You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -193,19 +193,19 @@ In this module, we have implemented the following CIS Compliance checks for EKS:
193
193
| <aname="input_irsa_enabled"></a> [irsa\_enabled](#input\_irsa\_enabled)| Set to true to associate an AWS IAM role with a Kubernetes service account. |`bool`|`true`| no |
194
194
| <aname="input_cluster_endpoint_public_access"></a> [cluster\_endpoint\_public\_access](#input\_cluster\_endpoint\_public\_access)| Whether the Amazon EKS public API server endpoint is enabled or not. |`bool`|`true`| no |
195
195
| <aname="input_cluster_endpoint_private_access"></a> [cluster\_endpoint\_private\_access](#input\_cluster\_endpoint\_private\_access)| Whether the Amazon EKS private API server endpoint is enabled or not. |`bool`|`true`| no |
196
-
| <aname="input_cluster_endpoint_public_access_cidrs"></a> [cluster\_endpoint\_public\_access\_cidrs](#input\_cluster\_endpoint\_public\_access\_cidrs)| CIDR blocks that can access the Amazon EKS public API server endpoint. |`list(string)`| <pre>[<br> ""<br>]</pre> | no |
196
+
| <aname="input_cluster_endpoint_public_access_cidrs"></a> [cluster\_endpoint\_public\_access\_cidrs](#input\_cluster\_endpoint\_public\_access\_cidrs)| CIDR blocks that can access the Amazon EKS public API server endpoint. |`list(string)`| <pre>[<br/> ""<br/>]</pre> | no |
197
197
| <aname="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id)| ID of the VPC where the EKS cluster will be deployed. |`string`|`""`| no |
198
198
| <aname="input_kms_key_arn"></a> [kms\_key\_arn](#input\_kms\_key\_arn)| ARN of the KMS key used to encrypt EKS resources. |`string`|`""`| no |
199
199
| <aname="input_cluster_log_types"></a> [cluster\_log\_types](#input\_cluster\_log\_types)| A list of desired control plane logs to enable for the EKS cluster. Valid values include: api, audit, authenticator, controllerManager, scheduler. |`list(string)`|`[]`| no |
200
200
| <aname="input_cluster_log_retention_in_days"></a> [cluster\_log\_retention\_in\_days](#input\_cluster\_log\_retention\_in\_days)| Retention period for EKS cluster logs in days. Default is set to 90 days. |`number`|`90`| no |
201
-
| <aname="input_vpc_private_subnet_ids"></a> [vpc\_private\_subnet\_ids](#input\_vpc\_private\_subnet\_ids)| Private subnets of the VPC which can be used by EKS |`list(string)`| <pre>[<br> ""<br>]</pre> | no |
201
+
| <aname="input_vpc_private_subnet_ids"></a> [vpc\_private\_subnet\_ids](#input\_vpc\_private\_subnet\_ids)| Private subnets of the VPC which can be used by EKS |`list(string)`| <pre>[<br/> ""<br/>]</pre> | no |
202
202
| <aname="input_kms_key_enabled"></a> [kms\_key\_enabled](#input\_kms\_key\_enabled)| Controls if a KMS key for cluster encryption should be created |`bool`|`false`| no |
203
203
| <aname="input_cluster_security_group_additional_rules"></a> [cluster\_security\_group\_additional\_rules](#input\_cluster\_security\_group\_additional\_rules)| List of additional security group rules to add to the cluster security group created. |`any`|`{}`| no |
204
204
| <aname="input_ipv6_enabled"></a> [ipv6\_enabled](#input\_ipv6\_enabled)| Enable cluster IP family as Ipv6 |`bool`|`false`| no |
205
205
| <aname="input_default_addon_enabled"></a> [default\_addon\_enabled](#input\_default\_addon\_enabled)| Enable deafult addons(vpc-cni, ebs-csi) at the time of cluster creation |`bool`|`false`| no |
206
206
| <aname="input_nodes_keypair_name"></a> [nodes\_keypair\_name](#input\_nodes\_keypair\_name)| The public key to be used for EKS cluster worker nodes. |`string`|`""`| no |
207
207
| <aname="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name)| Name of EKS cluster |`string`|`""`| no |
208
-
| <aname="input_vpc_subnet_ids"></a> [vpc\_subnet\_ids](#input\_vpc\_subnet\_ids)| The IDs of the subnets in the VPC that can be used by EKS. |`list(string)`| <pre>[<br> ""<br>]</pre> | no |
208
+
| <aname="input_vpc_subnet_ids"></a> [vpc\_subnet\_ids](#input\_vpc\_subnet\_ids)| The IDs of the subnets in the VPC that can be used by EKS. |`list(string)`| <pre>[<br/> ""<br/>]</pre> | no |
209
209
| <aname="input_tags"></a> [tags](#input\_tags)| Tags to be applied to the node group. |`any`|`{}`| no |
210
210
| <aname="input_k8s_labels"></a> [k8s\_labels](#input\_k8s\_labels)| Labels to be applied to the Kubernetes node groups. |`map(any)`|`{}`| no |
211
211
| <aname="input_authentication_mode"></a> [authentication\_mode](#input\_authentication\_mode)| The authentication mode for the cluster. Valid values are `CONFIG_MAP`, `API` or `API_AND_CONFIG_MAP`|`string`|`"API_AND_CONFIG_MAP"`| no |
Copy file name to clipboardExpand all lines: modules/managed-nodegroup/README.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -46,7 +46,7 @@ No modules.
46
46
| <aname="input_eks_cluster_name"></a> [eks\_cluster\_name](#input\_eks\_cluster\_name)| Name of EKS cluster |`string`|`""`| no |
47
47
| <aname="input_environment"></a> [environment](#input\_environment)| The environment for the nodes or node groups. |`string`|`null`| no |
48
48
| <aname="input_managed_ng_name"></a> [managed\_ng\_name](#input\_managed\_ng\_name)| Specify the name of the EKS managed Nodegroup |`string`|`""`| no |
49
-
| <aname="input_managed_ng_instance_types"></a> [managed\_ng\_instance\_types](#input\_managed\_ng\_instance\_types)| The instance types to be used for the EKS node group (e.g., t2.medium). |`list(any)`| <pre>[<br> "t3a.medium"<br>]</pre> | no |
49
+
| <aname="input_managed_ng_instance_types"></a> [managed\_ng\_instance\_types](#input\_managed\_ng\_instance\_types)| The instance types to be used for the EKS node group (e.g., t2.medium). |`list(any)`| <pre>[<br/> "t3a.medium"<br/>]</pre> | no |
50
50
| <aname="input_managed_ng_capacity_type"></a> [managed\_ng\_capacity\_type](#input\_managed\_ng\_capacity\_type)| The capacity type for the EKS node group (ON\_DEMAND or SPOT). |`string`|`"ON_DEMAND"`| no |
51
51
| <aname="input_image_high_threshold_percent"></a> [image\_high\_threshold\_percent](#input\_image\_high\_threshold\_percent)| The percentage of disk usage at which garbage collection should be triggered. |`number`|`60`| no |
52
52
| <aname="input_image_low_threshold_percent"></a> [image\_low\_threshold\_percent](#input\_image\_low\_threshold\_percent)| The percentage of disk usage at which garbage collection took place. |`number`|`40`| no |
@@ -62,7 +62,7 @@ No modules.
62
62
| <aname="input_managed_ng_ebs_volume_size"></a> [managed\_ng\_ebs\_volume\_size](#input\_managed\_ng\_ebs\_volume\_size)| The type of EBS volume for nodes. |`string`|`"50"`| no |
63
63
| <aname="input_managed_ng_ebs_volume_type"></a> [managed\_ng\_ebs\_volume\_type](#input\_managed\_ng\_ebs\_volume\_type)| Specify the type of EBS volume for nodes. |`string`|`"gp3"`| no |
64
64
| <aname="input_managed_ng_ebs_encrypted"></a> [managed\_ng\_ebs\_encrypted](#input\_managed\_ng\_ebs\_encrypted)| Specify whether to encrypt the EBS volume for nodes. |`bool`|`true`| no |
65
-
| <aname="input_vpc_subnet_ids"></a> [vpc\_subnet\_ids](#input\_vpc\_subnet\_ids)| The IDs of the subnets in the VPC that can be used by EKS. |`list(string)`| <pre>[<br> ""<br>]</pre> | no |
65
+
| <aname="input_vpc_subnet_ids"></a> [vpc\_subnet\_ids](#input\_vpc\_subnet\_ids)| The IDs of the subnets in the VPC that can be used by EKS. |`list(string)`| <pre>[<br/> ""<br/>]</pre> | no |
66
66
| <aname="input_tags"></a> [tags](#input\_tags)| Tags to be applied to the node group. |`any`|`{}`| no |
67
67
| <aname="input_k8s_labels"></a> [k8s\_labels](#input\_k8s\_labels)| Labels to be applied to the Kubernetes node groups. |`map(any)`|`{}`| no |
68
68
| <aname="input_worker_iam_role_arn"></a> [worker\_iam\_role\_arn](#input\_worker\_iam\_role\_arn)| The ARN of the worker role for EKS. |`string`|`""`| no |
@@ -74,9 +74,9 @@ No modules.
74
74
| <aname="input_aws_managed_node_group_arch"></a> [aws\_managed\_node\_group\_arch](#input\_aws\_managed\_node\_group\_arch)| Enter your linux architecture. |`string`|`"amd64"`| no |
75
75
| <aname="input_launch_template_name"></a> [launch\_template\_name](#input\_launch\_template\_name)| The name of the launch template. |`string`|`""`| no |
76
76
| <aname="input_enable_bottlerocket_ami"></a> [enable\_bottlerocket\_ami](#input\_enable\_bottlerocket\_ami)| Set to true to enable the use of Bottlerocket AMIs for instances. |`bool`|`false`| no |
77
-
| <aname="input_bottlerocket_node_config"></a> [bottlerocket\_node\_config](#input\_bottlerocket\_node\_config)| Bottlerocket Node configurations for EKS. |`map(any)`| <pre>{<br> "bottlerocket_eks_enable_control_container": true,<br> "bottlerocket_eks_node_admin_container_enabled": false<br>}</pre> | no |
77
+
| <aname="input_bottlerocket_node_config"></a> [bottlerocket\_node\_config](#input\_bottlerocket\_node\_config)| Bottlerocket Node configurations for EKS. |`map(any)`| <pre>{<br/> "bottlerocket_eks_enable_control_container": true,<br/> "bottlerocket_eks_node_admin_container_enabled": false<br/>}</pre> | no |
78
78
| <aname="input_custom_ami_id"></a> [custom\_ami\_id](#input\_custom\_ami\_id)| worker node AMI id to be created |`string`|`""`| no |
79
-
| <aname="input_managed_ng_node_autorepair"></a> [managed\_ng\_node\_autorepair](#input\_managed\_ng\_node\_autorepair)| Choose whether to enable managed nodegroup auto repair feature | <pre>object({<br> enabled = bool<br> enable_node_monitoring_agent_addon = bool<br> })</pre> | <pre>{<br> "enable_node_monitoring_agent_addon": false,<br> "enabled": false<br>}</pre> | no |
79
+
| <aname="input_managed_ng_node_autorepair"></a> [managed\_ng\_node\_autorepair](#input\_managed\_ng\_node\_autorepair)| Choose whether to enable managed nodegroup auto repair feature | <pre>object({<br/> enabled = bool<br/> enable_node_monitoring_agent_addon = bool<br/> })</pre> | <pre>{<br/> "enable_node_monitoring_agent_addon": false,<br/> "enabled": false<br/>}</pre> | no |
0 commit comments