terraform-aws-eks
terraform-provider-aws
Our great sponsors
terraform-aws-eks | terraform-provider-aws | |
---|---|---|
69 | 98 | |
4,103 | 9,410 | |
2.8% | 2.5% | |
8.7 | 10.0 | |
8 days ago | 1 day ago | |
HCL | Go | |
Apache License 2.0 | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
terraform-aws-eks
- Need suggestions for managing eks terraform module
-
What's everyone's favorite EKS Terraform module these days?
cloudposse module was popular but most have moved to https://github.com/terraform-aws-modules/terraform-aws-eks also eks blueprints will be moving to this module. use eks blueprints v5
-
The Future of Terraform: ClickOps
That's a very simplistic view. Let's do a small thought exercise. Is this module not infrastructure?
-
How are most EKS clusters deployed?
If you want somewhat viable setup - I'd go for terraform-aws-modules (Anton did an awesome job), and aws-ia blueprints, especially those multi-tenant ones.
-
I am stuck on learning how to provision K8s in AWS. Security groups? ALB? ACM? R53?
βhttps://github.com/terraform-aws-modules/terraform-aws-eks
-
Docker for Rancher?
I'd suggest move from rancher to EKS Anywhere and the respective Cluster API providers... Self-managed node pools on top of bottlerocket can be established using common terraform-aws-eks module, otherwise.
-
Why is EKS (and AWS in general) so much more convoluted than GKE/GCP?
If you're looking for a more "batteries included" EKS setup, and you're using Terraform, take a look at the terraform-aws-eks module. It's still not quite as simple as GKE, but it'll get you quite a bit of the way there - especially when it comes to, e.g., creating the OIDC trusts and IAM policies for various components like the Cluster Autoscaler.
I would highly recommend taking a look at the Terraform module https://github.com/terraform-aws-modules/terraform-aws-eks.
-
Terraform Module Template
You are right for a public module as a git repo, but I rarely use public modules. Most are overally complicated and low on readability. Also the greater complexity leads to more bugs. I am also not a fan of using modules directly from upstream git repository. I don't trust them to not break it or move it. The main exception I have found to not using public modules is https://github.com/terraform-aws-modules/terraform-aws-eks. EKS is inherently so complex that is worth using a very complex module.
- [EKS] coredns still requires a patch to remove the ec2 compute type annotation if you'l want a fargate only deployment.
terraform-provider-aws
-
Authorization and Amazon Verified Permissions - A New Way to Manage Permissions Part XII: Terraform
If we check the support for the Terraform AWS Provider here (state for the date of publishing this article), we will see that the service is not yet fully supported. Last week, after more than half a year, support for creating a policy store was added. Additionally, we have the configuration to add template policies. However, the identity source is in the form of a PR draft, and there is no PR yet for the ability to create policies.
- 10 Ways for Kubernetes Declarative Configuration Management
-
HashiCorp silently amend Terraform Registry TOS
https://github.com/hashicorp/terraform-provider-aws/issues/3...
The size is what you get when you add every single AWS Go client into one binary.
Each service client like 1-2MB. But when you have 200 services....
-
A Cloud Development Troubleshooting Treasure Hunt
Well, at least we now have a promising lead. Some diligent googling and browsing through Github issues in the AWS provider project yielded no directly related findings. However, I did come across a few recent bug reports about the recent change AWS made regarding the treatment of public buckets. And interestingly, they described precisely the behavior I was encountering.
-
Converting Full Terraform Programs to Pulumi
> We're coming up on 10000 resources in our main Terraform repository and while there is definitely some friction, it's overall much better than having to hit the cloud API's to gather each of those states which would probably take at least an order of magnitude longer.
I don't think that's necessary true. Most cloud API's actually can return hundreds of records with 1 API calls, e.g. https://docs.aws.amazon.com/elasticloadbalancing/latest/APIR... has a maximum page size of 400.
If I manage the cloud resources via some custom tools and/or with some ansible-fu, I can decide to batch the API calls when it makes sense.
With terraform, it is not possible to do so (https://github.com/hashicorp/terraform-plugin-sdk/issues/66, https://github.com/hashicorp/terraform-provider-aws/issues/2...).
-
HEADS UP: Terraform AWS Provider 5.0.0
Release notes - https://github.com/hashicorp/terraform-provider-aws/releases/tag/v5.0.0
The only footgun I know of is changing the behavior of RDS instances created from snapshots. Force replacement on snapshot_identifier change for DB cluster resources will fuck up your world if you use a data source for snapshot_identifier since yesterday it would ignore any updates and today it will happily destroy your database (and, because AWS, all of the automated snapshots thereof) when the data identifier changes out from under it. π
-
Any tools out there, or better ways, to unit test IAM policy documents?
A while back I wrote a PR for the AWS provider to expose the policy simulator directly inside Terraform: https://github.com/hashicorp/terraform-provider-aws/pull/25569
-
Weird warning after running pulumi preview
The reason you see that is because the AWS Classic provider (pulumi_aws) is built on top of the open-source terraform-provider-aws (via the Terraform bridge you identified), and terraform-provider-aws is emitting that notice at runtime. Not all Pulumi providers are built from Terraform providers, however, but some, like this one, still are. (There's a notice at the bottom of the page for each resource where this is the case.) It works like this:
-
Script or software that automatically populate specific profile in ~/.aws/credentials
See: * https://github.com/hashicorp/terraform-provider-aws/issues/10491 * https://github.com/Sceptre/sceptre/issues/674
What are some alternatives?
terragrunt-infrastructure-modules-example - A repo used to show examples file/folder structures you can use with Terragrunt and Terraform
eksctl - The official CLI for Amazon EKS
terraform-aws-cloudwatch - Terraform module to create AWS Cloudwatch resources πΊπ¦
terraform-aws-eks-blueprints - Configure and deploy complete EKS clusters.
eks-alb-istio-with-tls - This repository demonstrate how to configure end-to-end encryption on EKS platform using TLS certificate from Amazon Certificate Manager, AWS Application LoadBalancer and Istio as service mesh.
terraform-aws-security-group - This terraform module creates set of Security Group and Security Group Rules resources in various combinations.
crossplane - The Cloud Native Control Plane
eks-v17-v18-migrate - How to migrate from v17 to v18 of `terraform-aws-eks` module
terraform-provider-flux - Terraform provider for bootstrapping Flux
terraform-provider-lastpass - Terraform Lastpass provider
cognito-custom-email-sender-lambda - AWS Cognito custom email sender Lambda trigger
kubesphere - The container platform tailored for Kubernetes multi-cloud, datacenter, and edge management β π₯ βοΈ