https://medium.com/@kennyangjy/
Caution: Cost will be involved in creating these resources. For more information, do visit the relavent resource pricing pages as it differs from region to region.
-
git clone https://github.com/Kenny-AngJY/demystifying-aws-auth.git
-
If you have an exisiting KMS Customer-managed key in your account and wish to use it to encrypt the secrets in EKS, create a var.tfvars file and define the KMS key ARN there.
kms_key_arn = "arn:aws:kms:..." -
terraform init
-
Following the article, we do not want to create the managed node group yet, simply run
terraform plan
orterraform plan -var-file=var.tfvars
if you have a KMS key ARN defined.
There should be 20 resources to be created. If KMS key ARN is defined, 22 resources. -
terraform apply
orterraform apply -var-file=var.tfvars
As no backend is defined, the default backend will be local.
Do wait for 5-10 minutes for the resources to be provisioned. -
When you want to create the managed node group, simply add a
-var "create_node_group=true"
to the command you have used above.
E.g.terraform apply -var "create_node_group=true"
There should be 5 resources to be created.
Do wait for 5 minutes for the resources to be provisioned.
terraform destroy