Added support for EKS API and configmap

truefoundry · Jul 2, 2024 · e120951 · e120951
1 parent 84248a4
commit e120951
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 8 deletions.
diff --git a/eks.tf b/eks.tf
@@ -4,7 +4,7 @@
 
 module "aws-eks-kubernetes-cluster" {
   source                                = "terraform-aws-modules/eks/aws"
-  version                               = "v19.17.2"
+  version                               = "v20.15.0"
   cluster_name                          = var.cluster_name
   cluster_version                       = var.cluster_version
   cluster_enabled_log_types             = var.cluster_enabled_log_types
@@ -25,9 +25,12 @@ module "aws-eks-kubernetes-cluster" {
   eks_managed_node_group_defaults        = var.eks_managed_node_group_defaults
   eks_managed_node_groups                = var.eks_managed_node_groups
 
-  cluster_security_group_additional_rules = merge(local.cluster_security_group_additional_rules, var.cluster_security_group_additional_rules)
-  node_security_group_additional_rules    = merge(local.node_security_group_additional_rules, var.node_security_group_additional_rules)
-  node_security_group_tags                = var.node_security_group_tags
+  cluster_security_group_additional_rules  = merge(local.cluster_security_group_additional_rules, var.cluster_security_group_additional_rules)
+  node_security_group_additional_rules     = merge(local.node_security_group_additional_rules, var.node_security_group_additional_rules)
+  node_security_group_tags                 = var.node_security_group_tags
+  enable_cluster_creator_admin_permissions = true
+  authentication_mode                      = var.cluster_authentication_mode
+  access_entries                           = var.cluster_access_entries
   fargate_profiles = var.karpenter_fargate_profile_enabled ? {
     karpenter = {
       create       = true

diff --git a/output.tf b/output.tf
@@ -169,7 +169,7 @@ output "self_managed_node_groups" {
 # Additional
 ################################################################################
 
-output "aws_auth_configmap_yaml" {
-  description = "Formatted yaml output for base aws-auth configmap containing roles used in cluster node groups/fargate profiles"
-  value       = module.aws-eks-kubernetes-cluster.aws_auth_configmap_yaml
+output "aws_access_entries" {
+  description = "Access entries for the EKS cluster security group"
+  value       = module.aws-eks-kubernetes-cluster.access_entries
 }
diff --git a/variables.tf b/variables.tf
@@ -51,6 +51,17 @@ variable "cluster_version" {
   default     = "1.30"
 }
 
+variable "cluster_authentication_mode" {
+  description = "value of the authentication mode for the EKS cluster"
+  type        = string
+  default     = "API_AND_CONFIG_MAP"
+}
+
+variable "cluster_access_entries" {
+  description = "value of the access entries for the EKS cluster"
+  type        = any
+  default     = {}
+}
 ################################################################################
 # CloudWatch Log Group
 ################################################################################

diff --git a/versions.tf b/versions.tf
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "5.17.0"
+      version = "5.56.1"
     }
   }
 }