{"id":13623631,"url":"https://github.com/msfidelis/eks-with-istio","last_synced_at":"2025-04-04T22:04:18.458Z","repository":{"id":41980711,"uuid":"384263743","full_name":"msfidelis/eks-with-istio","owner":"msfidelis","description":":whale: :package: :rocket: - Terraform template for a production ready EKS Cluster and ISTIO Service Mesh","archived":false,"fork":false,"pushed_at":"2025-03-16T15:18:41.000Z","size":630,"stargazers_count":142,"open_issues_count":6,"forks_count":44,"subscribers_count":7,"default_branch":"main","last_synced_at":"2025-03-28T21:03:24.469Z","etag":null,"topics":["aws","cluster","cluster-autoscaler","docker","eks","eks-cluster","fargate","istio","kubernetes","service-mesh"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/msfidelis.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-07-08T22:36:19.000Z","updated_at":"2025-03-16T15:18:44.000Z","dependencies_parsed_at":"2023-01-30T21:15:51.672Z","dependency_job_id":"1757e502-10a4-4c78-84fc-edb7878d8121","html_url":"https://github.com/msfidelis/eks-with-istio","commit_stats":{"total_commits":106,"total_committers":4,"mean_commits":26.5,"dds":"0.21698113207547165","last_synced_commit":"32b9ca3993e39845a01de1c80f74cdcf408786e1"},"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/msfidelis%2Feks-with-istio","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/msfidelis%2Feks-with-istio/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/msfidelis%2Feks-with-istio/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/msfidelis%2Feks-with-istio/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/msfidelis","download_url":"https://codeload.github.com/msfidelis/eks-with-istio/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247256107,"owners_count":20909240,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","cluster","cluster-autoscaler","docker","eks","eks-cluster","fargate","istio","kubernetes","service-mesh"],"created_at":"2024-08-01T21:01:33.984Z","updated_at":"2025-04-04T22:04:18.437Z","avatar_url":"https://github.com/msfidelis.png","language":"HCL","funding_links":[],"categories":["HCL"],"sub_categories":[],"readme":"\u003c!-- BEGIN_TF_DOCS --\u003e\n\u003ch1 align=\"center\"\u003eWelcome to EKS with Istio Setup with Terraform 👋\u003c/h1\u003e\n\u003cp\u003e\n  \u003cimg alt=\"Version\" src=\"https://img.shields.io/badge/version-v0.0.1-blue.svg?cacheSeconds=2592000\" /\u003e\n  \u003ca href=\"/\" target=\"\\_blank\"\u003e\n    \u003cimg alt=\"Documentation\" src=\"https://img.shields.io/badge/documentation-yes-brightgreen.svg\" /\u003e\n  \u003c/a\u003e\n  \u003ca href=\"/LICENSE \" target=\"\\_blank\"\u003e\n    \u003cimg alt=\"License: MIT\" src=\"https://img.shields.io/badge/License-MIT-yellow.svg\" /\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://twitter.com/fidelissauro\" target=\"\\_blank\"\u003e\n    \u003cimg alt=\"Twitter: fidelissauro\" src=\"https://img.shields.io/twitter/follow/fidelissauro.svg?style=social\" /\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n## Terraform Versions Compatibility\n\u003cp\u003e\n  \u003ca href=\"/\" target=\"\\_blank\"\u003e\n    \u003cimg alt=\"Terraform 0.13\" src=\"https://github.com/msfidelis/eks-with-istio/workflows/Terraform%200.13.*/badge.svg\" /\u003e\n  \u003c/a\u003e\n  \u003ca href=\"/\" target=\"\\_blank\"\u003e\n    \u003cimg alt=\"Terraform 0.14\" src=\"https://github.com/msfidelis/eks-with-istio/workflows/Terraform%200.14.*/badge.svg\" /\u003e\n  \u003c/a\u003e\n  \u003ca href=\"/\" target=\"\\_blank\"\u003e\n    \u003cimg alt=\"Terraform 0.15\" src=\"https://github.com/msfidelis/eks-with-istio/workflows/Terraform%200.15.*/badge.svg\" /\u003e\n  \u003c/a\u003e\n  \u003ca href=\"/\" target=\"\\_blank\"\u003e\n    \u003cimg alt=\"Terraform 1.0.0\" src=\"https://github.com/msfidelis/eks-with-istio/workflows/Terraform%201.0.*/badge.svg\" /\u003e\n  \u003c/a\u003e\n  \u003ca href=\"/\" target=\"\\_blank\"\u003e\n    \u003cimg alt=\"Terraform 1.1.0\" src=\"https://github.com/msfidelis/eks-with-istio/workflows/Terraform%201.1.*/badge.svg\" /\u003e\n  \u003c/a\u003e   \n\u003c/p\u003e\n\n### 🏠 [Architecture / Topology](/)\n\n![topology](/samples/img/Architecture.png)\n\n## Requirements\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"requirement_aws\"\u003e\u003c/a\u003e [aws](#requirement\\_aws) | \u003e= 5.0 |\n| \u003ca name=\"requirement_helm\"\u003e\u003c/a\u003e [helm](#requirement\\_helm) | ~\u003e 2.0 |\n| \u003ca name=\"requirement_kubectl\"\u003e\u003c/a\u003e [kubectl](#requirement\\_kubectl) | ~\u003e 1.14 |\n| \u003ca name=\"requirement_kubernetes\"\u003e\u003c/a\u003e [kubernetes](#requirement\\_kubernetes) | ~\u003e 2.0 |\n| \u003ca name=\"requirement_tls\"\u003e\u003c/a\u003e [tls](#requirement\\_tls) | ~\u003e 3.1.0 |\n\n## Providers\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"provider_aws\"\u003e\u003c/a\u003e [aws](#provider\\_aws) | 5.61.0 |\n| \u003ca name=\"provider_helm\"\u003e\u003c/a\u003e [helm](#provider\\_helm) | 2.14.0 |\n| \u003ca name=\"provider_kubectl\"\u003e\u003c/a\u003e [kubectl](#provider\\_kubectl) | 1.14.0 |\n| \u003ca name=\"provider_kubernetes\"\u003e\u003c/a\u003e [kubernetes](#provider\\_kubernetes) | 2.31.0 |\n| \u003ca name=\"provider_tls\"\u003e\u003c/a\u003e [tls](#provider\\_tls) | 3.1.0 |\n\n## Modules\n\nNo modules.\n\n## Resources\n\n| Name | Type |\n|------|------|\n| [aws_api_gateway_vpc_link.nlb](https://registry.terraform.io/providers/aws/latest/docs/resources/api_gateway_vpc_link) | resource |\n| [aws_cloudwatch_event_rule.karpenter_termination_handler_instance_terminate](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.karpenter_termination_handler_rebalance](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.karpenter_termination_handler_scheduled_change](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.karpenter_termination_handler_spot_termination](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.karpenter_termination_handler_state_change](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.node_termination_handler_instance_terminate](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.node_termination_handler_rebalance](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.node_termination_handler_scheduled_change](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.node_termination_handler_spot_termination](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.node_termination_handler_state_change](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_target.karpenter_termination_handler_instance_terminate](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.karpenter_termination_handler_rebalance](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.karpenter_termination_handler_scheduled_change](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.karpenter_termination_handler_spot_termination](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.karpenter_termination_handler_state_change](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.node_termination_handler_instance_terminate](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.node_termination_handler_rebalance](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.node_termination_handler_scheduled_change](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.node_termination_handler_spot_termination](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.node_termination_handler_state_change](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_log_group.prometheus](https://registry.terraform.io/providers/aws/latest/docs/resources/cloudwatch_log_group) | resource |\n| [aws_eip.vpc_iep](https://registry.terraform.io/providers/aws/latest/docs/resources/eip) | resource |\n| [aws_eks_addon.cni](https://registry.terraform.io/providers/aws/latest/docs/resources/eks_addon) | resource |\n| [aws_eks_addon.coredns](https://registry.terraform.io/providers/aws/latest/docs/resources/eks_addon) | resource |\n| [aws_eks_addon.csi_driver](https://registry.terraform.io/providers/aws/latest/docs/resources/eks_addon) | resource |\n| [aws_eks_addon.kubeproxy](https://registry.terraform.io/providers/aws/latest/docs/resources/eks_addon) | resource |\n| [aws_eks_cluster.main](https://registry.terraform.io/providers/aws/latest/docs/resources/eks_cluster) | resource |\n| [aws_eks_node_group.main](https://registry.terraform.io/providers/aws/latest/docs/resources/eks_node_group) | resource |\n| [aws_grafana_workspace.grafana](https://registry.terraform.io/providers/aws/latest/docs/resources/grafana_workspace) | resource |\n| [aws_iam_instance_profile.nodes](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_instance_profile) | resource |\n| [aws_iam_openid_connect_provider.eks](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_openid_connect_provider) | resource |\n| [aws_iam_policy.aws_load_balancer_controller_policy](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy) | resource |\n| [aws_iam_policy.aws_node_termination_handler_policy](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy) | resource |\n| [aws_iam_policy.cluster_autoscaler_policy](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy) | resource |\n| [aws_iam_policy.csi_driver](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy) | resource |\n| [aws_iam_policy.karpenter_policy](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy) | resource |\n| [aws_iam_policy.keda_policy](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy) | resource |\n| [aws_iam_policy.managed_prometheus_policy](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy) | resource |\n| [aws_iam_policy_attachment.aws_load_balancer_controller_policy](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy_attachment) | resource |\n| [aws_iam_policy_attachment.aws_node_termination_handler_policy](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy_attachment) | resource |\n| [aws_iam_policy_attachment.cluster_autoscaler](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy_attachment) | resource |\n| [aws_iam_policy_attachment.csi_driver](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy_attachment) | resource |\n| [aws_iam_policy_attachment.karpenter_policy](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy_attachment) | resource |\n| [aws_iam_policy_attachment.keda](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy_attachment) | resource |\n| [aws_iam_policy_attachment.managed_prometheus_policy](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_policy_attachment) | resource |\n| [aws_iam_role.alb_controller](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role.aws_node_termination_handler_role](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role.cluster_autoscaler_role](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role.eks_cluster_role](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role.eks_nodes_roles](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role.grafana](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role.karpenter_role](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role.keda_role](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role.managed_prometheus_role](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role_policy_attachment.cloudwatch](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_iam_role_policy_attachment.cni](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_iam_role_policy_attachment.ecr](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_iam_role_policy_attachment.eks-cluster-cluster](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_iam_role_policy_attachment.eks-cluster-service](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_iam_role_policy_attachment.node](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_iam_role_policy_attachment.ssm](https://registry.terraform.io/providers/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_internet_gateway.gw](https://registry.terraform.io/providers/aws/latest/docs/resources/internet_gateway) | resource |\n| [aws_kms_alias.eks](https://registry.terraform.io/providers/aws/latest/docs/resources/kms_alias) | resource |\n| [aws_kms_key.eks](https://registry.terraform.io/providers/aws/latest/docs/resources/kms_key) | resource |\n| [aws_launch_template.karpenter](https://registry.terraform.io/providers/aws/latest/docs/resources/launch_template) | resource |\n| [aws_lb.ingress](https://registry.terraform.io/providers/aws/latest/docs/resources/lb) | resource |\n| [aws_lb_listener.ingress_443](https://registry.terraform.io/providers/aws/latest/docs/resources/lb_listener) | resource |\n| [aws_lb_listener.ingress_80](https://registry.terraform.io/providers/aws/latest/docs/resources/lb_listener) | resource |\n| [aws_lb_target_group.http](https://registry.terraform.io/providers/aws/latest/docs/resources/lb_target_group) | resource |\n| [aws_lb_target_group.https](https://registry.terraform.io/providers/aws/latest/docs/resources/lb_target_group) | resource |\n| [aws_nat_gateway.nat](https://registry.terraform.io/providers/aws/latest/docs/resources/nat_gateway) | resource |\n| [aws_prometheus_workspace.main](https://registry.terraform.io/providers/aws/latest/docs/resources/prometheus_workspace) | resource |\n| [aws_route.nat_access](https://registry.terraform.io/providers/aws/latest/docs/resources/route) | resource |\n| [aws_route.public_internet_access](https://registry.terraform.io/providers/aws/latest/docs/resources/route) | resource |\n| [aws_route53_record.nlb](https://registry.terraform.io/providers/aws/latest/docs/resources/route53_record) | resource |\n| [aws_route53_zone.private](https://registry.terraform.io/providers/aws/latest/docs/resources/route53_zone) | resource |\n| [aws_route_table.igw_route_table](https://registry.terraform.io/providers/aws/latest/docs/resources/route_table) | resource |\n| [aws_route_table.nat](https://registry.terraform.io/providers/aws/latest/docs/resources/route_table) | resource |\n| [aws_route_table_association.pods_1a](https://registry.terraform.io/providers/aws/latest/docs/resources/route_table_association) | resource |\n| [aws_route_table_association.pods_1b](https://registry.terraform.io/providers/aws/latest/docs/resources/route_table_association) | resource |\n| [aws_route_table_association.pods_1c](https://registry.terraform.io/providers/aws/latest/docs/resources/route_table_association) | resource |\n| [aws_route_table_association.private1a](https://registry.terraform.io/providers/aws/latest/docs/resources/route_table_association) | resource |\n| [aws_route_table_association.private1b](https://registry.terraform.io/providers/aws/latest/docs/resources/route_table_association) | resource |\n| [aws_route_table_association.private1c](https://registry.terraform.io/providers/aws/latest/docs/resources/route_table_association) | resource |\n| [aws_route_table_association.public_1a](https://registry.terraform.io/providers/aws/latest/docs/resources/route_table_association) | resource |\n| [aws_route_table_association.public_1b](https://registry.terraform.io/providers/aws/latest/docs/resources/route_table_association) | resource |\n| [aws_route_table_association.public_1c](https://registry.terraform.io/providers/aws/latest/docs/resources/route_table_association) | resource |\n| [aws_security_group.cluster_nodes_sg](https://registry.terraform.io/providers/aws/latest/docs/resources/security_group) | resource |\n| [aws_security_group.cluster_sg](https://registry.terraform.io/providers/aws/latest/docs/resources/security_group) | resource |\n| [aws_security_group_rule.cluster_ingress_https](https://registry.terraform.io/providers/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_security_group_rule.nodeport](https://registry.terraform.io/providers/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_security_group_rule.nodeport_cluster](https://registry.terraform.io/providers/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_security_group_rule.nodeport_cluster_udp](https://registry.terraform.io/providers/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_sqs_queue.karpenter_termination_handler](https://registry.terraform.io/providers/aws/latest/docs/resources/sqs_queue) | resource |\n| [aws_sqs_queue.node_termination_handler](https://registry.terraform.io/providers/aws/latest/docs/resources/sqs_queue) | resource |\n| [aws_sqs_queue_policy.karpenter_termination_handler](https://registry.terraform.io/providers/aws/latest/docs/resources/sqs_queue_policy) | resource |\n| [aws_sqs_queue_policy.node_termination_handler](https://registry.terraform.io/providers/aws/latest/docs/resources/sqs_queue_policy) | resource |\n| [aws_subnet.pods_subnet_1a](https://registry.terraform.io/providers/aws/latest/docs/resources/subnet) | resource |\n| [aws_subnet.pods_subnet_1b](https://registry.terraform.io/providers/aws/latest/docs/resources/subnet) | resource |\n| [aws_subnet.pods_subnet_1c](https://registry.terraform.io/providers/aws/latest/docs/resources/subnet) | resource |\n| [aws_subnet.private_subnet_1a](https://registry.terraform.io/providers/aws/latest/docs/resources/subnet) | resource |\n| [aws_subnet.private_subnet_1b](https://registry.terraform.io/providers/aws/latest/docs/resources/subnet) | resource |\n| [aws_subnet.private_subnet_1c](https://registry.terraform.io/providers/aws/latest/docs/resources/subnet) | resource |\n| [aws_subnet.public_subnet_1a](https://registry.terraform.io/providers/aws/latest/docs/resources/subnet) | resource |\n| [aws_subnet.public_subnet_1b](https://registry.terraform.io/providers/aws/latest/docs/resources/subnet) | resource |\n| [aws_subnet.public_subnet_1c](https://registry.terraform.io/providers/aws/latest/docs/resources/subnet) | resource |\n| [aws_vpc.cluster_vpc](https://registry.terraform.io/providers/aws/latest/docs/resources/vpc) | resource |\n| [aws_vpc_ipv4_cidr_block_association.pods](https://registry.terraform.io/providers/aws/latest/docs/resources/vpc_ipv4_cidr_block_association) | resource |\n| [helm_release.alb_ingress_controller](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.argo_rollouts](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.chaos_mesh](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.cluster_autoscaler](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.descheduler](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.istio_base](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.istio_ingress](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.istiod](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.jaeger](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.karpenter](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.keda](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.kiali-server](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.kube_state_metrics](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.managed_prometheus](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.metrics_server](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.node_termination_handler](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [helm_release.prometheus](https://registry.terraform.io/providers/helm/latest/docs/resources/release) | resource |\n| [kubectl_manifest.grafana_gateway](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |\n| [kubectl_manifest.grafana_service](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |\n| [kubectl_manifest.istio_target_group_binding_http](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |\n| [kubectl_manifest.istio_target_group_binding_https](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |\n| [kubectl_manifest.jaeger_gateway](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |\n| [kubectl_manifest.jaeger_virtual_service](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |\n| [kubectl_manifest.karpenter_node_class](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |\n| [kubectl_manifest.karpenter_node_pool](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |\n| [kubectl_manifest.kiali_gateway](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |\n| [kubectl_manifest.kiali_virtual_service](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |\n| [kubectl_manifest.rollouts_gateway](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |\n| [kubectl_manifest.rollouts_virtual_service](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |\n| [kubernetes_config_map.aws-auth](https://registry.terraform.io/providers/kubernetes/latest/docs/resources/config_map) | resource |\n| [aws_caller_identity.current](https://registry.terraform.io/providers/aws/latest/docs/data-sources/caller_identity) | data source |\n| [aws_eks_cluster_auth.default](https://registry.terraform.io/providers/aws/latest/docs/data-sources/eks_cluster_auth) | data source |\n| [aws_iam_policy_document.aws_load_balancer_controller_assume_role](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.aws_load_balancer_controller_policy](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.aws_node_termination_handler_policy](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.aws_node_termination_handler_role](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.cluster_autoscaler_policy](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.cluster_autoscaler_role](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.csi_driver](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.eks_cluster_role](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.eks_nodes_role](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.karpenter_policy](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.karpenter_role](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.keda_policy](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.keda_role](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.managed_prometheus_policy](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.managed_prometheus_role](https://registry.terraform.io/providers/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_ssm_parameter.eks](https://registry.terraform.io/providers/aws/latest/docs/data-sources/ssm_parameter) | data source |\n| [tls_certificate.eks](https://registry.terraform.io/providers/tls/latest/docs/data-sources/certificate) | data source |\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_addon_cni_version\"\u003e\u003c/a\u003e [addon\\_cni\\_version](#input\\_addon\\_cni\\_version) | Specifies the version of the AWS VPC CNI (Container Network Interface) plugin to use, which manages the network interfaces for pod networking. | `string` | `\"v1.18.3-eksbuild.2\"` | no |\n| \u003ca name=\"input_addon_coredns_version\"\u003e\u003c/a\u003e [addon\\_coredns\\_version](#input\\_addon\\_coredns\\_version) | Defines the version of CoreDNS to use, a DNS server/forwarder that is integral to internal Kubernetes DNS resolution. | `string` | `\"v1.11.3-eksbuild.1\"` | no |\n| \u003ca name=\"input_addon_csi_version\"\u003e\u003c/a\u003e [addon\\_csi\\_version](#input\\_addon\\_csi\\_version) | Indicates the version of the Container Storage Interface (CSI) driver to use for managing storage volumes in Kubernetes. | `string` | `\"v1.35.0-eksbuild.1\"` | no |\n| \u003ca name=\"input_addon_kubeproxy_version\"\u003e\u003c/a\u003e [addon\\_kubeproxy\\_version](#input\\_addon\\_kubeproxy\\_version) | Sets the version of Kubeproxy to be used, which handles Kubernetes network services like forwarding the requests to correct containers. | `string` | `\"v1.31.0-eksbuild.5\"` | no |\n| \u003ca name=\"input_argo_rollouts_toggle\"\u003e\u003c/a\u003e [argo\\_rollouts\\_toggle](#input\\_argo\\_rollouts\\_toggle) | Enables the installation of Argo Rollouts, providing advanced deployment strategies like Canary and Blue-Green deployments in Kubernetes. | `bool` | `true` | no |\n| \u003ca name=\"input_argo_rollouts_virtual_service_host\"\u003e\u003c/a\u003e [argo\\_rollouts\\_virtual\\_service\\_host](#input\\_argo\\_rollouts\\_virtual\\_service\\_host) | The hostname for the Argo Rollouts virtual service, used for advanced deployment capabilities like canary and blue-green deployments in Kubernetes. | `string` | `\"argo-rollouts.k8s.raj.ninja\"` | no |\n| \u003ca name=\"input_auto_scale_options\"\u003e\u003c/a\u003e [auto\\_scale\\_options](#input\\_auto\\_scale\\_options) | Configuration for the EKS cluster auto-scaling. It includes the minimum (min), maximum (max), and desired (desired) number of worker nodes. | `map` | \u003cpre\u003e{\u003cbr\u003e  \"desired\": 4,\u003cbr\u003e  \"max\": 10,\u003cbr\u003e  \"min\": 4\u003cbr\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_aws_region\"\u003e\u003c/a\u003e [aws\\_region](#input\\_aws\\_region) | AWS region where the EKS cluster will be deployed. This should be set to the region where you want your Kubernetes resources to reside. | `string` | `\"us-east-1\"` | no |\n| \u003ca name=\"input_chaos_mesh_toggle\"\u003e\u003c/a\u003e [chaos\\_mesh\\_toggle](#input\\_chaos\\_mesh\\_toggle) | Determines whether to install Chaos Mesh, a cloud-native Chaos Engineering platform that orchestrates chaos experiments on Kubernetes environments. | `bool` | `false` | no |\n| \u003ca name=\"input_cluster_autoscaler_toggle\"\u003e\u003c/a\u003e [cluster\\_autoscaler\\_toggle](#input\\_cluster\\_autoscaler\\_toggle) | Enable or disable the Cluster Autoscaler installation. When true, Cluster Autoscaler is installed to automatically adjust the number of nodes in the cluster. | `bool` | `false` | no |\n| \u003ca name=\"input_cluster_name\"\u003e\u003c/a\u003e [cluster\\_name](#input\\_cluster\\_name) | The name of the Amazon EKS cluster. This is a unique identifier for your EKS cluster within the AWS region. | `string` | `\"eks-cluster\"` | no |\n| \u003ca name=\"input_cluster_private_zone\"\u003e\u003c/a\u003e [cluster\\_private\\_zone](#input\\_cluster\\_private\\_zone) | The private DNS zone name for the EKS cluster in AWS Route53. This zone is used for internal DNS resolution within the cluster. | `string` | `\"k8s.cluster\"` | no |\n| \u003ca name=\"input_default_tags\"\u003e\u003c/a\u003e [default\\_tags](#input\\_default\\_tags) | A map of default tags to apply to all resources. These tags can help with identifying and organizing resources within the AWS environment. | `map(string)` | \u003cpre\u003e{\u003cbr\u003e  \"Environment\": \"prod\",\u003cbr\u003e  \"Foo\": \"Bar\",\u003cbr\u003e  \"Ping\": \"Pong\"\u003cbr\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_descheduler_toggle\"\u003e\u003c/a\u003e [descheduler\\_toggle](#input\\_descheduler\\_toggle) | Controls the installation of the Descheduler, a tool to balance and optimize the distribution of Pods across the cluster for improved efficiency. | `bool` | `false` | no |\n| \u003ca name=\"input_enable_cross_zone_load_balancing\"\u003e\u003c/a\u003e [enable\\_cross\\_zone\\_load\\_balancing](#input\\_enable\\_cross\\_zone\\_load\\_balancing) | Controls whether cross-zone load balancing is enabled for the Network Load Balancer, allowing even traffic distribution across all zones. | `bool` | `false` | no |\n| \u003ca name=\"input_enable_jaeger\"\u003e\u003c/a\u003e [enable\\_jaeger](#input\\_enable\\_jaeger) | Flag to create jaeger standalone stack | `bool` | `false` | no |\n| \u003ca name=\"input_enable_managed_prometheus\"\u003e\u003c/a\u003e [enable\\_managed\\_prometheus](#input\\_enable\\_managed\\_prometheus) | Determines if the managed Prometheus service should be enabled. Managed Prometheus provides a fully managed monitoring service compatible with Prometheus. | `bool` | `false` | no |\n| \u003ca name=\"input_enable_prometheus_stack\"\u003e\u003c/a\u003e [enable\\_prometheus\\_stack](#input\\_enable\\_prometheus\\_stack) | n/a | `bool` | `true` | no |\n| \u003ca name=\"input_enable_vpc_link\"\u003e\u003c/a\u003e [enable\\_vpc\\_link](#input\\_enable\\_vpc\\_link) | Create VPC Link associated to Network Load Balancing | `bool` | `false` | no |\n| \u003ca name=\"input_grafana_virtual_service_host\"\u003e\u003c/a\u003e [grafana\\_virtual\\_service\\_host](#input\\_grafana\\_virtual\\_service\\_host) | The hostname for the Grafana virtual service, used in Istio routing. This host is used to access Grafana dashboards for monitoring metrics. | `string` | `\"grafana.k8s.raj.ninja\"` | no |\n| \u003ca name=\"input_istio_ingress_max_pods\"\u003e\u003c/a\u003e [istio\\_ingress\\_max\\_pods](#input\\_istio\\_ingress\\_max\\_pods) | The maximum number of pods to scale up for the Istio ingress gateway. This limits the resources used and manages the scaling behavior. | `number` | `9` | no |\n| \u003ca name=\"input_istio_ingress_min_pods\"\u003e\u003c/a\u003e [istio\\_ingress\\_min\\_pods](#input\\_istio\\_ingress\\_min\\_pods) | The minimum number of pods to maintain for the Istio ingress gateway. This ensures basic availability and load handling. | `number` | `3` | no |\n| \u003ca name=\"input_jaeger_virtual_service_host\"\u003e\u003c/a\u003e [jaeger\\_virtual\\_service\\_host](#input\\_jaeger\\_virtual\\_service\\_host) | The hostname for the Jaeger virtual service, used for tracing and monitoring microservices within the Istio service mesh. | `string` | `\"jaeger.k8s.raj.ninja\"` | no |\n| \u003ca name=\"input_k8s_version\"\u003e\u003c/a\u003e [k8s\\_version](#input\\_k8s\\_version) | The version of Kubernetes to use for the EKS cluster. This version should be compatible with the AWS EKS service and other infrastructure components. | `string` | `\"1.31\"` | no |\n| \u003ca name=\"input_karpenter_availability_zones\"\u003e\u003c/a\u003e [karpenter\\_availability\\_zones](#input\\_karpenter\\_availability\\_zones) | A list of AWS availability zones where Karpenter should launch nodes. These zones should be in the same region as the EKS cluster. | `list(any)` | \u003cpre\u003e[\u003cbr\u003e  \"us-east-1a\",\u003cbr\u003e  \"us-east-1b\",\u003cbr\u003e  \"us-east-1c\"\u003cbr\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_karpenter_capacity_type\"\u003e\u003c/a\u003e [karpenter\\_capacity\\_type](#input\\_karpenter\\_capacity\\_type) | Defines the capacity types for provisioning instances in the cluster, such as 'spot' or 'on\\_demand', offering cost-saving options or consistent availability respectively. | `list(any)` | \u003cpre\u003e[\u003cbr\u003e  \"spot\"\u003cbr\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_karpenter_ec2_node_family\"\u003e\u003c/a\u003e [karpenter\\_ec2\\_node\\_family](#input\\_karpenter\\_ec2\\_node\\_family) | n/a | `string` | `\"Bottlerocket\"` | no |\n| \u003ca name=\"input_karpenter_instance_family\"\u003e\u003c/a\u003e [karpenter\\_instance\\_family](#input\\_karpenter\\_instance\\_family) | Defines a list of EC2 instance families to be considered by Karpenter for node provisioning. Instance families like 'c6' and 'c5' offer different compute capabilities. | `list(any)` | \u003cpre\u003e[\u003cbr\u003e  \"c6\",\u003cbr\u003e  \"c6a\",\u003cbr\u003e  \"c5\"\u003cbr\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_karpenter_instance_sizes\"\u003e\u003c/a\u003e [karpenter\\_instance\\_sizes](#input\\_karpenter\\_instance\\_sizes) | Specifies a list of instance sizes within the chosen instance families to allow diversity in the provisioned nodes by Karpenter. | `list(any)` | \u003cpre\u003e[\u003cbr\u003e  \"large\",\u003cbr\u003e  \"2xlarge\"\u003cbr\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_karpenter_toggle\"\u003e\u003c/a\u003e [karpenter\\_toggle](#input\\_karpenter\\_toggle) | Determines whether Karpenter is enabled for the EKS cluster. Karpenter is an open-source auto-scaler for Kubernetes clusters. | `bool` | `true` | no |\n| \u003ca name=\"input_keda_toggle\"\u003e\u003c/a\u003e [keda\\_toggle](#input\\_keda\\_toggle) | Activates the installation of KEDA (Kubernetes Event-Driven Autoscaling), which adds event-driven scaling capabilities to Kubernetes workloads. | `bool` | `true` | no |\n| \u003ca name=\"input_kiali_virtual_service_host\"\u003e\u003c/a\u003e [kiali\\_virtual\\_service\\_host](#input\\_kiali\\_virtual\\_service\\_host) | The hostname for the Kiali virtual service, a part of Istio's service mesh visualization. It provides insights into the mesh topology and performance. | `string` | `\"kiali.k8s.raj.ninja\"` | no |\n| \u003ca name=\"input_managed_grafana_authentication_providers\"\u003e\u003c/a\u003e [managed\\_grafana\\_authentication\\_providers](#input\\_managed\\_grafana\\_authentication\\_providers) | A list of authentication providers for managed Grafana. For example, 'SAML' can be used for integrating with identity providers, ensuring secure and centralized user management. | `list(string)` | \u003cpre\u003e[\u003cbr\u003e  \"SAML\"\u003cbr\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_managed_grafana_datasources\"\u003e\u003c/a\u003e [managed\\_grafana\\_datasources](#input\\_managed\\_grafana\\_datasources) | Specifies the data sources that managed Grafana can access. Includes options like 'CLOUDWATCH', 'PROMETHEUS', and 'XRAY', providing a wide range of data for comprehensive monitoring solutions. | `list(string)` | \u003cpre\u003e[\u003cbr\u003e  \"CLOUDWATCH\",\u003cbr\u003e  \"PROMETHEUS\",\u003cbr\u003e  \"XRAY\"\u003cbr\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_managed_grafana_notification_destinations\"\u003e\u003c/a\u003e [managed\\_grafana\\_notification\\_destinations](#input\\_managed\\_grafana\\_notification\\_destinations) | Lists the notification channels supported by managed Grafana. For instance, 'SNS' allows Grafana to send alerts and notifications through AWS Simple Notification Service. | `list(string)` | \u003cpre\u003e[\u003cbr\u003e  \"SNS\"\u003cbr\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_managed_grafana_permission_type\"\u003e\u003c/a\u003e [managed\\_grafana\\_permission\\_type](#input\\_managed\\_grafana\\_permission\\_type) | Defines the permission model for managed Grafana. 'SERVICE\\_MANAGED' allows AWS to manage permissions, simplifying the setup and management of Grafana. | `string` | `\"SERVICE_MANAGED\"` | no |\n| \u003ca name=\"input_managed_prometheus_access_type\"\u003e\u003c/a\u003e [managed\\_prometheus\\_access\\_type](#input\\_managed\\_prometheus\\_access\\_type) | Specifies the access type for managed Prometheus. 'CURRENT\\_ACCOUNT' limits access to the current AWS account, ensuring isolated and secure access to the monitoring data. | `string` | `\"CURRENT_ACCOUNT\"` | no |\n| \u003ca name=\"input_nlb_ingress_enable_termination_protection\"\u003e\u003c/a\u003e [nlb\\_ingress\\_enable\\_termination\\_protection](#input\\_nlb\\_ingress\\_enable\\_termination\\_protection) | Determines if termination protection is enabled for the Network Load Balancer, preventing accidental deletion. | `bool` | `false` | no |\n| \u003ca name=\"input_nlb_ingress_internal\"\u003e\u003c/a\u003e [nlb\\_ingress\\_internal](#input\\_nlb\\_ingress\\_internal) | Indicates whether the Network Load Balancer (NLB) for the EKS cluster should be internal, restricting access to within the AWS network. | `bool` | `false` | no |\n| \u003ca name=\"input_nlb_ingress_type\"\u003e\u003c/a\u003e [nlb\\_ingress\\_type](#input\\_nlb\\_ingress\\_type) | Specifies the type of ingress to be used, such as 'network', determining how the NLB handles incoming traffic to the EKS cluster. | `string` | `\"network\"` | no |\n| \u003ca name=\"input_node_termination_handler_toggle\"\u003e\u003c/a\u003e [node\\_termination\\_handler\\_toggle](#input\\_node\\_termination\\_handler\\_toggle) | Enables the AWS Node Termination Handler, which ensures that Kubernetes workloads are gracefully handled during EC2 instance terminations or disruptions. | `bool` | `false` | no |\n| \u003ca name=\"input_nodes_instances_sizes\"\u003e\u003c/a\u003e [nodes\\_instances\\_sizes](#input\\_nodes\\_instances\\_sizes) | A list of EC2 instance types to use for the EKS worker nodes. These instance types should balance between cost, performance, and resource requirements for your workload. | `list` | \u003cpre\u003e[\u003cbr\u003e  \"t3.large\"\u003cbr\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_proxy_protocol_v2\"\u003e\u003c/a\u003e [proxy\\_protocol\\_v2](#input\\_proxy\\_protocol\\_v2) | Enables or disables Proxy Protocol v2 on the Network Load Balancer, used for preserving client IP addresses and other connection information. | `bool` | `false` | no |\n\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| \u003ca name=\"output_cluster_name\"\u003e\u003c/a\u003e [cluster\\_name](#output\\_cluster\\_name) | n/a |\n| \u003ca name=\"output_istio_ingress_vpclink\"\u003e\u003c/a\u003e [istio\\_ingress\\_vpclink](#output\\_istio\\_ingress\\_vpclink) | n/a |\n\n### ✨ [Demo](/)\n\n## Install\n\n```sh\nterraform apply\n```\n\n## Usage\n\n```sh\nterraform apply\n```\n\n## Run tests\n\n```sh\nterraform plan\n```\n\n## Author\n\n👤 **Matheus Fidelis**\n\n* Website: https://raj.ninja\n* Twitter: [@fidelissauro](https://twitter.com/fidelissauro)\n* Github: [@msfidelis](https://github.com/msfidelis)\n* LinkedIn: [@msfidelis](https://linkedin.com/in/msfidelis)\n\n## 🤝 Contributing\n\nContributions, issues and feature requests are welcome!\u003cbr /\u003eFeel free to check [issues page](/issues).\n\n## Show your support\n\nGive a ⭐️ if this project helped you!\n\n## 📝 License\n\nCopyright © 2021 [Matheus Fidelis](https://github.com/msfidelis).\u003cbr /\u003e\nThis project is [MIT](/LICENSE ) licensed.\n\n***\n\\_This README was generated with ❤️ by [readme-md-generator](https://github.com/kefranabg/readme-md-generator)\\_\n\u003c!-- END_TF_DOCS --\u003e\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmsfidelis%2Feks-with-istio","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmsfidelis%2Feks-with-istio","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmsfidelis%2Feks-with-istio/lists"}