xpk/terraform.aws-baseline-infra
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

UPD: changed bastion SG. also tried to downgrade EKS but it was not supported by AWS

Browse Source
This commit is contained in:
xpk 2023-12-20 12:03:49 +08:00
parent f025ae1ba9
commit 7af398e6fc
Signed by: xpk
GPG Key ID: CD4FF6793F09AB86
2 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
examples/eks-managed-nodegroup/bastion.tf
View File

@ -6,7 +6,7 @@ module "bastion" {
ami = data.aws_ami.this.id ami = data.aws_ami.this.id
ignore_ami_changes = true ignore_ami_changes = true
subnet_id = var.subnet_ids[0] subnet_id = var.subnet_ids[0]
vpc_security_group_ids = [module.sg.id, "sg-0735e2bab44a525b8"] vpc_security_group_ids = [module.sg.id, module.eks.cluster_primary_security_group_id]
create_iam_instance_profile = true create_iam_instance_profile = true
iam_role_description = "IAM role for EC2 instance" iam_role_description = "IAM role for EC2 instance"
iam_role_policies = { iam_role_policies = {
@ -30,6 +30,12 @@ module "bastion" {
http_tokens = "required" http_tokens = "required"
http_put_response_hop_limit = 2 http_put_response_hop_limit = 2
} }
user_data = <<EOF
#!/bin/bash
curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
chmod 755 kubectl
mv kubectl /usr/local/bin/
EOF
} }
module "sg" { module "sg" {

2
examples/eks-managed-nodegroup/main.tf
View File

@ -16,7 +16,7 @@ module "eks" {
cluster_name = "lab-ken2026-eks01" cluster_name = "lab-ken2026-eks01"
cluster_endpoint_public_access = true cluster_endpoint_public_access = true
cluster_version = "1.28" cluster_version = "1.27"
cluster_addons = { cluster_addons = {
coredns = { coredns = {