Skip to content

Commit

Permalink
chore: Update VPC module to v4, update EKS module to latest minor ver…
Browse files Browse the repository at this point in the history 
…sion (aws-ia#1546)
  • Loading branch information
@bryantbiggs
bryantbiggs authored and Gumar Minibaev committed May 26, 2023
1 parent 3b4972e commit 74762f8
Show file tree
Hide file tree
Showing 16 changed files with 88 additions and 249 deletions.
17 changes: 4 additions & 13 deletions examples/agones-game-controller/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ locals {
#tfsec:ignore:aws-eks-enable-control-plane-logging
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "~> 19.9"
version = "~> 19.12"

cluster_name = local.name
cluster_version = local.cluster_version
Expand Down Expand Up @@ -117,7 +117,7 @@ module "eks_blueprints_kubernetes_addons" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 4.0"

name = local.name
cidr = local.vpc_cidr
Expand All @@ -126,17 +126,8 @@ module "vpc" {
private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)]
public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 48)]

enable_nat_gateway = true
single_nat_gateway = true
enable_dns_hostnames = true

# Manage so we can name
manage_default_network_acl = true
default_network_acl_tags = { Name = "${local.name}-default" }
manage_default_route_table = true
default_route_table_tags = { Name = "${local.name}-default" }
manage_default_security_group = true
default_security_group_tags = { Name = "${local.name}-default" }
enable_nat_gateway = true
single_nat_gateway = true

public_subnet_tags = {
"kubernetes.io/role/elb" = 1
Expand Down
17 changes: 4 additions & 13 deletions examples/amp-amg-opensearch/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ locals {
#tfsec:ignore:aws-eks-enable-control-plane-logging
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "~> 19.9"
version = "~> 19.12"

cluster_name = local.name
cluster_version = local.cluster_version
Expand Down Expand Up @@ -257,7 +257,7 @@ module "managed_prometheus" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 4.0"

name = local.name
cidr = local.vpc_cidr
Expand All @@ -266,17 +266,8 @@ module "vpc" {
private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)]
public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 48)]

enable_nat_gateway = true
single_nat_gateway = true
enable_dns_hostnames = true

# Manage so we can name
manage_default_network_acl = true
default_network_acl_tags = { Name = "${local.name}-default" }
manage_default_route_table = true
default_route_table_tags = { Name = "${local.name}-default" }
manage_default_security_group = true
default_security_group_tags = { Name = "${local.name}-default" }
enable_nat_gateway = true
single_nat_gateway = true

public_subnet_tags = {
"kubernetes.io/role/elb" = 1
Expand Down
17 changes: 4 additions & 13 deletions examples/appmesh-mtls/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ locals {
#tfsec:ignore:aws-eks-enable-control-plane-logging
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "~> 19.9"
version = "~> 19.12"

cluster_name = local.name
cluster_version = "1.24"
Expand Down Expand Up @@ -199,7 +199,7 @@ resource "kubectl_manifest" "pca_certificate" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 4.0"

name = local.name
cidr = local.vpc_cidr
Expand All @@ -208,17 +208,8 @@ module "vpc" {
private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)]
public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 48)]

enable_nat_gateway = true
single_nat_gateway = true
enable_dns_hostnames = true

# Manage so we can name
manage_default_network_acl = true
default_network_acl_tags = { Name = "${local.name}-default" }
manage_default_route_table = true
default_route_table_tags = { Name = "${local.name}-default" }
manage_default_security_group = true
default_security_group_tags = { Name = "${local.name}-default" }
enable_nat_gateway = true
single_nat_gateway = true

public_subnet_tags = {
"kubernetes.io/role/elb" = 1
Expand Down
17 changes: 4 additions & 13 deletions examples/argocd/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ locals {
#tfsec:ignore:aws-eks-enable-control-plane-logging
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "~> 19.9"
version = "~> 19.12"

cluster_name = local.name
cluster_version = local.cluster_version
Expand Down Expand Up @@ -173,7 +173,7 @@ resource "aws_secretsmanager_secret_version" "argocd" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 4.0"

name = local.name
cidr = local.vpc_cidr
Expand All @@ -182,17 +182,8 @@ module "vpc" {
private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)]
public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 48)]

enable_nat_gateway = true
single_nat_gateway = true
enable_dns_hostnames = true

# Manage so we can name
manage_default_network_acl = true
default_network_acl_tags = { Name = "${local.name}-default" }
manage_default_route_table = true
default_route_table_tags = { Name = "${local.name}-default" }
manage_default_security_group = true
default_security_group_tags = { Name = "${local.name}-default" }
enable_nat_gateway = true
single_nat_gateway = true

public_subnet_tags = {
"kubernetes.io/role/elb" = 1
Expand Down
30 changes: 8 additions & 22 deletions examples/blue-green-upgrade/core-infra/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,38 +22,24 @@ data "aws_availability_zones" "available" {}

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 4.0"

name = local.name
cidr = local.vpc_cidr

azs = local.azs
public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k)]
private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 10)]

enable_nat_gateway = true
create_igw = true
enable_dns_hostnames = true
single_nat_gateway = true

# Manage so we can name
manage_default_network_acl = true
default_network_acl_tags = { Name = "${local.name}-default" }
manage_default_route_table = true
default_route_table_tags = { Name = "${local.name}-default" }
manage_default_security_group = true
default_security_group_tags = { Name = "${local.name}-default" }
private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)]
public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 48)]

enable_nat_gateway = true
single_nat_gateway = true

public_subnet_tags = {
"kubernetes.io/cluster/${local.name}-blue" = "shared"
"kubernetes.io/cluster/${local.name}-green" = "shared"
"kubernetes.io/role/elb" = "1"
"kubernetes.io/role/elb" = 1
}

private_subnet_tags = {
"kubernetes.io/cluster/${local.name}-blue" = "shared"
"kubernetes.io/cluster/${local.name}-green" = "shared"
"kubernetes.io/role/internal-elb" = "1"
"kubernetes.io/role/internal-elb" = 1
}

tags = local.tags
Expand Down
27 changes: 8 additions & 19 deletions examples/external-secrets/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ locals {
#tfsec:ignore:aws-eks-enable-control-plane-logging
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "~> 19.9"
version = "~> 19.12"

cluster_name = local.name
cluster_version = "1.24"
Expand Down Expand Up @@ -109,35 +109,24 @@ module "eks_blueprints_kubernetes_addons" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 4.0"

name = local.name
cidr = local.vpc_cidr

azs = local.azs
public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k)]
private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 10)]
private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)]
public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 48)]

enable_nat_gateway = true
single_nat_gateway = true
enable_dns_hostnames = true

# Manage so we can name
manage_default_network_acl = true
default_network_acl_tags = { Name = "${local.name}-default" }
manage_default_route_table = true
default_route_table_tags = { Name = "${local.name}-default" }
manage_default_security_group = true
default_security_group_tags = { Name = "${local.name}-default" }
enable_nat_gateway = true
single_nat_gateway = true

public_subnet_tags = {
"kubernetes.io/cluster/${local.name}" = "shared"
"kubernetes.io/role/elb" = 1
"kubernetes.io/role/elb" = 1
}

private_subnet_tags = {
"kubernetes.io/cluster/${local.name}" = "shared"
"kubernetes.io/role/internal-elb" = 1
"kubernetes.io/role/internal-elb" = 1
}

tags = local.tags
Expand Down
23 changes: 7 additions & 16 deletions examples/fargate-serverless/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ locals {
#tfsec:ignore:aws-eks-enable-control-plane-logging
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "~> 19.9"
version = "~> 19.12"

cluster_name = local.name
cluster_version = "1.24"
Expand Down Expand Up @@ -149,26 +149,17 @@ module "eks_blueprints_kubernetes_addons" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 4.0"

name = local.name
cidr = local.vpc_cidr

azs = local.azs
public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k)]
private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 10)]

enable_nat_gateway = true
single_nat_gateway = true
enable_dns_hostnames = true

# Manage so we can name
manage_default_network_acl = true
default_network_acl_tags = { Name = "${local.name}-default" }
manage_default_route_table = true
default_route_table_tags = { Name = "${local.name}-default" }
manage_default_security_group = true
default_security_group_tags = { Name = "${local.name}-default" }
private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)]
public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 48)]

enable_nat_gateway = true
single_nat_gateway = true

public_subnet_tags = {
"kubernetes.io/role/elb" = 1
Expand Down
18 changes: 4 additions & 14 deletions examples/fully-private-cluster/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ locals {
#tfsec:ignore:aws-eks-enable-control-plane-logging
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "~> 19.9"
version = "~> 19.12"

cluster_name = local.name
cluster_version = "1.24"
Expand Down Expand Up @@ -58,25 +58,15 @@ module "eks" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 4.0"

name = local.name
cidr = local.vpc_cidr

azs = local.azs
private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)]

enable_nat_gateway = false
single_nat_gateway = true
enable_dns_hostnames = true

# Manage so we can name
manage_default_network_acl = true
default_network_acl_tags = { Name = "${local.name}-default" }
manage_default_route_table = true
default_route_table_tags = { Name = "${local.name}-default" }
manage_default_security_group = true
default_security_group_tags = { Name = "${local.name}-default" }
enable_nat_gateway = false

private_subnet_tags = {
"kubernetes.io/role/internal-elb" = 1
Expand Down Expand Up @@ -114,7 +104,7 @@ module "vpc_endpoints_sg" {

module "vpc_endpoints" {
source = "terraform-aws-modules/vpc/aws//modules/vpc-endpoints"
version = "~> 3.0"
version = "~> 4.0"

vpc_id = module.vpc.vpc_id
security_group_ids = [module.vpc_endpoints_sg.security_group_id]
Expand Down
17 changes: 4 additions & 13 deletions examples/ipv4-prefix-delegation/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ locals {
#tfsec:ignore:aws-eks-enable-control-plane-logging
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "~> 19.9"
version = "~> 19.12"

cluster_name = local.name
cluster_version = local.cluster_version
Expand Down Expand Up @@ -92,7 +92,7 @@ module "eks" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 4.0"

name = local.name
cidr = local.vpc_cidr
Expand All @@ -101,17 +101,8 @@ module "vpc" {
private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)]
public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 48)]

enable_nat_gateway = true
single_nat_gateway = true
enable_dns_hostnames = true

# Manage so we can name
manage_default_network_acl = true
default_network_acl_tags = { Name = "${local.name}-default" }
manage_default_route_table = true
default_route_table_tags = { Name = "${local.name}-default" }
manage_default_security_group = true
default_security_group_tags = { Name = "${local.name}-default" }
enable_nat_gateway = true
single_nat_gateway = true

public_subnet_tags = {
"kubernetes.io/role/elb" = 1
Expand Down
Loading

0 comments on commit 74762f8

Please sign in to comment.