apps-devstg/us-east-2/k8s-eks-v1.17 folder renamed + sync changes wit…

…h us-east-1 stack
binbashar · Jun 30, 2022 · a5fe2e8 · a5fe2e8
1 parent 420a85f
commit a5fe2e8
Show file tree

Hide file tree

Showing 81 changed files with 517 additions and 114 deletions.
diff --git a/...ast-2/k8s-eks/cluster/common-variables.tf → ...k8s-eks-v1.17/cluster/common-variables.tf b/...ast-2/k8s-eks/cluster/common-variables.tf → ...k8s-eks-v1.17/cluster/common-variables.tf
diff --git a/...evstg/us-east-2/k8s-eks/cluster/config.tf → ...us-east-2/k8s-eks-v1.17/cluster/config.tf b/...evstg/us-east-2/k8s-eks/cluster/config.tf → ...us-east-2/k8s-eks-v1.17/cluster/config.tf
@@ -2,9 +2,8 @@
 # Providers
 #
 provider "aws" {
-  region                  = var.region_secondary
-  profile                 = var.profile
-  shared_credentials_file = "~/.aws/${var.project}/config"
+  region  = var.region
+  profile = var.profile
 }
 
 provider "kubernetes" {
@@ -17,15 +16,15 @@ provider "kubernetes" {
 # Backend Config (partial)
 #
 terraform {
-  required_version = ">= 0.12.28"
+  required_version = "~> 1.1.3"
 
   required_providers {
-    aws        = "~> 3.28"
-    kubernetes = "~> 2.0.2"
+    aws        = "~> 4.10"
+    kubernetes = "~> 2.10"
   }
 
   backend "s3" {
-    key = "apps-devstg/k8s-eks-dr/cluster/terraform.tfstate"
+    key = "apps-devstg/k8s-eks-v1.17-dr/cluster/terraform.tfstate"
   }
 }
 
@@ -47,7 +46,7 @@ data "terraform_remote_state" "eks-dr-vpc" {
     region  = var.region
     profile = var.profile
     bucket  = var.bucket
-    key     = "apps-devstg/k8s-eks-dr/network/terraform.tfstate"
+    key     = "apps-devstg/k8s-eks-v1.17-dr/network/terraform.tfstate"
   }
 }
 

diff --git a/...-2/k8s-eks/cluster/eks-workers-managed.tf → ...-eks-v1.17/cluster/eks-workers-managed.tf b/...-2/k8s-eks/cluster/eks-workers-managed.tf → ...-eks-v1.17/cluster/eks-workers-managed.tf
@@ -1,5 +1,5 @@
 module "eks" {
-  source = "github.com/binbashar/terraform-aws-eks.git?ref=v17.20.0"
+  source = "github.com/binbashar/terraform-aws-eks.git?ref=v17.24.0"
 
   create_eks      = true
   cluster_name    = data.terraform_remote_state.eks-dr-vpc.outputs.cluster_name
@@ -34,20 +34,28 @@ module "eks" {
   #
   node_groups_defaults = {
     # Managed Nodes cannot specify custom AMIs, only use the ones allowed by EKS
-    ami_type       = "AL2_x86_64"
-    disk_size      = 50
-    instance_types = ["t2.medium"]
-    k8s_labels     = local.tags
+    ami_type   = "AL2_x86_64"
+    disk_size  = 50
+    k8s_labels = local.tags
   }
 
   #
   # List of Managed Node Groups
   #
   node_groups = {
-    main = {
+    on-demand = {
+      desired_capacity = 1
+      max_capacity     = 1
+      min_capacity     = 1
+      capacity_type    = "ON_DEMAND"
+      instance_types   = ["t2.medium", "t3.medium"]
+    }
+    spot = {
       desired_capacity = 1
       max_capacity     = 3
       min_capacity     = 1
+      capacity_type    = "SPOT"
+      instance_types   = ["t2.medium", "t3.medium"]
     }
   }
 
@@ -73,9 +81,9 @@ module "eks" {
   # Auth: aws-iam-authenticator
   #
   manage_aws_auth = var.manage_aws_auth
-  map_roles       = var.map_roles
-  map_accounts    = var.map_accounts
-  map_users       = var.map_users
+  map_roles       = local.map_roles
+  map_accounts    = local.map_accounts
+  map_users       = local.map_users
 
   #
   # Logging: which log types should be enabled and how long they should be kept for
@@ -93,7 +101,7 @@ module "eks" {
   # Tags
   #
   tags = merge(local.tags,
-    map("k8s.io/cluster-autoscaler/enabled", "TRUE"),
-    map("k8s.io/cluster-autoscaler/${data.terraform_remote_state.eks-dr-vpc.outputs.cluster_name}", "owned")
+    { "k8s.io/cluster-autoscaler/enabled" = "TRUE" },
+    { "k8s.io/cluster-autoscaler/${data.terraform_remote_state.eks-dr-vpc.outputs.cluster_name}" = "owned" }
   )
 }
diff --git a/...evstg/us-east-2/k8s-eks/cluster/locals.tf → ...us-east-2/k8s-eks-v1.17/cluster/locals.tf b/...evstg/us-east-2/k8s-eks/cluster/locals.tf → ...us-east-2/k8s-eks-v1.17/cluster/locals.tf
@@ -49,5 +49,14 @@ locals {
       groups = [
       "system:masters"]
     },
+    #
+    # Allow DevOps SSO role to become cluster admins
+    #
+    {
+      rolearn  = "arn:aws:iam::${var.appsdevstg_account_id}:role/aws-reserved/sso.amazonaws.com/AWSReservedSSO_DevOps_5e0501636a32f9c4"
+      username = "DevOps"
+      groups = [
+      "system:masters"]
+    },
   ]
 }
diff --git a/...vstg/us-east-2/k8s-eks/cluster/outputs.tf → ...s-east-2/k8s-eks-v1.17/cluster/outputs.tf b/...vstg/us-east-2/k8s-eks/cluster/outputs.tf → ...s-east-2/k8s-eks-v1.17/cluster/outputs.tf
diff --git a/...tg/us-east-2/k8s-eks/cluster/variables.tf → ...east-2/k8s-eks-v1.17/cluster/variables.tf b/...tg/us-east-2/k8s-eks/cluster/variables.tf → ...east-2/k8s-eks-v1.17/cluster/variables.tf
diff --git a/...-2/k8s-eks/identities/common-variables.tf → ...-eks-v1.17/identities/common-variables.tf b/...-2/k8s-eks/identities/common-variables.tf → ...-eks-v1.17/identities/common-variables.tf
diff --git a/...tg/us-east-2/k8s-eks/identities/config.tf → ...east-2/k8s-eks-v1.17/identities/config.tf b/...tg/us-east-2/k8s-eks/identities/config.tf → ...east-2/k8s-eks-v1.17/identities/config.tf
@@ -2,30 +2,28 @@
 # AWS Provider Settings       #
 #=============================#
 provider "aws" {
-  region                  = var.region
-  profile                 = var.profile
-  shared_credentials_file = "~/.aws/${var.project}/config"
+  region  = var.region
+  profile = var.profile
 }
 
 provider "aws" {
-  alias                   = "shared"
-  region                  = var.region
-  profile                 = "${var.project}-shared-devops"
-  shared_credentials_file = "~/.aws/${var.project}/config"
+  alias   = "shared"
+  region  = var.region
+  profile = "${var.project}-shared-devops"
 }
 
 #=============================#
 # Backend Config (partial)    #
 #=============================#
 terraform {
-  required_version = ">= 0.14.11"
+  required_version = ">= 1.1.3"
 
   required_providers {
-    aws = "~> 3.27"
+    aws = "~> 4.10"
   }
 
   backend "s3" {
-    key = "apps-devstg/k8s-eks-dr/identities/terraform.tfstate"
+    key = "apps-devstg/k8s-eks-v1.17-dr/identities/terraform.tfstate"
   }
 }
 
@@ -39,7 +37,7 @@ data "terraform_remote_state" "apps-devstg-eks-dr-cluster" {
     region  = var.region
     profile = var.profile
     bucket  = var.bucket
-    key     = "${var.environment}/k8s-eks-dr/cluster/terraform.tfstate"
+    key     = "${var.environment}/k8s-eks-v1.17-dr/cluster/terraform.tfstate"
   }
 }
 

diff --git a/.../k8s-eks/identities/identity_providers.tf → ...ks-v1.17/identities/identity_providers.tf b/.../k8s-eks/identities/identity_providers.tf → ...ks-v1.17/identities/identity_providers.tf
diff --git a/...tg/us-east-2/k8s-eks/identities/locals.tf → ...east-2/k8s-eks-v1.17/identities/locals.tf b/...tg/us-east-2/k8s-eks/identities/locals.tf → ...east-2/k8s-eks-v1.17/identities/locals.tf
diff --git a/.../us-east-2/k8s-eks/identities/policies.tf → ...st-2/k8s-eks-v1.17/identities/policies.tf b/.../us-east-2/k8s-eks/identities/policies.tf → ...st-2/k8s-eks-v1.17/identities/policies.tf
@@ -33,12 +33,12 @@ EOF
 }
 
 #
-# External DNS policy
+# External DNS policy: aws.binbash.com.ar
 #
 resource "aws_iam_policy" "externaldns_aws_binbash_com_ar" {
   provider    = aws.shared
   name        = "${local.prefix}-externaldns-aws.binbash.com.ar"
-  description = "External DNS permissions on aws.binbash.com.ar"
+  description = "ExternalDNS permissions on aws.binbash.com.ar"
   policy      = <<EOF
 {
     "Version": "2012-10-17",

diff --git a/...stg/us-east-2/k8s-eks/identities/roles.tf → ...-east-2/k8s-eks-v1.17/identities/roles.tf b/...stg/us-east-2/k8s-eks/identities/roles.tf → ...-east-2/k8s-eks-v1.17/identities/roles.tf
diff --git a/...us-east-2/k8s-eks/identities/variables.tf → ...t-2/k8s-eks-v1.17/identities/variables.tf b/...us-east-2/k8s-eks/identities/variables.tf → ...t-2/k8s-eks-v1.17/identities/variables.tf
diff --git a/...us-east-2/k8s-eks/k8s-resources/README.md → ...t-2/k8s-eks-v1.17/k8s-resources/README.md b/...us-east-2/k8s-eks/k8s-resources/README.md → ...t-2/k8s-eks-v1.17/k8s-resources/README.md
diff --git a/...-2/k8s-eks/k8s-resources/apps.auto.tfvars → ...-eks-v1.17/k8s-resources/apps.auto.tfvars b/...-2/k8s-eks/k8s-resources/apps.auto.tfvars → ...-eks-v1.17/k8s-resources/apps.auto.tfvars
@@ -54,11 +54,6 @@ kubernetes_dashboard_hosts         = "kubernetes-dashboard.us-east-2.devstg.aws.
 # Demo Apps - ArgoCD
 #------------------------------------------------------------------------------
 enable_cicd = true
-demoapps = {
-  emojivoto = false
-  gdm       = false
-  sockshop  = true
-}
 
 #------------------------------------------------------------------------------
 # Backups

diff --git a/...us-east-2/k8s-eks/k8s-resources/backup.tf → ...t-2/k8s-eks-v1.17/k8s-resources/backup.tf b/...us-east-2/k8s-eks/k8s-resources/backup.tf → ...t-2/k8s-eks-v1.17/k8s-resources/backup.tf
diff --git a/...s/k8s-resources/chart-values/argo-cd.yaml → ...7/k8s-resources/chart-values/argo-cd.yaml b/...s/k8s-resources/chart-values/argo-cd.yaml → ...7/k8s-resources/chart-values/argo-cd.yaml
diff --git a/...s-resources/chart-values/certmanager.yaml → ...s-resources/chart-values/certmanager.yaml b/...s-resources/chart-values/certmanager.yaml → ...s-resources/chart-values/certmanager.yaml
diff --git a/...rces/chart-values/cluster_autoscaler.yaml → ...rces/chart-values/cluster_autoscaler.yaml b/...rces/chart-values/cluster_autoscaler.yaml → ...rces/chart-values/cluster_autoscaler.yaml
diff --git a/...s/chart-values/clusterissuer-binbash.yaml → ...s/chart-values/clusterissuer-binbash.yaml b/...s/chart-values/clusterissuer-binbash.yaml → ...s/chart-values/clusterissuer-binbash.yaml
diff --git a/...rces/chart-values/demoapps-emojivoto.yaml → ...rces/chart-values/demoapps-emojivoto.yaml b/...rces/chart-values/demoapps-emojivoto.yaml → ...rces/chart-values/demoapps-emojivoto.yaml
diff --git a/...-resources/chart-values/demoapps-gmd.yaml → ...-resources/chart-values/demoapps-gmd.yaml b/...-resources/chart-values/demoapps-gmd.yaml → ...-resources/chart-values/demoapps-gmd.yaml
diff --git a/...urces/chart-values/demoapps-sockshop.yaml → ...urces/chart-values/demoapps-sockshop.yaml b/...urces/chart-values/demoapps-sockshop.yaml → ...urces/chart-values/demoapps-sockshop.yaml
diff --git a/...ces/chart-values/externaldns-private.yaml → ...ces/chart-values/externaldns-private.yaml b/...ces/chart-values/externaldns-private.yaml → ...ces/chart-values/externaldns-private.yaml
diff --git a/...rces/chart-values/externaldns-public.yaml → ...rces/chart-values/externaldns-public.yaml b/...rces/chart-values/externaldns-public.yaml → ...rces/chart-values/externaldns-public.yaml
diff --git a/...urces/chart-values/fluentd-daemonset.yaml → ...urces/chart-values/fluentd-daemonset.yaml b/...urces/chart-values/fluentd-daemonset.yaml → ...urces/chart-values/fluentd-daemonset.yaml
diff --git a/...art-values/fluentd-elasticsearch-aws.yaml → ...art-values/fluentd-elasticsearch-aws.yaml b/...art-values/fluentd-elasticsearch-aws.yaml → ...art-values/fluentd-elasticsearch-aws.yaml
diff --git a/...ues/fluentd-elasticsearch-selfhosted.yaml → ...ues/fluentd-elasticsearch-selfhosted.yaml b/...ues/fluentd-elasticsearch-selfhosted.yaml → ...ues/fluentd-elasticsearch-selfhosted.yaml
diff --git a/...eks/k8s-resources/chart-values/gatus.yaml → ....17/k8s-resources/chart-values/gatus.yaml b/...eks/k8s-resources/chart-values/gatus.yaml → ....17/k8s-resources/chart-values/gatus.yaml
diff --git a/...8s-resources/chart-values/goldilocks.yaml → ...8s-resources/chart-values/goldilocks.yaml b/...8s-resources/chart-values/goldilocks.yaml → ...8s-resources/chart-values/goldilocks.yaml
diff --git a/.../ingress-monitor-controller-endpoint.yaml → .../ingress-monitor-controller-endpoint.yaml b/.../ingress-monitor-controller-endpoint.yaml → .../ingress-monitor-controller-endpoint.yaml
diff --git a/...-monitor-controller-ingress-endpoint.yaml → ...-monitor-controller-ingress-endpoint.yaml b/...-monitor-controller-ingress-endpoint.yaml → ...-monitor-controller-ingress-endpoint.yaml
diff --git a/...rt-values/ingress-monitor-controller.yaml → ...rt-values/ingress-monitor-controller.yaml b/...rt-values/ingress-monitor-controller.yaml → ...rt-values/ingress-monitor-controller.yaml
diff --git a/...s/chart-values/ingress-nginx-private.yaml → ...s/chart-values/ingress-nginx-private.yaml b/...s/chart-values/ingress-nginx-private.yaml → ...s/chart-values/ingress-nginx-private.yaml
diff --git a/...es/chart-values/ingress-nginx-public.yaml → ...es/chart-values/ingress-nginx-public.yaml b/...es/chart-values/ingress-nginx-public.yaml → ...es/chart-values/ingress-nginx-public.yaml
diff --git a/...rces/chart-values/kube-state-metrics.yaml → ...rces/chart-values/kube-state-metrics.yaml b/...rces/chart-values/kube-state-metrics.yaml → ...rces/chart-values/kube-state-metrics.yaml
diff --git a/...es/chart-values/kubernetes-dashboard.yaml → ...es/chart-values/kubernetes-dashboard.yaml b/...es/chart-values/kubernetes-dashboard.yaml → ...es/chart-values/kubernetes-dashboard.yaml
diff --git a/...esources/chart-values/metrics-server.yaml → ...esources/chart-values/metrics-server.yaml b/...esources/chart-values/metrics-server.yaml → ...esources/chart-values/metrics-server.yaml
diff --git a/...resources/chart-values/node-exporter.yaml → ...resources/chart-values/node-exporter.yaml b/...resources/chart-values/node-exporter.yaml → ...resources/chart-values/node-exporter.yaml
diff --git a/apps-devstg/us-east-2/k8s-eks-v1.17/k8s-resources/chart-values/vault.yaml b/apps-devstg/us-east-2/k8s-eks-v1.17/k8s-resources/chart-values/vault.yaml
@@ -0,0 +1,2 @@
+injector:
+  externalVaultAddr: ${vaultAddress}
diff --git a/...ks/k8s-resources/chart-values/velero.yaml → ...17/k8s-resources/chart-values/velero.yaml b/...ks/k8s-resources/chart-values/velero.yaml → ...17/k8s-resources/chart-values/velero.yaml
diff --git a/...s-eks/k8s-resources/chart-values/vpa.yaml → ...v1.17/k8s-resources/chart-values/vpa.yaml b/...s-eks/k8s-resources/chart-values/vpa.yaml → ...v1.17/k8s-resources/chart-values/vpa.yaml
diff --git a/.../us-east-2/k8s-eks/k8s-resources/ci_cd.tf → ...st-2/k8s-eks-v1.17/k8s-resources/ci_cd.tf b/.../us-east-2/k8s-eks/k8s-resources/ci_cd.tf → ...st-2/k8s-eks-v1.17/k8s-resources/ci_cd.tf
@@ -7,6 +7,6 @@ resource "helm_release" "argocd" {
   namespace  = kubernetes_namespace.argocd.id
   repository = "https://argoproj.github.io/argo-helm"
   chart      = "argo-cd"
-  version    = "2.17.4"
+  version    = "4.5.7"
   values     = [file("chart-values/argo-cd.yaml")]
 }
diff --git a/...k8s-eks/k8s-resources/common-variables.tf → ...s-v1.17/k8s-resources/common-variables.tf b/...k8s-eks/k8s-resources/common-variables.tf → ...s-v1.17/k8s-resources/common-variables.tf
diff --git a/...us-east-2/k8s-eks/k8s-resources/config.tf → ...t-2/k8s-eks-v1.17/k8s-resources/config.tf b/...us-east-2/k8s-eks/k8s-resources/config.tf → ...t-2/k8s-eks-v1.17/k8s-resources/config.tf
@@ -2,9 +2,8 @@
 # Providers
 #
 provider "aws" {
-  region                  = var.region_secondary
-  profile                 = var.profile
-  shared_credentials_file = "~/.aws/${var.project}/config"
+  region  = var.region
+  profile = var.profile
 }
 
 provider "kubernetes" {
@@ -25,16 +24,16 @@ provider "helm" {
 # Backend Config (partial)
 #
 terraform {
-  required_version = ">= 0.13.6"
+  required_version = ">= 1.1.3"
 
   required_providers {
-    aws        = "~> 3.28"
-    helm       = "~> 2.1.0"
-    kubernetes = "~> 2.0.2"
+    aws        = "~> 4.10"
+    helm       = "~> 2.5"
+    kubernetes = "~> 2.10"
   }
 
   backend "s3" {
-    key = "apps-devstg/k8s-eks-dr/k8s-resources/terraform.tfstate"
+    key = "apps-devstg/k8s-eks-v1.17-dr/k8s-resources/terraform.tfstate"
   }
 }
 
@@ -63,6 +62,6 @@ data "terraform_remote_state" "eks-cluster" {
     region  = var.region
     profile = var.profile
     bucket  = var.bucket
-    key     = "apps-devstg/k8s-eks-dr/cluster/terraform.tfstate"
+    key     = "apps-devstg/k8s-eks-v1.17-dr/cluster/terraform.tfstate"
   }
 }
diff --git a/...-east-2/k8s-eks/k8s-resources/demoapps.tf → ...2/k8s-eks-v1.17/k8s-resources/demoapps.tf b/...-east-2/k8s-eks/k8s-resources/demoapps.tf → ...2/k8s-eks-v1.17/k8s-resources/demoapps.tf
diff --git a/...resources/identity_external_prometheus.tf → ...resources/identity_external_prometheus.tf b/...resources/identity_external_prometheus.tf → ...resources/identity_external_prometheus.tf
diff --git a/...8s-resources/identity_grafana_kubegraf.tf → ...8s-resources/identity_grafana_kubegraf.tf b/...8s-resources/identity_grafana_kubegraf.tf → ...8s-resources/identity_grafana_kubegraf.tf
diff --git a/...rces/ingressmonitorcontroller-endpoint.tf → ...rces/ingressmonitorcontroller-endpoint.tf b/...rces/ingressmonitorcontroller-endpoint.tf → ...rces/ingressmonitorcontroller-endpoint.tf
@@ -50,5 +50,5 @@ resource "helm_release" "emojivoto_imc_endpoint" {
       }
     )
   ]
-  depends_on = [helm_release.ingressmonitorcontroller, helm_release.emojivoto]
+  depends_on = [helm_release.ingressmonitorcontroller]
 }
diff --git a/...k8s-resources/ingressmonitorcontroller.tf → ...k8s-resources/ingressmonitorcontroller.tf b/...k8s-resources/ingressmonitorcontroller.tf → ...k8s-resources/ingressmonitorcontroller.tf
diff --git a/...us-east-2/k8s-eks/k8s-resources/locals.tf → ...t-2/k8s-eks-v1.17/k8s-resources/locals.tf b/...us-east-2/k8s-eks/k8s-resources/locals.tf → ...t-2/k8s-eks-v1.17/k8s-resources/locals.tf
diff --git a/...s-eks/k8s-resources/monitoring_logging.tf → ...v1.17/k8s-resources/monitoring_logging.tf b/...s-eks/k8s-resources/monitoring_logging.tf → ...v1.17/k8s-resources/monitoring_logging.tf
diff --git a/...s-eks/k8s-resources/monitoring_metrics.tf → ...v1.17/k8s-resources/monitoring_metrics.tf b/...s-eks/k8s-resources/monitoring_metrics.tf → ...v1.17/k8s-resources/monitoring_metrics.tf
diff --git a/...k8s-eks/k8s-resources/monitoring_tools.tf → ...s-v1.17/k8s-resources/monitoring_tools.tf b/...k8s-eks/k8s-resources/monitoring_tools.tf → ...s-v1.17/k8s-resources/monitoring_tools.tf
diff --git a/...ast-2/k8s-eks/k8s-resources/namespaces.tf → ...k8s-eks-v1.17/k8s-resources/namespaces.tf b/...ast-2/k8s-eks/k8s-resources/namespaces.tf → ...k8s-eks-v1.17/k8s-resources/namespaces.tf
diff --git a/...ast-2/k8s-eks/k8s-resources/networking.tf → ...k8s-eks-v1.17/k8s-resources/networking.tf b/...ast-2/k8s-eks/k8s-resources/networking.tf → ...k8s-eks-v1.17/k8s-resources/networking.tf
@@ -33,7 +33,7 @@ resource "helm_release" "externaldns_private" {
   namespace  = kubernetes_namespace.externaldns.id
   repository = "https://charts.bitnami.com/bitnami"
   chart      = "external-dns"
-  version    = "4.6.0"
+  version    = "6.5.3"
   values = [
     templatefile("chart-values/externaldns-private.yaml", {
       roleArn = "arn:aws:iam::${var.shared_account_id}:role/appsdevstg-dr-externaldns-private"

diff --git a/...s-east-2/k8s-eks/k8s-resources/scaling.tf → ...-2/k8s-eks-v1.17/k8s-resources/scaling.tf b/...s-east-2/k8s-eks/k8s-resources/scaling.tf → ...-2/k8s-eks-v1.17/k8s-resources/scaling.tf
diff --git a/...-east-2/k8s-eks/k8s-resources/security.tf → ...2/k8s-eks-v1.17/k8s-resources/security.tf b/...-east-2/k8s-eks/k8s-resources/security.tf → ...2/k8s-eks-v1.17/k8s-resources/security.tf
diff --git a/...east-2/k8s-eks/k8s-resources/variables.tf → .../k8s-eks-v1.17/k8s-resources/variables.tf b/...east-2/k8s-eks/k8s-resources/variables.tf → .../k8s-eks-v1.17/k8s-resources/variables.tf
@@ -3,7 +3,7 @@
 #=============================#
 variable "enable_private_ingress" {
   type    = bool
-  default = false
+  default = true
 }
 
 variable "enable_public_ingress" {
@@ -13,7 +13,7 @@ variable "enable_public_ingress" {
 
 variable "enable_private_dns_sync" {
   type    = bool
-  default = false
+  default = true
 }
 
 variable "enable_public_dns_sync" {
@@ -33,7 +33,7 @@ variable "enable_grafana_dependencies" {
 
 variable "enable_certmanager" {
   type    = bool
-  default = false
+  default = true
 }
 
 variable "enable_vault" {
@@ -48,7 +48,7 @@ variable "enable_cicd" {
 
 variable "enable_kubernetes_dashboard" {
   type    = bool
-  default = false
+  default = true
 }
 
 variable "enable_hpa_scaling" {
@@ -106,12 +106,6 @@ variable "enable_backups" {
   default = false
 }
 
-
-variable "demoapps" {
-  type    = any
-  default = {}
-}
-
 #==================================#
 # Ingress Monitor Controller (IMC) #
 #==================================#

diff --git a/apps-devstg/us-east-2/k8s-eks-v1.17/k8s-workloads/.terraform.lock.hcl b/apps-devstg/us-east-2/k8s-eks-v1.17/k8s-workloads/.terraform.lock.hcl
diff --git a/apps-devstg/us-east-2/k8s-eks-v1.17/k8s-workloads/apps.auto.tfvars b/apps-devstg/us-east-2/k8s-eks-v1.17/k8s-workloads/apps.auto.tfvars
@@ -0,0 +1,5 @@
+demoapps = {
+  emojivoto = true
+  gdm       = false
+  sockshop  = false
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -50,5 +50,5 @@ resource "helm_release" "emojivoto_imc_endpoint" { @@
           }
         )
       ]
-      depends_on = [helm_release.ingressmonitorcontroller, helm_release.emojivoto]
+      depends_on = [helm_release.ingressmonitorcontroller]
     }