39 lines
1.3 KiB
Terraform
39 lines
1.3 KiB
Terraform
|
resource "aws_eks_cluster" "eks_cluster" {
|
||
|
|
name = "eks-cluster-${var.environment}"
|
||
|
|
|
||
|
|
role_arn = aws_iam_role.eks_role.arn
|
||
|
|
|
||
|
|
vpc_config {
|
||
|
|
subnet_ids = [for subnet in aws_subnet.subnets : subnet.id]
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_node_group
|
||
|
|
resource "aws_eks_node_group" "eks_cluster" {
|
||
|
|
cluster_name = aws_eks_cluster.eks_cluster.name
|
||
|
|
node_group_name = "eks_cluster-${var.environment}"
|
||
|
|
node_role_arn = aws_iam_role.eks_role.arn
|
||
|
|
subnet_ids = [for subnet in aws_subnet.subnets : subnet.id]
|
||
|
|
|
||
|
|
instance_types = ["t2.small"] # Free tiers
|
||
|
|
|
||
|
|
remote_access {
|
||
|
|
ec2_ssh_key = aws_key_pair.ssh.id
|
||
|
|
# TODO: define source_security_group_ids; Undefined but with a key, port 22 is opened WW.
|
||
|
|
}
|
||
|
|
|
||
|
|
scaling_config {
|
||
|
|
desired_size = 1
|
||
|
|
max_size = 1
|
||
|
|
min_size = 1
|
||
|
|
}
|
||
|
|
|
||
|
|
# Ensure that IAM Role permissions are created before and deleted after EKS Node Group handling.
|
||
|
|
# Otherwise, EKS will not be able to properly delete EC2 Instances and Elastic Network Interfaces.
|
||
|
|
depends_on = [
|
||
|
|
aws_iam_role_policy_attachment.eks-AmazonEKSWorkerNodePolicy,
|
||
|
|
aws_iam_role_policy_attachment.eks-AmazonEKS_CNI_Policy,
|
||
|
|
aws_iam_role_policy_attachment.eks-AmazonEC2ContainerRegistryReadOnly,
|
||
|
|
]
|
||
|
|
}
|