Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/andreswebs/terraform-aws-eks-secrets-store-csi-driver
Deploys the Kubernetes Secrets Store CSI Driver via Helm on AWS EKS
https://github.com/andreswebs/terraform-aws-eks-secrets-store-csi-driver
aws eks terraform-module
Last synced: 23 days ago
JSON representation
Deploys the Kubernetes Secrets Store CSI Driver via Helm on AWS EKS
- Host: GitHub
- URL: https://github.com/andreswebs/terraform-aws-eks-secrets-store-csi-driver
- Owner: andreswebs
- License: unlicense
- Created: 2021-08-10T16:51:25.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2022-12-09T22:22:11.000Z (about 2 years ago)
- Last Synced: 2024-11-08T02:47:14.945Z (2 months ago)
- Topics: aws, eks, terraform-module
- Language: HCL
- Homepage: https://registry.terraform.io/modules/andreswebs/eks-secrets-store-csi-driver/aws/latest
- Size: 18.6 KB
- Stars: 0
- Watchers: 3
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Security: SECURITY.md
Awesome Lists containing this project
README
# terraform-aws-eks-secrets-store-csi-driver
[//]: # (BEGIN_TF_DOCS)
Deploys the Kubernets CSI Secrets Store Driver on AWS EKS.
**Note**: This module depends on an imperative deployment of the AWS driver provider after the driver is installed:
```sh
kubectl apply -f "https://raw.githubusercontent.com/aws/secrets-store-csi-driver-provider-aws/main/deployment/aws-provider-installer.yaml"
```
## Usage
Example:
```hcl
module "secrets_store_csi_driver_resources" {
source = "github.com/andreswebs/terraform-aws-eks-secrets-store-csi-driver"
chart_version_secrets_store_csi_driver = var.chart_version_secrets_store_csi_driver
}
```
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [chart\_version\_secrets\_store\_csi\_driver](#input\_chart\_version\_secrets\_store\_csi\_driver) | Chart version | `string` | `null` | no |
| [enable\_secret\_rotation](#input\_enable\_secret\_rotation) | Set Helm value `enableSecretRotation` | `string` | `"true"` | no |
| [enable\_secret\_sync](#input\_enable\_secret\_sync) | Set Helm value `syncSecret.enabled` | `string` | `"true"` | no |
| [helm\_atomic\_creation](#input\_helm\_atomic\_creation) | Purge resources on installation failure ? The wait flag will be set automatically if atomic is used | `bool` | `true` | no |
| [helm\_cleanup\_on\_fail](#input\_helm\_cleanup\_on\_fail) | Deletion new resources created in this upgrade if the upgrade fails ? | `bool` | `true` | no |
| [helm\_create\_namespace](#input\_helm\_create\_namespace) | Create the namespace if it does not yet exist ? | `bool` | `true` | no |
| [helm\_dependency\_update](#input\_helm\_dependency\_update) | Run helm dependency update before installing the chart ? | `bool` | `false` | no |
| [helm\_force\_update](#input\_helm\_force\_update) | Force resource update through delete/recreate if needed ? | `bool` | `false` | no |
| [helm\_keyring](#input\_helm\_keyring) | Location of public keys used for verification; used only if verify is true | `string` | `".gnupg/pubring.gpg"` | no |
| [helm\_max\_history](#input\_helm\_max\_history) | Maximum number of release versions stored per release; `0` means no limit | `number` | `3` | no |
| [helm\_recreate\_pods](#input\_helm\_recreate\_pods) | Perform pods restart during upgrade/rollback ? | `bool` | `true` | no |
| [helm\_release\_name](#input\_helm\_release\_name) | Release name | `string` | `"secrets-store-csi-driver"` | no |
| [helm\_replace](#input\_helm\_replace) | Re-use the given name, even if that name is already used; this is unsafe in production | `bool` | `false` | no |
| [helm\_reset\_values](#input\_helm\_reset\_values) | When upgrading, reset the values to the ones built into the chart ? | `bool` | `false` | no |
| [helm\_reuse\_values](#input\_helm\_reuse\_values) | When upgrading, reuse the last release's values and merge any overrides ? If 'reset\_values' is specified, this is ignored | `bool` | `false` | no |
| [helm\_skip\_crds](#input\_helm\_skip\_crds) | Skip installing CRDs ? | `bool` | `false` | no |
| [helm\_timeout\_seconds](#input\_helm\_timeout\_seconds) | Time in seconds to wait for any individual kubernetes operation | `number` | `300` | no |
| [helm\_verify](#input\_helm\_verify) | Verify the package before installing it. Helm uses a provenance file to verify the integrity of the chart | `bool` | `false` | no |
| [helm\_wait\_for\_completion](#input\_helm\_wait\_for\_completion) | Wait until all resources are in a ready state before marking the release as successful ? | `bool` | `true` | no |
| [helm\_wait\_for\_jobs](#input\_helm\_wait\_for\_jobs) | Wait until all Jobs have been completed before marking the release as successful ? | `bool` | `true` | no |
| [k8s\_namespace](#input\_k8s\_namespace) | Kubernetes namespace | `string` | `"kube-system"` | no |
| [rotation\_poll\_interval](#input\_rotation\_poll\_interval) | Set Helm value `rotationPollInterval` | `string` | `"3600s"` | no |
## Modules
No modules.
## Outputs
| Name | Description |
|------|-------------|
| [namespace](#output\_namespace) | The name (`metadata.name`) of the Kubernetes namespace |
| [release](#output\_release) | Helm release |
## Providers
| Name | Version |
|------|---------|
| [helm](#provider\_helm) | >= 2.2.0 |
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0.0 |
| [aws](#requirement\_aws) | >= 3.48.0 |
| [helm](#requirement\_helm) | >= 2.2.0 |
## Resources
| Name | Type |
|------|------|
| [helm_release.this](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
[//]: # (END_TF_DOCS)
## Authors
**Andre Silva** - [@andreswebs](https://github.com/andreswebs)
## License
This project is licensed under the [Unlicense](UNLICENSE.md).
## References