Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.
Awesome Lists | Featured Topics | Projects
https://github.com/drfaust92/terraform-kubernetes-ebs-csi-driver

Terraform module which creates Kubernetes EBS CSI controller resources on AWS EKS.
https://github.com/drfaust92/terraform-kubernetes-ebs-csi-driver
aws eks kubernetes terraform
Last synced: 15 days ago
JSON representation
Terraform module which creates Kubernetes EBS CSI controller resources on AWS EKS.
Host: GitHub
URL: https://github.com/drfaust92/terraform-kubernetes-ebs-csi-driver
Owner: DrFaust92
License: other
Created: 2020-07-30T14:32:33.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2024-12-31T01:35:31.000Z (24 days ago)
Last Synced: 2025-01-01T21:11:35.364Z (22 days ago)
Topics: aws, eks, kubernetes, terraform
Language: HCL
Homepage: https://registry.terraform.io/modules/DrFaust92/ebs-csi-driver/kubernetes/latest
Size: 132 KB
Stars: 31
Watchers: 5
Forks: 28
Open Issues: 10
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project

README

        # Kubernetes EBS CSI driver Terraform module

Terraform module which creates Kubernetes EBS CSI controller resources on AWS EKS.

Based on the original repo for the [EBS CSI driver](https://github.com/kubernetes-sigs/aws-ebs-csi-driver)

## Usage

```hcl

data "aws_eks_cluster" "cluster" {

  name = "my-eks-cluster"

}

data "aws_eks_cluster_auth" "cluster" {

  name = "my-eks-cluster"

}

data "tls_certificate" "cert" {

  url = data.aws_eks_cluster.cluster.identity[0].oidc[0].issuer

}

resource "aws_iam_openid_connect_provider" "openid_connect" {

  client_id_list  = ["sts.amazonaws.com"]

  thumbprint_list = [data.tls_certificate.cert.certificates.0.sha1_fingerprint]

  url             = data.aws_eks_cluster.cluster.identity[0].oidc[0].issuer

}

provider "kubernetes" {

  host                   = data.aws_eks_cluster.cluster.endpoint

  cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)

  token                  = data.aws_eks_cluster_auth.cluster.token

}

module "ebs_csi_driver_controller" {

  source = "DrFaust92/ebs-csi-driver/kubernetes"

  version = ""

  ebs_csi_controller_role_name               = "ebs-csi-driver-controller"

  ebs_csi_controller_role_policy_name_prefix = "ebs-csi-driver-policy"

  oidc_url                                   = aws_iam_openid_connect_provider.openid_connect.url

}

```

## Requirements

| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | >= 0.12.6 |

|  [aws](#requirement\_aws) | >= 3.40.0 |

|  [kubernetes](#requirement\_kubernetes) | >= 1.11.4 |

## Providers

| Name | Version |

|------|---------|

|  [aws](#provider\_aws) | 4.22.0 |

|  [kubernetes](#provider\_kubernetes) | 2.12.1 |

## Modules

| Name | Source | Version |

|------|--------|---------|

|  [ebs\_controller\_role](#module\_ebs\_controller\_role) | terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc | 4.24.1 |

## Resources

| Name | Type |

|------|------|

| [aws_iam_policy.ebs_controller_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |

| [kubernetes_cluster_role.attacher](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role) | resource |

| [kubernetes_cluster_role.node](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role) | resource |

| [kubernetes_cluster_role.provisioner](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role) | resource |

| [kubernetes_cluster_role.resizer](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role) | resource |

| [kubernetes_cluster_role.snapshotter](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role) | resource |

| [kubernetes_cluster_role_binding.attacher](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding) | resource |

| [kubernetes_cluster_role_binding.node](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding) | resource |

| [kubernetes_cluster_role_binding.provisioner](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding) | resource |

| [kubernetes_cluster_role_binding.resizer](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding) | resource |

| [kubernetes_cluster_role_binding.snapshotter](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding) | resource |

| [kubernetes_csi_driver_v1.ebs](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/csi_driver_v1) | resource |

| [kubernetes_daemonset.node](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/daemonset) | resource |

| [kubernetes_deployment.ebs_csi_controller](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment) | resource |

| [kubernetes_service_account.csi_driver](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account) | resource |

| [kubernetes_service_account.node](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account) | resource |

## Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [additional\_iam\_policies\_arns](#input\_additional\_iam\_policies\_arns) | The EBS CSI driver controller's additional policies to allow more actions (kms, etc) | `list(string)` | `[]` | no |

|  [controller\_csi\_attacher\_resources](#input\_controller\_csi\_attacher\_resources) | The controller csi attacher resources | 
object({
    requests = map(string)
    limits   = map(string)
  })
 | {
  "limits": {},
  "requests": {}
} | no |

|  [controller\_csi\_provisioner\_resources](#input\_controller\_csi\_provisioner\_resources) | The controller csi provisioner resources | object({
    requests = map(string)
    limits   = map(string)
  })
 | {
  "limits": {},
  "requests": {}
} | no |

|  [controller\_csi\_resizer\_resources](#input\_controller\_csi\_resizer\_resources) | The controller csi resizer resources | object({
    requests = map(string)
    limits   = map(string)
  })
 | {
  "limits": {},
  "requests": {}
} | no |

|  [controller\_csi\_snapshotter\_resources](#input\_controller\_csi\_snapshotter\_resources) | The controller csi snapshotter resources | object({
    requests = map(string)
    limits   = map(string)
  })
 | {
  "limits": {},
  "requests": {}
} | no |

|  [controller\_ebs\_plugin\_resources](#input\_controller\_ebs\_plugin\_resources) | The controller ebs plugin resources | object({
    requests = map(string)
    limits   = map(string)
  })
 | {
  "limits": {},
  "requests": {}
} | no |

|  [controller\_extra\_node\_selectors](#input\_controller\_extra\_node\_selectors) | A map of extra node selectors for controller pods | `map(string)` | `{}` | no |

|  [csi\_attacher\_image](#input\_csi\_attacher\_image) | The CSI attacher image | `string` | `"registry.k8s.io/sig-storage/csi-attacher"` | no |

|  [csi\_attacher\_version](#input\_csi\_attacher\_version) | The CSI attacher image version | `string` | `"v3.5.1"` | no |

|  [csi\_controller\_replica\_count](#input\_csi\_controller\_replica\_count) | Number of EBS CSI driver controller pods | `number` | `2` | no |

|  [csi\_controller\_tolerations](#input\_csi\_controller\_tolerations) | CSI driver controller tolerations | `list(map(string))` | `[]` | no |

|  [csi\_node\_driver\_registrar\_image](#input\_csi\_node\_driver\_registrar\_image) | The CSI node driver registrar image | `string` | `"registry.k8s.io/sig-storage/csi-node-driver-registrar"` | no |

|  [csi\_node\_driver\_registrar\_version](#input\_csi\_node\_driver\_registrar\_version) | The CSI node driver registrar image version | `string` | `"v2.9.0"` | no |

|  [csi\_provisioner\_image](#input\_csi\_provisioner\_image) | The CSI provisioner image | `string` | `"registry.k8s.io/sig-storage/csi-provisioner"` | no |

|  [csi\_provisioner\_tag\_version](#input\_csi\_provisioner\_tag\_version) | The CSI provisioner tag version | `string` | `"v3.2.1"` | no |

|  [csi\_resizer\_image](#input\_csi\_resizer\_image) | The CSI resizer image | `string` | `"registry.k8s.io/sig-storage/csi-resizer"` | no |

|  [csi\_resizer\_version](#input\_csi\_resizer\_version) | The CSI resizer image version | `string` | `"v1.4.0"` | no |

|  [csi\_snapshotter\_image](#input\_csi\_snapshotter\_image) | The CSI snapshotter image | `string` | `"registry.k8s.io/sig-storage/csi-snapshotter"` | no |

|  [csi\_snapshotter\_version](#input\_csi\_snapshotter\_version) | The CSI snapshotter image version | `string` | `"v6.0.1"` | no |

|  [default\_fstype](#input\_default\_fstype) | The default Filesystem type | `string` | `"ext4"` | no |

|  [ebs\_csi\_controller\_image](#input\_ebs\_csi\_controller\_image) | The EBS CSI driver controller's image | `string` | `"k8s.gcr.io/provider-aws/aws-ebs-csi-driver"` | no |

|  [ebs\_csi\_controller\_role\_name](#input\_ebs\_csi\_controller\_role\_name) | The name of the EBS CSI driver IAM role | `string` | `"ebs-csi-driver-controller"` | no |

|  [ebs\_csi\_controller\_role\_policy\_name\_prefix](#input\_ebs\_csi\_controller\_role\_policy\_name\_prefix) | The prefix of the EBS CSI driver IAM policy | `string` | `"ebs-csi-driver-policy"` | no |

|  [ebs\_csi\_driver\_version](#input\_ebs\_csi\_driver\_version) | The EBS CSI driver controller's image version | `string` | `"v1.6.2"` | no |

|  [eks\_cluster\_id](#input\_eks\_cluster\_id) | ID of the Kubernetes cluster used for tagging provisioned EBS volumes | `string` | `""` | no |

|  [enable\_default\_fstype](#input\_enable\_default\_fstype) | Wheter to enable default Filesystem type | `bool` | `false` | no |

|  [enable\_volume\_resizing](#input\_enable\_volume\_resizing) | Whether to enable volume resizing | `bool` | `false` | no |

|  [enable\_volume\_snapshot](#input\_enable\_volume\_snapshot) | Whether to enable volume snapshotting | `bool` | `false` | no |

|  [extra\_create\_metadata](#input\_extra\_create\_metadata) | If set, add pv/pvc metadata to plugin create requests as parameters. | `bool` | `false` | no |

|  [extra\_node\_selectors](#input\_extra\_node\_selectors) | A map of extra node selectors for all components | `map(string)` | `{}` | no |

|  [labels](#input\_labels) | A map of extra labels for all resources | `map(string)` | `{}` | no |

|  [liveness\_probe\_image](#input\_liveness\_probe\_image) | The liveness probe image | `string` | `"registry.k8s.io/sig-storage/livenessprobe"` | no |

|  [liveness\_probe\_version](#input\_liveness\_probe\_version) | The liveness probe image version | `string` | `"v2.5.0"` | no |

|  [log\_level](#input\_log\_level) | The log level for the CSI Driver controller | `number` | `5` | no |

|  [namespace](#input\_namespace) | The K8s namespace for all EBS CSI driver resources | `string` | `"kube-system"` | no |

|  [node\_driver\_registrar\_resources](#input\_node\_driver\_registrar\_resources) | The node driver registrar resources | object({
    requests = map(string)
    limits   = map(string)
  })
 | {
  "limits": {},
  "requests": {}
} | no |

|  [node\_ebs\_plugin\_resources](#input\_node\_ebs\_plugin\_resources) | The node ebs plugin resources | object({
    requests = map(string)
    limits   = map(string)
  })
 | {
  "limits": {},
  "requests": {}
} | no |

|  [node\_extra\_node\_selectors](#input\_node\_extra\_node\_selectors) | A map of extra node selectors for node pods | `map(string)` | `{}` | no |

|  [node\_liveness\_probe\_resources](#input\_node\_liveness\_probe\_resources) | The node liveness probe resources | object({
    requests = map(string)
    limits   = map(string)
  })
 | {
  "limits": {},
  "requests": {}
} | no |

|  [node\_tolerations](#input\_node\_tolerations) | CSI driver node tolerations | `list(map(string))` | `[]` | no |

|  [oidc\_url](#input\_oidc\_url) | EKS OIDC provider URL, to allow pod to assume role using IRSA | `string` | n/a | yes |

|  [tags](#input\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no |

|  [volume\_attach\_limit](#input\_volume\_attach\_limit) | Configure maximum volume attachments per node. -1 means use default configuration | `number` | `-1` | no |

## Outputs

| Name | Description |

|------|-------------|

|  [ebs\_csi\_driver\_controller\_role\_arn](#output\_ebs\_csi\_driver\_controller\_role\_arn) | The Name of the EBS CSI driver controller IAM role ARN |

|  [ebs\_csi\_driver\_controller\_role\_name](#output\_ebs\_csi\_driver\_controller\_role\_name) | The Name of the EBS CSI driver controller IAM role name |

|  [ebs\_csi\_driver\_controller\_role\_policy\_arn](#output\_ebs\_csi\_driver\_controller\_role\_policy\_arn) | The Name of the EBS CSI driver controller IAM role policy ARN |

|  [ebs\_csi\_driver\_controller\_role\_policy\_name](#output\_ebs\_csi\_driver\_controller\_role\_policy\_name) | The Name of the EBS CSI driver controller IAM role policy name |

|  [ebs\_csi\_driver\_name](#output\_ebs\_csi\_driver\_name) | The Name of the EBS CSI driver |