{"id":19854659,"url":"https://github.com/obytes/terraform-aws-eks","last_synced_at":"2026-03-03T18:31:39.725Z","repository":{"id":40270935,"uuid":"507258500","full_name":"obytes/terraform-aws-eks","owner":"obytes","description":"A Terraform repo to provision EKS Cluster","archived":false,"fork":false,"pushed_at":"2022-07-23T12:04:54.000Z","size":27,"stargazers_count":1,"open_issues_count":0,"forks_count":3,"subscribers_count":12,"default_branch":"main","last_synced_at":"2025-02-28T23:37:57.654Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/obytes.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-06-25T08:39:38.000Z","updated_at":"2023-01-19T10:43:43.000Z","dependencies_parsed_at":"2022-08-29T00:10:49.735Z","dependency_job_id":null,"html_url":"https://github.com/obytes/terraform-aws-eks","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/obytes/terraform-aws-eks","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/obytes%2Fterraform-aws-eks","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/obytes%2Fterraform-aws-eks/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/obytes%2Fterraform-aws-eks/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/obytes%2Fterraform-aws-eks/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/obytes","download_url":"https://codeload.github.com/obytes/terraform-aws-eks/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/obytes%2Fterraform-aws-eks/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30054576,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-03T18:21:05.932Z","status":"ssl_error","status_checked_at":"2026-03-03T18:20:59.341Z","response_time":61,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-12T14:10:03.957Z","updated_at":"2026-03-03T18:31:39.685Z","avatar_url":"https://github.com/obytes.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"### Overview \n\nWe are going to explore how to provision an EKS Fargate cluster with Terraform, and how to setup an AWS ALB Ingress controller serving K8S pods hosted in private subnets\n[Article](https://www.obytes.com/blog/provisioning-a-production-ready-amazon-eks-fargate-cluster-using-terraform)\n\n\u003c!-- BEGIN_TF_DOCS --\u003e\n## Requirements\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | ~\u003e 1.1.3 |\n| \u003ca name=\"requirement_aws\"\u003e\u003c/a\u003e [aws](#requirement\\_aws) | ~\u003e3.71 |\n| \u003ca name=\"requirement_cloudflare\"\u003e\u003c/a\u003e [cloudflare](#requirement\\_cloudflare) | 3.7.0 |\n| \u003ca name=\"requirement_github\"\u003e\u003c/a\u003e [github](#requirement\\_github) | 4.19.1 |\n| \u003ca name=\"requirement_random\"\u003e\u003c/a\u003e [random](#requirement\\_random) | 3.1.0 |\n| \u003ca name=\"requirement_tls\"\u003e\u003c/a\u003e [tls](#requirement\\_tls) | 3.4.0 |\n\n## Providers\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"provider_aws\"\u003e\u003c/a\u003e [aws](#provider\\_aws) | 3.75.2 |\n| \u003ca name=\"provider_tls\"\u003e\u003c/a\u003e [tls](#provider\\_tls) | 3.4.0 |\n\n## Modules\n\n| Name | Source | Version |\n|------|--------|---------|\n| \u003ca name=\"module_vpc\"\u003e\u003c/a\u003e [vpc](#module\\_vpc) | github.com/obytes/terraform-aws-vpc.git | v1.0.5 |\n\n## Resources\n\n| Name | Type |\n|------|------|\n| [aws_acm_certificate._](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate) | resource |\n| [aws_cloudwatch_log_group._](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |\n| [aws_codestarconnections_connection._](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/codestarconnections_connection) | resource |\n| [aws_eks_addon.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) | resource |\n| [aws_eks_cluster._](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster) | resource |\n| [aws_eks_fargate_profile._](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_fargate_profile) | resource |\n| [aws_iam_openid_connect_provider.oidc_provider](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_openid_connect_provider) | resource |\n| [aws_iam_policy.alb_v1](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |\n| [aws_iam_policy.eks_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |\n| [aws_iam_role._](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role.alb_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role.eks_fargate_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role.eks_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role_policy_attachment._](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_iam_role_policy_attachment.alb_v1](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_iam_role_policy_attachment.eks](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_iam_role_policy_attachment.eks_fargate](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_kms_alias._](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_alias) | resource |\n| [aws_kms_key._](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |\n| [aws_security_group.cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |\n| [aws_security_group_rule.cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |\n| [aws_eks_cluster_auth._](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster_auth) | data source |\n| [aws_iam_policy_document._](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.alb_assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.alb_eks_ingress](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.eks_assume_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.eks_fargate](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.eks_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.kms_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |\n| [tls_certificate.this](https://registry.terraform.io/providers/hashicorp/tls/3.4.0/docs/data-sources/certificate) | data source |\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_cidr_block\"\u003e\u003c/a\u003e [cidr\\_block](#input\\_cidr\\_block) | The main CIDR block of the VPC | `string` | `\"172.19.0.0/18\"` | no |\n| \u003ca name=\"input_cluster_ip_family\"\u003e\u003c/a\u003e [cluster\\_ip\\_family](#input\\_cluster\\_ip\\_family) | The IP type of EKS Cluster | `string` | `\"ipv4\"` | no |\n| \u003ca name=\"input_cluster_timeouts\"\u003e\u003c/a\u003e [cluster\\_timeouts](#input\\_cluster\\_timeouts) | Create, update, and delete timeout configurations for the cluster | `map(string)` | `{}` | no |\n| \u003ca name=\"input_create_acm_certificate\"\u003e\u003c/a\u003e [create\\_acm\\_certificate](#input\\_create\\_acm\\_certificate) | Boolean, either to create a new ACM certificate or use existing one | `bool` | `true` | no |\n| \u003ca name=\"input_create_ecr_repository\"\u003e\u003c/a\u003e [create\\_ecr\\_repository](#input\\_create\\_ecr\\_repository) | Boolean, either to create a new ECR repository or use existing one | `bool` | `true` | no |\n| \u003ca name=\"input_create_kms_key\"\u003e\u003c/a\u003e [create\\_kms\\_key](#input\\_create\\_kms\\_key) | Boolean, either to create a new KMS key or use existing one | `bool` | `true` | no |\n| \u003ca name=\"input_create_public_subnets\"\u003e\u003c/a\u003e [create\\_public\\_subnets](#input\\_create\\_public\\_subnets) | A Boolean, for creating public subnets | `bool` | `true` | no |\n| \u003ca name=\"input_domain\"\u003e\u003c/a\u003e [domain](#input\\_domain) | Domain Name to issue ACM Certificate | `string` | `\"obytes.com\"` | no |\n| \u003ca name=\"input_enable_dns_hostnames\"\u003e\u003c/a\u003e [enable\\_dns\\_hostnames](#input\\_enable\\_dns\\_hostnames) | A Boolean to enable the dns hostname resolving | `bool` | `true` | no |\n| \u003ca name=\"input_enable_internet_gateway\"\u003e\u003c/a\u003e [enable\\_internet\\_gateway](#input\\_enable\\_internet\\_gateway) | A Boolean either to create an internet GW for the public reachability | `string` | `true` | no |\n| \u003ca name=\"input_enable_nat_gateway\"\u003e\u003c/a\u003e [enable\\_nat\\_gateway](#input\\_enable\\_nat\\_gateway) | A Boolean either to create a NAT GW in the VPC, used by the private subnets | `bool` | `true` | no |\n| \u003ca name=\"input_environment\"\u003e\u003c/a\u003e [environment](#input\\_environment) | The environment id where those resources will be created such as stag, production, qa | `string` | `\"stg\"` | no |\n| \u003ca name=\"input_gh_branch\"\u003e\u003c/a\u003e [gh\\_branch](#input\\_gh\\_branch) | GH Branch that will mapped to QA EKS Deployments | `string` | `\"main\"` | no |\n| \u003ca name=\"input_kubernetes_cidr\"\u003e\u003c/a\u003e [kubernetes\\_cidr](#input\\_kubernetes\\_cidr) | Configuration block with kubernetes network configuration for the cluster | `string` | `\"172.16.64.0/24\"` | no |\n| \u003ca name=\"input_profile_name\"\u003e\u003c/a\u003e [profile\\_name](#input\\_profile\\_name) | AWS Credentials profile name | `string` | n/a | yes |\n| \u003ca name=\"input_project_name\"\u003e\u003c/a\u003e [project\\_name](#input\\_project\\_name) | The Project name | `string` | `\"eks\"` | no |\n| \u003ca name=\"input_region\"\u003e\u003c/a\u003e [region](#input\\_region) | AWS Region name | `string` | `\"eu-west-1\"` | no |\n| \u003ca name=\"input_single_nat_gateway\"\u003e\u003c/a\u003e [single\\_nat\\_gateway](#input\\_single\\_nat\\_gateway) | A Boolean, either to create a single NAT GW for the VPC or to create a separate  NAT GW for each AZ | `bool` | `true` | no |\n\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| \u003ca name=\"output_acm_details\"\u003e\u003c/a\u003e [acm\\_details](#output\\_acm\\_details) | Details about the ACM certificate for generaltask.com |\n| \u003ca name=\"output_availability_zones\"\u003e\u003c/a\u003e [availability\\_zones](#output\\_availability\\_zones) | List of Availability Zones where subnets were created |\n| \u003ca name=\"output_cluster_sg_id\"\u003e\u003c/a\u003e [cluster\\_sg\\_id](#output\\_cluster\\_sg\\_id) | EKS Cluster security group |\n| \u003ca name=\"output_eks_cluster\"\u003e\u003c/a\u003e [eks\\_cluster](#output\\_eks\\_cluster) | EKS Cluster information |\n| \u003ca name=\"output_elastc_ips\"\u003e\u003c/a\u003e [elastc\\_ips](#output\\_elastc\\_ips) | AWS eip public ips |\n| \u003ca name=\"output_kms_alias_name\"\u003e\u003c/a\u003e [kms\\_alias\\_name](#output\\_kms\\_alias\\_name) | KMS key alias |\n| \u003ca name=\"output_kms_arn\"\u003e\u003c/a\u003e [kms\\_arn](#output\\_kms\\_arn) | KMS Key ARN |\n| \u003ca name=\"output_kms_id\"\u003e\u003c/a\u003e [kms\\_id](#output\\_kms\\_id) | KMS Key ID |\n| \u003ca name=\"output_nat_gw_ids\"\u003e\u003c/a\u003e [nat\\_gw\\_ids](#output\\_nat\\_gw\\_ids) | aws nat gateway id(s) |\n| \u003ca name=\"output_nat_ips\"\u003e\u003c/a\u003e [nat\\_ips](#output\\_nat\\_ips) | IP Addresses in use for NAT |\n| \u003ca name=\"output_prv_route_table_ids\"\u003e\u003c/a\u003e [prv\\_route\\_table\\_ids](#output\\_prv\\_route\\_table\\_ids) | private route table ids |\n| \u003ca name=\"output_prv_subnet_cidrs\"\u003e\u003c/a\u003e [prv\\_subnet\\_cidrs](#output\\_prv\\_subnet\\_cidrs) | Private Subnet cidr\\_blocks |\n| \u003ca name=\"output_prv_subnet_ids\"\u003e\u003c/a\u003e [prv\\_subnet\\_ids](#output\\_prv\\_subnet\\_ids) | Private Subnet IDs |\n| \u003ca name=\"output_pub_route_table_ids\"\u003e\u003c/a\u003e [pub\\_route\\_table\\_ids](#output\\_pub\\_route\\_table\\_ids) | Public route table ids |\n| \u003ca name=\"output_pub_subnet_cidrs\"\u003e\u003c/a\u003e [pub\\_subnet\\_cidrs](#output\\_pub\\_subnet\\_cidrs) | Public Subnet cidr\\_blocks |\n| \u003ca name=\"output_pub_subnet_ids\"\u003e\u003c/a\u003e [pub\\_subnet\\_ids](#output\\_pub\\_subnet\\_ids) | Public Subnet IDs |\n| \u003ca name=\"output_vpc_cidr_block\"\u003e\u003c/a\u003e [vpc\\_cidr\\_block](#output\\_vpc\\_cidr\\_block) | CIDR Block of the VPC |\n| \u003ca name=\"output_vpc_dhcp_dns_list\"\u003e\u003c/a\u003e [vpc\\_dhcp\\_dns\\_list](#output\\_vpc\\_dhcp\\_dns\\_list) | VPC DHCP DNS linst |\n| \u003ca name=\"output_vpc_id\"\u003e\u003c/a\u003e [vpc\\_id](#output\\_vpc\\_id) | VPC ID |\n| \u003ca name=\"output_vpc_sg_id\"\u003e\u003c/a\u003e [vpc\\_sg\\_id](#output\\_vpc\\_sg\\_id) | Security Group ID of the VPC |\n\u003c!-- END_TF_DOCS --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fobytes%2Fterraform-aws-eks","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fobytes%2Fterraform-aws-eks","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fobytes%2Fterraform-aws-eks/lists"}