{"id":24016039,"url":"https://github.com/hamdiz0/eks-terraform-setup","last_synced_at":"2026-05-03T20:39:28.213Z","repository":{"id":270778401,"uuid":"911431443","full_name":"hamdiz0/eks-terraform-setup","owner":"hamdiz0","description":"This repository contains a minimal setup to create an EKS cluster using Terraform","archived":false,"fork":false,"pushed_at":"2025-01-03T02:25:08.000Z","size":252,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-02-12T09:07:58.811Z","etag":null,"topics":["aws","aws-cli","devops","eks","hcl","ias","terraform"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hamdiz0.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-01-03T02:19:56.000Z","updated_at":"2025-02-27T10:19:14.000Z","dependencies_parsed_at":null,"dependency_job_id":"a5f685b3-0e72-4e68-9d16-b3ff68509b43","html_url":"https://github.com/hamdiz0/eks-terraform-setup","commit_stats":null,"previous_names":["hamdiz0/eks-terraform-setup"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/hamdiz0/eks-terraform-setup","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hamdiz0%2Feks-terraform-setup","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hamdiz0%2Feks-terraform-setup/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hamdiz0%2Feks-terraform-setup/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hamdiz0%2Feks-terraform-setup/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hamdiz0","download_url":"https://codeload.github.com/hamdiz0/eks-terraform-setup/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hamdiz0%2Feks-terraform-setup/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32584644,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-03T06:36:36.687Z","status":"ssl_error","status_checked_at":"2026-05-03T06:36:09.306Z","response_time":103,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-cli","devops","eks","hcl","ias","terraform"],"created_at":"2025-01-08T08:39:13.478Z","updated_at":"2026-05-03T20:39:28.118Z","avatar_url":"https://github.com/hamdiz0.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Eks-Terraform-Setup\n\nThis repository contains a minimal setup to create an EKS cluster using Terraform.\n\n## Prerequisites :\n\n### Terraform :\n ```sh\n wget -O - https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg\n echo \"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main\" | sudo tee /etc/apt/sources.list.d/hashicorp.list\n sudo apt update \u0026\u0026 sudo apt install terraform\n ```\n### AWS CLI :\n ```sh\n apt install unzip wget\n wget \"https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip\"\n unzip awscli-exe-linux-x86_64.zip\n sudo ./aws/install\n ```\n### Kubectl :\n ```sh \n K8S_VERSION=1.32\n apt-get update\n apt-get install --quiet --yes apt-transport-https ca-certificates curl\n curl -fsSL https://pkgs.k8s.io/core:/stable:/v${K8S_VERSION}/deb/Release.key | \\\n gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg\n echo \"deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v${K8S_VERSION}/deb/ /\" | \\\n tee /etc/apt/sources.list.d/kubernetes.list\n apt-get update\n apt-get install --quiet --yes kubectl\n ```\n\n### IAM and EKS Policies :\n\n* add an IAM user with the following policies attached :\n - AmazonEC2FullAccess\n - AmazonVPCFullAccess\n - IAMFullAccess\n - CloudWatchFullAccess\n - AWSKeyManagementServicePowerUser\n\n\u003cimg src=\"img/pol.png\" width=\"100%\"/\u003e\n\n* create a custom policy with the following permissions and attach it to the IAM user :\n ```sh\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"eks:CreateCluster\",\n \"eks:DeleteCluster\",\n \"eks:DescribeCluster\",\n \"eks:UpdateClusterVersion\",\n \"eks:UpdateClusterConfig\",\n \"eks:UpdateNodegroupConfig\",\n \"eks:CreateNodegroup\",\n \"eks:DeleteNodegroup\",\n \"eks:DescribeNodegroup\",\n \"eks:ListNodegroups\",\n \"eks:DescribeUpdate\",\n \"eks:TagResource\",\n \"eks:UntagResource\",\n \"eks:ListTagsForResource\",\n \"eks:AccessKubernetesApi\",\n \"eks:ListClusters\"\n ],\n \"Resource\": \"*\"\n }\n ]\n }\n ``` \n\n### AWS CLI Configuration :\n\n* create an authentication token for the IAM user with the previously attached policies in the aws console\n* configure the aws cli with the access key and secret key :\n\n ```sh\n aws configure\n ```\n - example configuration :\n ```sh\n AWS Access Key ID [None]: \"access_key\"\n AWS Secret Access Key [None]: \"secret_key\"\n Default region name [None]: \"region\"\n Default output format [None]: \"json\"\n ```\n* credentials are stored in the `~/.aws/credentials`\n* the configuration can be tested by running the following command :\n ```sh\n aws sts get-caller-identity\n ```\n\n## Terrform Setup :\n\n* the configuration is divided into 3 main files :\n\n### provider.tf :\n\n* import the AWS provider with version constraints and set the nearest region in my case its `eu-west-3` :\n ```hcl\n terraform {\n required_providers {\n aws = {\n source = \"hashicorp/aws\"\n version = \"~\u003e 5.0\"\n }\n }\n }\n provider \"aws\" {\n region = \"eu-west-3\"\n }\n ```\n### network.tf :\n\n* contains the network infrastructure configuration :\n - VPC : \n ```hcl\n resource \"aws_vpc\" \"vpc\" {\n cidr_block = \"10.0.0.0/16\"\n enable_dns_hostnames = true\n tags = {\n Name = \"eks-vpc\"\n }\n }\n ```\n - Public and Private Subnets : multiple subnets are created in different availability zones to ensure high availability\n ```hcl\n resource \"aws_subnet\" \"subnet_1\" {\n vpc_id = aws_vpc.vpc.id\n cidr_block = \"10.0.1.0/24\"\n availability_zone = \"eu-west-3a\"\n map_public_ip_on_launch = true\n tags = {\n Name = \"public-subnet-1\"\n }\n }\n resource \"aws_subnet\" \"subnet_2\" {\n vpc_id = aws_vpc.vpc.id\n cidr_block = \"10.0.2.0/24\"\n availability_zone = \"eu-west-3a\"\n map_public_ip_on_launch = true\n tags = {\n Name = \"public-subnet-2\"\n }\n }\n resource \"aws_subnet\" \"subnet_3\" {\n vpc_id = aws_vpc.vpc.id\n cidr_block = \"10.0.3.0/24\"\n availability_zone = \"eu-west-3b\"\n map_public_ip_on_launch = false\n tags = {\n Name = \"private-subnet-1\"\n }\n }\n resource \"aws_subnet\" \"subnet_4\" {\n vpc_id = aws_vpc.vpc.id\n cidr_block = \"10.0.4.0/24\"\n availability_zone = \"eu-west-3b\"\n map_public_ip_on_launch = false\n tags = {\n Name = \"private-subnet-2\"\n }\n }\n ```\n - Internet Gateway : route the traffic to the internet\n ```hcl\n resource \"aws_internet_gateway\" \"internet_gw\" {\n vpc_id = aws_vpc.vpc.id\n }\n ```\n - Route Tables : route the traffic to the internet gateway and the local network\n ```hcl\n resource \"aws_route_table\" \"public-rt\" {\n vpc_id = aws_vpc.vpc.id\n route {\n cidr_block = \"0.0.0.0/0\"\n gateway_id = aws_internet_gateway.internet_gw.id\n }\n route {\n cidr_block = \"10.0.0.0/16\"\n gateway_id = \"local\"\n }\n }\n\n resource \"aws_route_table\" \"private-rt\" {\n vpc_id = aws_vpc.vpc.id\n route {\n cidr_block = \"10.0.0.0/16\"\n gateway_id = \"local\"\n }\n }\n ```\n - Route Table Associations : associate the subnets with the route tables \n ```hcl\n resource \"aws_route_table_association\" \"subnet_1_association\" {\n subnet_id = aws_subnet.subnet_1.id\n route_table_id = aws_route_table.public-rt.id\n }\n resource \"aws_route_table_association\" \"subnet_2_association\" {\n subnet_id = aws_subnet.subnet_2.id\n route_table_id = aws_route_table.public-rt.id\n }\n\n resource \"aws_route_table_association\" \"subnet_3_association\" {\n subnet_id = aws_subnet.subnet_3.id\n route_table_id = aws_route_table.private-rt.id\n }\n resource \"aws_route_table_association\" \"subnet_4_association\" {\n subnet_id = aws_subnet.subnet_4.id\n route_table_id = aws_route_table.private-rt.id\n }\n\n ```\n### eks.tf : \n\n* this configuration uses the `eks` module to setup an eks cluster :\n ```hcl\n module \"eks\" {\n source = \"terraform-aws-modules/eks/aws\"\n version = \"~\u003e 20.0\"\n\n cluster_name = \"eks-cluster\"\n cluster_version = \"1.31\"\n\n cluster_endpoint_public_access = true\n\n vpc_id = aws_vpc.vpc.id\n subnet_ids = [aws_subnet.subnet_1.id, aws_subnet.subnet_2.id, aws_subnet.subnet_3.id,aws_subnet.subnet_4.id]\n control_plane_subnet_ids = [aws_subnet.subnet_1.id, aws_subnet.subnet_2.id, aws_subnet.subnet_3.id,aws_subnet.subnet_4.id]\n\n eks_managed_node_groups = {\n green = {\n min_size = 1\n max_size = 1\n desired_size = 1\n instance_types = [\"t3.medium\"]\n }\n }\n }\n ```\n## Running the configuration :\n\n* initialize the terraform configuration :\n ```sh\n terraform init\n ```\n* plan the configuration :\n ```sh\n terraform plan\n ```\n* apply the configuration :\n ```sh\n terraform apply\n ```\n## Connecting to the EKS Cluster :\n\n* run the following command to update the kubeconfig file located in `~/.kube/config` :\n ```sh\n aws eks --region eu-west-3 update-kubeconfig --name eks-cluster\n ```\n* an access entry must be added for the user to access the cluster :\n - after terrafrom completes the setup go to the eks console `EKS\u003eCluster\u003e\"eks-cluster-name\"\u003eIAM access entries ` and add the user to the cluster \n\n \u003cimg src=\"img/access.png\" width=\"100%\"/\u003e\n\n - add the necessary permissions :\n\n \u003cimg src=\"img/access-pol.png\" width=\"100%\"/\u003e\n\n* the IAM user now can run kubectl commands to interact with the cluster :\n ```sh\n kubectl get nodes\n ```\n\n## Destroying all the resources :\n\n* to destroy all the resources created by terraform run the following command :\n ```sh\n terraform destroy\n ```\n\n## more details about the eks module \u003ca href=\"https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest\"\u003ehere\u003c/a\u003e","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhamdiz0%2Feks-terraform-setup","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhamdiz0%2Feks-terraform-setup","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhamdiz0%2Feks-terraform-setup/lists"}