Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't create a new Security Group for EKS cluster if it's only used with Managed Node Groups #139

Closed
aknysh opened this issue Dec 29, 2021 · 0 comments · Fixed by #141
Closed

Don't create a new Security Group for EKS cluster if it's only used with Managed Node Groups #139

aknysh opened this issue Dec 29, 2021 · 0 comments · Fixed by #141

Comments

@aknysh
Copy link
Member

aknysh commented Dec 29, 2021

Have a question? Please checkout our Slack Community or visit our Slack Archive.

Slack Community

Describe the Feature

  • Don't create a new Security Group for EKS cluster if it's used with Managed Node Groups

Describe Ideal Solution

We need to create a new Security Group only if the EKS cluster is used with unmanaged worker nodes.
EKS creates a security group for the cluster, places the control plane and managed nodes into the security group, and allows all communications between the control plane and the managed worker nodes.
If only Managed Node Groups are used, we don't need to create a separate Security Group; otherwise we place the cluster in two SG - one that is created by EKS, the other that the module creates.

See https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html for more details.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update Security Group cloudposse/terraform-aws-eks-cluster
1 participant
@aknysh