diff --git a/templates/commit0/commit0.tmpl b/templates/commit0/commit0.tmpl index 20bd2027b..cbd926848 100644 --- a/templates/commit0/commit0.tmpl +++ b/templates/commit0/commit0.tmpl @@ -12,7 +12,7 @@ infrastructure: accountId: {{ .Infrastructure.AWS.AccountID }} region: {{ .Infrastructure.AWS.Region }} eks: - clusterName: staging + clusterName: {{.ProjectName}}-staging-{{ .Infrastructure.AWS.Region }} cognito: enabled: true s3Hosting: diff --git a/templates/kubernetes/terraform/modules/kubernetes/monitoring/main.tf b/templates/kubernetes/terraform/modules/kubernetes/monitoring/main.tf index 9a7d64316..6c395ab50 100644 --- a/templates/kubernetes/terraform/modules/kubernetes/monitoring/main.tf +++ b/templates/kubernetes/terraform/modules/kubernetes/monitoring/main.tf @@ -19,6 +19,6 @@ data "aws_iam_policy" "CloudWatchAgentServerPolicy" { } resource "aws_iam_role_policy_attachment" "k8s_monitoring_role_policy" { - role = "${aws_iam_role.k8s_monitoring.id}" - policy_arn = "${data.aws_iam_policy.CloudWatchAgentServerPolicy.arn}" + role = aws_iam_role.k8s_monitoring.id + policy_arn = data.aws_iam_policy.CloudWatchAgentServerPolicy.arn } diff --git a/templates/kubernetes/terraform/modules/kubernetes/provider.tf b/templates/kubernetes/terraform/modules/kubernetes/provider.tf index 680554dbf..f33146f77 100644 --- a/templates/kubernetes/terraform/modules/kubernetes/provider.tf +++ b/templates/kubernetes/terraform/modules/kubernetes/provider.tf @@ -5,12 +5,16 @@ data "aws_eks_cluster" "cluster" { } data "aws_eks_cluster_auth" "cluster_auth" { - name = "${data.aws_eks_cluster.cluster.name}" + name = data.aws_eks_cluster.cluster.name +} + +provider "aws" { + region = var.region } provider "kubernetes" { - host = "${data.aws_eks_cluster.cluster.endpoint}" - cluster_ca_certificate = "${base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)}" - token = "${data.aws_eks_cluster_auth.cluster_auth.token}" + host = data.aws_eks_cluster.cluster.endpoint + cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data) + token = data.aws_eks_cluster_auth.cluster_auth.token load_config_file = false -} \ No newline at end of file +} diff --git a/templates/kubernetes/terraform/modules/kubernetes/variables.tf b/templates/kubernetes/terraform/modules/kubernetes/variables.tf index e8964d21a..f75de7f35 100644 --- a/templates/kubernetes/terraform/modules/kubernetes/variables.tf +++ b/templates/kubernetes/terraform/modules/kubernetes/variables.tf @@ -23,6 +23,6 @@ variable "external_dns_owner_id" { } variable "external_dns_assume_roles" { - type = "list" description = "List of roles that should be able to assume the external dns role (most likely the role of the cluster worker nodes)" + type = list(string) } diff --git a/templates/terraform/README.md b/templates/terraform/README.md index aa075b7b2..6685a1faf 100644 --- a/templates/terraform/README.md +++ b/templates/terraform/README.md @@ -93,3 +93,9 @@ environment/development$ terraform init environment/development$ terraform plan ``` + +## To use kubectl with the created EKS cluster: + + Exchange your aws credentials for kubernetes credentials. + This will add a new context to your kubeconfig. + `aws eks update-kubeconfig --name --region ` diff --git a/templates/terraform/modules/s3_hosting/main.tf b/templates/terraform/modules/s3_hosting/main.tf index f379e93d2..19721db79 100644 --- a/templates/terraform/modules/s3_hosting/main.tf +++ b/templates/terraform/modules/s3_hosting/main.tf @@ -67,8 +67,15 @@ resource "aws_s3_bucket_policy" "client_assets" { policy = data.aws_iam_policy_document.assets_origin[each.value].json } +# To use an ACM cert with CF it has to exist in us-east-1 +provider "aws" { + region = "us-east-1" + alias = "east1" +} + # Find an already created ACM cert for this domain data "aws_acm_certificate" "wildcard_cert" { + provider = "aws.east1" domain = var.cert_domain most_recent = "true" } diff --git a/templates/terraform/modules/vpc/main.tf b/templates/terraform/modules/vpc/main.tf index 5413e5c61..97baa5603 100644 --- a/templates/terraform/modules/vpc/main.tf +++ b/templates/terraform/modules/vpc/main.tf @@ -31,4 +31,7 @@ module "vpc" { environment = var.environment } + vpc_tags = { + "kubernetes.io/cluster/${var.kubernetes_cluster_name}" = "shared" + } }