Testing

.gitignore

@@ -1,36 +1,40 @@
-# Local .terraform directories
-*.terraform
-**/.terraform/*
-
-# .tfstate files
-*.tfstate
-*.tfstate.*
-
-# Local .hcl configurations
-*.hcl
-
-# Crash log files
-crash.log
-
-# Crash log files
-crash.log
-
-# Ignore any .tfvars files that are generated automatically for each Terraform run. Most
-# .tfvars files are managed as part of configuration and so should be included in
-# version control.
-#
-# example.tfvars
-
-# Ignore override files as they are usually used to override resources locally and so
-# are not checked in
-override.tf
-override.tf.json
-*_override.tf
-*_override.tf.json
-
-# Include override files you do wish to add to version control using negated pattern
-#
-# !example_override.tf
-
-# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
-# example: *tfplan*
+# Local .terraform directories
+*.terraform
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Local .hcl configurations
+*.hcl
+
+# Crash log files
+crash.log
+
+# Crash log files
+crash.log
+
+# Ignore any .tfvars files that are generated automatically for each Terraform run. Most
+# .tfvars files are managed as part of configuration and so should be included in
+# version control.
+#
+# example.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+#
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+kubeconfig/*
+provider.tf
+backend.tf

README.md

@@ -1,2 +1,3 @@
 # terraform-aws-eks
  Hashicorp Terraform AWS EKS Module 
+Testing

cloudwatch.tf

@@ -1,10 +1,10 @@
-resource "aws_cloudwatch_log_group" "eks_cluster_cloudwatch_log_group" {
-  count             = length(var.eks_cluster_enabled_log_types) > 0 ? 1 : 0
-  name              = "/aws/eks/${var.eks_cluster_prefix}-${var.eks_cluster_environment}/cluster"
-  retention_in_days = var.eks_cluster_log_retention_in_days
+# resource "aws_cloudwatch_log_group" "eks_cluster_cloudwatch_log_group" {
+#   count             = length(var.eks_cluster_enabled_log_types) > 0 ? 1 : 0
+#   name              = "/aws/eks/${var.eks_cluster_prefix}-${var.eks_cluster_environment}/cluster"
+#   retention_in_days = var.eks_cluster_log_retention_in_days
 
-  tags = {
-    Name        = "${var.eks_cluster_prefix}-${var.eks_cluster_environment}"
-    Environment = var.eks_cluster_environment
-  }
-}
+#   tags = {
+#     Name        = "${var.eks_cluster_prefix}-${var.eks_cluster_environment}"
+#     Environment = var.eks_cluster_environment
+#   }
+# }

iam.tf

@@ -1,54 +1,54 @@
-data "aws_iam_policy_document" "eks_cluster_assume_role_policy" {
-  statement {
-    effect = "Allow"
-    principals {
-      type        = "Service"
-      identifiers = ["eks.amazonaws.com"]
-    }
-    actions = [
-      "sts:AssumeRole",
-    ]
-  }
-}
+# data "aws_iam_policy_document" "eks_cluster_assume_role_policy" {
+#   statement {
+#     effect = "Allow"
+#     principals {
+#       type        = "Service"
+#       identifiers = ["eks.amazonaws.com"]
+#     }
+#     actions = [
+#       "sts:AssumeRole",
+#     ]
+#   }
+# }
 
-data "aws_iam_policy_document" "eks_cluster_elb_service_link_role_policy" {
-  statement {
-    effect = "Allow"
-    actions = [
-      "ec2:DescribeAccountAttributes",
-      "ec2:DescribeInternetGateways",
-      "ec2:DescribeAddresses"
-    ]
-    resources = ["*"]
-  }
-}
+# data "aws_iam_policy_document" "eks_cluster_elb_service_link_role_policy" {
+#   statement {
+#     effect = "Allow"
+#     actions = [
+#       "ec2:DescribeAccountAttributes",
+#       "ec2:DescribeInternetGateways",
+#       "ec2:DescribeAddresses"
+#     ]
+#     resources = ["*"]
+#   }
+# }
 
-resource "aws_iam_role" "eks_cluster_role" {
-  name = "${var.eks_cluster_prefix}-${var.eks_cluster_environment}-eks-cluster-role"
-  assume_role_policy = data.aws_iam_policy_document.eks_cluster_assume_role_policy.json
-}
+# resource "aws_iam_role" "eks_cluster_role" {
+#   name = "${var.eks_cluster_prefix}-${var.eks_cluster_environment}-eks-cluster-role"
+#   assume_role_policy = data.aws_iam_policy_document.eks_cluster_assume_role_policy.json
+# }
 
-resource "aws_iam_policy" "eks_cluster_elb_service_link_policy" {
-  name        = "${var.eks_cluster_prefix}-${var.eks_cluster_environment}-eks-cluster-elb-service-link-policy"
-  policy      = data.aws_iam_policy_document.eks_cluster_elb_service_link_role_policy.json
-}
+# resource "aws_iam_policy" "eks_cluster_elb_service_link_policy" {
+#   name        = "${var.eks_cluster_prefix}-${var.eks_cluster_environment}-eks-cluster-elb-service-link-policy"
+#   policy      = data.aws_iam_policy_document.eks_cluster_elb_service_link_role_policy.json
+# }
 
-resource "aws_iam_role_policy_attachment" "eks_cluster_policy" {
-  policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"
-  role       = aws_iam_role.eks_cluster_role.name
-}
+# resource "aws_iam_role_policy_attachment" "eks_cluster_policy" {
+#   policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"
+#   role       = aws_iam_role.eks_cluster_role.name
+# }
 
-resource "aws_iam_role_policy_attachment" "eks_service_policy" {
-  policy_arn = "arn:aws:iam::aws:policy/AmazonEKSServicePolicy"
-  role       = aws_iam_role.eks_cluster_role.name
-}
+# resource "aws_iam_role_policy_attachment" "eks_service_policy" {
+#   policy_arn = "arn:aws:iam::aws:policy/AmazonEKSServicePolicy"
+#   role       = aws_iam_role.eks_cluster_role.name
+# }
 
-resource "aws_iam_role_policy_attachment" "eks_vpc_resource_controller_policy" {
-  policy_arn = "arn:aws:iam::aws:policy/AmazonEKSVPCResourceController"
-  role       = aws_iam_role.eks_cluster_role.name
-}
+# resource "aws_iam_role_policy_attachment" "eks_vpc_resource_controller_policy" {
+#   policy_arn = "arn:aws:iam::aws:policy/AmazonEKSVPCResourceController"
+#   role       = aws_iam_role.eks_cluster_role.name
+# }
 
-resource "aws_iam_role_policy_attachment" "eks_cluster_elb_service_link_policy_attachment" {
-  policy_arn = aws_iam_policy.eks_cluster_elb_service_link_policy.arn
-  role       = aws_iam_role.eks_cluster_role.name
-}
+# resource "aws_iam_role_policy_attachment" "eks_cluster_elb_service_link_policy_attachment" {
+#   policy_arn = aws_iam_policy.eks_cluster_elb_service_link_policy.arn
+#   role       = aws_iam_role.eks_cluster_role.name
+# }

main.tf

@@ -1,64 +1,88 @@
-provider "aws" {
-  region = "ap-south-1"
-}
-terraform {
-  required_version = ">= 0.12.0"
-}
-
-resource "aws_eks_cluster" "eks_cluster" {
-  name     = "${var.eks_cluster_prefix}-${var.eks_cluster_environment}"
-  role_arn = aws_iam_role.eks_cluster_role.arn
-  version  = var.kubernetes_version
-
-  vpc_config {
-    subnet_ids = var.subnet_ids
-  }
-  kubernetes_network_config {
-    service_ipv4_cidr = var.eks_cluster_service_ipv4_cidr
-  }
-
-  timeouts {
-    create = var.eks_cluster_create_timeout
-    delete = var.eks_cluster_delete_timeout
-    update = var.eks_cluster_update_timeout
-  }
-
-  depends_on = [
-    aws_iam_role_policy_attachment.eks_cluster_policy,
-    aws_iam_role_policy_attachment.eks_vpc_resource_controller_policy,
-    aws_cloudwatch_log_group.eks_cluster_cloudwatch_log_group
-  ]
-
-  tags = {
-    Name        = "${var.eks_cluster_prefix}-${var.eks_cluster_environment}"
-    Environment = var.eks_cluster_environment
-  }
-}
-
-# data "tls_certificate" "eks_cluster_tls_certificate" {
-#   url = aws_eks_cluster.eks_cluster.identity[0].oidc[0].issuer
-# }
-
-# resource "aws_iam_openid_connect_provider" "eks_cluster_openid_connect_provider" {
-#   client_id_list  = ["sts.amazonaws.com"]
-#   thumbprint_list = [data.tls_certificate.eks_cluster_tls_certificate.certificates[0].sha1_fingerprint]
-#   url             = aws_eks_cluster.eks_cluster.identity[0].oidc[0].issuer
-# }
-
-# data "aws_iam_policy_document" "eks_cluster_assume_role_policy" {
-#   statement {
-#     actions = ["sts:AssumeRoleWithWebIdentity"]
-#     effect  = "Allow"
-
-#     condition {
-#       test     = "StringEquals"
-#       variable = "${replace(aws_iam_openid_connect_provider.eks_cluster_openid_connect_provider.url, "https://", "")}:sub"
-#       values   = ["system:serviceaccount:kube-system:aws-node"]
-#     }
-
-#     principals {
-#       identifiers = [aws_iam_openid_connect_provider.eks_cluster_openid_connect_provider.arn]
-#       type        = "Federated"
-#     }
-#   }
-# }
+#######################################################
+# Terraform Configuration
+#######################################################
+
+# Specify the required providers and backend for Terraform state
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
+  }
+  backend "s3" {
+    # Backend configuration for S3 will be added here
+  }
+}
+
+# AWS provider configuration
+provider "aws" {
+  region = var.region
+}
+
+#######################################################
+# VPC Module
+#######################################################
+
+# Create the VPC and subnets using a module
+module "vpc" {
+  source         = "./modules/vpc"
+  cluster_prefix = var.cluster_prefix
+  cidr           = var.cidr
+  subnet_bits    = var.subnet_bits
+}
+
+#######################################################
+# EKS Cluster Module
+#######################################################
+
+# Create the EKS cluster using a module
+module "eks" {
+  source                        = "./modules/eks"
+  cluster_prefix                = var.cluster_prefix
+  kubernetes_version            = var.kubernetes_version
+  private_subnet_ids            = module.vpc.private_subnet_ids
+  eks_cluster_enabled_log_types = var.eks_cluster_enabled_log_types
+}
+
+#######################################################
+# EKS Node Groups Module
+#######################################################
+
+# Create EKS node groups using a module
+module "nodes" {
+  depends_on       = [module.eks]
+  for_each         = var.nodes
+  source           = "./modules/eks/nodes"
+  cluster_prefix   = var.cluster_prefix
+  node_environment = each.key
+  subnet_ids       = module.vpc.private_subnet_ids
+  cluster_name     = module.eks.cluster_name
+  node_type        = each.value.node_type
+  instance_type    = try(each.value.instance_type, null)
+  desired_size     = try(each.value.desired_size, null)
+  max_size         = try(each.value.max_size, null)
+  min_size         = try(each.value.min_size, null)
+  selector         = each.value.node_type == "fargate" ? each.value.selector : null
+}
+
+#######################################################
+# RDS Database Module
+#######################################################
+
+# Create RDS instances using a module
+module "database" {
+  for_each          = var.databases
+  source            = "./modules/rds"
+  cluster_prefix    = var.cluster_prefix
+  db_environment    = each.key
+  db_engine         = each.value.db_engine
+  db_instance_class = each.value.db_instance_class
+  db_version        = each.value.db_version
+  db_storage        = each.value.db_storage
+  db_name           = each.value.db_name
+  db_username       = each.value.db_username
+  db_password       = each.value.db_password
+  vpc_id            = module.vpc.vpc_id
+  subnet_ids        = module.vpc.storage_subnet_ids
+}

modules/ecr/main.tf

@@ -0,0 +1,19 @@
+###################################################################################
+# Ecr Configuration
+###################################################################################
+
+resource "aws_ecr_repository" "ecr" {
+  for_each = { for repo in var.repository_name : repo => repo }
+
+  name                 = "${var.cluster_prefix}-${each.key}"
+  image_tag_mutability = var.image_tag_mutability
+  image_scanning_configuration {
+    scan_on_push = var.scan_on_push
+  }
+}
+
+
+# resource "aws_ecr_lifecycle_policy" "this" {
+#   repository = aws_ecr_repository.ecr.name
+#   policy     = var.lifecycle_policy
+# }

modules/ecr/outputs.tf

@@ -0,0 +1,13 @@
+###################################################################################
+# Output Configuration
+###################################################################################
+
+output "repository_urls" {
+  description = "The URLs of the created repositories"
+  value       = { for key, ecr_repo in aws_ecr_repository.ecr : key => ecr_repo.repository_url }
+}
+
+output "repository_names" {
+  description = "The names of the repositories"
+  value       = { for key, _ in aws_ecr_repository.ecr : key => aws_ecr_repository.ecr[key].name }
+}