stack_ci_ro_arn	arn to the ci role for planning on PRs	string	n/a	yes
stack_create	should resources be created	bool	true	no
stack_name	Name of the stack	string	"foundation-stack"	no
stack_ro_arns	arn to the roles for the cluster read only role	list(string)	[]	no
stack_tags	tags to be added to the stack, should at least have Owner and Environment	map(any)	{ "Environment": "prod", "Owner": "pelotech" }	no
stack_vpc_block	Variables for defining the vpc for the stack	object({ cidr = string azs = list(string) private_subnets = list(string) public_subnets = list(string) database_subnets = list(string) })	{ "azs": [ "us-west-2a", "us-west-2b", "us-west-2c" ], "cidr": "172.16.0.0/16", "database_subnets": [ "172.16.200.0/24", "172.16.201.0/24", "172.16.202.0/24" ], "private_subnets": [ "172.16.0.0/24", "172.16.1.0/24", "172.16.2.0/24" ], "public_subnets": [ "172.16.100.0/24", "172.16.101.0/24", "172.16.102.0/24" ] }	no
vpc_endpoints	vpc endpoints within the cluster vpc network	list(string)	[]	no

Outputs

No outputs.