| eks_cluster_version |
Kubernetes version to set for the cluster |
string |
"1.35" |
no |
| extra_access_entries |
EKS access entries needed by IAM roles interacting with this cluster |
list(object({
principal_arn = string
kubernetes_groups = optional(list(string))
policy_associations = optional(map(object({
policy_arn = string
access_scope = object({
type = string
namespaces = optional(list(string))
})
})), {})
})) |
[] |
no |
| initial_instance_types |
instance types of the initial managed node group |
list(string) |
n/a |
yes |
| initial_node_desired_size |
desired size of the initial managed node group |
number |
3 |
no |
| initial_node_labels |
labels for the initial managed node group |
map(string) |
{
"kube-ovn/role": "master"
} |
no |
| initial_node_max_size |
max size of the initial managed node group |
number |
6 |
no |
| initial_node_min_size |
minimum size of the initial managed node group |
number |
2 |
no |
| initial_node_taints |
taints for the initial managed node group |
map(object({ key = string, value = string, effect = string })) |
{
"criticalAddonsOnly": {
"effect": "NO_SCHEDULE",
"key": "CriticalAddonsOnly",
"value": "true"
},
"nidhogg": {
"effect": "NO_SCHEDULE",
"key": "nidhogg.uswitch.com/kube-system.kube-multus-ds",
"value": "true"
}
} |
no |
| s3_csi_driver_bucket_arns |
existing buckets the s3 CSI driver should have access to |
list(string) |
[] |
no |
| s3_csi_driver_create_bucket |
create a new bucket for use with the s3 CSI driver |
bool |
true |
no |
| stack_admin_arns |
arn to the roles for the cluster admins role |
list(string) |
[] |
no |
| stack_create |
should resources be created |
bool |
true |
no |
| stack_enable_cluster_kms |
Should secrets be encrypted by kms in the cluster |
bool |
true |
no |
| stack_enable_default_eks_managed_node_group |
Ability to disable default node group |
bool |
true |
no |
| stack_existing_vpc_config |
Setting the VPC |
object({
vpc_id = string
subnet_ids = list(string)
}) |
null |
no |
| stack_name |
Name of the stack |
string |
"foundation-stack" |
no |
| stack_pelotech_nat_ami_name_filter |
ami name filter to find the correct ami |
string |
"fck-nat-al2023-hvm-*" |
no |
| stack_pelotech_nat_ami_owner_id |
Owner ID to search of ami |
string |
"568608671756" |
no |
| stack_pelotech_nat_enabled |
Use pelotech-nat as NAT instances instead of NAT gateway |
bool |
false |
no |
| stack_pelotech_nat_instance_type |
choose instance based on bandwitch requirements |
string |
"t4g.micro" |
no |
| stack_ro_arns |
arn to the roles for the cluster read only role, these will also have KMS readonly access for CI plan purposes, more limited access should use the extra entries |
list(string) |
[] |
no |
| stack_tags |
tags to be added to the stack, should at least have Owner and Environment |
map(any) |
{
"Environment": "prod",
"Owner": "pelotech"
} |
no |
| stack_use_vpc_cni_max_pods |
Set to true if using the vpc cni - otherwise defaults to 110 max pods |
bool |
false |
no |
| stack_vpc_block |
Variables for defining the vpc for the stack |
object({
cidr = string
azs = list(string)
private_subnets = list(string)
public_subnets = list(string)
database_subnets = list(string)
}) |
{
"azs": [
"us-west-2a",
"us-west-2b",
"us-west-2c"
],
"cidr": "172.16.0.0/16",
"database_subnets": [
"172.16.200.0/24",
"172.16.201.0/24",
"172.16.202.0/24"
],
"private_subnets": [
"172.16.0.0/24",
"172.16.1.0/24",
"172.16.2.0/24"
],
"public_subnets": [
"172.16.100.0/24",
"172.16.101.0/24",
"172.16.102.0/24"
]
} |
no |
| vpc_endpoints |
vpc endpoints within the cluster vpc network, note: this only works when using the internal created VPC |
list(string) |
[] |
no |
