Add eks-official-image module

.github/labeler.yaml

@@ -28,3 +28,6 @@
 
 ":floppy_disk: eks-node-group":
 - modules/eks-node-group/**/*
+
+":floppy_disk: eks-official-image":
+- modules/eks-official-image/**/*

.github/labels.yaml

@@ -70,3 +70,6 @@
 - color: "fbca04"
   description: "This issue or pull request is related to eks-node-group module."
   name: ":floppy_disk: eks-node-group"
+- color: "fbca04"
+  description: "This issue or pull request is related to eks-official-image module."
+  name: ":floppy_disk: eks-official-image"

README.md

@@ -15,6 +15,7 @@ Terraform module which creates resources for container services on AWS.
 - [eks-fargate-profile](./modules/eks-fargate-profile)
 - [eks-iam-access](./modules/eks-iam-access)
 - [eks-max-pods](./modules/eks-max-pods)
+- [eks-official-image](./modules/eks-official-image)
 
 
 ## Target AWS Services
@@ -34,6 +35,7 @@ Terraform Modules from [this package](https://github.com/tedilabs/terraform-aws-
   - Self-Managed Node Group (with ASG)
   - Fargate Profile
   - Access Entry & Access Policy
+  - Official Image
 
 
 ## Self Promotion

modules/eks-official-image/README.md

@@ -0,0 +1,46 @@
+# eks-official-image
+
+This module creates following resources.
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.6 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.42 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.50.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_ssm_parameter.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ssm_parameter) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_kubernetes_version"></a> [kubernetes\_version](#input\_kubernetes\_version) | (Required) Desired Kubernetes version to search the official EKS AMIs for the EKS cluster. | `string` | n/a | yes |
+| <a name="input_os"></a> [os](#input\_os) | (Required) A configuration of OS (Operating System) to search EKS official AMIs. `os` block as defined below.<br>    (Required) `name` - A name of the OS (Operating System). Valid values are `amazon-linux`, `ubuntu`, `ubuntu-pro`.<br>    (Required) `release` - A release name of the OS.<br>      `amazon-linux` - Valid values are `2`, `2023`.<br>      `ubuntu` - Valid values are `18.04`, `20.04`, `22.04`, `24.04`.<br>      `ubuntu-pro` - Same with `ubuntu`. | <pre>object({<br>    name    = string<br>    release = string<br>  })</pre> | n/a | yes |
+| <a name="input_arch"></a> [arch](#input\_arch) | (Optional) The type of the CPU architecture. Valid values are `amd64`, `arm64`. Defaults to `amd64`. | `string` | `"amd64"` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_arch"></a> [arch](#output\_arch) | The type of the CPU architecture. |
+| <a name="output_id"></a> [id](#output\_id) | The ID of the EKS official AMI. |
+| <a name="output_kubernetes_version"></a> [kubernetes\_version](#output\_kubernetes\_version) | The version of Kubernetes. |
+| <a name="output_os"></a> [os](#output\_os) | The configuration of OS (Operating System) of the AMI |
+| <a name="output_parameter"></a> [parameter](#output\_parameter) | The parameter name of SSM Parameter Store. |
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

modules/eks-official-image/main.tf

@@ -0,0 +1,53 @@
+locals {
+  metadata = {
+    package = "terraform-aws-container"
+    version = trimspace(file("${path.module}/../../VERSION"))
+    module  = basename(path.module)
+    name    = "${var.kubernetes_version}/${var.os.name}/${var.os.release}/${var.arch}"
+  }
+}
+
+locals {
+  # INFO: Not support amazon-linux-2-gpu
+  amazon_linux = {
+    types = {
+      "2/amd64"    = "amazon-linux-2"
+      "2/arm64"    = "amazon-linux-2-arm64"
+      "2023/amd64" = "amazon-linux-2023/x86_64/standard"
+      "2023/arm64" = "amazon-linux-2023/arm64/standard"
+    }
+  }
+  ubuntu = {
+    prefixes = {
+      "ubuntu"     = "/aws/service/canonical/ubuntu/eks"
+      "ubuntu-pro" = "/aws/service/canonical/ubuntu/eks-pro"
+    }
+  }
+  parameter_name = (var.os.name == "amazon-linux"
+    ? join("/", [
+      "/aws/service/eks/optimized-ami/${var.kubernetes_version}",
+      local.amazon_linux.types["${var.os.release}/${var.arch}"],
+      "recommended/image_id",
+    ])
+    : (contains(["ubuntu", "ubuntu-pro"], var.os.name)
+      ? join("/", [
+        local.ubuntu.prefixes[var.os.name],
+        var.os.release,
+        var.kubernetes_version,
+        "stable/current",
+        var.arch,
+        "hvm/ebs-gp2/ami-id",
+      ])
+      : null
+    )
+  )
+}
+
+
+###################################################
+# Official Image Data
+###################################################
+
+data "aws_ssm_parameter" "this" {
+  name = local.parameter_name
+}

modules/eks-official-image/outputs.tf

@@ -0,0 +1,24 @@
+output "id" {
+  description = "The ID of the EKS official AMI."
+  value       = data.aws_ssm_parameter.this.insecure_value
+}
+
+output "parameter" {
+  description = "The parameter name of SSM Parameter Store."
+  value       = data.aws_ssm_parameter.this.name
+}
+
+output "kubernetes_version" {
+  description = "The version of Kubernetes."
+  value       = var.kubernetes_version
+}
+
+output "os" {
+  description = "The configuration of OS (Operating System) of the AMI"
+  value       = var.os
+}
+
+output "arch" {
+  description = "The type of the CPU architecture."
+  value       = var.arch
+}

modules/eks-official-image/variables.tf

@@ -0,0 +1,45 @@
+variable "kubernetes_version" {
+  description = "(Required) Desired Kubernetes version to search the official EKS AMIs for the EKS cluster."
+  type        = string
+  nullable    = false
+}
+
+variable "os" {
+  description = <<EOF
+  (Required) A configuration of OS (Operating System) to search EKS official AMIs. `os` block as defined below.
+    (Required) `name` - A name of the OS (Operating System). Valid values are `amazon-linux`, `ubuntu`, `ubuntu-pro`.
+    (Required) `release` - A release name of the OS.
+      `amazon-linux` - Valid values are `2`, `2023`.
+      `ubuntu` - Valid values are `18.04`, `20.04`, `22.04`, `24.04`.
+      `ubuntu-pro` - Same with `ubuntu`.
+  EOF
+  type = object({
+    name    = string
+    release = string
+  })
+  nullable = false
+
+  validation {
+    condition     = contains(["amazon-linux", "ubuntu", "ubuntu-pro"], var.os.name)
+    error_message = "Valid values for `os.name` are `amazon-linux`, `ubuntu`, `ubuntu-pro`."
+  }
+  validation {
+    condition = anytrue([
+      var.os.name == "amazon-linux" && contains(["2", "2023"], var.os.release),
+      contains(["ubuntu", "ubuntu-pro"], var.os.name) && contains(["18.04", "20.04", "22.04", "24.04"], var.os.release),
+    ])
+    error_message = "Valid values for `os.release` are `2`, `2023` when `os.name` is `amazon-linux`. Valid values for `os.release` are `18.04`, `20.04`, `22.04`, `24.04` when `os.name` is `ubuntu` or `ubuntu-pro`."
+  }
+}
+
+variable "arch" {
+  description = "(Optional) The type of the CPU architecture. Valid values are `amd64`, `arm64`. Defaults to `amd64`."
+  type        = string
+  default     = "amd64"
+  nullable    = false
+
+  validation {
+    condition     = contains(["amd64", "arm64"], var.arch)
+    error_message = "Valid values for `arch` are `amd64`, `arm64`."
+  }
+}

modules/eks-official-image/versions.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.6"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 5.42"
+    }
+  }
+}