{"id":46337169,"url":"https://github.com/squareops/terraform-aws-eks-addons","last_synced_at":"2026-03-04T19:05:16.615Z","repository":{"id":187664579,"uuid":"672912779","full_name":"squareops/terraform-aws-eks-addons","owner":"squareops","description":"Terraform module to bootstrap Elastic Kubernetes Service(EKS) cluster using Addons ( EKS add-ons ) and blueprints.","archived":false,"fork":false,"pushed_at":"2025-05-22T12:33:25.000Z","size":738,"stargazers_count":17,"open_issues_count":3,"forks_count":25,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-13T09:54:00.837Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/squareops.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-07-31T12:56:06.000Z","updated_at":"2025-05-28T18:01:59.000Z","dependencies_parsed_at":"2023-08-11T17:27:27.235Z","dependency_job_id":"3fdc4fe6-badb-47a6-b0aa-eca5e0974002","html_url":"https://github.com/squareops/terraform-aws-eks-addons","commit_stats":null,"previous_names":["squareops/terraform-aws-eks-addons"],"tags_count":26,"template":false,"template_full_name":null,"purl":"pkg:github/squareops/terraform-aws-eks-addons","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/squareops%2Fterraform-aws-eks-addons","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/squareops%2Fterraform-aws-eks-addons/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/squareops%2Fterraform-aws-eks-addons/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/squareops%2Fterraform-aws-eks-addons/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/squareops","download_url":"https://codeload.github.com/squareops/terraform-aws-eks-addons/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/squareops%2Fterraform-aws-eks-addons/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29969767,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-01T12:56:10.327Z","status":"ssl_error","status_checked_at":"2026-03-01T12:55:24.744Z","response_time":124,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-03-04T19:05:15.863Z","updated_at":"2026-03-04T19:05:16.581Z","avatar_url":"https://github.com/squareops.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# terraform-aws-eks-addons\n![squareops_avatar]\n\n[squareops_avatar]: https://squareops.com/wp-content/uploads/2022/12/squareops-logo.png\n\n### [SquareOps Technologies](https://squareops.com/) Your DevOps Partner for Accelerating cloud journey.\n\u003cbr\u003e\nThis module provides a set of reusable, configurable, and scalable AWS EKS addons configurations. It enables users to easily deploy and manage a highly available EKS cluster using infrastructure as code. This module supports a wide range of features, including node termination handlers, VPC CNI add-ons, service monitors, Velero backups, and Karpenter provisioners. Users can configure these features using a set of customizable variables that allow for fine-grained control over the deployment. Additionally, this module is regularly updated to keep pace with the latest changes in the EKS ecosystem, ensuring that users always have access to the most up-to-date features and functionality.\n\n## Usage Example\n```hcl\nmodule \"eks-addons\" {\n source = \"squareops/eks-addons/aws\"\n version = \"4.0.2\"\n name = local.name\n tags = local.additional_tags\n vpc_id = local.vpc_id\n private_subnet_ids = local.private_subnet_ids # pass the private subnet IDs\n public_subnet_ids = local.public_subnet_ids # pass the private subnet IDs\n environment = local.environment\n ipv6_enabled = local.ipv6_enabled\n kms_key_arn = local.kms_key_arn\n kms_policy_arn = local.kms_policy_arn\n worker_iam_role_arn = local.worker_iam_role_arn\n worker_iam_role_name = local.worker_iam_role_name\n eks_cluster_name = data.aws_eks_cluster.cluster.name\n\n #VPC-CNI-DRIVER\n amazon_eks_vpc_cni_enabled = true # enable VPC-CNI\n vpc_cni_version = \"v1.19.3-eksbuild.1\"\n\n #EBS-CSI-DRIVER\n enable_amazon_eks_aws_ebs_csi_driver = false # enable EBS CSI Driver\n ebs_csi_driver_version = \"v1.41.0-eksbuild.1\"\n amazon_eks_aws_ebs_csi_driver_config = {\n values = [file(\"${path.module}/config/ebs-csi.yaml\")]\n }\n\n ## EBS-STORAGE-CLASS\n single_az_ebs_gp3_storage_class_enabled = false # to enable ebs gp3 storage class\n single_az_sc_config = [{ name = \"infra-service-sc\", zone = \"${local.region}a\" }]\n\n ## EfS-STORAGE-CLASS\n efs_storage_class_enabled = false # to enable EBS storage class\n efs_version = \"3.1.8\"\n\n ## SERVICE-MONITORING-CRDs\n service_monitor_crd_enabled = false # enable service monitor along with K8S-dashboard (required CRD) or when require service monitor in reloader and cert-manager\n\n ## METRIC-SERVER\n metrics_server_enabled = false # to enable metrics server\n metrics_server_version = \"3.12.2\"\n metrics_server_helm_config = [file(\"${path.module}/config/metrics-server.yaml\")]\n\n # VerticalPodAutoscaler\n vpa_enabled = false\n vpa_version = \"10.0.0\"\n vpa_config = {\n values = [file(\"${path.module}/config/vpa-crd.yaml\")]\n }\n\n ## CLUSTER-AUTOSCALER\n cluster_autoscaler_enabled = false # to enable cluster autoscaller\n cluster_autoscaler_version = \"9.46.6\"\n cluster_autoscaler_helm_config = [file(\"${path.module}/config/cluster-autoscaler.yaml\")]\n\n ## NODE-TERMINATION-HANDLER\n aws_node_termination_handler_enabled = false # to enable node termination handler\n aws_node_termination_handler_version = \"0.21.0\"\n aws_node_termination_handler_helm_config = {\n values = [file(\"${path.module}/config/aws-node-termination-handler.yaml\")]\n enable_service_monitor = false # to enable monitoring for node termination handler\n enable_notifications = false\n }\n\n ## KEDA\n keda_enabled = false # to enable Keda in the EKS cluster\n keda_version = \"2.17.0\"\n keda_helm_config = {\n values = [file(\"${path.module}/config/keda.yaml\")]\n }\n\n ## KARPENTER\n karpenter_enabled = false # to enable Karpenter (installs required CRDs )\n karpenter_version = \"1.3.3\"\n karpenter_helm_config = {\n enable_service_monitor = false # to enable monitoring for kafalserpenter\n values = [file(\"${path.module}/config/karpenter.yaml\")]\n }\n\n ## coreDNS-HPA (cluster-proportional-autoscaler)\n coredns_hpa_enabled = false # to enable core-dns HPA\n coredns_hpa_helm_config = {\n values = [file(\"${path.module}/config/coredns-hpa.yaml\")]\n }\n\n ## ClusterProportionalAutoscaler (Configured for CoreDNS)\n cluster_proportional_autoscaler_enabled = false # to enable cluster proportional autoscaler\n cluster_proportional_autoscaler_chart_version = \"1.1.0\"\n cluster_proportional_autoscaler_helm_config = [file(\"${path.module}/config/cluster-proportional-autoscaler.yaml\")]\n\n ## EXTERNAL-SECRETS\n external_secrets_enabled = false # to enable external secrets\n external_secrets_version = \"0.15.1\"\n external_secrets_helm_config = {\n values = [file(\"${path.module}/config/external-secret.yaml\")]\n }\n\n ## CERT-MANAGER\n cert_manager_enabled = false # to enable Cert-manager\n cert_manager_version = \"v1.15.1\"\n cert_manager_helm_config = {\n values = [file(\"${path.module}/config/cert-manager.yaml\")]\n enable_service_monitor = false # to enable monitoring for Cert Manager\n cert_manager_letsencrypt_email = \"email@email.com\"\n }\n\n ## CONFIG-RELOADER\n reloader_enabled = false # to enable config reloader in the EKS cluster\n reloader_version = \"v1.0.115\"\n reloader_helm_config = {\n values = [file(\"${path.module}/config/reloader.yaml\")]\n enable_service_monitor = false # to enable monitoring for reloader\n }\n\n ## INGRESS-NGINX\n ingress_nginx_enabled = false # to enable ingress nginx\n ingress_nginx_version = \"4.11.0\"\n ingress_nginx_config = {\n values = [file(\"${path.module}/config/ingress-nginx.yaml\")]\n enable_service_monitor = false # enable monitoring in nginx ingress\n ingress_class_name = \"nginx\" # enter ingress class name according to your requirement\n namespace = \"nginx\" # enter namespace according to the requirement\n }\n\n ## PRIVATE INGRESS-NGINX\n private_ingress_nginx_enabled = false # to enable Internal (Private) Ingress\n private_ingress_nginx_version = \"4.11.0\"\n private_ingress_nginx_config = {\n values = [file(\"${path.module}/config/ingress-nginx.yaml\")]\n enable_service_monitor = false # enable monitoring in nginx ingress\n ingress_class_name = \"private-nginx\" # enter ingress class name according to your requirement (example: \"nginx\", \"internal-ingress\")\n namespace = \"private-nginx\" # enter namespace according to the requirement (example: \"nginx\", \"internal-ingress\")\n }\n\n ## AWS-APPLICATION-LOAD-BALANCER-CONTROLLER\n aws_load_balancer_controller_enabled = false # to enable load balancer controller\n aws_load_balancer_controller_version = \"1.8.1\"\n aws_load_balancer_controller_helm_config = {\n values = [file(\"${path.module}/config/aws-alb.yaml\")]\n namespace = \"alb\" # enter namespace according to the requirement (example: \"alb\")\n load_balancer_controller_name = \"alb\" # enter ingress class name according to your requirement (example: \"aws-load-balancer-controller\")\n }\n\n ## KUBERNETES-DASHBOARD\n kubernetes_dashboard_enabled = false\n kubernetes_dashboard_version = \"6.0.8\"\n kubernetes_dashboard_config = {\n k8s_dashboard_ingress_load_balancer = \"nlb\" # Pass either \"nlb/alb\" to choose load balancer controller as ingress-nginx controller or ALB controller\n private_alb_enabled = false # to enable Internal (Private) ALB , set this and aws_load_balancer_controller_enabled \"true\" together\n alb_acm_certificate_arn = \"\" # If using ALB in above parameter, ensure you provide the ACM certificate ARN for SSL.\n k8s_dashboard_hostname = \"k8s-dashboard.rnd.squareops.in\" # Enter Hostname\n ingress_class_name = \"nginx\" # For public nlb use \"nginx\", for private NLB use \"private-nginx\", For ALB, use \"alb\"\n }\n\n ## ArgoCD\n argocd_enabled = false\n argocd_version = \"7.3.11\"\n argocd_config = {\n hostname = \"argocd.rnd.squareops.in\"\n values_yaml = file(\"${path.module}/config/argocd.yaml\")\n namespace = local.argocd_namespace\n redis_ha_enabled = true\n autoscaling_enabled = true\n slack_notification_token = \"\"\n argocd_notifications_enabled = false\n ingress_class_name = \"nginx\" # For public nlb use \"nginx\", for private NLB use \"private-nginx\", For ALB, use \"alb\"\n argocd_ingress_load_balancer = \"nlb\" # Pass either \"nlb/alb\" to choose load balancer controller as ingress-nginx controller or ALB controller\n private_alb_enabled = \"false\" # to enable Internal (Private) ALB , set this and aws_load_balancer_controller_enabled \"true\" together\n alb_acm_certificate_arn = \"\" # If using ALB in above parameter, ensure you provide the ACM certificate ARN for SSL.\n }\n argoproject_config = {\n name = \"argo-project\" # enter name for aro-project appProjects\n }\n\n ## ArgoCD-Workflow\n argoworkflow_enabled = false\n argoworkflow_version = \"0.29.2\"\n argoworkflow_config = {\n values = file(\"${path.module}/config/argocd-workflow.yaml\")\n namespace = local.argocd_namespace\n autoscaling_enabled = true\n hostname = \"argoworkflow.rnd.squareops.in\"\n ingress_class_name = \"nginx\" # For public nlb use \"nginx\", for private NLB use \"private-nginx\", For ALB, use \"alb\"\n argoworkflow_ingress_load_balancer = \"nlb\" # Pass either \"nlb/alb\" to choose load balancer controller as ingress-nginx controller or ALB controller\n private_alb_enabled = \"false\" # to enable Internal (Private) ALB , set this and aws_load_balancer_controller_enabled \"true\" together\n alb_acm_certificate_arn = \"\" # If using ALB in above parameter, ensure you provide the ACM certificate ARN for SSL.\n }\n\n ## ArgoRollout\n argorollout_enabled = false\n argorollout_config = {\n values = file(\"${path.module}/config/argo-rollout.yaml\")\n namespace = local.argocd_namespace\n hostname = \"argo-rollout.rnd.squareops.in\"\n enable_dashboard = false\n ingress_class_name = \"nginx\" # For public nlb use \"nginx\", for private NLB use \"private-nginx\", For ALB, use \"alb\"\n argorollout_ingress_load_balancer = \"nlb\" # Pass either \"nlb/alb\" to choose load balancer controller as ingress-nginx controller or ALB controller\n private_alb_enabled = \"false\" # to enable Internal (Private) ALB , set this and aws_load_balancer_controller_enabled \"true\" together\n alb_acm_certificate_arn = \"\" # If using ALB in above parameter, ensure you provide the ACM certificate ARN for SSL.\n chart_version = \"2.38.0\"\n }\n\n # VELERO\n velero_enabled = false # to enable velero\n velero_notification_enabled = false # To enable slack notification for Velero\n velero_config = {\n namespaces = \"\" ## If you want full cluster backup, leave it blank else provide namespace.\n slack_botToken = \"xoxb-379541400966-iibMHnnoaPzVl\"\n slack_appToken = \"xoxb-sgsehger-ddfnrndfnf\"\n slack_notification_channel_name = \"slack-notification-channel\"\n retention_period_in_days = 45\n schedule_backup_cron_time = \"* 6 * * *\"\n velero_backup_name = \"application-backup\"\n backup_bucket_name = \"velero-test-eks-1.30\" # Enter the S3 bucket name for velero\n velero_values_yaml = [file(\"${path.module}/config/velero.yaml\")]\n }\n\n ## KUBECLARITY\n kubeclarity_enabled = false # to enable kube clarity\n kubeclarity_version = \"2.23.0\"\n kubeclarity_hostname = \"kubeclarity.prod.in\"\n\n ## KUBECOST\n kubecost_enabled = false # to enable kube cost\n kubecost_version = \"v2.1.0-eksbuild.1\"\n kubecost_hostname = \"kubecost.prod.in\"\n\n ## DEFECT-DOJO\n defectdojo_enabled = false # to enable defectdojo\n defectdojo_hostname = \"defectdojo.prod.in\"\n\n ## FALCO\n falco_enabled = false # to enable falco\n falco_version = \"4.0.0\"\n slack_webhook = \"xoxb-379541400966-iibMHnnoaPzVl\"\n}\n\n\n\n```\n\n## Compatibility\n\n| Release | Kubernetes 1.23 | Kubernetes 1.24 | Kubernetes 1.25 | Kubernetes 1.26 | Kubernetes 1.27 | Kubernetes 1.28 | Kubernetes 1.29 | Kubernetes 1.30 |\n|------------------|------------------|------------------|----------------------|----------------------|----------------------|----------------------|----------------------|----------------------|\n| Release 1.0.0 | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 1.1.0 | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 1.1.1 | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 1.1.2 | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 1.1.3 | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 1.1.4 | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 1.1.5 | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 1.1.6 | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 1.1.7 | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 1.1.8 | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 3.0.0 | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 3.1.0 | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 3.1.3 | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 4.0.0 | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 4.0.1 | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n| Release 4.0.2 | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x274C; | \u0026#x2714; | \u0026#x2714; | \u0026#x2714; |\n\nNote: The latest release 4.0.0 support EKS version 1.28, 1.29 and 1.30. For EKS version \u003c=1.27 refer the previous release.\n## IAM Permissions\nThe required IAM permissions to create resources from this module can be found [here](https://github.com/squareops/terraform-aws-eks-addons.git/blob/main/IAM.md)\n\n## Addons Details\nKubernetes addons are additional components that can be installed in a Kubernetes cluster to provide extra features and functionality. They are designed to work seamlessly with the Kubernetes API and can be managed just like any other Kubernetes resource. Some common examples of Kubernetes addons include:\n\n\u003cdetails\u003e\n \u003csummary\u003e AWS ALB \u003c/summary\u003e\nAmazon Web Services (AWS) Application Load Balancer (ALB) is a highly available and scalable load balancing service that routes incoming application traffic to multiple Amazon EC2 instances, containers, and IP addresses. It automatically distributes incoming application traffic across multiple targets, ensuring that your applications are highly available and scalable.\n\nWith AWS ALB, you can handle increased traffic levels, automatically scale your applications, and improve the overall performance of your applications. ALB provides advanced routing capabilities, including content-based routing, host-based routing, and path-based routing, enabling you to route traffic to different target groups based on specific rules.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e Node Termination Handler \u003c/summary\u003e\nIn AWS, the Node termination handler can be used in Lambda functions or EC2 instances to handle the termination of the underlying instance or container. When an instance or container is terminated, the termination handler can be used to perform any necessary cleanup operations, such as closing open resources, before the instance or container is terminated.\nIn an EC2 instance, the termination handler can be set by writing a script that runs on instance startup and sets the process.on('SIGTERM', callback) method. This script can be executed using a user data script or by adding it to the instance's startup script.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e EBS \u003c/summary\u003e\nAmazon Elastic Block Store (Amazon EBS) storage classes are different levels of performance and cost for Amazon EBS volumes. The storage classes determine the type of storage, performance characteristics, and cost of each Amazon EBS volume.\n\nThere are currently four Amazon EBS storage classes:\n\n Standard storage class: This is the default and most widely used storage class, offering a balance of low cost and high performance. It's suitable for a wide range of applications, including boot volumes, transactional databases, and big data workloads.\n\n Provisioned IOPS (input/output operations per second) storage class: This class provides high-performance I/O for mission-critical and I/O-intensive workloads, such as large databases and I/O-bound applications.\n\n Cold storage class: This class provides low-cost storage for infrequently accessed data, such as backups and archives. Cold storage is designed to deliver low cost and high durability.\n\n Throughput Optimized HDD (hard disk drive) storage class: This class provides low-cost storage optimized for large, sequential workloads, such as big data and data warehouses.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e Cert Manager \u003c/summary\u003e\n Cert Manager is a Kubernetes add-on that automates the management and issuance of TLS certificates from various issuing sources. It helps to eliminate manual steps in the certificate management process, provides cert renewals and integrates with other parts of the system.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e Cluster Autoscalar \u003c/summary\u003e\nCluster Autoscaler is a Kubernetes component that automatically adjusts the number of nodes in a cluster based on the demand for resources. This allows you to optimize the cost of running your workloads while ensuring that they have the resources they need to run effectively.\nThe Cluster Autoscaler works by monitoring the resource usage of your pods and comparing it to the available capacity on the nodes in the cluster. If there are pods that cannot be scheduled because of resource constraints, the Cluster Autoscaler will increase the number of nodes in the cluster until there is enough capacity to schedule the pending pods. Similarly, if there are nodes in the cluster that are underutilized, the Cluster Autoscaler can decrease the number of nodes to optimize resource utilization and reduce costs.\nCluster Autoscaler is supported by many cloud providers, including Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure. It can be easily integrated into your existing Kubernetes deployment and can be configured to use different scaling policies to meet the needs of your specific workloads.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e EFS \u003c/summary\u003e\nAmazon Elastic File System (Amazon EFS) is a fully managed, scalable, and highly available file storage service for use with Amazon Elastic Compute Cloud (Amazon EC2) instances. It provides a simple and scalable file storage solution that can be used by multiple EC2 instances at the same time, making it ideal for use cases such as big data, content management, and media sharing.\n\nAmazon EFS is easy to set up, manage, and scale, and it automatically replicates data across multiple Availability Zones for high durability and availability. The service is also highly performant, with low latency and high throughput, making it suitable for a wide range of workloads.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e External Secrets \u003c/summary\u003e\nKubernetes External Secrets is a feature in Kubernetes that allows secrets to be stored and managed outside of the cluster. External secrets are useful in scenarios where sensitive information, such as passwords or API keys, should not be stored directly in the cluster, but still needs to be used by applications running in the cluster.\nKubernetes External Secrets can be stored in external systems such as Hashicorp Vault, AWS Secrets Manager, or GCP Secret Manager, and accessed by pods using a Kubernetes Secret object. The Secret object references the external secret and maps it to a Kubernetes Secret, which can then be used by pods in the same way as regular Kubernetes Secrets.\nBy using External Secrets, organizations can ensure that sensitive information is securely managed and stored outside of the cluster, while still being able to use that information in their applications running in the cluster.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e Karpenter \u003c/summary\u003e\nKarpenter is a flexible, high-performance Kubernetes cluster autoscaler that helps improve application availability and cluster efficiency. Karpenter launches right-sized compute resources, (for example, Amazon EC2 instances), in response to changing application load in under a minute. Through integrating Kubernetes with AWS, Karpenter can provision just-in-time compute resources that precisely meet the requirements of your workload. Karpenter automatically provisions new compute resources based on the specific requirements of cluster workloads. These include compute, storage, acceleration, and scheduling requirements. Amazon EKS supports clusters using Karpenter, although Karpenter works with any conformant Kubernetes cluster.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e Metrics Server \u003c/summary\u003e\nMetric Server is a Kubernetes add-on that collects resource usage data from the Kubernetes API server and makes it available to other components, such as the Horizontal Pod Autoscaler (HPA) and the Cluster Autoscaler.\nThe Metric Server collects data on the CPU and memory usage of pods and nodes in a cluster, and provides this data to other components in a format that they can use to make scaling decisions. The HPA, for example, can use the data provided by the Metric Server to automatically scale the number of replicas of a deployment based on the resource usage of the pods. The Cluster Autoscaler can also use this data to determine when to add or remove nodes from a cluster based on the resource utilization of the pods and nodes.\nMetric Server provides a simple and effective way to collect resource usage data from a cluster and make it available to other components for scaling and resource optimization. It is an important component for ensuring that your Kubernetes applications run effectively and efficiently in the cloud.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e Nginx Ingress Controller \u003c/summary\u003e\nNginx Ingress Controller is a Kubernetes controller that manages external access to services running in a Kubernetes cluster. It provides load balancing, SSL termination, and name-based virtual hosting, among other features.\nThe Nginx Ingress Controller works by using the Kubernetes API to dynamically configure an Nginx instance running outside of the cluster to route traffic to services within the cluster. This allows you to easily expose your services to external users and manage the routing of incoming traffic.\nThe Nginx Ingress Controller provides a flexible and powerful way to manage incoming traffic to your Kubernetes applications. It is widely used in production environments and is well-suited for both simple and complex routing scenarios. Additionally, the Nginx Ingress Controller integrates with other Kubernetes components, such as the Kubernetes Ingress resource and cert-manager, to provide a complete solution for managing external access to your services.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e Reloader \u003c/summary\u003e\nReloader can watch changes in ConfigMap and Secret and do rolling upgrades on Pods with their associated DeploymentConfigs, Deployments, Daemonsets, Statefulsets and Rollouts.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e Velero \u003c/summary\u003e\nVelero (previously known as Heptio Ark) is an open-source backup and disaster recovery solution for Kubernetes. Velero provides the ability to back up and restore Kubernetes cluster resources and persistent volumes, making it easy to recover from data loss or cluster failures.\nSome key features of Velero include:\nCluster Backup and Restore: Velero allows users to create backups of their Kubernetes clusters and restore them to the same or different cluster.\nPersistent Volume Backup and Restore: Velero provides the ability to backup and restore persistent volumes, ensuring that data can be recovered even if the cluster fails.\nIncremental Backups: Velero supports incremental backups, which can be performed more frequently than full backups and reduce the amount of data transferred.\nSnapshot Integration: Velero integrates with cloud provider snapshot services, such as AWS EBS and GCE PD, to simplify the backup process and reduce the cost of storing backup data.\nEasy to Use CLI: Velero provides a user-friendly CLI that makes it easy to create, manage, and restore backups.\nVelero is designed to work with cloud native environments, making it a popular choice for organizations that run their applications in the cloud. By using Velero, organizations can improve the reliability and availability of their applications and ensure that they can recover from data loss or cluster failures.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e KubeClarity \u003c/summary\u003e\n KubeClarity helps you to secure your cloud-native applications and infrastructure by offering features such as automated threat detection, policy enforcement, compliance reporting, and continuous monitoring. It allows you to enforce security policies across all your Kubernetes environments and provides automated remediation of security issues, ensuring that your deployments are always secure and compliant.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e Kubecost \u003c/summary\u003e\n Kubecost provides real-time cost visibility and insights for teams using Kubernetes, helping you continuously reduce your cloud costs. Breakdown costs by any Kubernetes concepts, including deployment, service, namespace label, and more.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003eDefectDojo\u003c/summary\u003e\n DefectDojo is an open-source application vulnerability management tool. It is designed to automate and streamline the process of managing application security testing efforts, including dynamic testing, static analysis, and manual penetration testing.\n\u003c/details\u003e\n\u003cdetails\u003e\n \u003csummary\u003e Falcon \u003c/summary\u003e\n Falcon helps network administrators monitor malicious activities, apply mitigation techniques and block data tampering across multiple devices.\n Key feature:\n\n Endpoint Protection: Safeguards devices from malware, ransomware, and malicious activities.\n\n Cloud-Native Architecture: Built for easy scalability with real-time threat detection in the cloud.\n\n Behavioral Analysis: Identifies threats through behavioral analysis, not just known signatures.\n\n Threat Intelligence: Integrates real-time threat intelligence feeds for up-to-date risk mitigation.\n\n Incident Response: Enables swift investigation and remediation of security incidents.\n\n\u003c/details\u003e\n\n## Notes\n\n1. Before enabling the **Kubecost** addon for your Amazon EKS cluster, please make sure to subscribe to the **Kubecost - Amazon EKS cost monitoring** license.\n2. For Destroying resources created by terraform-aws-eks-addons module, run script present in **examples/complete/terraform.destroy.sh**.\n\n\u003c!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK --\u003e\n## Requirements\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | \u003e= 1.0.0 |\n| \u003ca name=\"requirement_aws\"\u003e\u003c/a\u003e [aws](#requirement\\_aws) | \u003e= 4.23 |\n| \u003ca name=\"requirement_helm\"\u003e\u003c/a\u003e [helm](#requirement\\_helm) | \u003e= 2.6 |\n| \u003ca name=\"requirement_kubernetes\"\u003e\u003c/a\u003e [kubernetes](#requirement\\_kubernetes) | \u003e= 2.13 |\n| \u003ca name=\"requirement_random\"\u003e\u003c/a\u003e [random](#requirement\\_random) | \u003e= 3.0.0 |\n| \u003ca name=\"requirement_time\"\u003e\u003c/a\u003e [time](#requirement\\_time) | \u003e= 0.6.0 |\n\n## Providers\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"provider_aws\"\u003e\u003c/a\u003e [aws](#provider\\_aws) | \u003e= 4.23 |\n| \u003ca name=\"provider_helm\"\u003e\u003c/a\u003e [helm](#provider\\_helm) | \u003e= 2.6 |\n| \u003ca name=\"provider_kubernetes\"\u003e\u003c/a\u003e [kubernetes](#provider\\_kubernetes) | \u003e= 2.13 |\n| \u003ca name=\"provider_random\"\u003e\u003c/a\u003e [random](#provider\\_random) | \u003e= 3.0.0 |\n| \u003ca name=\"provider_time\"\u003e\u003c/a\u003e [time](#provider\\_time) | \u003e= 0.6.0 |\n\n## Modules\n\n| Name | Source | Version |\n|------|--------|---------|\n| \u003ca name=\"module_argo-project\"\u003e\u003c/a\u003e [argo-project](#module\\_argo-project) | ./modules/argocd-projects | n/a |\n| \u003ca name=\"module_argo-rollout\"\u003e\u003c/a\u003e [argo-rollout](#module\\_argo-rollout) | ./modules/argo-rollout | n/a |\n| \u003ca name=\"module_argocd\"\u003e\u003c/a\u003e [argocd](#module\\_argocd) | ./modules/argocd | n/a |\n| \u003ca name=\"module_argocd-workflow\"\u003e\u003c/a\u003e [argocd-workflow](#module\\_argocd-workflow) | ./modules/argocd-workflow | n/a |\n| \u003ca name=\"module_aws-ebs-csi-driver\"\u003e\u003c/a\u003e [aws-ebs-csi-driver](#module\\_aws-ebs-csi-driver) | ./modules/aws-ebs-csi-driver | n/a |\n| \u003ca name=\"module_aws-efs-csi-driver\"\u003e\u003c/a\u003e [aws-efs-csi-driver](#module\\_aws-efs-csi-driver) | ./modules/aws-efs-csi-driver | n/a |\n| \u003ca name=\"module_aws-efs-filesystem-with-storage-class\"\u003e\u003c/a\u003e [aws-efs-filesystem-with-storage-class](#module\\_aws-efs-filesystem-with-storage-class) | ./modules/aws-efs-filesystem-with-storage-class | n/a |\n| \u003ca name=\"module_aws-load-balancer-controller\"\u003e\u003c/a\u003e [aws-load-balancer-controller](#module\\_aws-load-balancer-controller) | ./modules/aws-load-balancer-controller | n/a |\n| \u003ca name=\"module_aws-node-termination-handler\"\u003e\u003c/a\u003e [aws-node-termination-handler](#module\\_aws-node-termination-handler) | ./modules/aws-node-termination-handler | n/a |\n| \u003ca name=\"module_aws_vpc_cni\"\u003e\u003c/a\u003e [aws\\_vpc\\_cni](#module\\_aws\\_vpc\\_cni) | ./modules/aws-vpc-cni | n/a |\n| \u003ca name=\"module_cert-manager\"\u003e\u003c/a\u003e [cert-manager](#module\\_cert-manager) | ./modules/cert-manager | n/a |\n| \u003ca name=\"module_cert-manager-le-http-issuer\"\u003e\u003c/a\u003e [cert-manager-le-http-issuer](#module\\_cert-manager-le-http-issuer) | ./modules/cert-manager-le-http-issuer | n/a |\n| \u003ca name=\"module_cluster-autoscaler\"\u003e\u003c/a\u003e [cluster-autoscaler](#module\\_cluster-autoscaler) | ./modules/cluster-autoscaler | n/a |\n| \u003ca name=\"module_cluster-proportional-autoscaler\"\u003e\u003c/a\u003e [cluster-proportional-autoscaler](#module\\_cluster-proportional-autoscaler) | ./modules/cluster-proportional-autoscaler | n/a |\n| \u003ca name=\"module_coredns_hpa\"\u003e\u003c/a\u003e [coredns\\_hpa](#module\\_coredns\\_hpa) | ./modules/core-dns-hpa | n/a |\n| \u003ca name=\"module_external-secrets\"\u003e\u003c/a\u003e [external-secrets](#module\\_external-secrets) | ./modules/external-secret | n/a |\n| \u003ca name=\"module_ingress-nginx\"\u003e\u003c/a\u003e [ingress-nginx](#module\\_ingress-nginx) | ./modules/ingress-nginx | n/a |\n| \u003ca name=\"module_karpenter\"\u003e\u003c/a\u003e [karpenter](#module\\_karpenter) | ./modules/karpenter | n/a |\n| \u003ca name=\"module_keda\"\u003e\u003c/a\u003e [keda](#module\\_keda) | ./modules/keda | n/a |\n| \u003ca name=\"module_kubernetes-dashboard\"\u003e\u003c/a\u003e [kubernetes-dashboard](#module\\_kubernetes-dashboard) | ./modules/kubernetes-dashboard | n/a |\n| \u003ca name=\"module_metrics-server\"\u003e\u003c/a\u003e [metrics-server](#module\\_metrics-server) | ./modules/metrics-server | n/a |\n| \u003ca name=\"module_metrics-server-vpa\"\u003e\u003c/a\u003e [metrics-server-vpa](#module\\_metrics-server-vpa) | ./modules/metrics-server-vpa | n/a |\n| \u003ca name=\"module_private-ingress-nginx\"\u003e\u003c/a\u003e [private-ingress-nginx](#module\\_private-ingress-nginx) | ./modules/ingress-nginx | n/a |\n| \u003ca name=\"module_reloader\"\u003e\u003c/a\u003e [reloader](#module\\_reloader) | ./modules/reloader | n/a |\n| \u003ca name=\"module_service-monitor-crd\"\u003e\u003c/a\u003e [service-monitor-crd](#module\\_service-monitor-crd) | ./modules/service-monitor-crd | n/a |\n| \u003ca name=\"module_single-az-sc\"\u003e\u003c/a\u003e [single-az-sc](#module\\_single-az-sc) | ./modules/aws-ebs-storage-class | n/a |\n| \u003ca name=\"module_velero\"\u003e\u003c/a\u003e [velero](#module\\_velero) | ./modules/velero | n/a |\n| \u003ca name=\"module_vpa-crds\"\u003e\u003c/a\u003e [vpa-crds](#module\\_vpa-crds) | ./modules/vpa-crds | n/a |\n\n## Resources\n\n| Name | Type |\n|------|------|\n| [aws_eks_addon.kubecost](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) | resource |\n| [helm_release.defectdojo](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |\n| [helm_release.falco](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |\n| [helm_release.kubeclarity](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |\n| [kubernetes_ingress_v1.kubecost](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/ingress_v1) | resource |\n| [kubernetes_namespace.argocd](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |\n| [kubernetes_namespace.defectdojo](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |\n| [kubernetes_namespace.falco](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |\n| [kubernetes_namespace.kube-clarity](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |\n| [kubernetes_secret.kube-clarity](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/secret) | resource |\n| [kubernetes_secret.kubecost](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/secret) | resource |\n| [random_password.kube-clarity](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |\n| [random_password.kubecost](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |\n| [time_sleep.dataplane](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource |\n| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |\n| [aws_eks_addon_version.kubecost](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_addon_version) | data source |\n| [aws_eks_cluster.eks](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source |\n| [aws_eks_cluster.eks_cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source |\n| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |\n| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |\n| [kubernetes_secret.defectdojo](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/data-sources/secret) | data source |\n| [kubernetes_service.ingress-nginx](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/data-sources/service) | data source |\n| [kubernetes_service.private-ingress-nginx](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/data-sources/service) | data source |\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_alb_acm_certificate_arn\"\u003e\u003c/a\u003e [alb\\_acm\\_certificate\\_arn](#input\\_alb\\_acm\\_certificate\\_arn) | ARN of the ACM certificate to be used for ALB Ingress. | `string` | `\"\"` | no |\n| \u003ca name=\"input_amazon_eks_aws_ebs_csi_driver_config\"\u003e\u003c/a\u003e [amazon\\_eks\\_aws\\_ebs\\_csi\\_driver\\_config](#input\\_amazon\\_eks\\_aws\\_ebs\\_csi\\_driver\\_config) | configMap for AWS EBS CSI Driver add-on | `any` | `{}` | no |\n| \u003ca name=\"input_amazon_eks_vpc_cni_enabled\"\u003e\u003c/a\u003e [amazon\\_eks\\_vpc\\_cni\\_enabled](#input\\_amazon\\_eks\\_vpc\\_cni\\_enabled) | Enable or disable the installation of the Amazon EKS VPC CNI addon. | `bool` | `false` | no |\n| \u003ca name=\"input_argocd_config\"\u003e\u003c/a\u003e [argocd\\_config](#input\\_argocd\\_config) | n/a | \u003cpre\u003eobject({\u003cbr/\u003e hostname = string\u003cbr/\u003e values_yaml = any\u003cbr/\u003e redis_ha_enabled = bool\u003cbr/\u003e autoscaling_enabled = bool\u003cbr/\u003e slack_notification_token = string\u003cbr/\u003e argocd_notifications_enabled = bool\u003cbr/\u003e expose_dashboard = bool\u003cbr/\u003e ingress_class_name = string\u003cbr/\u003e namespace = string\u003cbr/\u003e argocd_ingress_load_balancer = string\u003cbr/\u003e private_alb_enabled = bool\u003cbr/\u003e alb_acm_certificate_arn = string\u003cbr/\u003e })\u003c/pre\u003e | \u003cpre\u003e{\u003cbr/\u003e \"alb_acm_certificate_arn\": \"\",\u003cbr/\u003e \"argocd_ingress_load_balancer\": \"nlb\",\u003cbr/\u003e \"argocd_notifications_enabled\": false,\u003cbr/\u003e \"autoscaling_enabled\": false,\u003cbr/\u003e \"expose_dashboard\": true,\u003cbr/\u003e \"hostname\": \"\",\u003cbr/\u003e \"ingress_class_name\": \"\",\u003cbr/\u003e \"namespace\": \"argocd\",\u003cbr/\u003e \"private_alb_enabled\": false,\u003cbr/\u003e \"redis_ha_enabled\": false,\u003cbr/\u003e \"slack_notification_token\": \"\",\u003cbr/\u003e \"values_yaml\": {}\u003cbr/\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_argocd_enabled\"\u003e\u003c/a\u003e [argocd\\_enabled](#input\\_argocd\\_enabled) | Determine whether argocd is enabled or not | `bool` | `false` | no |\n| \u003ca name=\"input_argocd_manage_add_ons\"\u003e\u003c/a\u003e [argocd\\_manage\\_add\\_ons](#input\\_argocd\\_manage\\_add\\_ons) | Enable managing add-on configuration via ArgoCD App of Apps | `bool` | `false` | no |\n| \u003ca name=\"input_argocd_version\"\u003e\u003c/a\u003e [argocd\\_version](#input\\_argocd\\_version) | Version of the argocd addon | `string` | `\"7.3.11\"` | no |\n| \u003ca name=\"input_argoproject_config\"\u003e\u003c/a\u003e [argoproject\\_config](#input\\_argoproject\\_config) | n/a | \u003cpre\u003eobject({\u003cbr/\u003e name = string\u003cbr/\u003e })\u003c/pre\u003e | \u003cpre\u003e{\u003cbr/\u003e \"name\": \"\"\u003cbr/\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_argorollout_config\"\u003e\u003c/a\u003e [argorollout\\_config](#input\\_argorollout\\_config) | n/a | \u003cpre\u003eobject({\u003cbr/\u003e values = any\u003cbr/\u003e namespace = string\u003cbr/\u003e hostname = string\u003cbr/\u003e ingress_class_name = string\u003cbr/\u003e enable_dashboard = bool\u003cbr/\u003e argorollout_ingress_load_balancer = string\u003cbr/\u003e private_alb_enabled = bool\u003cbr/\u003e alb_acm_certificate_arn = string\u003cbr/\u003e chart_version = string\u003cbr/\u003e })\u003c/pre\u003e | \u003cpre\u003e{\u003cbr/\u003e \"alb_acm_certificate_arn\": \"\",\u003cbr/\u003e \"argorollout_ingress_load_balancer\": \"nlb\",\u003cbr/\u003e \"chart_version\": \"2.38.0\",\u003cbr/\u003e \"enable_dashboard\": false,\u003cbr/\u003e \"hostname\": \"\",\u003cbr/\u003e \"ingress_class_name\": \"\",\u003cbr/\u003e \"namespace\": \"argocd\",\u003cbr/\u003e \"private_alb_enabled\": false,\u003cbr/\u003e \"values\": {}\u003cbr/\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_argorollout_enabled\"\u003e\u003c/a\u003e [argorollout\\_enabled](#input\\_argorollout\\_enabled) | Determine whether argo-rollout is enabled or not | `bool` | `false` | no |\n| \u003ca name=\"input_argoworkflow_config\"\u003e\u003c/a\u003e [argoworkflow\\_config](#input\\_argoworkflow\\_config) | n/a | \u003cpre\u003eobject({\u003cbr/\u003e values = any\u003cbr/\u003e namespace = string\u003cbr/\u003e hostname = string\u003cbr/\u003e expose_dashboard = bool\u003cbr/\u003e ingress_class_name = string\u003cbr/\u003e autoscaling_enabled = bool\u003cbr/\u003e argoworkflow_ingress_load_balancer = string\u003cbr/\u003e private_alb_enabled = bool\u003cbr/\u003e alb_acm_certificate_arn = string\u003cbr/\u003e })\u003c/pre\u003e | \u003cpre\u003e{\u003cbr/\u003e \"alb_acm_certificate_arn\": \"\",\u003cbr/\u003e \"argoworkflow_ingress_load_balancer\": \"nlb\",\u003cbr/\u003e \"autoscaling_enabled\": true,\u003cbr/\u003e \"expose_dashboard\": true,\u003cbr/\u003e \"hostname\": \"\",\u003cbr/\u003e \"ingress_class_name\": \"\",\u003cbr/\u003e \"namespace\": \"argocd\",\u003cbr/\u003e \"private_alb_enabled\": false,\u003cbr/\u003e \"values\": {}\u003cbr/\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_argoworkflow_enabled\"\u003e\u003c/a\u003e [argoworkflow\\_enabled](#input\\_argoworkflow\\_enabled) | Determine whether argocd-workflow is enabled or not | `bool` | `false` | no |\n| \u003ca name=\"input_argoworkflow_version\"\u003e\u003c/a\u003e [argoworkflow\\_version](#input\\_argoworkflow\\_version) | Version of the argoworkflow addon | `string` | `\"0.29.2\"` | no |\n| \u003ca name=\"input_auto_scaling_group_names\"\u003e\u003c/a\u003e [auto\\_scaling\\_group\\_names](#input\\_auto\\_scaling\\_group\\_names) | List of self-managed node groups autoscaling group names | `list(string)` | `[]` | no |\n| \u003ca name=\"input_aws_efs_csi_driver_helm_config\"\u003e\u003c/a\u003e [aws\\_efs\\_csi\\_driver\\_helm\\_config](#input\\_aws\\_efs\\_csi\\_driver\\_helm\\_config) | AWS EFS CSI driver Helm Chart config | `any` | `{}` | no |\n| \u003ca name=\"input_aws_load_balancer_controller_enabled\"\u003e\u003c/a\u003e [aws\\_load\\_balancer\\_controller\\_enabled](#input\\_aws\\_load\\_balancer\\_controller\\_enabled) | Enable or disable AWS Load Balancer Controller add-on for managing and controlling load balancers in Kubernetes. | `bool` | `false` | no |\n| \u003ca name=\"input_aws_load_balancer_controller_helm_config\"\u003e\u003c/a\u003e [aws\\_load\\_balancer\\_controller\\_helm\\_config](#input\\_aws\\_load\\_balancer\\_controller\\_helm\\_config) | Configuration for the AWS Load Balancer Controller Helm release | \u003cpre\u003eobject({\u003cbr/\u003e values = any\u003cbr/\u003e namespace = string\u003cbr/\u003e load_balancer_controller_name = string\u003cbr/\u003e })\u003c/pre\u003e | \u003cpre\u003e{\u003cbr/\u003e \"load_balancer_controller_name\": \"\",\u003cbr/\u003e \"namespace\": \"\",\u003cbr/\u003e \"values\": []\u003cbr/\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_aws_load_balancer_controller_version\"\u003e\u003c/a\u003e [aws\\_load\\_balancer\\_controller\\_version](#input\\_aws\\_load\\_balancer\\_controller\\_version) | Version of the aws load balancer controller addon | `string` | `\"1.8.1\"` | no |\n| \u003ca name=\"input_aws_node_termination_handler_enabled\"\u003e\u003c/a\u003e [aws\\_node\\_termination\\_handler\\_enabled](#input\\_aws\\_node\\_termination\\_handler\\_enabled) | Enable or disable node termination handler | `bool` | `false` | no |\n| \u003ca name=\"input_aws_node_termination_handler_helm_config\"\u003e\u003c/a\u003e [aws\\_node\\_termination\\_handler\\_helm\\_config](#input\\_aws\\_node\\_termination\\_handler\\_helm\\_config) | AWS Node Termination Handler Helm Chart config | `any` | `{}` | no |\n| \u003ca name=\"input_aws_node_termination_handler_irsa_policies\"\u003e\u003c/a\u003e [aws\\_node\\_termination\\_handler\\_irsa\\_policies](#input\\_aws\\_node\\_termination\\_handler\\_irsa\\_policies) | Additional IAM policies for a IAM role for service accounts | `list(string)` | `[]` | no |\n| \u003ca name=\"input_aws_node_termination_handler_version\"\u003e\u003c/a\u003e [aws\\_node\\_termination\\_handler\\_version](#input\\_aws\\_node\\_termination\\_handler\\_version) | Version of the aws node termination handler addon | `string` | `\"0.21.0\"` | no |\n| \u003ca name=\"input_cert_manager_domain_names\"\u003e\u003c/a\u003e [cert\\_manager\\_domain\\_names](#input\\_cert\\_manager\\_domain\\_names) | Domain names of the Route53 hosted zone to use with cert-manager | `list(string)` | `[]` | no |\n| \u003ca name=\"input_cert_manager_enabled\"\u003e\u003c/a\u003e [cert\\_manager\\_enabled](#input\\_cert\\_manager\\_enabled) | Enable or disable the cert manager add-on for EKS cluster. | `bool` | `false` | no |\n| \u003ca name=\"input_cert_manager_helm_config\"\u003e\u003c/a\u003e [cert\\_manager\\_helm\\_config](#input\\_cert\\_manager\\_helm\\_config) | Cert Manager Helm Chart config | `any` | `{}` | no |\n| \u003ca name=\"input_cert_manager_install_letsencrypt_r53_issuers\"\u003e\u003c/a\u003e [cert\\_manager\\_install\\_letsencrypt\\_r53\\_issuers](#input\\_cert\\_manager\\_install\\_letsencrypt\\_r53\\_issuers) | Enable or disable the creation of Route53 issuer while installing cert manager. | `bool` | `false` | no |\n| \u003ca name=\"input_cert_manager_irsa_policies\"\u003e\u003c/a\u003e [cert\\_manager\\_irsa\\_policies](#input\\_cert\\_manager\\_irsa\\_policies) | Additional IAM policies for a IAM role for service accounts | `list(string)` | `[]` | no |\n| \u003ca name=\"input_cert_manager_kubernetes_svc_image_pull_secrets\"\u003e\u003c/a\u003e [cert\\_manager\\_kubernetes\\_svc\\_image\\_pull\\_secrets](#input\\_cert\\_manager\\_kubernetes\\_svc\\_image\\_pull\\_secrets) | list(string) of kubernetes imagePullSecrets | `list(string)` | `[]` | no |\n| \u003ca name=\"input_cert_manager_letsencrypt_email\"\u003e\u003c/a\u003e [cert\\_manager\\_letsencrypt\\_email](#input\\_cert\\_manager\\_letsencrypt\\_email) | Specifies the email address to be used by cert-manager to request Let's Encrypt certificates | `string` | `\"\"` | no |\n| \u003ca name=\"input_cert_manager_version\"\u003e\u003c/a\u003e [cert\\_manager\\_version](#input\\_cert\\_manager\\_version) | Version of the cert manager addon | `string` | `\"v1.15.1\"` | no |\n| \u003ca name=\"input_cluster_autoscaler_enabled\"\u003e\u003c/a\u003e [cluster\\_autoscaler\\_enabled](#input\\_cluster\\_autoscaler\\_enabled) | Whether to enable the Cluster Autoscaler add-on or not. | `bool` | `false` | no |\n| \u003ca name=\"input_cluster_autoscaler_helm_config\"\u003e\u003c/a\u003e [cluster\\_autoscaler\\_helm\\_config](#input\\_cluster\\_autoscaler\\_helm\\_config) | CoreDNS Autoscaler Helm Chart config | `any` | `{}` | no |\n| \u003ca name=\"input_cluster_autoscaler_version\"\u003e\u003c/a\u003e [cluster\\_autoscaler\\_version](#input\\_cluster\\_autoscaler\\_version) | Version of the cluster autoscaler addon | `string` | `\"9.46.6\"` | no |\n| \u003ca name=\"input_cluster_issuer\"\u003e\u003c/a\u003e [cluster\\_issuer](#input\\_cluster\\_issuer) | Specify the letsecrypt cluster-issuer for ingress tls. | `string` | `\"letsencrypt-prod\"` | no |\n| \u003ca name=\"input_cluster_proportional_autoscaler_chart_version\"\u003e\u003c/a\u003e [cluster\\_proportional\\_autoscaler\\_chart\\_version](#input\\_cluster\\_proportional\\_autoscaler\\_chart\\_version) | Version of the cluster proportional autoscaler helm chart | `string` | `\"1.1.0\"` | no |\n| \u003ca name=\"input_cluster_proportional_autoscaler_enabled\"\u003e\u003c/a\u003e [cluster\\_proportional\\_autoscaler\\_enabled](#input\\_cluster\\_proportional\\_autoscaler\\_enabled) | Whether to enable the Cluster proportional Autoscaler add-on or not. | `bool` | `false` | no |\n| \u003ca name=\"input_cluster_proportional_autoscaler_helm_config\"\u003e\u003c/a\u003e [cluster\\_proportional\\_autoscaler\\_helm\\_config](#input\\_cluster\\_proportional\\_autoscaler\\_helm\\_config) | Configuration options for the Cluster Proportional Autoscaler Helm chart. | `any` | `{}` | no |\n| \u003ca name=\"input_coredns_hpa_enabled\"\u003e\u003c/a\u003e [coredns\\_hpa\\_enabled](#input\\_coredns\\_hpa\\_enabled) | Determines whether Horizontal Pod Autoscaling (HPA) for CoreDNS is enabled. | `bool` | `false` | no |\n| \u003ca name=\"input_coredns_hpa_helm_config\"\u003e\u003c/a\u003e [coredns\\_hpa\\_helm\\_config](#input\\_coredns\\_hpa\\_helm\\_config) | CoreDNS Autoscaler Helm Chart config | `any` | `{}` | no |\n| \u003ca name=\"input_custom_image_registry_uri\"\u003e\u003c/a\u003e [custom\\_image\\_registry\\_uri](#input\\_custom\\_image\\_registry\\_uri) | Custom image registry URI map of `{region = dkr.endpoint }` | `map(string)` | `{}` | no |\n| \u003ca name=\"input_data_plane_wait_arn\"\u003e\u003c/a\u003e [data\\_plane\\_wait\\_arn](#input\\_data\\_plane\\_wait\\_arn) | Addon deployment will not proceed until this value is known. Set to node group/Fargate profile ARN to wait for data plane to be ready before provisioning addons | `string` | `\"\"` | no |\n| \u003ca name=\"input_defectdojo_enabled\"\u003e\u003c/a\u003e [defectdojo\\_enabled](#input\\_defectdojo\\_enabled) | Enable defectdojo for service mesh. | `bool` | `false` | no |\n| \u003ca name=\"input_defectdojo_hostname\"\u003e\u003c/a\u003e [defectdojo\\_hostname](#input\\_defectdojo\\_hostname) | Specify the hostname for the kubecsot. | `string` | `\"\"` | no |\n| \u003ca name=\"input_ebs_csi_driver_version\"\u003e\u003c/a\u003e [ebs\\_csi\\_driver\\_version](#input\\_ebs\\_csi\\_driver\\_version) | Version of the ebs csi driver addon | `string` | `\"v1.41.0-eksbuild.1\"` | no |\n| \u003ca name=\"input_efs_storage_class_enabled\"\u003e\u003c/a\u003e [efs\\_storage\\_class\\_enabled](#input\\_efs\\_storage\\_class\\_enabled) | Enable or disable the Amazon Elastic File System (EFS) add-on for EKS cluster. | `bool` | `false` | no |\n| \u003ca name=\"input_efs_version\"\u003e\u003c/a\u003e [efs\\_version](#input\\_efs\\_version) | Version of the efs addon | `string` | `\"3.1.8\"` | no |\n| \u003ca name=\"input_eks_cluster_endpoint\"\u003e\u003c/a\u003e [eks\\_cluster\\_endpoint](#input\\_eks\\_cluster\\_endpoint) | Endpoint for your Kubernetes API server | `string` | `null` | no |\n| \u003ca name=\"input_eks_cluster_name\"\u003e\u003c/a\u003e [eks\\_cluster\\_name](#input\\_eks\\_cluster\\_name) | Fetch Cluster ID of the cluster | `string` | `\"\"` | no |\n| \u003ca name=\"input_eks_cluster_version\"\u003e\u003c/a\u003e [eks\\_cluster\\_version](#input\\_eks\\_cluster\\_version) | The Kubernetes version for the cluster | `string` | `null` | no |\n| \u003ca name=\"input_eks_oidc_provider\"\u003e\u003c/a\u003e [eks\\_oidc\\_provider](#input\\_eks\\_oidc\\_provider) | The OpenID Connect identity provider (issuer URL without leading `https://`) | `string` | `null` | no |\n| \u003ca name=\"input_enable_amazon_eks_aws_ebs_csi_driver\"\u003e\u003c/a\u003e [enable\\_amazon\\_eks\\_aws\\_ebs\\_csi\\_driver](#input\\_enable\\_amazon\\_eks\\_aws\\_ebs\\_csi\\_driver) | Enable EKS Managed AWS EBS CSI Driver add-on; enable\\_amazon\\_eks\\_aws\\_ebs\\_csi\\_driver and enable\\_self\\_managed\\_aws\\_ebs\\_csi\\_driver are mutually exclusive | `bool` | `false` | no |\n| \u003ca name=\"input_enable_ipv6\"\u003e\u003c/a\u003e [enable\\_ipv6](#input\\_enable\\_ipv6) | Enable Ipv6 network. Attaches new VPC CNI policy to the IRSA role | `bool` | `false` | no |\n| \u003ca name=\"input_enable_self_managed_aws_ebs_csi_driver\"\u003e\u003c/a\u003e [enable\\_self\\_managed\\_aws\\_ebs\\_csi\\_driver](#input\\_enable\\_self\\_managed\\_aws\\_ebs\\_csi\\_driver) | Enable self-managed aws-ebs-csi-driver add-on; enable\\_self\\_managed\\_aws\\_ebs\\_csi\\_driver and enable\\_amazon\\_eks\\_aws\\_ebs\\_csi\\_driver are mutually exclusive | `bool` | `false` | no |\n| \u003ca name=\"input_environment\"\u003e\u003c/a\u003e [environment](#input\\_environment) | Environment identifier for the Amazon Elastic Kubernetes Service (EKS) cluster. | `string` | `\"\"` | no |\n| \u003ca name=\"input_external_secrets_enabled\"\u003e\u003c/a\u003e [external\\_secrets\\_enabled](#input\\_external\\_secrets\\_enabled) | Enable or disable External Secrets operator add-on for managing external secrets. | `bool` | `false` | no |\n| \u003ca name=\"input_external_secrets_helm_config\"\u003e\u003c/a\u003e [external\\_secrets\\_helm\\_config](#input\\_external\\_secrets\\_helm\\_config) | External Secrets operator Helm Chart config | `any` | `{}` | no |\n| \u003ca name=\"input_external_secrets_irsa_policies\"\u003e\u003c/a\u003e [external\\_secrets\\_irsa\\_policies](#input\\_external\\_secrets\\_irsa\\_policies) | Additional IAM policies for a IAM role for service accounts | `list(string)` | `[]` | no |\n| \u003ca name=\"input_external_secrets_secrets_manager_arns\"\u003e\u003c/a\u003e [external\\_secrets\\_secrets\\_manager\\_arns](#input\\_external\\_secrets\\_secrets\\_manager\\_arns) | List of Secrets Manager ARNs that contain secrets to mount using External Secrets | `list(string)` | \u003cpre\u003e[\u003cbr/\u003e \"arn:aws:secretsmanager:*:*:secret:*\"\u003cbr/\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_external_secrets_ssm_parameter_arns\"\u003e\u003c/a\u003e [external\\_secrets\\_ssm\\_parameter\\_arns](#input\\_external\\_secrets\\_ssm\\_parameter\\_arns) | List of Systems Manager Parameter ARNs that contain secrets to mount using External Secrets | `list(string)` | \u003cpre\u003e[\u003cbr/\u003e \"arn:aws:ssm:*:*:parameter/*\"\u003cbr/\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_external_secrets_version\"\u003e\u003c/a\u003e [external\\_secrets\\_version](#input\\_external\\_secrets\\_version) | Version of the external secrets addon | `string` | `\"0.15.1\"` | no |\n| \u003ca name=\"input_falco_enabled\"\u003e\u003c/a\u003e [falco\\_enabled](#input\\_falco\\_enabled) | Determines whether Falco is enabled. | `bool` | `false` | no |\n| \u003ca name=\"input_falco_version\"\u003e\u003c/a\u003e [falco\\_version](#input\\_falco\\_version) | Version of the falco addon | `string` | `\"4.0.0\"` | no |\n| \u003ca name=\"input_ingress_nginx_config\"\u003e\u003c/a\u003e [ingress\\_nginx\\_config](#input\\_ingress\\_nginx\\_config) | Configure ingress-nginx to setup addons | \u003cpre\u003eobject({\u003cbr/\u003e ingress_class_name = string\u003cbr/\u003e enable_service_monitor = bool\u003cbr/\u003e values = any\u003cbr/\u003e namespace = string\u003cbr/\u003e })\u003c/pre\u003e | \u003cpre\u003e{\u003cbr/\u003e \"enable_service_monitor\": false,\u003cbr/\u003e \"ingress_class_name\": \"ingress-nginx\",\u003cbr/\u003e \"namespace\": \"ingress-nginx\",\u003cbr/\u003e \"values\": {}\u003cbr/\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_ingress_nginx_enabled\"\u003e\u003c/a\u003e [ingress\\_nginx\\_enabled](#input\\_ingress\\_nginx\\_enabled) | Control wheather to install public nlb or private nlb. Default is private | `bool` | `false` | no |\n| \u003ca name=\"input_ingress_nginx_version\"\u003e\u003c/a\u003e [ingress\\_nginx\\_version](#input\\_ingress\\_nginx\\_version) | Version of the ingress nginx addon | `string` | `\"4.11.0\"` | no |\n| \u003ca name=\"input_ipv6_enabled\"\u003e\u003c/a\u003e [ipv6\\_enabled](#input\\_ipv6\\_enabled) | whether IPv6 enabled or not | `bool` | `false` | no |\n| \u003ca name=\"input_irsa_iam_permissions_boundary\"\u003e\u003c/a\u003e [irsa\\_iam\\_permissions\\_boundary](#input\\_irsa\\_iam\\_permissions\\_boundary) | IAM permissions boundary for IRSA roles | `string` | `\"\"` | no |\n| \u003ca name=\"input_irsa_iam_role_path\"\u003e\u003c/a\u003e [irsa\\_iam\\_role\\_path](#input\\_irsa\\_iam\\_role\\_path) | IAM role path for IRSA roles | `string` | `\"/\"` | no |\n| \u003ca name=\"input_k8s_dashboard_hostname\"\u003e\u003c/a\u003e [k8s\\_dashboard\\_hostname](#input\\_k8s\\_dashboard\\_hostname) | Specify the hostname for the k8s dashboard. | `string` | `\"\"` | no |\n| \u003ca name=\"input_k8s_dashboard_ingress_load_balancer\"\u003e\u003c/a\u003e [k8s\\_dashboard\\_ingress\\_load\\_balancer](#input\\_k8s\\_dashboard\\_ingress\\_load\\_balancer) | Controls whether to enable ALB Ingress or not. | `string` | `\"nlb\"` | no |\n| \u003ca name=\"input_karpenter_enabled\"\u003e\u003c/a\u003e [karpenter\\_enabled](#input\\_karpenter\\_enabled) | Enable or disable Karpenter, a Kubernetes-native, multi-tenant, and auto-scaling solution for containerized workloads on Kubernetes. | `bool` | `false` | no |\n| \u003ca name=\"input_karpenter_helm_config\"\u003e\u003c/a\u003e [karpenter\\_helm\\_config](#input\\_karpenter\\_helm\\_config) | Karpenter autoscaler add-on config | `any` | `{}` | no |\n| \u003ca name=\"input_karpenter_irsa_policies\"\u003e\u003c/a\u003e [karpenter\\_irsa\\_policies](#input\\_karpenter\\_irsa\\_policies) | Additional IAM policies for a IAM role for service accounts | `list(string)` | `[]` | no |\n| \u003ca name=\"input_karpenter_node_iam_instance_profile\"\u003e\u003c/a\u003e [karpenter\\_node\\_iam\\_instance\\_profile](#input\\_karpenter\\_node\\_iam\\_instance\\_profile) | Karpenter Node IAM Instance profile id | `string` | `\"\"` | no |\n| \u003ca name=\"input_karpenter_version\"\u003e\u003c/a\u003e [karpenter\\_version](#input\\_karpenter\\_version) | Version of the karpenter addon | `string` | `\"1.3.3\"` | no |\n| \u003ca name=\"input_keda_enabled\"\u003e\u003c/a\u003e [keda\\_enabled](#input\\_keda\\_enabled) | Enable or disable Kubernetes Event-driven Autoscaling (KEDA) add-on for autoscaling workloads. | `bool` | `false` | no |\n| \u003ca name=\"input_keda_helm_config\"\u003e\u003c/a\u003e [keda\\_helm\\_config](#input\\_keda\\_helm\\_config) | KEDA Event-based autoscaler add-on config | `any` | `{}` | no |\n| \u003ca name=\"input_keda_irsa_policies\"\u003e\u003c/a\u003e [keda\\_irsa\\_policies](#input\\_keda\\_irsa\\_policies) | Additional IAM policies for a IAM role for service accounts | `list(string)` | `[]` | no |\n| \u003ca name=\"input_keda_version\"\u003e\u003c/a\u003e [keda\\_version](#input\\_keda\\_version) | Version of the keda addon | `string` | `\"2.17.0\"` | no |\n| \u003ca name=\"input_kms_key_arn\"\u003e\u003c/a\u003e [kms\\_key\\_arn](#input\\_kms\\_key\\_arn) | ARN of the KMS key used to encrypt AWS resources in the EKS cluster. | `string` | `\"\"` | no |\n| \u003ca name=\"input_kms_policy_arn\"\u003e\u003c/a\u003e [kms\\_policy\\_arn](#input\\_kms\\_policy\\_arn) | Specify the ARN of KMS policy, for service accounts. | `string` | `\"\"` | no |\n| \u003ca name=\"input_kubeclarity_enabled\"\u003e\u003c/a\u003e [kubeclarity\\_enabled](#input\\_kubeclarity\\_enabled) | Enable or disable the deployment of an kubeclarity for Kubernetes. | `bool` | `false` | no |\n| \u003ca name=\"input_kubeclarity_hostname\"\u003e\u003c/a\u003e [kubeclarity\\_hostname](#input\\_kubeclarity\\_hostname) | Specify the hostname for the Kubeclarity. | `string` | `\"\"` | no |\n| \u003ca name=\"input_kubeclarity_namespace\"\u003e\u003c/a\u003e [kubeclarity\\_namespace](#input\\_kubeclarity\\_namespace) | Name of the Kubernetes namespace where the kubeclarity deployment will be deployed. | `string` | `\"kubeclarity\"` | no |\n| \u003ca name=\"input_kubeclarity_version\"\u003e\u003c/a\u003e [kubeclarity\\_version](#input\\_kubeclarity\\_version) | Version of the kubeclarity addon | `string` | `\"2.23.0\"` | no |\n| \u003ca name=\"input_kubecost_enabled\"\u003e\u003c/a\u003e [kubecost\\_enabled](#input\\_kubecost\\_enabled) | Enable or disable the deployment of an Kubecost for Kubernetes. | `bool` | `false` | no |\n| \u003ca name=\"input_kubecost_hostname\"\u003e\u003c/a\u003e [kubecost\\_hostname](#input\\_kubecost\\_hostname) | Specify the hostname for the kubecsot. | `string` | `\"\"` | no |\n| \u003ca name=\"input_kubecost_version\"\u003e\u003c/a\u003e [kubecost\\_version](#input\\_kubecost\\_version) | Version of the kubecost addon | `string` | `\"v2.1.0-eksbuild.1\"` | no |\n| \u003ca name=\"input_kubernetes_dashboard_config\"\u003e\u003c/a\u003e [kubernetes\\_dashboard\\_config](#input\\_kubernetes\\_dashboard\\_config) | Specify all the configuration setup here | \u003cpre\u003eobject({\u003cbr/\u003e k8s_dashboard_hostname = string\u003cbr/\u003e values_yaml = any\u003cbr/\u003e enable_service_monitor = bool\u003cbr/\u003e k8s_dashboard_ingress_load_balancer = string\u003cbr/\u003e alb_acm_certificate_arn = string\u003cbr/\u003e private_alb_enabled = bool\u003cbr/\u003e ingress_class_name = string\u003cbr/\u003e })\u003c/pre\u003e | \u003cpre\u003e{\u003cbr/\u003e \"alb_acm_certificate_arn\": \"\",\u003cbr/\u003e \"enable_service_monitor\": false,\u003cbr/\u003e \"ingress_class_name\": \"\",\u003cbr/\u003e \"k8s_dashboard_hostname\": \"\",\u003cbr/\u003e \"k8s_dashboard_ingress_load_balancer\": \"\",\u003cbr/\u003e \"private_alb_enabled\": false,\u003cbr/\u003e \"values_yaml\": {}\u003cbr/\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_kubernetes_dashboard_enabled\"\u003e\u003c/a\u003e [kubernetes\\_dashboard\\_enabled](#input\\_kubernetes\\_dashboard\\_enabled) | Determines whether k8s-dashboard is enabled or not | `bool` | `false` | no |\n| \u003ca name=\"input_kubernetes_dashboard_version\"\u003e\u003c/a\u003e [kubernetes\\_dashboard\\_version](#input\\_kubernetes\\_dashboard\\_version) | Version of the kubernetes dashboard addon | `string` | `\"6.0.8\"` | no |\n| \u003ca name=\"input_metrics_server_enabled\"\u003e\u003c/a\u003e [metrics\\_server\\_enabled](#input\\_metrics\\_server\\_enabled) | Enable or disable the metrics server add-on for EKS cluster. | `bool` | `false` | no |\n| \u003ca name=\"input_metrics_server_helm_config\"\u003e\u003c/a\u003e [metrics\\_server\\_helm\\_config](#input\\_metrics\\_server\\_helm\\_config) | Metrics Server Helm Chart config | `any` | `{}` | no |\n| \u003ca name=\"input_metrics_server_helm_version\"\u003e\u003c/a\u003e [metrics\\_server\\_helm\\_version](#input\\_metrics\\_server\\_helm\\_version) | Version of the metrics server helm chart | `string` | `\"3.11.0\"` | no |\n| \u003ca name=\"input_metrics_server_version\"\u003e\u003c/a\u003e [metrics\\_server\\_version](#input\\_metrics\\_server\\_version) | Version of the metrics server addon | `string` | `\"3.12.2\"` | no |\n| \u003ca name=\"input_name\"\u003e\u003c/a\u003e [name](#input\\_name) | Specify the name prefix of the EKS cluster resources. | `string` | `\"\"` | no |\n| \u003ca name=\"input_node_termination_handler_version\"\u003e\u003c/a\u003e [node\\_termination\\_handler\\_version](#input\\_node\\_termination\\_handler\\_version) | Specify the version of node termination handler | `string` | `\"0.21.0\"` | no |\n| \u003ca name=\"input_private_ingress_nginx_config\"\u003e\u003c/a\u003e [private\\_ingress\\_nginx\\_config](#input\\_private\\_ingress\\_nginx\\_config) | Configure private-ingress-nginx to setup addons | \u003cpre\u003eobject({\u003cbr/\u003e ingress_class_name = string\u003cbr/\u003e enable_service_monitor = bool\u003cbr/\u003e values = any\u003cbr/\u003e namespace = string\u003cbr/\u003e })\u003c/pre\u003e | \u003cpre\u003e{\u003cbr/\u003e \"enable_service_monitor\": false,\u003cbr/\u003e \"ingress_class_name\": \"private-nginx\",\u003cbr/\u003e \"namespace\": \"private-nginx\",\u003cbr/\u003e \"values\": {}\u003cbr/\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_private_ingress_nginx_enabled\"\u003e\u003c/a\u003e [private\\_ingress\\_nginx\\_enabled](#input\\_private\\_ingress\\_nginx\\_enabled) | Control wheather to install public nlb or private nlb. Default is private | `bool` | `false` | no |\n| \u003ca name=\"input_private_ingress_nginx_version\"\u003e\u003c/a\u003e [private\\_ingress\\_nginx\\_version](#input\\_private\\_ingress\\_nginx\\_version) | Version of the ingress nginx addon | `string` | `\"4.11.0\"` | no |\n| \u003ca name=\"input_private_subnet_ids\"\u003e\u003c/a\u003e [private\\_subnet\\_ids](#input\\_private\\_subnet\\_ids) | Private subnets of the VPC which can be used by EFS, argocd, workflow and k8s dashboard | `list(string)` | \u003cpre\u003e[\u003cbr/\u003e \"\"\u003cbr/\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_public_subnet_ids\"\u003e\u003c/a\u003e [public\\_subnet\\_ids](#input\\_public\\_subnet\\_ids) | Public subnets of the VPC which can be used by argocd, workflow and k8s dashboard | `list(string)` | \u003cpre\u003e[\u003cbr/\u003e \"\"\u003cbr/\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_reloader_enabled\"\u003e\u003c/a\u003e [reloader\\_enabled](#input\\_reloader\\_enabled) | Enable or disable Reloader, a Kubernetes controller to watch changes in ConfigMap and Secret objects and trigger an application reload on their changes. | `bool` | `false` | no |\n| \u003ca name=\"input_reloader_helm_config\"\u003e\u003c/a\u003e [reloader\\_helm\\_config](#input\\_reloader\\_helm\\_config) | Reloader Helm Chart config | `any` | `{}` | no |\n| \u003ca name=\"input_reloader_version\"\u003e\u003c/a\u003e [reloader\\_version](#input\\_reloader\\_version) | Version of the reloader addon | `string` | `\"v1.0.115\"` | no |\n| \u003ca name=\"input_self_managed_aws_ebs_csi_driver_helm_config\"\u003e\u003c/a\u003e [self\\_managed\\_aws\\_ebs\\_csi\\_driver\\_helm\\_config](#input\\_self\\_managed\\_aws\\_ebs\\_csi\\_driver\\_helm\\_config) | Self-managed aws-ebs-csi-driver Helm chart config | `any` | `{}` | no |\n| \u003ca name=\"input_service_monitor_crd_enabled\"\u003e\u003c/a\u003e [service\\_monitor\\_crd\\_enabled](#input\\_service\\_monitor\\_crd\\_enabled) | Enable or disable the installation of Custom Resource Definitions (CRDs) for Prometheus Service Monitor. | `bool` | `false` | no |\n| \u003ca name=\"input_single_az_ebs_gp3_storage_class_enabled\"\u003e\u003c/a\u003e [single\\_az\\_ebs\\_gp3\\_storage\\_class\\_enabled](#input\\_single\\_az\\_ebs\\_gp3\\_storage\\_class\\_enabled) | Whether to enable the Single AZ storage class or not. | `bool` | `false` | no |\n| \u003ca name=\"input_single_az_sc_config\"\u003e\u003c/a\u003e [single\\_az\\_sc\\_config](#input\\_single\\_az\\_sc\\_config) | Name and regions for storage class in Key-Value pair. | `list(any)` | `[]` | no |\n| \u003ca name=\"input_slack_webhook\"\u003e\u003c/a\u003e [slack\\_webhook](#input\\_slack\\_webhook) | The Slack webhook URL used for notifications. | `string` | `\"\"` | no |\n| \u003ca name=\"input_storage_class_name\"\u003e\u003c/a\u003e [storage\\_class\\_name](#input\\_storage\\_class\\_name) | Specify the hostname for the kubecsot. | `string` | `\"infra-service-sc\"` | no |\n| \u003ca name=\"input_tags\"\u003e\u003c/a\u003e [tags](#input\\_tags) | Additional tags (e.g. `map('BusinessUnit`,`XYZ`) | `map(string)` | `{}` | no |\n| \u003ca name=\"input_velero_config\"\u003e\u003c/a\u003e [velero\\_config](#input\\_velero\\_config) | Configuration to provide settings for Velero, including which namespaces to backup, retention period, backup schedule, and backup bucket name. | `any` | \u003cpre\u003e{\u003cbr/\u003e \"backup_bucket_name\": \"\",\u003cbr/\u003e \"namespaces\": \"\",\u003cbr/\u003e \"retention_period_in_days\": 45,\u003cbr/\u003e \"schedule_backup_cron_time\": \"\",\u003cbr/\u003e \"slack_appToken\": \"\",\u003cbr/\u003e \"slack_botToken\": \"\",\u003cbr/\u003e \"slack_notification_channel_name\": \"\",\u003cbr/\u003e \"velero_backup_name\": \"\"\u003cbr/\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_velero_enabled\"\u003e\u003c/a\u003e [velero\\_enabled](#input\\_velero\\_enabled) | Enable or disable the installation of Velero, which is a backup and restore solution for Kubernetes clusters. | `bool` | `false` | no |\n| \u003ca name=\"input_velero_notification_enabled\"\u003e\u003c/a\u003e [velero\\_notification\\_enabled](#input\\_velero\\_notification\\_enabled) | Enable or disable the notification for velero backup. | `bool` | `false` | no |\n| \u003ca name=\"input_vpa_config\"\u003e\u003c/a\u003e [vpa\\_config](#input\\_vpa\\_config) | Configure VPA CRD to setup addon | \u003cpre\u003eobject({\u003cbr/\u003e values = list(string)\u003cbr/\u003e })\u003c/pre\u003e | \u003cpre\u003e{\u003cbr/\u003e \"values\": []\u003cbr/\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_vpa_enabled\"\u003e\u003c/a\u003e [vpa\\_enabled](#input\\_vpa\\_enabled) | Choose whether to enable vpa or not | `bool` | `false` | no |\n| \u003ca name=\"input_vpa_version\"\u003e\u003c/a\u003e [vpa\\_version](#input\\_vpa\\_version) | Version of VPA CRD | `string` | `\"10.0.0\"` | no |\n| \u003ca name=\"input_vpc_cni_version\"\u003e\u003c/a\u003e [vpc\\_cni\\_version](#input\\_vpc\\_cni\\_version) | Specify VPC CNI addons version | `string` | `\"v1.19.0-eksbuild.1\"` | no |\n| \u003ca name=\"input_vpc_id\"\u003e\u003c/a\u003e [vpc\\_id](#input\\_vpc\\_id) | ID of the VPC where the cluster and its nodes will be provisioned | `string` | `\"\"` | no |\n| \u003ca name=\"input_worker_iam_role_arn\"\u003e\u003c/a\u003e [worker\\_iam\\_role\\_arn](#input\\_worker\\_iam\\_role\\_arn) | Specify the IAM role Arn for the nodes | `string` | `\"\"` | no |\n| \u003ca name=\"input_worker_iam_role_name\"\u003e\u003c/a\u003e [worker\\_iam\\_role\\_name](#input\\_worker\\_iam\\_role\\_name) | Specify the IAM role for the nodes that will be provisioned through karpenter | `string` | `\"\"` | no |\n\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| \u003ca name=\"output_argocd_credentials\"\u003e\u003c/a\u003e [argocd\\_credentials](#output\\_argocd\\_credentials) | Argocd\\_Info |\n| \u003ca name=\"output_argorollout_credentials\"\u003e\u003c/a\u003e [argorollout\\_credentials](#output\\_argorollout\\_credentials) | Argorollout Details |\n| \u003ca name=\"output_argoworkflow_credentials\"\u003e\u003c/a\u003e [argoworkflow\\_credentials](#output\\_argoworkflow\\_credentials) | Argocd Workflow credentials |\n| \u003ca name=\"output_argoworkflow_hostname\"\u003e\u003c/a\u003e [argoworkflow\\_hostname](#output\\_argoworkflow\\_hostname) | Argocd Workflow hostname |\n| \u003ca name=\"output_defectdojo\"\u003e\u003c/a\u003e [defectdojo](#output\\_defectdojo) | DefectDojo endpoint and credentials |\n| \u003ca name=\"output_ebs_encryption_enable\"\u003e\u003c/a\u003e [ebs\\_encryption\\_enable](#output\\_ebs\\_encryption\\_enable) | Whether Amazon Elastic Block Store (EBS) encryption is enabled or not. |\n| \u003ca name=\"output_efs_id\"\u003e\u003c/a\u003e [efs\\_id](#output\\_efs\\_id) | ID of the Amazon Elastic File System (EFS) that has been created for the EKS cluster. |\n| \u003ca name=\"output_environment\"\u003e\u003c/a\u003e [environment](#output\\_environment) | Environment Name for the EKS cluster |\n| \u003ca name=\"output_internal_nginx_ingress_controller_dns_hostname\"\u003e\u003c/a\u003e [internal\\_nginx\\_ingress\\_controller\\_dns\\_hostname](#output\\_internal\\_nginx\\_ingress\\_controller\\_dns\\_hostname) | DNS hostname of the NGINX Ingress Controller. |\n| \u003ca name=\"output_k8s_dashboard_admin_token\"\u003e\u003c/a\u003e [k8s\\_dashboard\\_admin\\_token](#output\\_k8s\\_dashboard\\_admin\\_token) | Kubernetes-Dashboard Admin Token |\n| \u003ca name=\"output_k8s_dashboard_read_only_token\"\u003e\u003c/a\u003e [k8s\\_dashboard\\_read\\_only\\_token](#output\\_k8s\\_dashboard\\_read\\_only\\_token) | Kubernetes-Dashboard Read Only Token |\n| \u003ca name=\"output_kubeclarity\"\u003e\u003c/a\u003e [kubeclarity](#output\\_kubeclarity) | Kubeclarity endpoint and credentials |\n| \u003ca name=\"output_kubecost\"\u003e\u003c/a\u003e [kubecost](#output\\_kubecost) | Kubecost endpoint and credentials |\n| \u003ca name=\"output_nginx_ingress_controller_dns_hostname\"\u003e\u003c/a\u003e [nginx\\_ingress\\_controller\\_dns\\_hostname](#output\\_nginx\\_ingress\\_controller\\_dns\\_hostname) | DNS hostname of the NGINX Ingress Controller. |\n\u003c!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK --\u003e\n\n## Contribution \u0026 Issue Reporting\n\nTo report an issue with a project:\n\n 1. Check the repository's [issue tracker](https://github.com/squareops/terraform-aws-eks-addons.git/issues) on GitHub\n 2. Search to see if the issue has already been reported\n 3. If you can't find an answer to your question in the documentation or issue tracker, you can ask a question by creating a new issue. Be sure to provide enough context and details so others can understand your problem.\n 4. Contributing to the project can be a great way to get involved and get help. The maintainers and other contributors may be more likely to help you if you're already making contributions to the project.\n\n\n## License\n\nApache License, Version 2.0, January 2004 (http://www.apache.org/licenses/).\n\n## Support Us\n\nTo support a GitHub project by liking it, you can follow these steps:\n\n 1. Visit the repository: Navigate to the [GitHub repository](https://github.com/squareops/terraform-aws-eks-addons.git).\n\n 2. Click the \"Star\" button On the repository page, you'll see a \"Star\" button in the upper right corner. Clicking on it will star the repository, indicating your support for the project.\n\n 3. Optionally, you can also leave a comment on the repository or open an issue to give feedback or suggest changes.\n\nStarring a repository on GitHub is a simple way to show your support and appreciation for the project. It also helps to increase the visibility of the project and make it more discoverable to others.\n\n## Who we are\n\nWe believe that the key to success in the digital age is the ability to deliver value quickly and reliably. That’s why we offer a comprehensive range of DevOps \u0026 Cloud services designed to help your organization optimize its systems \u0026 Processes for speed and agility.\n\n 1. We are an AWS Advanced consulting partner which reflects our deep expertise in AWS Cloud and helping 100+ clients over the last 5 years.\n 2. Expertise in Kubernetes and overall container solution helps companies expedite their journey by 10X.\n 3. Infrastructure Automation is a key component to the success of our Clients and our Expertise helps deliver the same in the shortest time.\n 4. DevSecOps as a service to implement security within the overall DevOps process and helping companies deploy securely and at speed.\n 5. Platform engineering which supports scalable,Cost efficient infrastructure that supports rapid development, testing, and deployment.\n 6. 24*7 SRE service to help you Monitor the state of your infrastructure and eradicate any issue within the SLA.\n\nWe provide [support](https://squareops.com/contact-us/) on all of our projects, no matter how small or large they may be.\n\nYou can find more information about our company on this [squareops.com](https://squareops.com/), follow us on [Linkedin](https://www.linkedin.com/company/squareops-technologies-pvt-ltd/), or fill out a [job application](https://squareops.com/careers/). If you have any questions or would like assistance with your cloud strategy and implementation, please don't hesitate to [contact us](https://squareops.com/contact-us/).\n\n\u003c!-- END OF PRE-COMMIT-PIKE DOCS HOOK --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsquareops%2Fterraform-aws-eks-addons","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsquareops%2Fterraform-aws-eks-addons","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsquareops%2Fterraform-aws-eks-addons/lists"}