chore: Update EKS module version to v20.0 (#1871)

.github/workflows/e2e-parallel-destroy.yml

@@ -58,7 +58,7 @@ jobs:
       - name: Setup Terraform
         uses: hashicorp/setup-terraform@v3
         with:
-          terraform_version: 1.0.0
+          terraform_version: 1.3.10
 
       - name: Terraform Destroy
         working-directory: ${{ matrix.example_path }}

.github/workflows/e2e-parallel-full.yml

@@ -101,7 +101,8 @@ jobs:
       - name: Setup Terraform
         uses: hashicorp/setup-terraform@v3
         with:
-          terraform_version: 1.0.0
+          terraform_version: 1.3.10
+
 
       - name: Terraform Apply
         id: apply

.pre-commit-config.yaml

@@ -10,7 +10,7 @@ repos:
       - id: detect-aws-credentials
         args: ['--allow-missing-credentials']
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.83.5
+    rev: v1.86.0
     hooks:
       - id: terraform_fmt
       - id: terraform_docs
@@ -29,6 +29,7 @@ repos:
           - '--args=--only=terraform_naming_convention'
           - '--args=--only=terraform_required_version'
           - '--args=--only=terraform_required_providers'
+          - '--args=--only=terraform_unused_required_providers'
           - '--args=--only=terraform_workspace_remote'
       - id: terraform_validate
         exclude: (docs|modules)

patterns/agones-game-controller/main.tf

@@ -2,18 +2,6 @@ provider "aws" {
   region = local.region
 }
 
-provider "kubernetes" {
-  host                   = module.eks.cluster_endpoint
-  cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
-
-  exec {
-    api_version = "client.authentication.k8s.io/v1beta1"
-    command     = "aws"
-    # This requires the awscli to be installed locally where Terraform is executed
-    args = ["eks", "get-token", "--cluster-name", module.eks.cluster_name]
-  }
-}
-
 provider "helm" {
   kubernetes {
     host                   = module.eks.cluster_endpoint
@@ -34,7 +22,7 @@ locals {
   name   = basename(path.cwd)
   region = "us-west-2"
 
-  cluster_version = "1.27"
+  cluster_version = "1.29"
 
   vpc_cidr = "10.0.0.0/16"
   azs      = slice(data.aws_availability_zones.available.names, 0, 3)
@@ -54,7 +42,7 @@ locals {
 
 module "eks" {
   source  = "terraform-aws-modules/eks/aws"
-  version = "~> 19.16"
+  version = "~> 20.0"
 
   cluster_name                   = local.name
   cluster_version                = local.cluster_version

patterns/agones-game-controller/versions.tf

@@ -1,19 +1,15 @@
 terraform {
-  required_version = ">= 1.0"
+  required_version = ">= 1.3"
 
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 4.47"
+      version = ">= 5.34"
     }
     helm = {
       source  = "hashicorp/helm"
       version = ">= 2.9"
     }
-    kubernetes = {
-      source  = "hashicorp/kubernetes"
-      version = ">= 2.20"
-    }
   }
 
   # ##  Used for end-to-end testing on project; update to suit your needs

patterns/appmesh-mtls/main.tf

@@ -2,18 +2,6 @@ provider "aws" {
   region = local.region
 }
 
-provider "kubernetes" {
-  host                   = module.eks.cluster_endpoint
-  cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
-
-  exec {
-    api_version = "client.authentication.k8s.io/v1beta1"
-    command     = "aws"
-    # This requires the awscli to be installed locally where Terraform is executed
-    args = ["eks", "get-token", "--cluster-name", module.eks.cluster_name]
-  }
-}
-
 provider "helm" {
   kubernetes {
     host                   = module.eks.cluster_endpoint
@@ -66,10 +54,10 @@ locals {
 
 module "eks" {
   source  = "terraform-aws-modules/eks/aws"
-  version = "~> 19.16"
+  version = "~> 20.0"
 
   cluster_name                   = local.name
-  cluster_version                = "1.27"
+  cluster_version                = "1.29"
   cluster_endpoint_public_access = true
 
   vpc_id     = module.vpc.vpc_id

patterns/appmesh-mtls/versions.tf

@@ -1,19 +1,15 @@
 terraform {
-  required_version = ">= 1.0"
+  required_version = ">= 1.3"
 
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 4.47"
+      version = ">= 5.34"
     }
     helm = {
       source  = "hashicorp/helm"
       version = ">= 2.9"
     }
-    kubernetes = {
-      source  = "hashicorp/kubernetes"
-      version = ">= 2.20"
-    }
     kubectl = {
       source  = "gavinbunney/kubectl"
       version = ">= 1.14"

patterns/aws-vpc-cni-network-policy/main.tf

@@ -49,10 +49,10 @@ locals {
 
 module "eks" {
   source  = "terraform-aws-modules/eks/aws"
-  version = "~> 19.16"
+  version = "~> 20.0"
 
   cluster_name                   = local.name
-  cluster_version                = "1.27" # Must be 1.25 or higher
+  cluster_version                = "1.29" # Must be 1.25 or higher
   cluster_endpoint_public_access = true
 
   vpc_id     = module.vpc.vpc_id
@@ -118,7 +118,6 @@ module "addons" {
     coredns    = {}
     kube-proxy = {}
     vpc-cni = {
-      preserve    = true
       most_recent = true # Must be 1.14.0 or higher
 
       timeouts = {

patterns/aws-vpc-cni-network-policy/versions.tf

@@ -1,10 +1,10 @@
 terraform {
-  required_version = ">= 1.0"
+  required_version = ">= 1.3"
 
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 4.47"
+      version = ">= 5.34"
     }
     helm = {
       source  = "hashicorp/helm"

patterns/blue-green-upgrade/eks-blue/providers.tf

@@ -14,9 +14,5 @@ terraform {
       source  = "hashicorp/helm"
       version = ">= 2.9.0"
     }
-    kubectl = {
-      source  = "gavinbunney/kubectl"
-      version = ">= 1.14"
-    }
   }
 }

patterns/blue-green-upgrade/eks-green/providers.tf

@@ -14,9 +14,5 @@ terraform {
       source  = "hashicorp/helm"
       version = ">= 2.9.0"
     }
-    kubectl = {
-      source  = "gavinbunney/kubectl"
-      version = ">= 1.14"
-    }
   }
 }

patterns/elastic-fabric-adapter/main.tf

@@ -34,7 +34,7 @@ locals {
   name   = basename(path.cwd)
   region = "us-west-2"
 
-  cluster_version = "1.27"
+  cluster_version = "1.29"
 
   vpc_cidr = "10.0.0.0/16"
   azs      = slice(data.aws_availability_zones.available.names, 0, 3)
@@ -51,7 +51,7 @@ locals {
 
 module "eks" {
   source  = "terraform-aws-modules/eks/aws"
-  version = "~> 19.16"
+  version = "~> 20.0"
 
   cluster_name                   = local.name
   cluster_version                = local.cluster_version
@@ -127,29 +127,6 @@ module "eks" {
         group_name = aws_placement_group.efa.name
       }
 
-      pre_bootstrap_user_data = <<-EOT
-        EFA_BIN='/opt/amazon/efa/bin/'
-
-        # EFA driver is installed by default on EKS GPU AMI starting on EKS 1.28
-        if [ ! -s "$EFA_BIN" ]; then
-
-          # Install EFA
-          # Note: It is recommended to install the EFA driver on a custom AMI and
-          # not rely on dynamic installation during instance provisioning in user data
-          curl -O https://efa-installer.amazonaws.com/aws-efa-installer-latest.tar.gz
-          tar -xf aws-efa-installer-latest.tar.gz && cd aws-efa-installer
-          ./efa_installer.sh -y --minimal
-          cd .. && rm -rf aws-efa-installer*
-
-          # Not required - just displays info on the EFA interfaces
-          $EFA_BIN/fi_info -p efa
-
-          # Disable ptrace
-          sysctl -w kernel.yama.ptrace_scope=0
-
-        fi
-      EOT
-
       taints = {
         dedicated = {
           key    = "nvidia.com/gpu"
@@ -169,7 +146,7 @@ module "eks" {
 
 module "eks_blueprints_addons" {
   source  = "aws-ia/eks-blueprints-addons/aws"
-  version = "~> 1.0"
+  version = "~> 1.14"
 
   cluster_name      = module.eks.cluster_name
   cluster_endpoint  = module.eks.cluster_endpoint
@@ -275,7 +252,7 @@ resource "kubernetes_daemonset" "aws_efa_k8s_device_plugin" {
 
         container {
           name  = "aws-efa-k8s-device-plugin"
-          image = "602401143452.dkr.ecr.us-west-2.amazonaws.com/eks/aws-efa-k8s-device-plugin:v0.3.3"
+          image = "602401143452.dkr.ecr.us-west-2.amazonaws.com/eks/aws-efa-k8s-device-plugin:v0.4.3"
 
           volume_mount {
             name       = "device-plugin"

patterns/elastic-fabric-adapter/versions.tf

@@ -1,10 +1,10 @@
 terraform {
-  required_version = ">= 1.0"
+  required_version = ">= 1.3"
 
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 4.47"
+      version = ">= 5.34"
     }
     helm = {
       source  = "hashicorp/helm"

patterns/external-secrets/main.tf

@@ -2,18 +2,6 @@ provider "aws" {
   region = local.region
 }
 
-provider "kubernetes" {
-  host                   = module.eks.cluster_endpoint
-  cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
-
-  exec {
-    api_version = "client.authentication.k8s.io/v1beta1"
-    command     = "aws"
-    # This requires the awscli to be installed locally where Terraform is executed
-    args = ["eks", "get-token", "--cluster-name", module.eks.cluster_name]
-  }
-}
-
 provider "helm" {
   kubernetes {
     host                   = module.eks.cluster_endpoint
@@ -70,10 +58,10 @@ locals {
 
 module "eks" {
   source  = "terraform-aws-modules/eks/aws"
-  version = "~> 19.16"
+  version = "~> 20.0"
 
   cluster_name                   = local.name
-  cluster_version                = "1.27"
+  cluster_version                = "1.29"
   cluster_endpoint_public_access = true
 
   vpc_id     = module.vpc.vpc_id
@@ -98,7 +86,7 @@ module "eks" {
 
 module "eks_blueprints_addons" {
   source  = "aws-ia/eks-blueprints-addons/aws"
-  version = "~> 1.0"
+  version = "~> 1.14"
 
   cluster_name      = module.eks.cluster_name
   cluster_endpoint  = module.eks.cluster_endpoint

patterns/external-secrets/versions.tf

@@ -1,19 +1,15 @@
 terraform {
-  required_version = ">= 1.0"
+  required_version = ">= 1.3"
 
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 4.47"
+      version = ">= 5.34"
     }
     helm = {
       source  = "hashicorp/helm"
       version = ">= 2.9"
     }
-    kubernetes = {
-      source  = "hashicorp/kubernetes"
-      version = ">= 2.20"
-    }
     kubectl = {
       source  = "gavinbunney/kubectl"
       version = ">= 1.14"

patterns/fargate-serverless/main.tf

@@ -50,10 +50,10 @@ locals {
 
 module "eks" {
   source  = "terraform-aws-modules/eks/aws"
-  version = "~> 19.16"
+  version = "~> 20.0"
 
   cluster_name                   = local.name
-  cluster_version                = "1.27"
+  cluster_version                = "1.29"
   cluster_endpoint_public_access = true
 
   vpc_id     = module.vpc.vpc_id
@@ -92,7 +92,7 @@ module "eks" {
 
 module "eks_blueprints_addons" {
   source  = "aws-ia/eks-blueprints-addons/aws"
-  version = "~> 1.0"
+  version = "~> 1.14"
 
   cluster_name      = module.eks.cluster_name
   cluster_endpoint  = module.eks.cluster_endpoint

patterns/fargate-serverless/versions.tf

@@ -1,10 +1,10 @@
 terraform {
-  required_version = ">= 1.0"
+  required_version = ">= 1.3"
 
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 4.47"
+      version = ">= 5.34"
     }
     helm = {
       source  = "hashicorp/helm"

patterns/fully-private-cluster/main.tf

@@ -23,10 +23,10 @@ locals {
 
 module "eks" {
   source  = "terraform-aws-modules/eks/aws"
-  version = "~> 19.16"
+  version = "~> 20.0"
 
   cluster_name    = local.name
-  cluster_version = "1.27"
+  cluster_version = "1.29"
 
   # EKS Addons
   cluster_addons = {