Skip to content

Commit

Permalink
feat: Add support bootstrap_self_managed_addons (#236)
Browse files Browse the repository at this point in the history
* feat: Add support bootstrap_self_managed_addons

* feat: adjust variable to naming convention

* feat: change variable name
  • Loading branch information
sergeyrudenko111 authored Aug 24, 2024
1 parent 98ef10c commit 76ed997
Show file tree
Hide file tree
Showing 6 changed files with 25 additions and 8 deletions.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -411,6 +411,7 @@ Available targets:
| <a name="input_allowed_security_group_ids"></a> [allowed\_security\_group\_ids](#input\_allowed\_security\_group\_ids) | A list of IDs of Security Groups to allow access to the cluster. | `list(string)` | `[]` | no |
| <a name="input_associated_security_group_ids"></a> [associated\_security\_group\_ids](#input\_associated\_security\_group\_ids) | A list of IDs of Security Groups to associate the cluster with.<br>These security groups will not be modified. | `list(string)` | `[]` | no |
| <a name="input_attributes"></a> [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,<br>in the order they appear in the list. New attributes are appended to the<br>end of the list. The elements of the list are joined by the `delimiter`<br>and treated as a single ID element. | `list(string)` | `[]` | no |
| <a name="input_bootstrap_self_managed_addons_enabled"></a> [bootstrap\_self\_managed\_addons\_enabled](#input\_bootstrap\_self\_managed\_addons\_enabled) | Manages bootstrap of default networking addons after cluster has been created | `bool` | `null` | no |
| <a name="input_cloudwatch_log_group_class"></a> [cloudwatch\_log\_group\_class](#input\_cloudwatch\_log\_group\_class) | Specified the log class of the log group. Possible values are: `STANDARD` or `INFREQUENT_ACCESS` | `string` | `null` | no |
| <a name="input_cloudwatch_log_group_kms_key_id"></a> [cloudwatch\_log\_group\_kms\_key\_id](#input\_cloudwatch\_log\_group\_kms\_key\_id) | If provided, the KMS Key ID to use to encrypt AWS CloudWatch logs | `string` | `null` | no |
| <a name="input_cluster_attributes"></a> [cluster\_attributes](#input\_cluster\_attributes) | Override label module default cluster attributes | `list(string)` | <pre>[<br> "cluster"<br>]</pre> | no |
Expand Down
2 changes: 2 additions & 0 deletions docs/terraform.md
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,8 @@
| <a name="input_allowed_security_group_ids"></a> [allowed\_security\_group\_ids](#input\_allowed\_security\_group\_ids) | A list of IDs of Security Groups to allow access to the cluster. | `list(string)` | `[]` | no |
| <a name="input_associated_security_group_ids"></a> [associated\_security\_group\_ids](#input\_associated\_security\_group\_ids) | A list of IDs of Security Groups to associate the cluster with.<br>These security groups will not be modified. | `list(string)` | `[]` | no |
| <a name="input_attributes"></a> [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,<br>in the order they appear in the list. New attributes are appended to the<br>end of the list. The elements of the list are joined by the `delimiter`<br>and treated as a single ID element. | `list(string)` | `[]` | no |
| <a name="input_bootstrap_self_managed_addons_enabled"></a> [bootstrap\_self\_managed\_addons\_enabled](#input\_bootstrap\_self\_managed\_addons\_enabled) | Manages bootstrap of default networking addons after cluster has been created | `bool` | `null` | no |
| <a name="input_cloudwatch_log_group_class"></a> [cloudwatch\_log\_group\_class](#input\_cloudwatch\_log\_group\_class) | Specified the log class of the log group. Possible values are: `STANDARD` or `INFREQUENT_ACCESS` | `string` | `null` | no |
| <a name="input_cloudwatch_log_group_kms_key_id"></a> [cloudwatch\_log\_group\_kms\_key\_id](#input\_cloudwatch\_log\_group\_kms\_key\_id) | If provided, the KMS Key ID to use to encrypt AWS CloudWatch logs | `string` | `null` | no |
| <a name="input_cluster_attributes"></a> [cluster\_attributes](#input\_cluster\_attributes) | Override label module default cluster attributes | `list(string)` | <pre>[<br> "cluster"<br>]</pre> | no |
| <a name="input_cluster_depends_on"></a> [cluster\_depends\_on](#input\_cluster\_depends\_on) | If provided, the EKS will depend on this object, and therefore not be created until this object is finalized.<br>This is useful if you want to ensure that the cluster is not created before some other condition is met, e.g. VPNs into the subnet are created. | `any` | `null` | no |
Expand Down
5 changes: 3 additions & 2 deletions examples/complete/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -110,8 +110,9 @@ module "eks_cluster" {
cluster_encryption_config_kms_key_policy = var.cluster_encryption_config_kms_key_policy
cluster_encryption_config_resources = var.cluster_encryption_config_resources

addons = local.addons
addons_depends_on = [module.eks_node_group]
addons = local.addons
addons_depends_on = [module.eks_node_group]
bootstrap_self_managed_addons_enabled = var.bootstrap_self_managed_addons_enabled

access_entry_map = local.access_entry_map
access_config = {
Expand Down
6 changes: 6 additions & 0 deletions examples/complete/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,12 @@ variable "addons" {
description = "Manages [`aws_eks_addon`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) resources."
}

variable "bootstrap_self_managed_addons_enabled" {
description = "Manages bootstrap of default networking addons after cluster has been created"
type = bool
default = null
}

variable "private_ipv6_enabled" {
type = bool
default = false
Expand Down
13 changes: 7 additions & 6 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -56,12 +56,13 @@ resource "aws_kms_alias" "cluster" {
resource "aws_eks_cluster" "default" {
#bridgecrew:skip=BC_AWS_KUBERNETES_1:Allow permissive security group for public access, difficult to restrict without a VPN
#bridgecrew:skip=BC_AWS_KUBERNETES_4:Let user decide on control plane logging, not necessary in non-production environments
count = local.enabled ? 1 : 0
name = module.label.id
tags = module.label.tags
role_arn = local.eks_service_role_arn
version = var.kubernetes_version
enabled_cluster_log_types = var.enabled_cluster_log_types
count = local.enabled ? 1 : 0
name = module.label.id
tags = module.label.tags
role_arn = local.eks_service_role_arn
version = var.kubernetes_version
enabled_cluster_log_types = var.enabled_cluster_log_types
bootstrap_self_managed_addons = var.bootstrap_self_managed_addons_enabled

access_config {
authentication_mode = var.access_config.authentication_mode
Expand Down
6 changes: 6 additions & 0 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -197,6 +197,12 @@ variable "addons_depends_on" {
default = null
}

variable "bootstrap_self_managed_addons_enabled" {
description = "Manages bootstrap of default networking addons after cluster has been created"
type = bool
default = null
}

variable "cluster_attributes" {
type = list(string)
description = "Override label module default cluster attributes"
Expand Down

0 comments on commit 76ed997

Please sign in to comment.