diff --git a/README.md b/README.md
index 2f52761..22a3077 100644
--- a/README.md
+++ b/README.md
@@ -85,10 +85,10 @@ Change logs are auto-generated with commitizen.
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | 5.61.0 |
-| [aws.route53\_main\_east](#provider\_aws.route53\_main\_east) | 5.61.0 |
-| [aws.route53\_main\_west](#provider\_aws.route53\_main\_west) | 5.61.0 |
-| [aws.self](#provider\_aws.self) | 5.61.0 |
+| [aws](#provider\_aws) | 5.64.0 |
+| [aws.route53\_main\_east](#provider\_aws.route53\_main\_east) | 5.64.0 |
+| [aws.route53\_main\_west](#provider\_aws.route53\_main\_west) | 5.64.0 |
+| [aws.self](#provider\_aws.self) | 5.64.0 |
| [null](#provider\_null) | 3.2.2 |
## Modules
@@ -96,7 +96,7 @@ Change logs are auto-generated with commitizen.
| Name | Source | Version |
|------|--------|---------|
| [cloudwatch\_observability\_irsa\_role](#module\_cloudwatch\_observability\_irsa\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a |
-| [cluster](#module\_cluster) | git@github.e.it.census.gov:SCT-Engineering/terraform-aws-eks.git | v20.20.0 |
+| [cluster](#module\_cluster) | git@github.e.it.census.gov:SCT-Engineering/terraform-aws-eks.git | v20.24.0 |
| [ebs\_csi\_irsa\_role](#module\_ebs\_csi\_irsa\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a |
| [efs\_csi\_irsa\_role](#module\_efs\_csi\_irsa\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a |
| [vpc\_cni\_irsa\_role](#module\_vpc\_cni\_irsa\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a |
@@ -106,7 +106,6 @@ Change logs are auto-generated with commitizen.
| Name | Type |
|------|------|
| [aws_ec2_tag.container_subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_tag) | resource |
-| [aws_ec2_tag.lb_subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_tag) | resource |
| [aws_route53_vpc_association_authorization.self_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_vpc_association_authorization) | resource |
| [aws_route53_vpc_association_authorization.self_zone_east](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_vpc_association_authorization) | resource |
| [aws_route53_zone.cluster_domain](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource |
@@ -125,7 +124,6 @@ Change logs are auto-generated with commitizen.
| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
| [aws_subnet.subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source |
| [aws_subnets.container_subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnets) | data source |
-| [aws_subnets.lb_subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnets) | data source |
| [aws_subnets.subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnets) | data source |
| [aws_vpc.dummy_vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source |
| [aws_vpc.eks_vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source |
@@ -145,7 +143,6 @@ Change logs are auto-generated with commitizen.
| [eks\_ng\_max\_size](#input\_eks\_ng\_max\_size) | Node Group maximum size | `number` | `15` | no |
| [eks\_ng\_min\_size](#input\_eks\_ng\_min\_size) | Node Group minimum size | `number` | `4` | no |
| [enable\_cluster\_creator\_admin\_permissions](#input\_enable\_cluster\_creator\_admin\_permissions) | Indicates whether or not to add the cluster creator (the identity used by Terraform) as an administrator via access entry | `bool` | `false` | no |
-| [lb\_subnets\_name](#input\_lb\_subnets\_name) | Define the name of the subnets to be used by this cluster | `string` | `"*-private-lb-*"` | no |
| [os\_username](#input\_os\_username) | OS username from environment variable, ideally as $USER | `string` | `null` | no |
| [profile](#input\_profile) | AWS config profile | `string` | `""` | no |
| [region](#input\_region) | AWS config region | `string` | `""` | no |
diff --git a/dns_zones.tf b/dns_zones.tf
index af4f1fd..a5d3dac 100644
--- a/dns_zones.tf
+++ b/dns_zones.tf
@@ -15,19 +15,8 @@ data "aws_subnets" "container_subnets" {
values = [data.aws_vpc.eks_vpc.id]
}
}
-data "aws_subnets" "lb_subnets" {
- filter {
- name = "tag:Name"
- values = [local.lb_subnets_name]
- }
- filter {
- name = "vpc-id"
- values = [data.aws_vpc.eks_vpc.id]
- }
-}
locals {
container_subnets_name = var.subnets_name
- lb_subnets_name = var.lb_subnets_name
cluster_domain_name = format("%v.%v", var.cluster_name, var.vpc_domain_name)
cluster_domain_description = format("%v EKS Cluster DNS Zone", var.cluster_name)
zone_ids = compact(var.zone_ids)
@@ -163,13 +152,6 @@ resource "aws_ec2_tag" "container_subnets" {
value = "shared"
}
-resource "aws_ec2_tag" "lb_subnets" {
- for_each = toset(data.aws_subnets.lb_subnets.ids)
- resource_id = each.value
- key = "kubernetes.io/role/internal-nlb"
- value = "1"
-}
-
#### This is the correct way, it's commented because
#### the module is throwing an error on the for_each
#### in the module.
diff --git a/main.tf b/main.tf
index f885509..68e7374 100644
--- a/main.tf
+++ b/main.tf
@@ -92,7 +92,7 @@ locals {
}
module "cluster" {
- source = "git@github.e.it.census.gov:SCT-Engineering/terraform-aws-eks.git?ref=v20.20.0"
+ source = "git@github.e.it.census.gov:SCT-Engineering/terraform-aws-eks.git?ref=v20.24.0"
cluster_name = var.cluster_name
cluster_version = var.cluster_version
@@ -112,15 +112,9 @@ module "cluster" {
subnet_ids = local.subnets
cluster_addons = {
- coredns = {
- most_recent = true
- }
- kube-proxy = {
- most_recent = true
- }
- vpc-cni = {
+ amazon-cloudwatch-observability = {
most_recent = true
- service_account_role_arn = module.vpc_cni_irsa_role.iam_role_arn
+ service_account_role_arn = module.cloudwatch_observability_irsa_role.iam_role_arn
}
aws-ebs-csi-driver = {
most_recent = true
@@ -130,13 +124,22 @@ module "cluster" {
most_recent = true
service_account_role_arn = module.efs_csi_irsa_role.iam_role_arn
}
- amazon-cloudwatch-observability = {
- most_recent = true
- service_account_role_arn = module.cloudwatch_observability_irsa_role.iam_role_arn
+ coredns = {
+ most_recent = true
+ }
+ eks-pod-identity-agent = {
+ most_recent = true
+ }
+ kube-proxy = {
+ most_recent = true
}
snapshot-controller = {
most_recent = true
}
+ vpc-cni = {
+ most_recent = true
+ service_account_role_arn = module.vpc_cni_irsa_role.iam_role_arn
+ }
}
eks_managed_node_group_defaults = {
diff --git a/variables.tf b/variables.tf
index e83369e..ee06e02 100644
--- a/variables.tf
+++ b/variables.tf
@@ -32,12 +32,6 @@ variable "subnets_name" {
default = "*-container-*"
}
-variable "lb_subnets_name" {
- description = "Define the name of the subnets to be used by this cluster"
- type = string
- default = "*-private-lb-*"
-}
-
variable "vpc_domain_name" {
description = "The DNS domain name of the vpc the cluster is in."
type = string