{"id":23427375,"url":"https://github.com/nhatthaiquang-agilityio/net6.webapi-eks-githubactions","last_synced_at":"2026-04-29T10:03:56.071Z","repository":{"id":55657337,"uuid":"523178956","full_name":"nhatthaiquang-agilityio/NET6.WebAPI-EKS-GitHubActions","owner":"nhatthaiquang-agilityio","description":"Deploy a sample .Net6 WebAPI to Amazon EKS with Github Actions","archived":false,"fork":false,"pushed_at":"2023-04-20T03:39:38.000Z","size":460,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-02-15T06:30:49.767Z","etag":null,"topics":["application-load-balancer","aws-alb-ingress-controller","aws-eks-cluster","eks","eks-cluster","github-actions","net6","terraform","terraform-eks","webapi"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nhatthaiquang-agilityio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2022-08-10T02:52:21.000Z","updated_at":"2023-04-20T03:38:47.000Z","dependencies_parsed_at":"2023-08-25T05:20:30.884Z","dependency_job_id":null,"html_url":"https://github.com/nhatthaiquang-agilityio/NET6.WebAPI-EKS-GitHubActions","commit_stats":null,"previous_names":["nhatthaiquang-agilityio/net6.webapi-eks-githubactions"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nhatthaiquang-agilityio%2FNET6.WebAPI-EKS-GitHubActions","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nhatthaiquang-agilityio%2FNET6.WebAPI-EKS-GitHubActions/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nhatthaiquang-agilityio%2FNET6.WebAPI-EKS-GitHubActions/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nhatthaiquang-agilityio%2FNET6.WebAPI-EKS-GitHubActions/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nhatthaiquang-agilityio","download_url":"https://codeload.github.com/nhatthaiquang-agilityio/NET6.WebAPI-EKS-GitHubActions/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248037789,"owners_count":21037419,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["application-load-balancer","aws-alb-ingress-controller","aws-eks-cluster","eks","eks-cluster","github-actions","net6","terraform","terraform-eks","webapi"],"created_at":"2024-12-23T06:20:14.060Z","updated_at":"2026-04-29T10:03:56.032Z","avatar_url":"https://github.com/nhatthaiquang-agilityio.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# .NET6 WebAPI to EKS using GitHub Actions\n    Deploy a sample .NET6 WebAPI to Amazon EKS with GitHub Actions\n    + Create Infrastructure as code using Terraform\n    + Application Load Balancer in EKS\n\n### Github Runner Requirements\n+ Install Docker \u0026 DockerCompose\n+ Minikube or Kubernetes cluster (see below if needed)\n+ Install Amazon CLI/ eksctl\n+ Install Kubectl\n\n### Usage\n\n+ Update kubeconfig\n```\naws eks update-kubeconfig --region ap-southeast-1 --name webapi-eks\n```\n\n+ Create Role\n```\naws iam create-role --role-name eksClusterRole --assume-role-policy-document file://AWS/cluster-trust-policy.json\n\naws iam attach-role-policy --policy-arn arn:aws:iam::aws:policy/AmazonEKSClusterPolicy --role-name eksClusterRole\n```\n\n+ oidc-provider and cluster\n```\neksctl utils associate-iam-oidc-provider --region=ap-southeast-1 --cluster=webapi-eks --approve\n```\n\n+ Create policy\n```\naws iam create-policy --policy-name ALBIngressControllerIAMPolicy --policy-document file://AWS/iam_policy.json\n```\n\n+ Create Role name for aws load Balancer\n```\naws iam create-role --role-name AmazonEKSLoadBalancerControllerRole --assume-role-policy-document file://AWS/load-balancer-role-trust-policy.json\n```\n\n+ Attach the required Amazon EKS managed IAM policy to the IAM role\n```\naws iam attach-role-policy --policy-arn arn:aws:iam::ACCOUNT_ID:policy/ALBIngressControllerIAMPolicy --role-name AmazonEKSLoadBalancerControllerRole\n```\n\n+ Create an additional policy\n```\naws iam create-policy --policy-name AWSLoadBalancerControllerAdditionalIAMPolicy --policy-document file://AWS/iam_policy_v1_to_v2_additional.json\n```\n\n+ Attach Role Policy\n```\naws iam attach-role-policy --role-name AmazonEKSLoadBalancerControllerRole  --policy-arn arn:aws:iam::ACCOUNT_ID:policy/AWSLoadBalancerControllerAdditionalIAMPolicy\n```\n\n+ Create Service Account\n```\neksctl create iamserviceaccount --cluster=webapi-eks --namespace=kube-system --name=aws-load-balancer-controller --role-name AmazonEKSLoadBalancerControllerRole --attach-policy-arn=arn:aws:iam::ACCOUNT_ID:policy/ALBIngressControllerIAMPolicy --override-existing-serviceaccounts --approve\n\nkubectl apply -f terraform/aws-load-balancer-controller-service-account.yml\n```\n\n+ Get IAM Service Account\n```\neksctl  get iamserviceaccount --cluster webapi-eks\n\nkubectl describe sa aws-load-balancer-controller -n kube-system\n\nkubectl apply -k \"github.com/aws/eks-charts/stable/aws-load-balancer-controller/crds?ref=master\"\n\nhelm install aws-load-balancer-controller eks/aws-load-balancer-controller --set clusterName=webapi-eks --set serviceAccount.create=false --set serviceAccount.name=aws-load-balancer-controller -n kube-system\n```\n\n+ Verify that the AWS Load Balancer Controller is installed:\n```\nkubectl get deployment -n kube-system aws-load-balancer-controller\n```\n\n+ Get log AWS Load Balancer Controller\n```\nkubectl logs -n kube-system deployment.apps/aws-load-balancer-controller\n```\n\n+ Deploy Ingress EKS\n```\nkubectl apply -f k8s/ingress-eks.yml\n```\n\n+ Check Ingress\n```\nkubectl describe ingress ingress-webapi\n```\n\n### Using Terraform\n+ Init Infrastructure\n```\nterraform init\nterraform apply\n```\n\n+ Terraform will create a role name with aws-load-balancer-controller name\n    + It creates a service account(aws-load-balancer-controller)\n    + It sets permission\n    + It sets Trust relationships(aws/load-balancer-role-trust-policy)\n\n\n+ ![Role](./images/role.png)\n\n\n+ ![Trust Relationships](./images/trust-relationships.png)\n\nThe same command lines below:\n\n+ Create Service Account\n```\neksctl create iamserviceaccount --cluster=webapi-eks --namespace=kube-system --name=aws-load-balancer-controller --role-name webapi-eks-lb-role-for-service-account --attach-policy-arn=arn:aws:iam::783560535431:policy/AmazonEKS_AWS_Load_Balancer_Controller-20221026035125522600000001 --override-existing-serviceaccounts --approve\n\nkubectl apply -f terraform/aws-load-balancer-controller-service-account.yml\n```\n\n+ Get IAM Service Account\n```\neksctl  get iamserviceaccount --cluster webapi-eks\n\nkubectl describe sa aws-load-balancer-controller -n kube-system\n\nkubectl apply -k \"github.com/aws/eks-charts/stable/aws-load-balancer-controller/crds?ref=master\"\n\nhelm install aws-load-balancer-controller eks/aws-load-balancer-controller --set clusterName=webapi-eks --set serviceAccount.create=false --set serviceAccount.name=aws-load-balancer-controller -n kube-system\n```\n\n+ Verify that the AWS Load Balancer Controller is installed:\n```\nkubectl get deployment -n kube-system aws-load-balancer-controller\n```\n\n+ Get log AWS Load Balancer Controller\n```\nkubectl logs -n kube-system deployment.apps/aws-load-balancer-controller\n```\n\n+ Verify that your service account is associated with the AWS Load Balancer Controller\n```\nkubectl get deploy aws-load-balancer-controller -n kube-system -o yaml\n```\n\n+ See what IAM role is attached to the service account associated with the AWS Load Balancer Controller:\n```\nkubectl describe sa aws-load-balancer-controller -n kube-system\n```\n\n\n### Issues\n+ Couldn't create an AWS Load Balancer Controller\n```\nAdd permission iam_policy_v1_to_v2_additional.json\n```\n\n\n+ Couldn't mapping to webapi service\n```\nBecause set Path_Base in code with .NET6(Not set Path_Base variable)\n```\n\n+ The ALB couldn't call the service in EKS\n```\nAdd Security Group and public subnets for ingress\n```\n\n### Result\n+ ![Web API](./images/mapping-webapi.png)\n\n+ ![ALB Ingress](./images/alb.png)\n\n+ ![Web API](./images/webapi.png)\n\n+ ![Hello App](./images/helloapp.png)\n\n### Reference\n+ [An ALB Ingress in Amazon EKS](https://aws.amazon.com/premiumsupport/knowledge-center/eks-alb-ingress-aws-waf/)\n+ [AWS Load Balancer Controller](https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html)\n+ [create EKS Cluster using Terraform](https://antonputra.com/amazon/create-eks-cluster-using-terraform-modules/#deploy-cluster-autoscaler)\n+ [Setting up EKS with Terraform, Helm and a Load balancer](https://andrewtarry.com/posts/terraform-eks-alb-setup/)\n+ [Terraform EKS](https://learnk8s.io/terraform-eks)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnhatthaiquang-agilityio%2Fnet6.webapi-eks-githubactions","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnhatthaiquang-agilityio%2Fnet6.webapi-eks-githubactions","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnhatthaiquang-agilityio%2Fnet6.webapi-eks-githubactions/lists"}