See here for more details on the changes to EKS Blueprints. While we work on incorprating the changes requested by users, we want to avoid unecessary disruptive changes. Therefore, we are working to incorporate as many changes as possible into the release of this module so that users only need to make this change once. Please feel free to try out the module as we develop it and leave any feedback, comments, requests. We look forward to providing an improved experience very soon! Thank you for your patience for for using EKS Blueprints!
Please note: not all addons will be supported as they are today in the main EKS Blueprints repository. We will have guidance and documentation that explains the changes, how to migrate/upgrade, and demonstrates the different options for addons that are no longer natively supported in this project.
| Name | Version |
|---|---|
| terraform | >= 1.0 |
| aws | >= 4.47 |
| Name | Version |
|---|---|
| aws | >= 4.47 |
| Name | Source | Version |
|---|---|---|
| argo_rollouts | ./modules/eks-blueprints-addon | n/a |
| argo_workflows | ./modules/eks-blueprints-addon | n/a |
| argocd | ./modules/argocd | n/a |
| aws_for_fluent_bit | ./modules/aws-for-fluentbit | n/a |
| aws_load_balancer_controller | ./modules/eks-blueprints-addon | n/a |
| aws_node_termination_handler | ./modules/eks-blueprints-addon | n/a |
| aws_node_termination_handler_sqs | terraform-aws-modules/sqs/aws | 4.0.1 |
| aws_privateca_issuer | ./modules/aws-privateca-issuer | n/a |
| cert_manager | ./modules/eks-blueprints-addon | n/a |
| cloudwatch_metrics | ./modules/eks-blueprints-addon | n/a |
| cluster_autoscaler | ./modules/eks-blueprints-addon | n/a |
| csi_secrets_store_provider_aws | ./modules/csi-secrets-store-provider-aws | n/a |
| efs_csi_driver | ./modules/eks-blueprints-addon | n/a |
| external_dns | ./modules/eks-blueprints-addon | n/a |
| external_secrets | ./modules/eks-blueprints-addon | n/a |
| fargate_fluentbit | ./modules/fargate-fluentbit | n/a |
| fsx_csi_driver | ./modules/eks-blueprints-addon | n/a |
| gatekeeper | ./modules/gatekeeper | n/a |
| grafana | ./modules/grafana | n/a |
| ingress_nginx | ./modules/ingress-nginx | n/a |
| kube_prometheus_stack | ./modules/kube-prometheus-stack | n/a |
| metrics_server | ./modules/metrics-server | n/a |
| opentelemetry_operator | ./modules/opentelemetry-operator | n/a |
| prometheus | ./modules/prometheus | n/a |
| promtail | ./modules/promtail | n/a |
| secrets_store_csi_driver | ./modules/eks-blueprints-addon | n/a |
| velero | ./modules/velero | n/a |
| vpa | ./modules/vpa | n/a |
| Name | Type |
|---|---|
| aws_autoscaling_group_tag.aws_node_termination_handler | resource |
| aws_autoscaling_lifecycle_hook.aws_node_termination_handler | resource |
| aws_cloudwatch_event_rule.aws_node_termination_handler | resource |
| aws_cloudwatch_event_target.aws_node_termination_handler | resource |
| aws_eks_addon.this | resource |
| aws_caller_identity.current | data source |
| aws_eks_addon_version.this | data source |
| aws_iam_policy_document.aws_load_balancer_controller | data source |
| aws_iam_policy_document.aws_node_termination_handler | data source |
| aws_iam_policy_document.cert_manager | data source |
| aws_iam_policy_document.cluster_autoscaler | data source |
| aws_iam_policy_document.efs_csi_driver | data source |
| aws_iam_policy_document.external_dns | data source |
| aws_iam_policy_document.external_secrets | data source |
| aws_iam_policy_document.fsx_csi_driver | data source |
| aws_partition.current | data source |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| amazon_eks_adot_config | Configuration for Amazon EKS ADOT add-on | any |
{} |
no |
| amazon_prometheus_workspace_endpoint | AWS Managed Prometheus WorkSpace Endpoint | string |
null |
no |
| argo_rollouts | Argo Rollouts addon configuration values | any |
{} |
no |
| argo_workflows | Argo Workflows addon configuration values | any |
{} |
no |
| argocd_applications | Argo CD Applications config to bootstrap the cluster | any |
{} |
no |
| argocd_helm_config | Argo CD Kubernetes add-on config | any |
{} |
no |
| argocd_manage_add_ons | Enable managing add-on configuration via ArgoCD App of Apps | bool |
false |
no |
| argocd_projects | Argo CD Project config to bootstrap the cluster | any |
{} |
no |
| aws_for_fluentbit_create_cw_log_group | Set to false to use existing CloudWatch log group supplied via the cw_log_group_name variable. | bool |
true |
no |
| aws_for_fluentbit_cw_log_group_kms_key_arn | FluentBit CloudWatch Log group KMS Key | string |
null |
no |
| aws_for_fluentbit_cw_log_group_name | FluentBit CloudWatch Log group name | string |
null |
no |
| aws_for_fluentbit_cw_log_group_retention | FluentBit CloudWatch Log group retention period | number |
90 |
no |
| aws_for_fluentbit_cw_log_group_skip_destroy | Set to true if you do not wish the log group (and any logs it may contain) to be deleted at destroy time | bool |
true |
no |
| aws_for_fluentbit_helm_config | AWS for FluentBit Helm Chart config | any |
{} |
no |
| aws_for_fluentbit_irsa_policies | Additional IAM policies for a IAM role for service accounts | list(string) |
[] |
no |
| aws_load_balancer_controller | AWS Loadbalancer Controller addon configuration values | any |
{} |
no |
| aws_node_termination_handler | AWS Node Termination Handler addon configuration values | any |
{} |
no |
| aws_node_termination_handler_asg_arns | List of Auto Scaling group ARNs that AWS Node Termination Handler will monitor for EC2 events | list(string) |
[] |
no |
| aws_node_termination_handler_sqs | AWS Node Termination Handler SQS queue configuration values | any |
{} |
no |
| aws_privateca_acmca_arn | ARN of AWS ACM PCA | string |
"" |
no |
| aws_privateca_issuer_helm_config | PCA Issuer Helm Chart config | any |
{} |
no |
| aws_privateca_issuer_irsa_policies | IAM policy ARNs for AWS ACM PCA IRSA | list(string) |
[] |
no |
| cert_manager | cert-manager addon configuration values | any |
{} |
no |
| cert_manager_route53_hosted_zone_arns | List of Route53 Hosted Zone ARNs that are used by cert-manager to create DNS records | list(string) |
[ |
no |
| cloudwatch_metrics | Cloudwatch Metrics addon configuration values | any |
{} |
no |
| cluster_autoscaler | Cluster Autoscaler addon configuration values | any |
{} |
no |
| cluster_endpoint | Endpoint for your Kubernetes API server | string |
n/a | yes |
| cluster_name | Name of the EKS cluster | string |
n/a | yes |
| cluster_version | Kubernetes <major>.<minor> version to use for the EKS cluster (i.e.: 1.24) |
string |
n/a | yes |
| csi_secrets_store_provider_aws_helm_config | CSI Secrets Store Provider AWS Helm Configurations | any |
null |
no |
| efs_csi_driver | EFS CSI Driver addon configuration values | any |
{} |
no |
| eks_addons | Map of EKS addon configurations to enable for the cluster. Addon name can be the map keys or set with name |
any |
{} |
no |
| eks_addons_timeouts | Create, update, and delete timeout configurations for the EKS addons | map(string) |
{} |
no |
| enable_amazon_eks_adot | Enable Amazon EKS ADOT addon | bool |
false |
no |
| enable_amazon_prometheus | Enable AWS Managed Prometheus service | bool |
false |
no |
| enable_argo_rollouts | Enable Argo Rollouts add-on | bool |
false |
no |
| enable_argo_rollouts_gitops | Enable Argo Rollouts using GitOps add-on | bool |
false |
no |
| enable_argo_workflows | Enable Argo workflows add-on | bool |
false |
no |
| enable_argo_workflows_gitops | Enable Argo Workflows using GitOps add-on | bool |
false |
no |
| enable_argocd | Enable Argo CD Kubernetes add-on | bool |
false |
no |
| enable_aws_for_fluentbit | Enable AWS for FluentBit add-on | bool |
false |
no |
| enable_aws_load_balancer_controller | Enable AWS Load Balancer Controller add-on | bool |
false |
no |
| enable_aws_load_balancer_controller_gitops | AWS Load Balancer Controllerusing GitOps add-on | bool |
false |
no |
| enable_aws_node_termination_handler | Enable AWS Node Termination Handler add-on | bool |
false |
no |
| enable_aws_node_termination_handler_gitops | Enable AWS Node Termination Handler using GitOps add-on | bool |
false |
no |
| enable_aws_privateca_issuer | Enable PCA Issuer | bool |
false |
no |
| enable_cert_manager | Enable cert-manager add-on | bool |
false |
no |
| enable_cert_manager_gitops | Enable cert-manager using GitOps add-on | bool |
false |
no |
| enable_cloudwatch_metrics | Enable AWS Cloudwatch Metrics add-on for Container Insights | bool |
false |
no |
| enable_cloudwatch_metrics_gitops | Enable Cloudwatch Metrics using GitOps add-on | bool |
false |
no |
| enable_cluster_autoscaler | Enable Cluster autoscaler add-on | bool |
false |
no |
| enable_cluster_autoscaler_gitops | Enable Cluster Autoscaler using GitOps add-on | bool |
false |
no |
| enable_efs_csi_driver | Enable AWS EFS CSI Driver add-on | bool |
false |
no |
| enable_efs_csi_driver_gitops | Enable EFS CSI Driver using GitOps add-on | bool |
false |
no |
| enable_external_dns | Enable external-dns operator add-on | bool |
false |
no |
| enable_external_dns_gitops | Enable external-dns using GitOps add-on | bool |
false |
no |
| enable_external_secrets | Enable External Secrets operator add-on | bool |
false |
no |
| enable_fargate_fluentbit | Enable Fargate FluentBit add-on | bool |
false |
no |
| enable_fsx_csi_driver | Enable AWS FSX CSI Driver add-on | bool |
false |
no |
| enable_fsx_csi_driver_gitops | Enable FSX CSI Driver using GitOps add-on | bool |
false |
no |
| enable_gatekeeper | Enable Gatekeeper add-on | bool |
false |
no |
| enable_grafana | Enable Grafana add-on | bool |
false |
no |
| enable_ingress_nginx | Enable Ingress Nginx add-on | bool |
false |
no |
| enable_kube_prometheus_stack | Enable Community kube-prometheus-stack add-on | bool |
false |
no |
| enable_metrics_server | Enable metrics server add-on | bool |
false |
no |
| enable_opentelemetry_operator | Enable opentelemetry operator add-on | bool |
false |
no |
| enable_prometheus | Enable Community Prometheus add-on | bool |
false |
no |
| enable_promtail | Enable Promtail add-on | bool |
false |
no |
| enable_secrets_store_csi_driver | Enable CSI Secrets Store Provider | bool |
false |
no |
| enable_secrets_store_csi_driver_gitops | Enable CSI Secrets Store Provider GitOps add-on | bool |
false |
no |
| enable_secrets_store_csi_driver_provider_aws | Enable AWS CSI Secrets Store Provider | bool |
false |
no |
| enable_velero | Enable Kubernetes Dashboard add-on | bool |
false |
no |
| enable_vpa | Enable Vertical Pod Autoscaler add-on | bool |
false |
no |
| external_dns | external-dns addon configuration values | any |
{} |
no |
| external_dns_route53_zone_arns | List of Route53 zones ARNs which external-dns will have access to create/manage records (if using Route53) | list(string) |
[] |
no |
| external_secrets | External Secrets addon configuration values | any |
{} |
no |
| external_secrets_kms_key_arns | List of KMS Key ARNs that are used by Secrets Manager that contain secrets to mount using External Secrets | list(string) |
[ |
no |
| external_secrets_secrets_manager_arns | List of Secrets Manager ARNs that contain secrets to mount using External Secrets | list(string) |
[ |
no |
| external_secrets_ssm_parameter_arns | List of Systems Manager Parameter ARNs that contain secrets to mount using External Secrets | list(string) |
[ |
no |
| fargate_fluentbit_addon_config | Fargate fluentbit add-on config | any |
{} |
no |
| fsx_csi_driver | FSX CSI Driver addon configuration values | any |
{} |
no |
| gatekeeper_helm_config | Gatekeeper Helm Chart config | any |
{} |
no |
| grafana_helm_config | Kubernetes Grafana Helm Chart config | any |
null |
no |
| grafana_irsa_policies | IAM policy ARNs for grafana IRSA | list(string) |
[] |
no |
| ingress_nginx_helm_config | Ingress Nginx Helm Chart config | any |
{} |
no |
| irsa_iam_permissions_boundary | IAM permissions boundary for IRSA roles | string |
"" |
no |
| irsa_iam_role_path | IAM role path for IRSA roles | string |
"/" |
no |
| kube_prometheus_stack_helm_config | Community kube-prometheus-stack Helm Chart config | any |
{} |
no |
| metrics_server_helm_config | Metrics Server Helm Chart config | any |
{} |
no |
| oidc_provider | The OpenID Connect identity provider (issuer URL without leading https://) |
string |
n/a | yes |
| oidc_provider_arn | The ARN of the cluster OIDC Provider | string |
n/a | yes |
| opentelemetry_operator_helm_config | Opentelemetry Operator Helm Chart config | any |
{} |
no |
| prometheus_helm_config | Community Prometheus Helm Chart config | any |
{} |
no |
| promtail_helm_config | Promtail Helm Chart config | any |
{} |
no |
| secrets_store_csi_driver | CSI Secrets Store Provider add-on configurations | any |
{} |
no |
| tags | A map of tags to add to all resources | map(string) |
{} |
no |
| velero_backup_s3_bucket | Bucket name for velero bucket | string |
"" |
no |
| velero_helm_config | Kubernetes Velero Helm Chart config | any |
null |
no |
| velero_irsa_policies | IAM policy ARNs for velero IRSA | list(string) |
[] |
no |
| vpa_helm_config | VPA Helm Chart config | any |
null |
no |
| Name | Description |
|---|---|
| argo_rollouts | Map of attributes of the Helm release created |
| argo_workflows | Map of attributes of the Helm release created |
| argocd | Map of attributes of the Helm release created |
| argocd_addon_config | ArgoCD addon config options |
| aws_for_fluent_bit | Map of attributes of the Helm release and IRSA created |
| aws_load_balancer_controller | Map of attributes of the Helm release and IRSA created |
| aws_node_termination_handler | Map of attributes of the Helm release and IRSA created |
| aws_privateca_issuer | Map of attributes of the Helm release and IRSA created |
| cert_manager | Map of attributes of the Helm release and IRSA created |
| cloudwatch_metrics | Map of attributes of the Helm release and IRSA created |
| cluster_autoscaler | Map of attributes of the Helm release and IRSA created |
| csi_secrets_store_provider_aws | Map of attributes of the Helm release and IRSA created |
| efs_csi_driver | Map of attributes of the Helm release and IRSA created |
| eks_addons | Map of attributes for each EKS addons enabled |
| external_dns | Map of attributes of the Helm release and IRSA created |
| external_secrets | Map of attributes of the Helm release and IRSA created |
| fargate_fluentbit | Map of attributes of the Helm release and IRSA created |
| fsx_csi_driver | Map of attributes of the Helm release and IRSA created |
| gatekeeper | Map of attributes of the Helm release and IRSA created |
| grafana | Map of attributes of the Helm release and IRSA created |
| ingress_nginx | Map of attributes of the Helm release and IRSA created |
| kube_prometheus_stack | Map of attributes of the Helm release and IRSA created |
| metrics_server | Map of attributes of the Helm release and IRSA created |
| opentelemetry_operator | Map of attributes of the Helm release and IRSA created |
| prometheus | Map of attributes of the Helm release and IRSA created |
| promtail | Map of attributes of the Helm release and IRSA created |
| secrets_store_csi_driver | Map of attributes of the Helm release and IRSA created |
| velero | Map of attributes of the Helm release and IRSA created |
| vpa | Map of attributes of the Helm release and IRSA created |