{"id":22472975,"url":"https://github.com/truefoundry/terraform-aws-truefoundry-cluster","last_synced_at":"2026-01-07T06:10:29.245Z","repository":{"id":178950622,"uuid":"662595567","full_name":"truefoundry/terraform-aws-truefoundry-cluster","owner":"truefoundry","description":"Truefoundry EKS Module","archived":false,"fork":false,"pushed_at":"2025-03-04T16:21:08.000Z","size":114,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-04T17:29:14.715Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/truefoundry.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-07-05T13:21:17.000Z","updated_at":"2025-03-04T16:20:53.000Z","dependencies_parsed_at":null,"dependency_job_id":"3d0d67fc-7314-413c-b695-19e93828570a","html_url":"https://github.com/truefoundry/terraform-aws-truefoundry-cluster","commit_stats":null,"previous_names":["truefoundry/terraform-aws-truefoundry-cluster"],"tags_count":23,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/truefoundry%2Fterraform-aws-truefoundry-cluster","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/truefoundry%2Fterraform-aws-truefoundry-cluster/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/truefoundry%2Fterraform-aws-truefoundry-cluster/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/truefoundry%2Fterraform-aws-truefoundry-cluster/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/truefoundry","download_url":"https://codeload.github.com/truefoundry/terraform-aws-truefoundry-cluster/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245880815,"owners_count":20687613,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-06T12:18:16.321Z","updated_at":"2026-01-07T06:10:29.232Z","avatar_url":"https://github.com/truefoundry.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# terraform-aws-truefoundry-cluster\nTruefoundry EKS Module\n\n\u003c!-- BEGIN_TF_DOCS --\u003e\n## Requirements\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | ~\u003e 1.4 |\n| \u003ca name=\"requirement_aws\"\u003e\u003c/a\u003e [aws](#requirement\\_aws) | ~\u003e 5.57 |\n| \u003ca name=\"requirement_helm\"\u003e\u003c/a\u003e [helm](#requirement\\_helm) | ~\u003e 2.9 |\n\n## Providers\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"provider_aws\"\u003e\u003c/a\u003e [aws](#provider\\_aws) | ~\u003e 5.57 |\n\n## Modules\n\n| Name | Source | Version |\n|------|--------|---------|\n| \u003ca name=\"module_aws-eks-kubernetes-cluster\"\u003e\u003c/a\u003e [aws-eks-kubernetes-cluster](#module\\_aws-eks-kubernetes-cluster) | terraform-aws-modules/eks/aws | v20.33.1 |\n| \u003ca name=\"module_eks_blueprints_addons\"\u003e\u003c/a\u003e [eks\\_blueprints\\_addons](#module\\_eks\\_blueprints\\_addons) | aws-ia/eks-blueprints-addons/aws | 1.21.0 |\n\n## Resources\n\n| Name | Type |\n|------|------|\n| [aws_eks_addon_version.cluster_addons_coredns_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_addon_version) | data source |\n| [aws_eks_addon_version.cluster_addons_eks_pod_identity_agent_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_addon_version) | data source |\n| [aws_eks_addon_version.cluster_addons_kube_proxy_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_addon_version) | data source |\n| [aws_eks_addon_version.cluster_addons_vpc_cni_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_addon_version) | data source |\n| [aws_eks_cluster.eks_cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source |\n| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_additional_eks_managed_node_groups\"\u003e\u003c/a\u003e [additional\\_eks\\_managed\\_node\\_groups](#input\\_additional\\_eks\\_managed\\_node\\_groups) | Map of additional EKS managed node group definitions to create | `any` | `{}` | no |\n| \u003ca name=\"input_cloudwatch_log_group_retention_in_days\"\u003e\u003c/a\u003e [cloudwatch\\_log\\_group\\_retention\\_in\\_days](#input\\_cloudwatch\\_log\\_group\\_retention\\_in\\_days) | Number of days to retain log events. Default retention - 7 days | `number` | `7` | no |\n| \u003ca name=\"input_cluster_access_entries\"\u003e\u003c/a\u003e [cluster\\_access\\_entries](#input\\_cluster\\_access\\_entries) | value of the access entries for the EKS cluster | `any` | `{}` | no |\n| \u003ca name=\"input_cluster_additional_security_group_ids\"\u003e\u003c/a\u003e [cluster\\_additional\\_security\\_group\\_ids](#input\\_cluster\\_additional\\_security\\_group\\_ids) | List of additional, externally created security group IDs to attach to the cluster control plane | `list(string)` | `[]` | no |\n| \u003ca name=\"input_cluster_addons_coredns_additional_configurations\"\u003e\u003c/a\u003e [cluster\\_addons\\_coredns\\_additional\\_configurations](#input\\_cluster\\_addons\\_coredns\\_additional\\_configurations) | Additional configurations for the coredns addon | `any` | `{}` | no |\n| \u003ca name=\"input_cluster_addons_coredns_enable\"\u003e\u003c/a\u003e [cluster\\_addons\\_coredns\\_enable](#input\\_cluster\\_addons\\_coredns\\_enable) | Enable the CoreDNS addon | `bool` | `true` | no |\n| \u003ca name=\"input_cluster_addons_coredns_version\"\u003e\u003c/a\u003e [cluster\\_addons\\_coredns\\_version](#input\\_cluster\\_addons\\_coredns\\_version) | Version of the CoreDNS addon. If not provided, the latest version will be used which is compatible with cluster\\_version. | `string` | `\"\"` | no |\n| \u003ca name=\"input_cluster_addons_eks_pod_identity_agent_additional_configurations\"\u003e\u003c/a\u003e [cluster\\_addons\\_eks\\_pod\\_identity\\_agent\\_additional\\_configurations](#input\\_cluster\\_addons\\_eks\\_pod\\_identity\\_agent\\_additional\\_configurations) | Additional configurations for the kube proxy addon | `any` | `{}` | no |\n| \u003ca name=\"input_cluster_addons_eks_pod_identity_agent_enable\"\u003e\u003c/a\u003e [cluster\\_addons\\_eks\\_pod\\_identity\\_agent\\_enable](#input\\_cluster\\_addons\\_eks\\_pod\\_identity\\_agent\\_enable) | Enable the EKS Pod Identity Agent addon | `bool` | `false` | no |\n| \u003ca name=\"input_cluster_addons_eks_pod_identity_agent_version\"\u003e\u003c/a\u003e [cluster\\_addons\\_eks\\_pod\\_identity\\_agent\\_version](#input\\_cluster\\_addons\\_eks\\_pod\\_identity\\_agent\\_version) | Version of the EKS Pod Identity Agent addon. If not provided, the latest version will be used which is compatible with cluster\\_version. | `string` | `\"\"` | no |\n| \u003ca name=\"input_cluster_addons_kube_proxy_additional_configurations\"\u003e\u003c/a\u003e [cluster\\_addons\\_kube\\_proxy\\_additional\\_configurations](#input\\_cluster\\_addons\\_kube\\_proxy\\_additional\\_configurations) | Additional configurations for the kube proxy addon | `any` | `{}` | no |\n| \u003ca name=\"input_cluster_addons_kube_proxy_enable\"\u003e\u003c/a\u003e [cluster\\_addons\\_kube\\_proxy\\_enable](#input\\_cluster\\_addons\\_kube\\_proxy\\_enable) | Enable the kube-proxy addon | `bool` | `true` | no |\n| \u003ca name=\"input_cluster_addons_kube_proxy_version\"\u003e\u003c/a\u003e [cluster\\_addons\\_kube\\_proxy\\_version](#input\\_cluster\\_addons\\_kube\\_proxy\\_version) | Version of the kube-proxy addon. If not provided, the latest version will be used which is compatible with cluster\\_version. | `string` | `\"\"` | no |\n| \u003ca name=\"input_cluster_addons_observability_tag\"\u003e\u003c/a\u003e [cluster\\_addons\\_observability\\_tag](#input\\_cluster\\_addons\\_observability\\_tag) | Tag to identify EKS Blueprints usage within observability tools. Keep this value to null to disable telemetry | `string` | `\"qs-1ubotj5kl\"` | no |\n| \u003ca name=\"input_cluster_addons_vpc_cni_additional_configurations\"\u003e\u003c/a\u003e [cluster\\_addons\\_vpc\\_cni\\_additional\\_configurations](#input\\_cluster\\_addons\\_vpc\\_cni\\_additional\\_configurations) | Additional configurations for the VPC CNI addon | `any` | `{}` | no |\n| \u003ca name=\"input_cluster_addons_vpc_cni_enable\"\u003e\u003c/a\u003e [cluster\\_addons\\_vpc\\_cni\\_enable](#input\\_cluster\\_addons\\_vpc\\_cni\\_enable) | Enable the VPC CNI addon | `bool` | `true` | no |\n| \u003ca name=\"input_cluster_addons_vpc_cni_version\"\u003e\u003c/a\u003e [cluster\\_addons\\_vpc\\_cni\\_version](#input\\_cluster\\_addons\\_vpc\\_cni\\_version) | Version of the VPC CNI addon. If not provided, the latest version will be used which is compatible with cluster\\_version. | `string` | `\"\"` | no |\n| \u003ca name=\"input_cluster_authentication_mode\"\u003e\u003c/a\u003e [cluster\\_authentication\\_mode](#input\\_cluster\\_authentication\\_mode) | value of the authentication mode for the EKS cluster | `string` | `\"API_AND_CONFIG_MAP\"` | no |\n| \u003ca name=\"input_cluster_enabled_log_types\"\u003e\u003c/a\u003e [cluster\\_enabled\\_log\\_types](#input\\_cluster\\_enabled\\_log\\_types) | A list of the desired control plane logs to enable. For more information, see Amazon EKS Control Plane Logging documentation (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html) | `list(string)` | \u003cpre\u003e[\u003cbr/\u003e  \"audit\",\u003cbr/\u003e  \"api\",\u003cbr/\u003e  \"authenticator\"\u003cbr/\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_cluster_endpoint_private_access\"\u003e\u003c/a\u003e [cluster\\_endpoint\\_private\\_access](#input\\_cluster\\_endpoint\\_private\\_access) | Indicates whether or not the Amazon EKS private API server endpoint is enabled | `bool` | `true` | no |\n| \u003ca name=\"input_cluster_endpoint_public_access\"\u003e\u003c/a\u003e [cluster\\_endpoint\\_public\\_access](#input\\_cluster\\_endpoint\\_public\\_access) | Indicates whether or not the Amazon EKS public API server endpoint is enabled | `bool` | `true` | no |\n| \u003ca name=\"input_cluster_endpoint_public_access_cidrs\"\u003e\u003c/a\u003e [cluster\\_endpoint\\_public\\_access\\_cidrs](#input\\_cluster\\_endpoint\\_public\\_access\\_cidrs) | List of CIDR blocks which can access the Amazon EKS public API server endpoint | `list(string)` | \u003cpre\u003e[\u003cbr/\u003e  \"0.0.0.0/0\"\u003cbr/\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_cluster_iam_role_arn\"\u003e\u003c/a\u003e [cluster\\_iam\\_role\\_arn](#input\\_cluster\\_iam\\_role\\_arn) | IAM role ARN of the cluster. If cluster\\_iam\\_role\\_enabled is set to true, cluster\\_iam\\_role\\_arn will be used for cluster IAM role. | `string` | `\"\"` | no |\n| \u003ca name=\"input_cluster_iam_role_enabled\"\u003e\u003c/a\u003e [cluster\\_iam\\_role\\_enabled](#input\\_cluster\\_iam\\_role\\_enabled) | Enable/Disable creation of cluster IAM role. | `bool` | `true` | no |\n| \u003ca name=\"input_cluster_iam_role_use_name_prefix\"\u003e\u003c/a\u003e [cluster\\_iam\\_role\\_use\\_name\\_prefix](#input\\_cluster\\_iam\\_role\\_use\\_name\\_prefix) | Use name prefix for cluster IAM role. | `bool` | `true` | no |\n| \u003ca name=\"input_cluster_name\"\u003e\u003c/a\u003e [cluster\\_name](#input\\_cluster\\_name) | Name of the EKS cluster. If use\\_existing\\_cluster is set to true, cluster\\_name will be used to fetch details only | `string` | n/a | yes |\n| \u003ca name=\"input_cluster_security_group_additional_rules\"\u003e\u003c/a\u003e [cluster\\_security\\_group\\_additional\\_rules](#input\\_cluster\\_security\\_group\\_additional\\_rules) | List of additional security group rules to add to the cluster security group created. Set `source_node_security_group = true` inside rules to set the `node_security_group` as source | `any` | `{}` | no |\n| \u003ca name=\"input_cluster_version\"\u003e\u003c/a\u003e [cluster\\_version](#input\\_cluster\\_version) | EKS cluster version | `string` | `\"1.34\"` | no |\n| \u003ca name=\"input_create_cloudwatch_log_group\"\u003e\u003c/a\u003e [create\\_cloudwatch\\_log\\_group](#input\\_create\\_cloudwatch\\_log\\_group) | Determines whether a log group is created by this module for the cluster logs. If not, AWS will automatically create one if logging is enabled | `bool` | `true` | no |\n| \u003ca name=\"input_eks_managed_node_group_defaults\"\u003e\u003c/a\u003e [eks\\_managed\\_node\\_group\\_defaults](#input\\_eks\\_managed\\_node\\_group\\_defaults) | Managed node group defaults | `any` | `{}` | no |\n| \u003ca name=\"input_enable_cluster_creator_admin_permissions\"\u003e\u003c/a\u003e [enable\\_cluster\\_creator\\_admin\\_permissions](#input\\_enable\\_cluster\\_creator\\_admin\\_permissions) | Enable admin permission for the user who created the cluster | `bool` | `true` | no |\n| \u003ca name=\"input_enable_cluster_log\"\u003e\u003c/a\u003e [enable\\_cluster\\_log](#input\\_enable\\_cluster\\_log) | Enable cluster control plane logs | `bool` | `true` | no |\n| \u003ca name=\"input_enable_irsa\"\u003e\u003c/a\u003e [enable\\_irsa](#input\\_enable\\_irsa) | Determines whether to create an OpenID Connect Provider for EKS to enable IRSA | `bool` | `true` | no |\n| \u003ca name=\"input_existing_cluster_node_role_arn\"\u003e\u003c/a\u003e [existing\\_cluster\\_node\\_role\\_arn](#input\\_existing\\_cluster\\_node\\_role\\_arn) | IAM node role ARN for an existing cluster. This will only be used when use\\_existing\\_cluster is true | `string` | `\"\"` | no |\n| \u003ca name=\"input_existing_cluster_node_security_group_id\"\u003e\u003c/a\u003e [existing\\_cluster\\_node\\_security\\_group\\_id](#input\\_existing\\_cluster\\_node\\_security\\_group\\_id) | Node security group for an existing cluster. This will only be used when use\\_existing\\_cluster is true. | `string` | `\"\"` | no |\n| \u003ca name=\"input_existing_cluster_oidc_issuer_arn\"\u003e\u003c/a\u003e [existing\\_cluster\\_oidc\\_issuer\\_arn](#input\\_existing\\_cluster\\_oidc\\_issuer\\_arn) | OIDC issuer ARN for an existing cluster. This will only be used when use\\_existing\\_cluster is true. | `string` | `\"\"` | no |\n| \u003ca name=\"input_existing_cluster_oidc_issuer_url\"\u003e\u003c/a\u003e [existing\\_cluster\\_oidc\\_issuer\\_url](#input\\_existing\\_cluster\\_oidc\\_issuer\\_url) | OIDC issuer URL for an existing cluster. This will only be used when use\\_existing\\_cluster is true. | `string` | `\"\"` | no |\n| \u003ca name=\"input_iam_role_additional_policies\"\u003e\u003c/a\u003e [iam\\_role\\_additional\\_policies](#input\\_iam\\_role\\_additional\\_policies) | Additional policies to be added to the IAM role | `map(string)` | `{}` | no |\n| \u003ca name=\"input_inital_node_pool_capacity_type\"\u003e\u003c/a\u003e [inital\\_node\\_pool\\_capacity\\_type](#input\\_inital\\_node\\_pool\\_capacity\\_type) | capacity type for the initial node pool | `string` | `\"SPOT\"` | no |\n| \u003ca name=\"input_initial_node_pool_ami_id\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_ami\\_id](#input\\_initial\\_node\\_pool\\_ami\\_id) | AMI ID for the initial node pool. Keep it empty string for using the public AMI | `string` | `\"\"` | no |\n| \u003ca name=\"input_initial_node_pool_ami_type\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_ami\\_type](#input\\_initial\\_node\\_pool\\_ami\\_type) | AMI type for the initial node pool | `string` | `\"AL2023_x86_64_STANDARD\"` | no |\n| \u003ca name=\"input_initial_node_pool_cloudinit_post_nodeadm\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_cloudinit\\_post\\_nodeadm](#input\\_initial\\_node\\_pool\\_cloudinit\\_post\\_nodeadm) | Array of cloud-init document parts that are created after the nodeadm document part.\u003cbr/\u003e\u003cbr/\u003eNote: This should be used for AL2023.\u003cbr/\u003e\u003cbr/\u003eExample:\u003cpre\u003e[\u003cbr/\u003e  {\u003cbr/\u003e    content_type = \"text/x-shellscript\"\u003cbr/\u003e    content = \u003c\u003c-EOT\u003cbr/\u003e      #!/bin/bash\u003cbr/\u003e      mkdir -p /tmp/bootstrap\u003cbr/\u003e      echo \"Hello, World!\" \u003e /tmp/bootstrap/hello.txt\u003cbr/\u003e    EOT\u003cbr/\u003e  }\u003cbr/\u003e]\u003c/pre\u003e | \u003cpre\u003elist(object({\u003cbr/\u003e    content      = string\u003cbr/\u003e    content_type = optional(string)\u003cbr/\u003e    filename     = optional(string)\u003cbr/\u003e    merge_type   = optional(string)\u003cbr/\u003e  }))\u003c/pre\u003e | `[]` | no |\n| \u003ca name=\"input_initial_node_pool_cloudinit_pre_nodeadm\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_cloudinit\\_pre\\_nodeadm](#input\\_initial\\_node\\_pool\\_cloudinit\\_pre\\_nodeadm) | Array of cloud-init document parts that are created before the nodeadm document part.\u003cbr/\u003e\u003cbr/\u003eNote: This should be used for AL2023.\u003cbr/\u003e\u003cbr/\u003eExample:\u003cpre\u003e[\u003cbr/\u003e  {\u003cbr/\u003e    content_type = \"text/x-shellscript\"\u003cbr/\u003e    content = \u003c\u003c-EOT\u003cbr/\u003e      #!/bin/bash\u003cbr/\u003e      mkdir -p /tmp/bootstrap\u003cbr/\u003e      echo \"Hello, World!\" \u003e /tmp/bootstrap/hello.txt\u003cbr/\u003e    EOT\u003cbr/\u003e  }\u003cbr/\u003e]\u003c/pre\u003e | \u003cpre\u003elist(object({\u003cbr/\u003e    content      = string\u003cbr/\u003e    content_type = optional(string)\u003cbr/\u003e    filename     = optional(string)\u003cbr/\u003e    merge_type   = optional(string)\u003cbr/\u003e  }))\u003c/pre\u003e | `[]` | no |\n| \u003ca name=\"input_initial_node_pool_create_iam_role\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_create\\_iam\\_role](#input\\_initial\\_node\\_pool\\_create\\_iam\\_role) | Create IAM role for the initial node pool | `bool` | `true` | no |\n| \u003ca name=\"input_initial_node_pool_create_iam_role_policy\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_create\\_iam\\_role\\_policy](#input\\_initial\\_node\\_pool\\_create\\_iam\\_role\\_policy) | Create IAM role policy for the initial node pool | `bool` | `true` | no |\n| \u003ca name=\"input_initial_node_pool_create_node_template\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_create\\_node\\_template](#input\\_initial\\_node\\_pool\\_create\\_node\\_template) | Create node template for the initial node pool | `bool` | `true` | no |\n| \u003ca name=\"input_initial_node_pool_desired_size\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_desired\\_size](#input\\_initial\\_node\\_pool\\_desired\\_size) | Desired size for the initial node pool | `number` | `2` | no |\n| \u003ca name=\"input_initial_node_pool_enable_bootstrap_user_data\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_enable\\_bootstrap\\_user\\_data](#input\\_initial\\_node\\_pool\\_enable\\_bootstrap\\_user\\_data) | Enable bootstrap user data in the user\\_data template when using a custom AMI. Defaults to false | `bool` | `false` | no |\n| \u003ca name=\"input_initial_node_pool_enabled\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_enabled](#input\\_initial\\_node\\_pool\\_enabled) | Create al2023 initial node pool for EKS managed node group | `bool` | `true` | no |\n| \u003ca name=\"input_initial_node_pool_encryption_enabled\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_encryption\\_enabled](#input\\_initial\\_node\\_pool\\_encryption\\_enabled) | Enable encryption for inital node pool | `bool` | `true` | no |\n| \u003ca name=\"input_initial_node_pool_iam_role_additional_policies\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_iam\\_role\\_additional\\_policies](#input\\_initial\\_node\\_pool\\_iam\\_role\\_additional\\_policies) | Additional policies to be added to the IAM role for the initial node pool. Example { karpenter = \"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\" } | `map(string)` | `{}` | no |\n| \u003ca name=\"input_initial_node_pool_iam_role_arn\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_iam\\_role\\_arn](#input\\_initial\\_node\\_pool\\_iam\\_role\\_arn) | IAM role ARN for the initial node pool | `string` | `\"\"` | no |\n| \u003ca name=\"input_initial_node_pool_iam_role_attach_cni_policy\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_iam\\_role\\_attach\\_cni\\_policy](#input\\_initial\\_node\\_pool\\_iam\\_role\\_attach\\_cni\\_policy) | Attach CNI policy to IAM role for the initial node pool | `bool` | `true` | no |\n| \u003ca name=\"input_initial_node_pool_iam_role_description\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_iam\\_role\\_description](#input\\_initial\\_node\\_pool\\_iam\\_role\\_description) | Description for the IAM role of the initial node pool | `string` | `\"\"` | no |\n| \u003ca name=\"input_initial_node_pool_iam_role_tags\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_iam\\_role\\_tags](#input\\_initial\\_node\\_pool\\_iam\\_role\\_tags) | IAM role tags for the initial node pool | `map(string)` | `{}` | no |\n| \u003ca name=\"input_initial_node_pool_iam_role_use_name_prefix\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_iam\\_role\\_use\\_name\\_prefix](#input\\_initial\\_node\\_pool\\_iam\\_role\\_use\\_name\\_prefix) | Use name prefix for IAM role for the initial node pool | `bool` | `true` | no |\n| \u003ca name=\"input_initial_node_pool_instance_types\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_instance\\_types](#input\\_initial\\_node\\_pool\\_instance\\_types) | Instance types for the initial node pool | `list(string)` | \u003cpre\u003e[\u003cbr/\u003e  \"c7i.xlarge\",\u003cbr/\u003e  \"m7i.xlarge\",\u003cbr/\u003e  \"r7i.xlarge\",\u003cbr/\u003e  \"r6i.xlarge\",\u003cbr/\u003e  \"r6a.xlarge\",\u003cbr/\u003e  \"c6i.xlarge\",\u003cbr/\u003e  \"c6a.xlarge\",\u003cbr/\u003e  \"m6a.xlarge\"\u003cbr/\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_initial_node_pool_kms_key_id\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_kms\\_key\\_id](#input\\_initial\\_node\\_pool\\_kms\\_key\\_id) | KMS (CMK) ARN to use for the initial node pool encryption | `string` | `\"\"` | no |\n| \u003ca name=\"input_initial_node_pool_labels\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_labels](#input\\_initial\\_node\\_pool\\_labels) | Labels for the initial node pool | `map(string)` | \u003cpre\u003e{\u003cbr/\u003e  \"class.truefoundry.com\": \"initial\"\u003cbr/\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_initial_node_pool_launch_template_description\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_launch\\_template\\_description](#input\\_initial\\_node\\_pool\\_launch\\_template\\_description) | Description for the initial node pool launch template | `string` | `\"\"` | no |\n| \u003ca name=\"input_initial_node_pool_launch_template_use_name_prefix\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_launch\\_template\\_use\\_name\\_prefix](#input\\_initial\\_node\\_pool\\_launch\\_template\\_use\\_name\\_prefix) | Use name prefix for launch template for the initial node pool | `bool` | `true` | no |\n| \u003ca name=\"input_initial_node_pool_max_size\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_max\\_size](#input\\_initial\\_node\\_pool\\_max\\_size) | Maximum size for the initial node pool | `number` | `2` | no |\n| \u003ca name=\"input_initial_node_pool_metadata_options\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_metadata\\_options](#input\\_initial\\_node\\_pool\\_metadata\\_options) | Metadata options for the initial node pool | `map(string)` | `{}` | no |\n| \u003ca name=\"input_initial_node_pool_min_size\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_min\\_size](#input\\_initial\\_node\\_pool\\_min\\_size) | Minimum size for the initial node pool | `number` | `2` | no |\n| \u003ca name=\"input_initial_node_pool_node_repair_enabled\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_node\\_repair\\_enabled](#input\\_initial\\_node\\_pool\\_node\\_repair\\_enabled) | Enable node auto repair for the initial node pool | `bool` | `true` | no |\n| \u003ca name=\"input_initial_node_pool_post_bootstrap_user_data\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_post\\_bootstrap\\_user\\_data](#input\\_initial\\_node\\_pool\\_post\\_bootstrap\\_user\\_data) | Post bootstrap user data for the initial node pool.\u003cbr/\u003e\u003cbr/\u003eNote: This should be used for Linux AMIs (not AL2023).\u003cbr/\u003e\u003cbr/\u003eExample:\u003cpre\u003ebash\u003cbr/\u003e#!/bin/bash\u003cbr/\u003emkdir -p /tmp/bootstrap\u003cbr/\u003eecho \"Hello, World!\" \u003e /tmp/bootstrap/hello.txt\u003c/pre\u003e | `string` | `\"\"` | no |\n| \u003ca name=\"input_initial_node_pool_pre_bootstrap_user_data\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_pre\\_bootstrap\\_user\\_data](#input\\_initial\\_node\\_pool\\_pre\\_bootstrap\\_user\\_data) | Pre bootstrap user data for the initial node pool.\u003cbr/\u003e\u003cbr/\u003eNote: This should be used for Linux AMIs (not AL2023).\u003cbr/\u003e\u003cbr/\u003eExample:\u003cpre\u003ebash\u003cbr/\u003e#!/bin/bash\u003cbr/\u003emkdir -p /tmp/bootstrap\u003cbr/\u003eecho \"Hello, World!\" \u003e /tmp/bootstrap/hello.txt\u003c/pre\u003e | `string` | `\"\"` | no |\n| \u003ca name=\"input_initial_node_pool_volume_size\"\u003e\u003c/a\u003e [initial\\_node\\_pool\\_volume\\_size](#input\\_initial\\_node\\_pool\\_volume\\_size) | Volume size in GB for the initial node pool | `number` | `100` | no |\n| \u003ca name=\"input_karpenter_fargate_profile_attach_cni_policy\"\u003e\u003c/a\u003e [karpenter\\_fargate\\_profile\\_attach\\_cni\\_policy](#input\\_karpenter\\_fargate\\_profile\\_attach\\_cni\\_policy) | Attach CNI policy to IAM role for Karpenter Fargate profile | `bool` | `true` | no |\n| \u003ca name=\"input_karpenter_fargate_profile_create_iam_role\"\u003e\u003c/a\u003e [karpenter\\_fargate\\_profile\\_create\\_iam\\_role](#input\\_karpenter\\_fargate\\_profile\\_create\\_iam\\_role) | Create IAM role for Karpenter Fargate profile | `bool` | `true` | no |\n| \u003ca name=\"input_karpenter_fargate_profile_enabled\"\u003e\u003c/a\u003e [karpenter\\_fargate\\_profile\\_enabled](#input\\_karpenter\\_fargate\\_profile\\_enabled) | Enable Karpenter Fargate profile | `bool` | `false` | no |\n| \u003ca name=\"input_karpenter_fargate_profile_namespace\"\u003e\u003c/a\u003e [karpenter\\_fargate\\_profile\\_namespace](#input\\_karpenter\\_fargate\\_profile\\_namespace) | value of the namespace where Karpenter is installed | `string` | `\"karpenter\"` | no |\n| \u003ca name=\"input_node_security_group_additional_rules\"\u003e\u003c/a\u003e [node\\_security\\_group\\_additional\\_rules](#input\\_node\\_security\\_group\\_additional\\_rules) | List of additional security group rules to add to the node security group created. Set `source_cluster_security_group = true` inside rules to set the `cluster_security_group` as source | `any` | `{}` | no |\n| \u003ca name=\"input_node_security_group_tags\"\u003e\u003c/a\u003e [node\\_security\\_group\\_tags](#input\\_node\\_security\\_group\\_tags) | List of node security group tags | `any` | `{}` | no |\n| \u003ca name=\"input_openid_connect_audiences\"\u003e\u003c/a\u003e [openid\\_connect\\_audiences](#input\\_openid\\_connect\\_audiences) | List of OpenID Connect audience client IDs to add to the IRSA provider | `list(string)` | `[]` | no |\n| \u003ca name=\"input_self_managed_node_group_defaults\"\u003e\u003c/a\u003e [self\\_managed\\_node\\_group\\_defaults](#input\\_self\\_managed\\_node\\_group\\_defaults) | Self node group defaults | `any` | `{}` | no |\n| \u003ca name=\"input_self_managed_node_groups\"\u003e\u003c/a\u003e [self\\_managed\\_node\\_groups](#input\\_self\\_managed\\_node\\_groups) | Map of self-managed node group definitions to create | `any` | `{}` | no |\n| \u003ca name=\"input_subnet_ids\"\u003e\u003c/a\u003e [subnet\\_ids](#input\\_subnet\\_ids) | A list of subnet IDs where the EKS cluster (ENIs) will be provisioned along with the nodes/node groups. Node groups can be deployed within a different set of subnet IDs from within the node group configuration | `list(string)` | `[]` | no |\n| \u003ca name=\"input_tags\"\u003e\u003c/a\u003e [tags](#input\\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no |\n| \u003ca name=\"input_use_existing_cluster\"\u003e\u003c/a\u003e [use\\_existing\\_cluster](#input\\_use\\_existing\\_cluster) | Flag to use an existing cluster. If this is true, a new EKS cluster will not be created | `bool` | `false` | no |\n| \u003ca name=\"input_vpc_id\"\u003e\u003c/a\u003e [vpc\\_id](#input\\_vpc\\_id) | ID of the VPC where the cluster and its nodes will be provisioned | `string` | `null` | no |\n\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| \u003ca name=\"output_aws_access_entries\"\u003e\u003c/a\u003e [aws\\_access\\_entries](#output\\_aws\\_access\\_entries) | Access entries for the EKS cluster security group |\n| \u003ca name=\"output_cloudwatch_log_group_arn\"\u003e\u003c/a\u003e [cloudwatch\\_log\\_group\\_arn](#output\\_cloudwatch\\_log\\_group\\_arn) | Arn of cloudwatch log group created |\n| \u003ca name=\"output_cloudwatch_log_group_name\"\u003e\u003c/a\u003e [cloudwatch\\_log\\_group\\_name](#output\\_cloudwatch\\_log\\_group\\_name) | Name of cloudwatch log group created |\n| \u003ca name=\"output_cluster_addons\"\u003e\u003c/a\u003e [cluster\\_addons](#output\\_cluster\\_addons) | Map of attribute maps for all EKS cluster addons enabled |\n| \u003ca name=\"output_cluster_arn\"\u003e\u003c/a\u003e [cluster\\_arn](#output\\_cluster\\_arn) | The Amazon Resource Name (ARN) of the cluster |\n| \u003ca name=\"output_cluster_certificate_authority_data\"\u003e\u003c/a\u003e [cluster\\_certificate\\_authority\\_data](#output\\_cluster\\_certificate\\_authority\\_data) | Base64 encoded certificate data required to communicate with the cluster |\n| \u003ca name=\"output_cluster_endpoint\"\u003e\u003c/a\u003e [cluster\\_endpoint](#output\\_cluster\\_endpoint) | Endpoint for your Kubernetes API server |\n| \u003ca name=\"output_cluster_iam_role_arn\"\u003e\u003c/a\u003e [cluster\\_iam\\_role\\_arn](#output\\_cluster\\_iam\\_role\\_arn) | IAM role ARN of the EKS cluster |\n| \u003ca name=\"output_cluster_iam_role_name\"\u003e\u003c/a\u003e [cluster\\_iam\\_role\\_name](#output\\_cluster\\_iam\\_role\\_name) | IAM role name of the EKS cluster |\n| \u003ca name=\"output_cluster_iam_role_unique_id\"\u003e\u003c/a\u003e [cluster\\_iam\\_role\\_unique\\_id](#output\\_cluster\\_iam\\_role\\_unique\\_id) | Stable and unique string identifying the IAM role |\n| \u003ca name=\"output_cluster_id\"\u003e\u003c/a\u003e [cluster\\_id](#output\\_cluster\\_id) | DEPRECATED - Use cluster\\_name |\n| \u003ca name=\"output_cluster_identity_providers\"\u003e\u003c/a\u003e [cluster\\_identity\\_providers](#output\\_cluster\\_identity\\_providers) | Map of attribute maps for all EKS identity providers enabled |\n| \u003ca name=\"output_cluster_name\"\u003e\u003c/a\u003e [cluster\\_name](#output\\_cluster\\_name) | The name/id of the EKS cluster. Will block on cluster creation until the cluster is really ready |\n| \u003ca name=\"output_cluster_oidc_issuer_url\"\u003e\u003c/a\u003e [cluster\\_oidc\\_issuer\\_url](#output\\_cluster\\_oidc\\_issuer\\_url) | The URL on the EKS cluster for the OpenID Connect identity provider |\n| \u003ca name=\"output_cluster_platform_version\"\u003e\u003c/a\u003e [cluster\\_platform\\_version](#output\\_cluster\\_platform\\_version) | Platform version for the cluster |\n| \u003ca name=\"output_cluster_primary_security_group_id\"\u003e\u003c/a\u003e [cluster\\_primary\\_security\\_group\\_id](#output\\_cluster\\_primary\\_security\\_group\\_id) | Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication. Referred to as 'Cluster security group' in the EKS console |\n| \u003ca name=\"output_cluster_security_group_arn\"\u003e\u003c/a\u003e [cluster\\_security\\_group\\_arn](#output\\_cluster\\_security\\_group\\_arn) | Amazon Resource Name (ARN) of the cluster security group |\n| \u003ca name=\"output_cluster_security_group_id\"\u003e\u003c/a\u003e [cluster\\_security\\_group\\_id](#output\\_cluster\\_security\\_group\\_id) | ID of the cluster security group |\n| \u003ca name=\"output_cluster_status\"\u003e\u003c/a\u003e [cluster\\_status](#output\\_cluster\\_status) | Status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED` |\n| \u003ca name=\"output_eks_managed_node_groups\"\u003e\u003c/a\u003e [eks\\_managed\\_node\\_groups](#output\\_eks\\_managed\\_node\\_groups) | Map of attribute maps for all EKS managed node groups created |\n| \u003ca name=\"output_fargate_profiles\"\u003e\u003c/a\u003e [fargate\\_profiles](#output\\_fargate\\_profiles) | Map of attribute maps for all EKS Fargate Profiles created |\n| \u003ca name=\"output_node_security_group_arn\"\u003e\u003c/a\u003e [node\\_security\\_group\\_arn](#output\\_node\\_security\\_group\\_arn) | Amazon Resource Name (ARN) of the node shared security group |\n| \u003ca name=\"output_node_security_group_id\"\u003e\u003c/a\u003e [node\\_security\\_group\\_id](#output\\_node\\_security\\_group\\_id) | ID of the node shared security group |\n| \u003ca name=\"output_oidc_provider_arn\"\u003e\u003c/a\u003e [oidc\\_provider\\_arn](#output\\_oidc\\_provider\\_arn) | The ARN of the OIDC Provider |\n| \u003ca name=\"output_self_managed_node_groups\"\u003e\u003c/a\u003e [self\\_managed\\_node\\_groups](#output\\_self\\_managed\\_node\\_groups) | Map of attribute maps for all self managed node groups created |\n| \u003ca name=\"output_use_existing_cluster\"\u003e\u003c/a\u003e [use\\_existing\\_cluster](#output\\_use\\_existing\\_cluster) | Flag to check if you are using an already existing cluster |\n\u003c!-- END_TF_DOCS --\u003e","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftruefoundry%2Fterraform-aws-truefoundry-cluster","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftruefoundry%2Fterraform-aws-truefoundry-cluster","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftruefoundry%2Fterraform-aws-truefoundry-cluster/lists"}