Initial commit from kro/examples/aws/eks-cluster-mgmt

2026-04-21 09:55:53 -03:00
parent 0585444299
commit 7d11fd5889
66 changed files with 3667 additions and 0 deletions
@@ -0,0 +1,55 @@
+module "eks" {
+  #checkov:skip=CKV_TF_1:We are using version control for those modules
+  #checkov:skip=CKV_TF_2:We are using version control for those modules
+  source  = "terraform-aws-modules/eks/aws"
+  version = "~> 21.10.1"
+
+  name                            = local.name
+  kubernetes_version              = local.cluster_version
+  endpoint_public_access  = true
+
+  vpc_id     = module.vpc.vpc_id
+  subnet_ids = module.vpc.private_subnets
+
+  enable_cluster_creator_admin_permissions = true
+
+  compute_config = {
+    enabled    = true
+    node_pools = ["general-purpose", "system"]
+  }
+
+  tags = {
+    Blueprint  = local.name
+    GithubRepo = "https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest"
+  }
+}
+
+################################################################################
+# Supporting Resources
+################################################################################
+module "vpc" {
+  source  = "terraform-aws-modules/vpc/aws"
+  version = "~> 5.0"
+
+  name = local.name
+  cidr = local.vpc_cidr
+
+  azs             = local.azs
+  private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)]
+  public_subnets  = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 48)]
+
+  enable_nat_gateway = true
+  single_nat_gateway = true
+
+  public_subnet_tags = {
+    "kubernetes.io/role/elb" = 1
+  }
+
+  private_subnet_tags = {
+    "kubernetes.io/role/internal-elb" = 1
+    # Tags subnets for Karpenter auto-discovery
+    "karpenter.sh/discovery" = local.name
+  }
+
+  tags = local.tags
+}