From 18647902d402399412d48118dee159fe29e557d6 Mon Sep 17 00:00:00 2001 From: Ryan Cavicchioni Date: Tue, 22 Jul 2025 18:29:08 -0500 Subject: [PATCH] initial commit --- .devcontainer/devcontainer.json | 26 + .gitignore | 1 + environments/development/.terraform.lock.hcl | 105 + environments/development/locals.tf | 3 + environments/development/main.tf | 20 + environments/development/providers.tf | 19 + environments/development/terraform.tfstate | 4962 +++++++++++++++++ .../development/terraform.tfstate.backup | 4958 ++++++++++++++++ environments/development/variables.tf | 43 + ...s-load-balancer-controller-iam-policy.json | 251 + modules/eks/iam.tf | 408 ++ modules/eks/main.tf | 40 + modules/eks/variables.tf | 51 + modules/network/data.tf | 19 + modules/network/locals.tf | 7 + modules/network/main.tf | 74 + modules/network/outputs.tf | 15 + modules/network/variables.tf | 18 + 18 files changed, 11020 insertions(+) create mode 100644 .devcontainer/devcontainer.json create mode 100644 .gitignore create mode 100644 environments/development/.terraform.lock.hcl create mode 100644 environments/development/locals.tf create mode 100644 environments/development/main.tf create mode 100644 environments/development/providers.tf create mode 100644 environments/development/terraform.tfstate create mode 100644 environments/development/terraform.tfstate.backup create mode 100644 environments/development/variables.tf create mode 100644 modules/eks/aws-load-balancer-controller-iam-policy.json create mode 100644 modules/eks/iam.tf create mode 100644 modules/eks/main.tf create mode 100644 modules/eks/variables.tf create mode 100644 modules/network/data.tf create mode 100644 modules/network/locals.tf create mode 100644 modules/network/main.tf create mode 100644 modules/network/outputs.tf create mode 100644 modules/network/variables.tf diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json new file mode 100644 index 0000000..c513818 --- /dev/null +++ b/.devcontainer/devcontainer.json @@ -0,0 +1,26 @@ +// For format details, see https://aka.ms/devcontainer.json. For config options, see the +// README at: https://github.com/devcontainers/templates/tree/main/src/ubuntu +{ + "name": "Ubuntu", + // Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile + "image": "mcr.microsoft.com/devcontainers/base:noble", + "features": { + "ghcr.io/devcontainers/features/terraform:1": {}, + "ghcr.io/devcontainers/features/github-cli:1": {}, + "ghcr.io/devcontainers/features/aws-cli:1": {}, + "ghcr.io/devcontainers/features/kubectl-helm-minikube:1": {} + }, + // Features to add to the dev container. More info: https://containers.dev/features. + // "features": {}, + // Use 'forwardPorts' to make a list of ports inside the container available locally. + // "forwardPorts": [], + // Use 'postCreateCommand' to run commands after the container is created. + // "postCreateCommand": "uname -a", + // Configure tool-specific properties. + // "customizations": {}, + // Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root. + // "remoteUser": "root" + "mounts": [ + "source=${localEnv:HOME}/.aws,target=/home/vscode/.aws,type=bind" + ] +} diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..3fa8c86 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.terraform diff --git a/environments/development/.terraform.lock.hcl b/environments/development/.terraform.lock.hcl new file mode 100644 index 0000000..f429c01 --- /dev/null +++ b/environments/development/.terraform.lock.hcl @@ -0,0 +1,105 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.100.0" + constraints = ">= 4.33.0, >= 5.95.0, < 6.0.0" + hashes = [ + "h1:edXOJWE4ORX8Fm+dpVpICzMZJat4AX0VRCAy/xkcOc0=", + "zh:054b8dd49f0549c9a7cc27d159e45327b7b65cf404da5e5a20da154b90b8a644", + "zh:0b97bf8d5e03d15d83cc40b0530a1f84b459354939ba6f135a0086c20ebbe6b2", + "zh:1589a2266af699cbd5d80737a0fe02e54ec9cf2ca54e7e00ac51c7359056f274", + "zh:6330766f1d85f01ae6ea90d1b214b8b74cc8c1badc4696b165b36ddd4cc15f7b", + "zh:7c8c2e30d8e55291b86fcb64bdf6c25489d538688545eb48fd74ad622e5d3862", + "zh:99b1003bd9bd32ee323544da897148f46a527f622dc3971af63ea3e251596342", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:9f8b909d3ec50ade83c8062290378b1ec553edef6a447c56dadc01a99f4eaa93", + "zh:aaef921ff9aabaf8b1869a86d692ebd24fbd4e12c21205034bb679b9caf883a2", + "zh:ac882313207aba00dd5a76dbd572a0ddc818bb9cbf5c9d61b28fe30efaec951e", + "zh:bb64e8aff37becab373a1a0cc1080990785304141af42ed6aa3dd4913b000421", + "zh:dfe495f6621df5540d9c92ad40b8067376350b005c637ea6efac5dc15028add4", + "zh:f0ddf0eaf052766cfe09dea8200a946519f653c384ab4336e2a4a64fdd6310e9", + "zh:f1b7e684f4c7ae1eed272b6de7d2049bb87a0275cb04dbb7cda6636f600699c9", + "zh:ff461571e3f233699bf690db319dfe46aec75e58726636a0d97dd9ac6e32fb70", + ] +} + +provider "registry.terraform.io/hashicorp/cloudinit" { + version = "2.3.7" + constraints = ">= 2.0.0" + hashes = [ + "h1:iZ27qylcH/2bs685LJTKOKcQ+g7cF3VwN3kHMrzm4Ow=", + "zh:06f1c54e919425c3139f8aeb8fcf9bceca7e560d48c9f0c1e3bb0a8ad9d9da1e", + "zh:0e1e4cf6fd98b019e764c28586a386dc136129fef50af8c7165a067e7e4a31d5", + "zh:1871f4337c7c57287d4d67396f633d224b8938708b772abfc664d1f80bd67edd", + "zh:2b9269d91b742a71b2248439d5e9824f0447e6d261bfb86a8a88528609b136d1", + "zh:3d8ae039af21426072c66d6a59a467d51f2d9189b8198616888c1b7fc42addc7", + "zh:3ef4e2db5bcf3e2d915921adced43929214e0946a6fb11793085d9a48995ae01", + "zh:42ae54381147437c83cbb8790cc68935d71b6357728a154109d3220b1beb4dc9", + "zh:4496b362605ae4cbc9ef7995d102351e2fe311897586ffc7a4a262ccca0c782a", + "zh:652a2401257a12706d32842f66dac05a735693abcb3e6517d6b5e2573729ba13", + "zh:7406c30806f5979eaed5f50c548eced2ea18ea121e01801d2f0d4d87a04f6a14", + "zh:7848429fd5a5bcf35f6fee8487df0fb64b09ec071330f3ff240c0343fe2a5224", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + ] +} + +provider "registry.terraform.io/hashicorp/null" { + version = "3.2.4" + constraints = ">= 3.0.0" + hashes = [ + "h1:hkf5w5B6q8e2A42ND2CjAvgvSN3puAosDmOJb3zCVQM=", + "zh:59f6b52ab4ff35739647f9509ee6d93d7c032985d9f8c6237d1f8a59471bbbe2", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:795c897119ff082133150121d39ff26cb5f89a730a2c8c26f3a9c1abf81a9c43", + "zh:7b9c7b16f118fbc2b05a983817b8ce2f86df125857966ad356353baf4bff5c0a", + "zh:85e33ab43e0e1726e5f97a874b8e24820b6565ff8076523cc2922ba671492991", + "zh:9d32ac3619cfc93eb3c4f423492a8e0f79db05fec58e449dee9b2d5873d5f69f", + "zh:9e15c3c9dd8e0d1e3731841d44c34571b6c97f5b95e8296a45318b94e5287a6e", + "zh:b4c2ab35d1b7696c30b64bf2c0f3a62329107bd1a9121ce70683dec58af19615", + "zh:c43723e8cc65bcdf5e0c92581dcbbdcbdcf18b8d2037406a5f2033b1e22de442", + "zh:ceb5495d9c31bfb299d246ab333f08c7fb0d67a4f82681fbf47f2a21c3e11ab5", + "zh:e171026b3659305c558d9804062762d168f50ba02b88b231d20ec99578a6233f", + "zh:ed0fe2acdb61330b01841fa790be00ec6beaac91d41f311fb8254f74eb6a711f", + ] +} + +provider "registry.terraform.io/hashicorp/time" { + version = "0.13.1" + constraints = ">= 0.9.0" + hashes = [ + "h1:+W+DMrVoVnoXo3f3M4W+OpZbkCrUn6PnqDF33D2Cuf0=", + "zh:02cb9aab1002f0f2a94a4f85acec8893297dc75915f7404c165983f720a54b74", + "zh:04429b2b31a492d19e5ecf999b116d396dac0b24bba0d0fb19ecaefe193fdb8f", + "zh:26f8e51bb7c275c404ba6028c1b530312066009194db721a8427a7bc5cdbc83a", + "zh:772ff8dbdbef968651ab3ae76d04afd355c32f8a868d03244db3f8496e462690", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:898db5d2b6bd6ca5457dccb52eedbc7c5b1a71e4a4658381bcbb38cedbbda328", + "zh:8de913bf09a3fa7bedc29fec18c47c571d0c7a3d0644322c46f3aa648cf30cd8", + "zh:9402102c86a87bdfe7e501ffbb9c685c32bbcefcfcf897fd7d53df414c36877b", + "zh:b18b9bb1726bb8cfbefc0a29cf3657c82578001f514bcf4c079839b6776c47f0", + "zh:b9d31fdc4faecb909d7c5ce41d2479dd0536862a963df434be4b16e8e4edc94d", + "zh:c951e9f39cca3446c060bd63933ebb89cedde9523904813973fbc3d11863ba75", + "zh:e5b773c0d07e962291be0e9b413c7a22c044b8c7b58c76e8aa91d1659990dfb5", + ] +} + +provider "registry.terraform.io/hashicorp/tls" { + version = "4.1.0" + constraints = ">= 3.0.0" + hashes = [ + "h1:Ka8mEwRFXBabR33iN/WTIEW6RP0z13vFsDlwn11Pf2I=", + "zh:14c35d89307988c835a7f8e26f1b83ce771e5f9b41e407f86a644c0152089ac2", + "zh:2fb9fe7a8b5afdbd3e903acb6776ef1be3f2e587fb236a8c60f11a9fa165faa8", + "zh:35808142ef850c0c60dd93dc06b95c747720ed2c40c89031781165f0c2baa2fc", + "zh:35b5dc95bc75f0b3b9c5ce54d4d7600c1ebc96fbb8dfca174536e8bf103c8cdc", + "zh:38aa27c6a6c98f1712aa5cc30011884dc4b128b4073a4a27883374bfa3ec9fac", + "zh:51fb247e3a2e88f0047cb97bb9df7c228254a3b3021c5534e4563b4007e6f882", + "zh:62b981ce491e38d892ba6364d1d0cdaadcee37cc218590e07b310b1dfa34be2d", + "zh:bc8e47efc611924a79f947ce072a9ad698f311d4a60d0b4dfff6758c912b7298", + "zh:c149508bd131765d1bc085c75a870abb314ff5a6d7f5ac1035a8892d686b6297", + "zh:d38d40783503d278b63858978d40e07ac48123a2925e1a6b47e62179c046f87a", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + "zh:fb07f708e3316615f6d218cec198504984c0ce7000b9f1eebff7516e384f4b54", + ] +} diff --git a/environments/development/locals.tf b/environments/development/locals.tf new file mode 100644 index 0000000..042070a --- /dev/null +++ b/environments/development/locals.tf @@ -0,0 +1,3 @@ +locals { + cluster_name = "${var.cluster_name}-${var.environment}" +} diff --git a/environments/development/main.tf b/environments/development/main.tf new file mode 100644 index 0000000..797c20f --- /dev/null +++ b/environments/development/main.tf @@ -0,0 +1,20 @@ +module "network" { + source = "../../modules/network" + vpc_id = var.vpc_id + private_subnets = var.private_subnets + public_subnets = var.public_subnets + cluster_name = local.cluster_name +} + + +module "eks" { + source = "../../modules/eks" + vpc_id = var.vpc_id + cluster_name = local.cluster_name + subnet_ids = concat( + module.network.private_subnet_ids, + module.network.public_subnet_ids, + ) + depends_on = [module.network] + azs = module.network.azs +} diff --git a/environments/development/providers.tf b/environments/development/providers.tf new file mode 100644 index 0000000..7f967bc --- /dev/null +++ b/environments/development/providers.tf @@ -0,0 +1,19 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "< 6.0.0" + } + } +} + +provider "aws" { + region = var.region + + default_tags { + tags = { + Environment = var.environment + Service = "Kubernetes" + } + } +} diff --git a/environments/development/terraform.tfstate b/environments/development/terraform.tfstate new file mode 100644 index 0000000..9512813 --- /dev/null +++ b/environments/development/terraform.tfstate @@ -0,0 +1,4962 @@ +{ + "version": 4, + "terraform_version": "1.12.2", + "serial": 3241, + "lineage": "8bb850d3-2dbc-b205-47b4-36da62ae84f3", + "outputs": {}, + "resources": [ + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_policy", + "name": "AWSLoadBalancerControllerIAMPolicy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:policy/AWSLoadBalancerControllerIAMPolicy", + "attachment_count": 1, + "description": "", + "id": "arn:aws:iam::273729230602:policy/AWSLoadBalancerControllerIAMPolicy", + "name": "AWSLoadBalancerControllerIAMPolicy", + "name_prefix": "", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":[\"iam:CreateServiceLinkedRole\"],\"Condition\":{\"StringEquals\":{\"iam:AWSServiceName\":\"elasticloadbalancing.amazonaws.com\"}},\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"ec2:DescribeAccountAttributes\",\"ec2:DescribeAddresses\",\"ec2:DescribeAvailabilityZones\",\"ec2:DescribeInternetGateways\",\"ec2:DescribeVpcs\",\"ec2:DescribeVpcPeeringConnections\",\"ec2:DescribeSubnets\",\"ec2:DescribeSecurityGroups\",\"ec2:DescribeInstances\",\"ec2:DescribeNetworkInterfaces\",\"ec2:DescribeTags\",\"ec2:GetCoipPoolUsage\",\"ec2:DescribeCoipPools\",\"ec2:GetSecurityGroupsForVpc\",\"ec2:DescribeIpamPools\",\"ec2:DescribeRouteTables\",\"elasticloadbalancing:DescribeLoadBalancers\",\"elasticloadbalancing:DescribeLoadBalancerAttributes\",\"elasticloadbalancing:DescribeListeners\",\"elasticloadbalancing:DescribeListenerCertificates\",\"elasticloadbalancing:DescribeSSLPolicies\",\"elasticloadbalancing:DescribeRules\",\"elasticloadbalancing:DescribeTargetGroups\",\"elasticloadbalancing:DescribeTargetGroupAttributes\",\"elasticloadbalancing:DescribeTargetHealth\",\"elasticloadbalancing:DescribeTags\",\"elasticloadbalancing:DescribeTrustStores\",\"elasticloadbalancing:DescribeListenerAttributes\",\"elasticloadbalancing:DescribeCapacityReservation\"],\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"cognito-idp:DescribeUserPoolClient\",\"acm:ListCertificates\",\"acm:DescribeCertificate\",\"iam:ListServerCertificates\",\"iam:GetServerCertificate\",\"waf-regional:GetWebACL\",\"waf-regional:GetWebACLForResource\",\"waf-regional:AssociateWebACL\",\"waf-regional:DisassociateWebACL\",\"wafv2:GetWebACL\",\"wafv2:GetWebACLForResource\",\"wafv2:AssociateWebACL\",\"wafv2:DisassociateWebACL\",\"shield:GetSubscriptionState\",\"shield:DescribeProtection\",\"shield:CreateProtection\",\"shield:DeleteProtection\"],\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"ec2:AuthorizeSecurityGroupIngress\",\"ec2:RevokeSecurityGroupIngress\"],\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"ec2:CreateSecurityGroup\"],\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"ec2:CreateTags\"],\"Condition\":{\"Null\":{\"aws:RequestTag/elbv2.k8s.aws/cluster\":\"false\"},\"StringEquals\":{\"ec2:CreateAction\":\"CreateSecurityGroup\"}},\"Effect\":\"Allow\",\"Resource\":\"arn:aws:ec2:*:*:security-group/*\"},{\"Action\":[\"ec2:CreateTags\",\"ec2:DeleteTags\"],\"Condition\":{\"Null\":{\"aws:RequestTag/elbv2.k8s.aws/cluster\":\"true\",\"aws:ResourceTag/elbv2.k8s.aws/cluster\":\"false\"}},\"Effect\":\"Allow\",\"Resource\":\"arn:aws:ec2:*:*:security-group/*\"},{\"Action\":[\"ec2:AuthorizeSecurityGroupIngress\",\"ec2:RevokeSecurityGroupIngress\",\"ec2:DeleteSecurityGroup\"],\"Condition\":{\"Null\":{\"aws:ResourceTag/elbv2.k8s.aws/cluster\":\"false\"}},\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"elasticloadbalancing:CreateLoadBalancer\",\"elasticloadbalancing:CreateTargetGroup\"],\"Condition\":{\"Null\":{\"aws:RequestTag/elbv2.k8s.aws/cluster\":\"false\"}},\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"elasticloadbalancing:CreateListener\",\"elasticloadbalancing:DeleteListener\",\"elasticloadbalancing:CreateRule\",\"elasticloadbalancing:DeleteRule\"],\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"elasticloadbalancing:AddTags\",\"elasticloadbalancing:RemoveTags\"],\"Condition\":{\"Null\":{\"aws:RequestTag/elbv2.k8s.aws/cluster\":\"true\",\"aws:ResourceTag/elbv2.k8s.aws/cluster\":\"false\"}},\"Effect\":\"Allow\",\"Resource\":[\"arn:aws:elasticloadbalancing:*:*:targetgroup/*/*\",\"arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*\",\"arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*\"]},{\"Action\":[\"elasticloadbalancing:AddTags\",\"elasticloadbalancing:RemoveTags\"],\"Effect\":\"Allow\",\"Resource\":[\"arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*\",\"arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*\",\"arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*\",\"arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*\"]},{\"Action\":[\"elasticloadbalancing:ModifyLoadBalancerAttributes\",\"elasticloadbalancing:SetIpAddressType\",\"elasticloadbalancing:SetSecurityGroups\",\"elasticloadbalancing:SetSubnets\",\"elasticloadbalancing:DeleteLoadBalancer\",\"elasticloadbalancing:ModifyTargetGroup\",\"elasticloadbalancing:ModifyTargetGroupAttributes\",\"elasticloadbalancing:DeleteTargetGroup\",\"elasticloadbalancing:ModifyListenerAttributes\",\"elasticloadbalancing:ModifyCapacityReservation\",\"elasticloadbalancing:ModifyIpPools\"],\"Condition\":{\"Null\":{\"aws:ResourceTag/elbv2.k8s.aws/cluster\":\"false\"}},\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"elasticloadbalancing:AddTags\"],\"Condition\":{\"Null\":{\"aws:RequestTag/elbv2.k8s.aws/cluster\":\"false\"},\"StringEquals\":{\"elasticloadbalancing:CreateAction\":[\"CreateTargetGroup\",\"CreateLoadBalancer\"]}},\"Effect\":\"Allow\",\"Resource\":[\"arn:aws:elasticloadbalancing:*:*:targetgroup/*/*\",\"arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*\",\"arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*\"]},{\"Action\":[\"elasticloadbalancing:RegisterTargets\",\"elasticloadbalancing:DeregisterTargets\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:elasticloadbalancing:*:*:targetgroup/*/*\"},{\"Action\":[\"elasticloadbalancing:SetWebAcl\",\"elasticloadbalancing:ModifyListener\",\"elasticloadbalancing:AddListenerCertificates\",\"elasticloadbalancing:RemoveListenerCertificates\",\"elasticloadbalancing:ModifyRule\",\"elasticloadbalancing:SetRulePriorities\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAT7O4IS4FABCUGGJOJ", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_policy", + "name": "AllowExternalDNSUpdates", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:policy/AllowExternalDNSUpdates", + "attachment_count": 1, + "description": "", + "id": "arn:aws:iam::273729230602:policy/AllowExternalDNSUpdates", + "name": "AllowExternalDNSUpdates", + "name_prefix": "", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":[\"route53:ChangeResourceRecordSets\"],\"Effect\":\"Allow\",\"Resource\":[\"arn:aws:route53:::hostedzone/*\"]},{\"Action\":[\"route53:ListHostedZones\",\"route53:ListResourceRecordSets\",\"route53:ListTagsForResource\"],\"Effect\":\"Allow\",\"Resource\":[\"*\"]}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAT7O4IS4FMVTRS5KI5", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_policy", + "name": "ClusterAutoscalerIAMPolicy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:policy/ClusterAutoscalerIAMPolicy", + "attachment_count": 1, + "description": "", + "id": "arn:aws:iam::273729230602:policy/ClusterAutoscalerIAMPolicy", + "name": "ClusterAutoscalerIAMPolicy", + "name_prefix": "", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":[\"autoscaling:DescribeAutoScalingGroups\",\"autoscaling:DescribeAutoScalingInstances\",\"autoscaling:DescribeLaunchConfigurations\",\"autoscaling:DescribeScalingActivities\",\"ec2:DescribeInstanceTypes\",\"ec2:DescribeLaunchTemplateVersions\"],\"Effect\":\"Allow\",\"Resource\":[\"*\"]},{\"Action\":[\"autoscaling:SetDesiredCapacity\",\"autoscaling:TerminateInstanceInAutoScalingGroup\"],\"Effect\":\"Allow\",\"Resource\":[\"*\"]}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAT7O4IS4FLO47ADJSH", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_role", + "name": "aws-load-balancer-controller", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:role/aws-load-balancer-controller", + "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRoleWithWebIdentity\",\"Condition\":{\"StringEquals\":{\"oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A:aud\":\"sts.amazonaws.com\",\"oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A:sub\":\"system:serviceaccount:kube-system:aws-load-balancer-controller\"}},\"Effect\":\"Allow\",\"Principal\":{\"Federated\":\"arn:aws:iam::273729230602:oidc-provider/oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A\"},\"Sid\":\"\"}],\"Version\":\"2012-10-17\"}", + "create_date": "2025-07-19T08:08:05Z", + "description": "", + "force_detach_policies": false, + "id": "aws-load-balancer-controller", + "inline_policy": [], + "managed_policy_arns": [ + "arn:aws:iam::273729230602:policy/AWSLoadBalancerControllerIAMPolicy" + ], + "max_session_duration": 3600, + "name": "aws-load-balancer-controller", + "name_prefix": "", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "unique_id": "AROAT7O4IS4FD7OQTHZZI" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_openid_connect_provider.oidc_provider", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_role", + "name": "cluster-autoscaler", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:role/aws-cluster-autoscaler", + "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRoleWithWebIdentity\",\"Condition\":{\"StringEquals\":{\"oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A:aud\":\"sts.amazonaws.com\",\"oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A:sub\":\"system:serviceaccount:kube-system:cluster-autoscaler\"}},\"Effect\":\"Allow\",\"Principal\":{\"Federated\":\"arn:aws:iam::273729230602:oidc-provider/oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A\"},\"Sid\":\"\"}],\"Version\":\"2012-10-17\"}", + "create_date": "2025-07-19T08:08:05Z", + "description": "", + "force_detach_policies": false, + "id": "aws-cluster-autoscaler", + "inline_policy": [], + "managed_policy_arns": [ + "arn:aws:iam::273729230602:policy/ClusterAutoscalerIAMPolicy" + ], + "max_session_duration": 3600, + "name": "aws-cluster-autoscaler", + "name_prefix": "", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "unique_id": "AROAT7O4IS4FG7WIYJBVJ" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_openid_connect_provider.oidc_provider", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_role", + "name": "external-dns", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:role/external-dns", + "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRoleWithWebIdentity\",\"Condition\":{\"StringEquals\":{\"oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A:aud\":\"sts.amazonaws.com\",\"oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A:sub\":\"system:serviceaccount:default:external-dns\"}},\"Effect\":\"Allow\",\"Principal\":{\"Federated\":\"arn:aws:iam::273729230602:oidc-provider/oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A\"},\"Sid\":\"\"}],\"Version\":\"2012-10-17\"}", + "create_date": "2025-07-20T06:32:32Z", + "description": "", + "force_detach_policies": false, + "id": "external-dns", + "inline_policy": [], + "managed_policy_arns": [ + "arn:aws:iam::273729230602:policy/AllowExternalDNSUpdates" + ], + "max_session_duration": 3600, + "name": "external-dns", + "name_prefix": "", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "unique_id": "AROAT7O4IS4FHOVHRHZZF" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_openid_connect_provider.oidc_provider", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "aws-load-balancer-controller", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "aws-load-balancer-controller-2025071908080601560000001b", + "policy_arn": "arn:aws:iam::273729230602:policy/AWSLoadBalancerControllerIAMPolicy", + "role": "aws-load-balancer-controller" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.aws_iam_policy.AWSLoadBalancerControllerIAMPolicy", + "module.eks.aws_iam_role.aws-load-balancer-controller", + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_openid_connect_provider.oidc_provider", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "cluster-autoscaler", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "aws-cluster-autoscaler-2025071908080606430000001c", + "policy_arn": "arn:aws:iam::273729230602:policy/ClusterAutoscalerIAMPolicy", + "role": "aws-cluster-autoscaler" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.aws_iam_policy.ClusterAutoscalerIAMPolicy", + "module.eks.aws_iam_role.cluster-autoscaler", + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_openid_connect_provider.oidc_provider", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "external-dns", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "external-dns-20250720063232744000000001", + "policy_arn": "arn:aws:iam::273729230602:policy/AllowExternalDNSUpdates", + "role": "external-dns" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.aws_iam_policy.AllowExternalDNSUpdates", + "module.eks.aws_iam_role.external-dns", + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_openid_connect_provider.oidc_provider", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "account_id": "273729230602", + "arn": "arn:aws:sts::273729230602:assumed-role/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/ryan", + "id": "273729230602", + "user_id": "AROAT7O4IS4FGZRTFR25S:ryan" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "aws_eks_addon_version", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "coredns", + "schema_version": 0, + "attributes": { + "addon_name": "coredns", + "id": "coredns", + "kubernetes_version": "1.33", + "most_recent": false, + "version": "v1.12.1-eksbuild.2" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + }, + { + "index_key": "eks-pod-identity-agent", + "schema_version": 0, + "attributes": { + "addon_name": "eks-pod-identity-agent", + "id": "eks-pod-identity-agent", + "kubernetes_version": "1.33", + "most_recent": false, + "version": "v1.3.8-eksbuild.2" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + }, + { + "index_key": "kube-proxy", + "schema_version": 0, + "attributes": { + "addon_name": "kube-proxy", + "id": "kube-proxy", + "kubernetes_version": "1.33", + "most_recent": false, + "version": "v1.33.0-eksbuild.2" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + }, + { + "index_key": "vpc-cni", + "schema_version": 0, + "attributes": { + "addon_name": "vpc-cni", + "id": "vpc-cni", + "kubernetes_version": "1.33", + "most_recent": false, + "version": "v1.19.5-eksbuild.1" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "assume_role_policy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "2830595799", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"EKSClusterAssumeRole\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sts:TagSession\",\n \"sts:AssumeRole\"\n ],\n \"Principal\": {\n \"Service\": \"eks.amazonaws.com\"\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"EKSClusterAssumeRole\",\"Effect\":\"Allow\",\"Action\":[\"sts:TagSession\",\"sts:AssumeRole\"],\"Principal\":{\"Service\":\"eks.amazonaws.com\"}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sts:AssumeRole", + "sts:TagSession" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "eks.amazonaws.com" + ], + "type": "Service" + } + ], + "resources": [], + "sid": "EKSClusterAssumeRole" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "custom", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "513122117", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"Compute\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:RunInstances\",\n \"ec2:CreateLaunchTemplate\",\n \"ec2:CreateFleet\"\n ],\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:RequestTag/eks:eks-cluster-name\": \"${aws:PrincipalTag/eks:eks-cluster-name}\"\n },\n \"StringLike\": {\n \"aws:RequestTag/eks:kubernetes-node-class-name\": \"*\",\n \"aws:RequestTag/eks:kubernetes-node-pool-name\": \"*\"\n }\n }\n },\n {\n \"Sid\": \"Storage\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:CreateVolume\",\n \"ec2:CreateSnapshot\"\n ],\n \"Resource\": [\n \"arn:aws:ec2:*:*:volume/*\",\n \"arn:aws:ec2:*:*:snapshot/*\"\n ],\n \"Condition\": {\n \"StringEquals\": {\n \"aws:RequestTag/eks:eks-cluster-name\": \"${aws:PrincipalTag/eks:eks-cluster-name}\"\n }\n }\n },\n {\n \"Sid\": \"Networking\",\n \"Effect\": \"Allow\",\n \"Action\": \"ec2:CreateNetworkInterface\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:RequestTag/eks:eks-cluster-name\": \"${aws:PrincipalTag/eks:eks-cluster-name}\",\n \"aws:RequestTag/eks:kubernetes-cni-node-name\": \"*\"\n }\n }\n },\n {\n \"Sid\": \"LoadBalancer\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"elasticloadbalancing:CreateTargetGroup\",\n \"elasticloadbalancing:CreateRule\",\n \"elasticloadbalancing:CreateLoadBalancer\",\n \"elasticloadbalancing:CreateListener\",\n \"ec2:CreateSecurityGroup\"\n ],\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:RequestTag/eks:eks-cluster-name\": \"${aws:PrincipalTag/eks:eks-cluster-name}\"\n }\n }\n },\n {\n \"Sid\": \"ShieldProtection\",\n \"Effect\": \"Allow\",\n \"Action\": \"shield:CreateProtection\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:RequestTag/eks:eks-cluster-name\": \"${aws:PrincipalTag/eks:eks-cluster-name}\"\n }\n }\n },\n {\n \"Sid\": \"ShieldTagResource\",\n \"Effect\": \"Allow\",\n \"Action\": \"shield:TagResource\",\n \"Resource\": \"arn:aws:shield::*:protection/*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:RequestTag/eks:eks-cluster-name\": \"${aws:PrincipalTag/eks:eks-cluster-name}\"\n }\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Compute\",\"Effect\":\"Allow\",\"Action\":[\"ec2:RunInstances\",\"ec2:CreateLaunchTemplate\",\"ec2:CreateFleet\"],\"Resource\":\"*\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"},\"StringLike\":{\"aws:RequestTag/eks:kubernetes-node-class-name\":\"*\",\"aws:RequestTag/eks:kubernetes-node-pool-name\":\"*\"}}},{\"Sid\":\"Storage\",\"Effect\":\"Allow\",\"Action\":[\"ec2:CreateVolume\",\"ec2:CreateSnapshot\"],\"Resource\":[\"arn:aws:ec2:*:*:volume/*\",\"arn:aws:ec2:*:*:snapshot/*\"],\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}}},{\"Sid\":\"Networking\",\"Effect\":\"Allow\",\"Action\":\"ec2:CreateNetworkInterface\",\"Resource\":\"*\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\",\"aws:RequestTag/eks:kubernetes-cni-node-name\":\"*\"}}},{\"Sid\":\"LoadBalancer\",\"Effect\":\"Allow\",\"Action\":[\"elasticloadbalancing:CreateTargetGroup\",\"elasticloadbalancing:CreateRule\",\"elasticloadbalancing:CreateLoadBalancer\",\"elasticloadbalancing:CreateListener\",\"ec2:CreateSecurityGroup\"],\"Resource\":\"*\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}}},{\"Sid\":\"ShieldProtection\",\"Effect\":\"Allow\",\"Action\":\"shield:CreateProtection\",\"Resource\":\"*\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}}},{\"Sid\":\"ShieldTagResource\",\"Effect\":\"Allow\",\"Action\":\"shield:TagResource\",\"Resource\":\"arn:aws:shield::*:protection/*\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "ec2:CreateFleet", + "ec2:CreateLaunchTemplate", + "ec2:RunInstances" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "${aws:PrincipalTag/eks:eks-cluster-name}" + ], + "variable": "aws:RequestTag/eks:eks-cluster-name" + }, + { + "test": "StringLike", + "values": [ + "*" + ], + "variable": "aws:RequestTag/eks:kubernetes-node-class-name" + }, + { + "test": "StringLike", + "values": [ + "*" + ], + "variable": "aws:RequestTag/eks:kubernetes-node-pool-name" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "*" + ], + "sid": "Compute" + }, + { + "actions": [ + "ec2:CreateSnapshot", + "ec2:CreateVolume" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "${aws:PrincipalTag/eks:eks-cluster-name}" + ], + "variable": "aws:RequestTag/eks:eks-cluster-name" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:ec2:*:*:snapshot/*", + "arn:aws:ec2:*:*:volume/*" + ], + "sid": "Storage" + }, + { + "actions": [ + "ec2:CreateNetworkInterface" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "${aws:PrincipalTag/eks:eks-cluster-name}" + ], + "variable": "aws:RequestTag/eks:eks-cluster-name" + }, + { + "test": "StringEquals", + "values": [ + "*" + ], + "variable": "aws:RequestTag/eks:kubernetes-cni-node-name" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "*" + ], + "sid": "Networking" + }, + { + "actions": [ + "ec2:CreateSecurityGroup", + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:CreateTargetGroup" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "${aws:PrincipalTag/eks:eks-cluster-name}" + ], + "variable": "aws:RequestTag/eks:eks-cluster-name" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "*" + ], + "sid": "LoadBalancer" + }, + { + "actions": [ + "shield:CreateProtection" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "${aws:PrincipalTag/eks:eks-cluster-name}" + ], + "variable": "aws:RequestTag/eks:eks-cluster-name" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "*" + ], + "sid": "ShieldProtection" + }, + { + "actions": [ + "shield:TagResource" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "${aws:PrincipalTag/eks:eks-cluster-name}" + ], + "variable": "aws:RequestTag/eks:eks-cluster-name" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:shield::*:protection/*" + ], + "sid": "ShieldTagResource" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "aws_iam_session_context", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sts::273729230602:assumed-role/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/ryan", + "id": "arn:aws:sts::273729230602:assumed-role/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/ryan", + "issuer_arn": "arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687", + "issuer_id": "AROAT7O4IS4FGZRTFR25S", + "issuer_name": "AWSReservedSSO_AdministratorAccess_b8026af88eb7c687", + "session_name": "ryan" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "aws_partition", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "dns_suffix": "amazonaws.com", + "id": "aws", + "partition": "aws", + "reverse_dns_prefix": "com.amazonaws" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "tls_certificate", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/tls\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "certificates": [ + { + "cert_pem": "-----BEGIN CERTIFICATE-----\nMIIEdTCCA12gAwIBAgIJAKcOSkw0grd/MA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV\nBAYTAlVTMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTIw\nMAYDVQQLEylTdGFyZmllbGQgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0\neTAeFw0wOTA5MDIwMDAwMDBaFw0zNDA2MjgxNzM5MTZaMIGYMQswCQYDVQQGEwJV\nUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTElMCMGA1UE\nChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjE7MDkGA1UEAxMyU3RhcmZp\nZWxkIFNlcnZpY2VzIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVDDrEKvlO4vW+GZdfjohTsR8/\ny8+fIBNtKTrID30892t2OGPZNmCom15cAICyL1l/9of5JUOG52kbUpqQ4XHj2C0N\nTm/2yEnZtvMaVq4rtnQU68/7JuMauh2WLmo7WJSJR1b/JaCTcFOD2oR0FMNnngRo\nOt+OQFodSk7PQ5E751bWAHDLUu57fa4657wx+UX2wmDPE1kCK4DMNEffud6QZW0C\nzyyRpqbn3oUYSXxmTqM6bam17jQuug0DuDPfR+uxa40l2ZvOgdFFRjKWcIfeAg5J\nQ4W2bHO7ZOphQazJ1FTfhy/HIrImzJ9ZVGif/L4qL8RVHHVAYBeFAlU5i38FAgMB\nAAGjgfAwge0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0O\nBBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMB8GA1UdIwQYMBaAFL9ft9HO3R+G9FtV\nrNzXEMIOqYjnME8GCCsGAQUFBwEBBEMwQTAcBggrBgEFBQcwAYYQaHR0cDovL28u\nc3MyLnVzLzAhBggrBgEFBQcwAoYVaHR0cDovL3guc3MyLnVzL3guY2VyMCYGA1Ud\nHwQfMB0wG6AZoBeGFWh0dHA6Ly9zLnNzMi51cy9yLmNybDARBgNVHSAECjAIMAYG\nBFUdIAAwDQYJKoZIhvcNAQELBQADggEBACMd44pXyn3pF3lM8R5V/cxTbj5HD9/G\nVfKyBDbtgB9TxF00KGu+x1X8Z+rLP3+QsjPNG1gQggL4+C/1E2DUBc7xgQjB3ad1\nl08YuW3e95ORCLp+QCztweq7dp4zBncdDQh/U90bZKuCJ/Fp1U1ervShw3WnWEQt\n8jxwmKy6abaVd38PMV4s/KCHOkdp8Hlf9BRUpJVeEXgSYCfOn8J3/yNTd126/+pZ\n59vPr5KW7ySaNRB6nJHGDn2Z9j8Z3/VyVOEVqQdZe4O/Ui5GjLIAZHYcSNPYeehu\nVsyuLAOQ1xk4meTKCRlb/weWsKh/NEnfVqn3sF/tM+2MR7cwA130A4w=\n-----END CERTIFICATE-----\n", + "is_ca": true, + "issuer": "OU=Starfield Class 2 Certification Authority,O=Starfield Technologies\\, Inc.,C=US", + "not_after": "2034-06-28T17:39:16Z", + "not_before": "2009-09-02T00:00:00Z", + "public_key_algorithm": "RSA", + "serial_number": "12037640545166866303", + "sha1_fingerprint": "9e99a48a9960b14926bb7f3b02e22da2b0ab7280", + "signature_algorithm": "SHA256-RSA", + "subject": "CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies\\, Inc.,L=Scottsdale,ST=Arizona,C=US", + "version": 3 + }, + { + "cert_pem": "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgITBn+USionzfP6wq4rAfkI7rnExjANBgkqhkiG9w0BAQsF\nADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNj\nb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4x\nOzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1\ndGhvcml0eSAtIEcyMB4XDTE1MDUyNTEyMDAwMFoXDTM3MTIzMTAxMDAwMFowOTEL\nMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv\nb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj\nca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM\n9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw\nIFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6\nVOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L\n93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm\njgSubJrIqg0CAwEAAaOCATEwggEtMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/\nBAQDAgGGMB0GA1UdDgQWBBSEGMyFNOy8DJSULghZnMeyEE4KCDAfBgNVHSMEGDAW\ngBScXwDfqgHXMCs4iKK4bUqc8hGRgzB4BggrBgEFBQcBAQRsMGowLgYIKwYBBQUH\nMAGGImh0dHA6Ly9vY3NwLnJvb3RnMi5hbWF6b250cnVzdC5jb20wOAYIKwYBBQUH\nMAKGLGh0dHA6Ly9jcnQucm9vdGcyLmFtYXpvbnRydXN0LmNvbS9yb290ZzIuY2Vy\nMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwucm9vdGcyLmFtYXpvbnRydXN0\nLmNvbS9yb290ZzIuY3JsMBEGA1UdIAQKMAgwBgYEVR0gADANBgkqhkiG9w0BAQsF\nAAOCAQEAYjdCXLwQtT6LLOkMm2xF4gcAevnFWAu5CIw+7bMlPLVvUOTNNWqnkzSW\nMiGpSESrnO09tKpzbeR/FoCJbM8oAxiDR3mjEH4wW6w7sGDgd9QIpuEdfF7Au/ma\neyKdpwAJfqxGF4PcnCZXmTA5YpaP7dreqsXMGz7KQ2hsVxa81Q4gLv7/wmpdLqBK\nbRRYh5TmOTFffHPLkIhqhBGWJ6bt2YFGpn6jcgAKUj6DiAdjd4lpFw85hdKrCEVN\n0FE6/V1dN2RMfjCyVSRCnTawXZwXgWHxyvkQAiSr6w10kY17RSlQOYiypok1JR4U\nakcjMS9cmvqtmg5iUaQqqcT5NJ0hGA==\n-----END CERTIFICATE-----\n", + "is_ca": true, + "issuer": "CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies\\, Inc.,L=Scottsdale,ST=Arizona,C=US", + "not_after": "2037-12-31T01:00:00Z", + "not_before": "2015-05-25T12:00:00Z", + "public_key_algorithm": "RSA", + "serial_number": "144918191876577076464031512351042010504348870", + "sha1_fingerprint": "06b25927c42a721631c1efd9431e648fa62e1e39", + "signature_algorithm": "SHA256-RSA", + "subject": "CN=Amazon Root CA 1,O=Amazon,C=US", + "version": 3 + }, + { + "cert_pem": "-----BEGIN CERTIFICATE-----\nMIIEXjCCA0agAwIBAgITB3MSTNQG0mfAmRzdKZqfODF5hTANBgkqhkiG9w0BAQsF\nADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\nb24gUm9vdCBDQSAxMB4XDTIyMDgyMzIyMjYwNFoXDTMwMDgyMzIyMjYwNFowPDEL\nMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEcMBoGA1UEAxMTQW1hem9uIFJT\nQSAyMDQ4IE0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALd/pVko\n8vuM475Tf45HV3BbCl/B9Jy89G1CRkFjcPY06WA9lS+7dWbUA7GtWUKoksr69hKM\nwcMsNpxlw7b3jeXFgxB09/nmalcAWtnLzF+LaDKEA5DQmvKzuh1nfIfqEiKCQSmX\nXh09Xs+dO7cm5qbaL2hhNJCSAejciwcvOFgFNgEMR42wm6KIFHsQW28jhA+1u/M0\np6fVwReuEgZfLfdx82Px0LJck3lST3EB/JfbdsdOzzzg5YkY1dfuqf8y5fUeZ7Cz\nWXbTjujwX/TovmeWKA36VLCz75azW6tDNuDn66FOpADZZ9omVaF6BqNJiLMVl6P3\n/c0OiUMC6Z5OfKcCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYD\nVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNV\nHQ4EFgQUVdkYX9IczAHhWLS+q9lVQgHXLgIwHwYDVR0jBBgwFoAUhBjMhTTsvAyU\nlC4IWZzHshBOCggwewYIKwYBBQUHAQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8v\nb2NzcC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDov\nL2NydC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8E\nODA2MDSgMqAwhi5odHRwOi8vY3JsLnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jv\nb3RjYTEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA0GCSqGSIb3DQEBCwUAA4IB\nAQAGjeWm2cC+3z2MzSCnte46/7JZvj3iQZDY7EvODNdZF41n71Lrk9kbfNwerK0d\nVNzW36Wefr7j7ZSwBVg50W5ay65jNSN74TTQV1yt4WnSbVvN6KlMs1hiyOZdoHKs\nKDV2UGNxbdoBYCQNa2GYF8FQIWLugNp35aSOpMy6cFlymFQomIrnOQHwK1nvVY4q\nxDSJMU/gNJz17D8ArPN3ngnyZ2TwepJ0uBINz3G5te2rdFUF4i4Y3Bb7FUlHDYm4\nu8aIRGpk2ZpfXmxaoxnbIBZRvGLPSUuPwnwoUOMsJ8jirI5vs2dvchPb7MtI1rle\ni02f2ivH2vxkjDLltSpe2fiC\n-----END CERTIFICATE-----\n", + "is_ca": true, + "issuer": "CN=Amazon Root CA 1,O=Amazon,C=US", + "not_after": "2030-08-23T22:26:04Z", + "not_before": "2022-08-23T22:26:04Z", + "public_key_algorithm": "RSA", + "serial_number": "166129356476704345391986644047206454194698629", + "sha1_fingerprint": "d9fe0a65fa00cabf61f5120d373a8135e1461f15", + "signature_algorithm": "SHA256-RSA", + "subject": "CN=Amazon RSA 2048 M03,O=Amazon,C=US", + "version": 3 + }, + { + "cert_pem": "-----BEGIN CERTIFICATE-----\nMIIF5zCCBM+gAwIBAgIQB8/B5LYdWaaSLNb9DZLprTANBgkqhkiG9w0BAQsFADA8\nMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g\nUlNBIDIwNDggTTAzMB4XDTI1MDIyNjAwMDAwMFoXDTI2MDMyNzIzNTk1OVowKDEm\nMCQGA1UEAwwdKi5la3MudXMtZWFzdC0xLmFtYXpvbmF3cy5jb20wggEiMA0GCSqG\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoHWcgrIv/D6CxSXSxAq0GuOPoCJqnVz6U\nMhp1YLE9OZs3jH8EfYlNpGtqOtLa1vZb8Lp4CZdATHTj1SoK01MwmXXIDm2Jj+Km\niQvZ0BBe5xroDWvf3r/LWG/WMkRtR4F+qPb9pVYlM9N3WZdSAKfTQTowGxebugLc\nM/+ZLvAxxdtaXK+LID6JRKRa2BIRHcfILiNJo7vIS/I+DOqXn9Rb0VFnkpYpGE+k\nm47kVkFFsToior7zlAwPv6VWsm+zZV9zNnCpu9FpJ3vkZE9OGHS6aChtSya2Qpyr\njyF98KIFTQ+FKtDZHf9XLHmV5v/IP2bWk7lzmPYW4PwcPhDUmC9PAgMBAAGjggL3\nMIIC8zAfBgNVHSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQU\n6mCbzMC1FaJuw7tKpv7muQZDZrowKAYDVR0RBCEwH4IdKi5la3MudXMtZWFzdC0x\nLmFtYXpvbmF3cy5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCg\nLqAshipodHRwOi8vY3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmww\ndQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5h\nbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1h\nem9udHJ1c3QuY29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHW\neQIEAgSCAW8EggFrAWkAdgAOV5S8866pPjMbLJkHs/eQ35vCPXEyJd0hqSWsYcVO\nIQAAAZVBW4SGAAAEAwBHMEUCIQC+CghIdRNpEnK+JGxaeHOel/pYJSUsog1eklre\nLGmoTwIgAj1vm4d6u/93S7GVfw7qotajiMfgHeEf7lANQf0mxf4AdgBkEcRspBLs\np4kcogIuALyrTygH1B41J6vq/tUDyX3N8AAAAZVBW4Q1AAAEAwBHMEUCIAYyeDIv\nJD1IhUkb1E59cbCwTcAYChrSArEZOOAib3dJAiEAix8XjjqXhMNuji/u2fzLxeZ7\nc5PCtDHWx3Ky7QYBfCUAdwBJnJtp3h187Pw23s2HZKa4W68Kh4AZ0VVS++nrKd34\nwwAAAZVBW4RMAAAEAwBIMEYCIQCsj67XcK6jtETNJEPTYPaFqJOMlNtM0TeJwGhm\nBc81sQIhAJoirhaQzC4ydAzLvjpVqKYyuqLktiHkTqFq8IGxBAkIMA0GCSqGSIb3\nDQEBCwUAA4IBAQAjjE2au5fdV/DrlD3e5zZ5hTB4CicIARTWvJQ6EsQm/vbXPoUY\nSHRZkOodq0AJWEC/RImGu8bnVY8RzGsELkMzI4A8UxdlH2YGP8obg6MfP6yGZaHM\nnS4wLX05EnmrABaoRB/apt7tE4w+yRa7QoxUgiTPpFzaQVv1mTcGaWMG55U8tPg7\nLXm539O4OBukbP8HNvjBZ8+N0RYrtG0u0M4FMX1hMKG0bkjJiU6MVZfGJWcgp7I4\nbd5cj5SfE1EHL70P7ELaocXjnWKbys9Mc870aoRXVfAC4bZWU6F9Ke3O7ioXXd5L\n0mKQwrjkiglpYaXc247Qi8IUCdk6s13xHJ4e\n-----END CERTIFICATE-----\n", + "is_ca": false, + "issuer": "CN=Amazon RSA 2048 M03,O=Amazon,C=US", + "not_after": "2026-03-27T23:59:59Z", + "not_before": "2025-02-26T00:00:00Z", + "public_key_algorithm": "RSA", + "serial_number": "10383334045647432453656403708671617453", + "sha1_fingerprint": "63462dda480d8b900e0a7dbfaf6238a62ba4fce0", + "signature_algorithm": "SHA256-RSA", + "subject": "CN=*.eks.us-east-1.amazonaws.com", + "version": 3 + } + ], + "content": null, + "id": "922877a0975ad078a65b8ff11ebc47b8311945c7", + "url": "https://oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A", + "verify_chain": true + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_cloudwatch_log_group", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:logs:us-east-1:273729230602:log-group:/aws/eks/eks1-devel/cluster", + "id": "/aws/eks/eks1-devel/cluster", + "kms_key_id": "", + "log_group_class": "STANDARD", + "name": "/aws/eks/eks1-devel/cluster", + "name_prefix": "", + "retention_in_days": 90, + "skip_destroy": false, + "tags": { + "Name": "/aws/eks/eks1-devel/cluster" + }, + "tags_all": { + "Environment": "devel", + "Name": "/aws/eks/eks1-devel/cluster", + "Service": "Kubernetes" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_eks_access_entry", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "cluster_creator", + "schema_version": 0, + "attributes": { + "access_entry_arn": "arn:aws:eks:us-east-1:273729230602:access-entry/eks1-devel/role/273729230602/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/66cc10dc-ed50-38ab-ada1-21d9a0375aef", + "cluster_name": "eks1-devel", + "created_at": "2025-07-19T08:08:05Z", + "id": "eks1-devel:arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687", + "kubernetes_groups": [], + "modified_at": "2025-07-19T08:08:05Z", + "principal_arn": "arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": null, + "type": "STANDARD", + "user_name": "arn:aws:sts::273729230602:assumed-role/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/{{SessionName}}" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_eks_access_policy_association", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "cluster_creator_admin", + "schema_version": 0, + "attributes": { + "access_scope": [ + { + "namespaces": [], + "type": "cluster" + } + ], + "associated_at": "2025-07-19 08:08:05.895 +0000 UTC", + "cluster_name": "eks1-devel", + "id": "eks1-devel#arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687#arn:aws:eks::aws:cluster-access-policy/AmazonEKSClusterAdminPolicy", + "modified_at": "2025-07-19 08:08:05.895 +0000 UTC", + "policy_arn": "arn:aws:eks::aws:cluster-access-policy/AmazonEKSClusterAdminPolicy", + "principal_arn": "arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_access_entry.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_eks_addon", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "coredns", + "schema_version": 0, + "attributes": { + "addon_name": "coredns", + "addon_version": "v1.12.1-eksbuild.2", + "arn": "arn:aws:eks:us-east-1:273729230602:addon/eks1-devel/coredns/22cc10de-08ca-1449-559c-2064d0e73e23", + "cluster_name": "eks1-devel", + "configuration_values": "", + "created_at": "2025-07-19T08:10:30Z", + "id": "eks1-devel:coredns", + "modified_at": "2025-07-19T08:10:42Z", + "pod_identity_association": [], + "preserve": true, + "resolve_conflicts": null, + "resolve_conflicts_on_create": "OVERWRITE", + "resolve_conflicts_on_update": "OVERWRITE", + "service_account_role_arn": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": { + "create": null, + "delete": null, + "update": null + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjI0MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_eks_addon_version.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_eks_node_group.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.module.fargate_profile.aws_eks_fargate_profile.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.fargate_profile.data.aws_caller_identity.current", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.fargate_profile.data.aws_partition.current", + "module.eks.module.eks.module.fargate_profile.data.aws_region.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_group.this", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.self_managed_node_group.aws_eks_access_entry.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_instance_profile.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.self_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.self_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.self_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.self_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + }, + { + "index_key": "eks-pod-identity-agent", + "schema_version": 0, + "attributes": { + "addon_name": "eks-pod-identity-agent", + "addon_version": "v1.3.8-eksbuild.2", + "arn": "arn:aws:eks:us-east-1:273729230602:addon/eks1-devel/eks-pod-identity-agent/86cc10de-08c0-80ee-d37b-8fa3d54675f3", + "cluster_name": "eks1-devel", + "configuration_values": "", + "created_at": "2025-07-19T08:10:30Z", + "id": "eks1-devel:eks-pod-identity-agent", + "modified_at": "2025-07-19T08:11:06Z", + "pod_identity_association": [], + "preserve": true, + "resolve_conflicts": null, + "resolve_conflicts_on_create": "OVERWRITE", + "resolve_conflicts_on_update": "OVERWRITE", + "service_account_role_arn": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": { + "create": null, + "delete": null, + "update": null + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjI0MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_eks_addon_version.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_eks_node_group.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.module.fargate_profile.aws_eks_fargate_profile.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.fargate_profile.data.aws_caller_identity.current", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.fargate_profile.data.aws_partition.current", + "module.eks.module.eks.module.fargate_profile.data.aws_region.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_group.this", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.self_managed_node_group.aws_eks_access_entry.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_instance_profile.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.self_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.self_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.self_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.self_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + }, + { + "index_key": "kube-proxy", + "schema_version": 0, + "attributes": { + "addon_name": "kube-proxy", + "addon_version": "v1.33.0-eksbuild.2", + "arn": "arn:aws:eks:us-east-1:273729230602:addon/eks1-devel/kube-proxy/7ecc10de-08c9-6c05-a647-aafa3a2b4c52", + "cluster_name": "eks1-devel", + "configuration_values": "", + "created_at": "2025-07-19T08:10:30Z", + "id": "eks1-devel:kube-proxy", + "modified_at": "2025-07-19T08:10:36Z", + "pod_identity_association": [], + "preserve": true, + "resolve_conflicts": null, + "resolve_conflicts_on_create": "OVERWRITE", + "resolve_conflicts_on_update": "OVERWRITE", + "service_account_role_arn": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": { + "create": null, + "delete": null, + "update": null + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjI0MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_eks_addon_version.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_eks_node_group.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.module.fargate_profile.aws_eks_fargate_profile.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.fargate_profile.data.aws_caller_identity.current", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.fargate_profile.data.aws_partition.current", + "module.eks.module.eks.module.fargate_profile.data.aws_region.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_group.this", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.self_managed_node_group.aws_eks_access_entry.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_instance_profile.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.self_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.self_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.self_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.self_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + }, + { + "index_key": "vpc-cni", + "schema_version": 0, + "attributes": { + "addon_name": "vpc-cni", + "addon_version": "v1.19.5-eksbuild.1", + "arn": "arn:aws:eks:us-east-1:273729230602:addon/eks1-devel/vpc-cni/30cc10de-08ca-a1d4-f69e-192827a61e68", + "cluster_name": "eks1-devel", + "configuration_values": "", + "created_at": "2025-07-19T08:10:30Z", + "id": "eks1-devel:vpc-cni", + "modified_at": "2025-07-19T08:11:07Z", + "pod_identity_association": [], + "preserve": true, + "resolve_conflicts": null, + "resolve_conflicts_on_create": "OVERWRITE", + "resolve_conflicts_on_update": "OVERWRITE", + "service_account_role_arn": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": { + "create": null, + "delete": null, + "update": null + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjI0MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_eks_addon_version.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_eks_node_group.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.module.fargate_profile.aws_eks_fargate_profile.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.fargate_profile.data.aws_caller_identity.current", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.fargate_profile.data.aws_partition.current", + "module.eks.module.eks.module.fargate_profile.data.aws_region.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_group.this", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.self_managed_node_group.aws_eks_access_entry.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_instance_profile.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.self_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.self_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.self_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.self_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_eks_cluster", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 1, + "attributes": { + "access_config": [ + { + "authentication_mode": "API_AND_CONFIG_MAP", + "bootstrap_cluster_creator_admin_permissions": false + } + ], + "arn": "arn:aws:eks:us-east-1:273729230602:cluster/eks1-devel", + "bootstrap_self_managed_addons": true, + "certificate_authority": [ + { + "data": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCVENDQWUyZ0F3SUJBZ0lJTUtzRlVZekl3NU13RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TlRBM01Ua3dOelUyTkRKYUZ3MHpOVEEzTVRjd09EQXhOREphTUJVeApFekFSQmdOVkJBTVRDbXQxWW1WeWJtVjBaWE13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUUMvREF1NHI0aGgxNXltRVV6OUwzcUlHM05haW4zSm56VTBrVmhSRVpHNUo0dWJxeU1Wd0VnVEh6alkKY2Rid0FWbWhYeXNYdkc0NzBIWDJPSUNMWlVvTG5EejlLNlNnWmpVanFhMXVON25aRXNiMTZoTDBoUmxxOWhkVgo5WWFGZzh1NkJNSlZsYTNWZnhUa1YyQVhCYTVkNGYxd0J2SkFKV2JCUFZBSUhMVyt5djdDTmNFbmwzK2ZMWCtUCkRVUTVvRDF4elU3SFhRV3B5eGZNcW9keGJWcXl4akIrSlNCOCtZRmM5WTA2WTEzUk5KSW9YM2FtaXNwcGNpVVIKdWhtUFlVSGdHQVFySnM5enRHUm05SkYxY3NjQjc2NmNPdDVNTVY2c0daaFIyaFBOUXhPSTFqVWtjQjRxRk9GMQpxUkk0ZDdFckIzbXp5UThUc1h5WDNSNW90Tk4xQWdNQkFBR2pXVEJYTUE0R0ExVWREd0VCL3dRRUF3SUNwREFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJRNHNpMGVqbHJlODlqdVkrT0ZDcm54NTRxOWJEQVYKQmdOVkhSRUVEakFNZ2dwcmRXSmxjbTVsZEdWek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQW53VW56TDZLUAo5dUxmTjh6ZnUwcnRNeXFpZnV5SFFjOS9ZdWNYNEhWMDhkay8yVGpmZWczU29VR1F6WFVPZ09Xd0tvS2VKQ3JqCnVQYWljbDM1QnJEZXdHVC94dHcxbFAwT29PcFo0dHBUaG5XUFAyS0t5VzF6aHJQZnRYMDNrUlZPcXRJbWRPc3QKWjlTajhUcCt0ZXNFTkNQQllIMlg3Wnc0NnZ4N1gvUi9KZzhtR210VmZ4Y1BqOUtNK0JrTThMbTZUOG5jY1U5MQpPZjFFTldwY2U5emxqQUZVNnc3VlpzMEEveXpzb21CMWc1UGVydE4ram1hbS9PcUswb2hPUVA3VEtITHZUMlpXCkUzbjNOb3dGMkdqcmRmVjVvVWhQT0FJc084cll0OUhMZ0dSZ0cvZnZLL2ZiU1ZURmU3eG4wR21QT2ZvK3daQjMKd2VwTGxyTndjK0UzCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" + } + ], + "cluster_id": null, + "compute_config": [], + "created_at": "2025-07-19T07:56:57Z", + "enabled_cluster_log_types": [ + "api", + "audit", + "authenticator" + ], + "encryption_config": [ + { + "provider": [ + { + "key_arn": "arn:aws:kms:us-east-1:273729230602:key/592722d1-13ec-4bf0-9ebe-202421243587" + } + ], + "resources": [ + "secrets" + ] + } + ], + "endpoint": "https://90F53ECE705908D3A306F170FF42DF7A.gr7.us-east-1.eks.amazonaws.com", + "force_update_version": null, + "id": "eks1-devel", + "identity": [ + { + "oidc": [ + { + "issuer": "https://oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A" + } + ] + } + ], + "kubernetes_network_config": [ + { + "elastic_load_balancing": [ + { + "enabled": false + } + ], + "ip_family": "ipv4", + "service_ipv4_cidr": "10.100.0.0/16", + "service_ipv6_cidr": "" + } + ], + "name": "eks1-devel", + "outpost_config": [], + "platform_version": "eks.6", + "remote_network_config": [], + "role_arn": "arn:aws:iam::273729230602:role/eks1-devel-cluster-20250719075633606000000008", + "status": "ACTIVE", + "storage_config": [], + "tags": { + "terraform-aws-modules": "eks" + }, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes", + "terraform-aws-modules": "eks" + }, + "timeouts": { + "create": null, + "delete": null, + "update": null + }, + "upgrade_policy": [ + { + "support_type": "EXTENDED" + } + ], + "version": "1.33", + "vpc_config": [ + { + "cluster_security_group_id": "sg-04bdddfe491ab9609", + "endpoint_private_access": true, + "endpoint_public_access": true, + "public_access_cidrs": [ + "0.0.0.0/0" + ], + "security_group_ids": [ + "sg-083197778dd666866" + ], + "subnet_ids": [ + "subnet-0115e5b05ab6b132c", + "subnet-03b49ea861522bc48", + "subnet-0556ce01354322097", + "subnet-0a6eed6971e44375c", + "subnet-0cee9908287eaa414", + "subnet-0f439778eb62eac4d" + ], + "vpc_id": "vpc-0271dff7a4b4bbf76" + } + ], + "zonal_shift_config": [] + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjkwMDAwMDAwMDAwMCwidXBkYXRlIjozNjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_openid_connect_provider", + "name": "oidc_provider", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:oidc-provider/oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A", + "client_id_list": [ + "sts.amazonaws.com" + ], + "id": "arn:aws:iam::273729230602:oidc-provider/oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A", + "tags": { + "Name": "eks1-devel-eks-irsa" + }, + "tags_all": { + "Environment": "devel", + "Name": "eks1-devel-eks-irsa", + "Service": "Kubernetes" + }, + "thumbprint_list": [ + "9e99a48a9960b14926bb7f3b02e22da2b0ab7280" + ], + "url": "oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_policy", + "name": "cluster_encryption", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:policy/eks1-devel-cluster-ClusterEncryption20250719075654985100000019", + "attachment_count": 1, + "description": "Cluster encryption policy to allow cluster role to utilize CMK provided", + "id": "arn:aws:iam::273729230602:policy/eks1-devel-cluster-ClusterEncryption20250719075654985100000019", + "name": "eks1-devel-cluster-ClusterEncryption20250719075654985100000019", + "name_prefix": "eks1-devel-cluster-ClusterEncryption", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":[\"kms:Encrypt\",\"kms:Decrypt\",\"kms:ListGrants\",\"kms:DescribeKey\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:kms:us-east-1:273729230602:key/592722d1-13ec-4bf0-9ebe-202421243587\"}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAT7O4IS4FGQBA7MP5J", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_policy", + "name": "custom", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:policy/eks1-devel-cluster-2025071907563363730000000b", + "attachment_count": 1, + "description": "", + "id": "arn:aws:iam::273729230602:policy/eks1-devel-cluster-2025071907563363730000000b", + "name": "eks1-devel-cluster-2025071907563363730000000b", + "name_prefix": "eks1-devel-cluster-", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":[\"ec2:RunInstances\",\"ec2:CreateLaunchTemplate\",\"ec2:CreateFleet\"],\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"},\"StringLike\":{\"aws:RequestTag/eks:kubernetes-node-class-name\":\"*\",\"aws:RequestTag/eks:kubernetes-node-pool-name\":\"*\"}},\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"Compute\"},{\"Action\":[\"ec2:CreateVolume\",\"ec2:CreateSnapshot\"],\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}},\"Effect\":\"Allow\",\"Resource\":[\"arn:aws:ec2:*:*:volume/*\",\"arn:aws:ec2:*:*:snapshot/*\"],\"Sid\":\"Storage\"},{\"Action\":\"ec2:CreateNetworkInterface\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\",\"aws:RequestTag/eks:kubernetes-cni-node-name\":\"*\"}},\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"Networking\"},{\"Action\":[\"elasticloadbalancing:CreateTargetGroup\",\"elasticloadbalancing:CreateRule\",\"elasticloadbalancing:CreateLoadBalancer\",\"elasticloadbalancing:CreateListener\",\"ec2:CreateSecurityGroup\"],\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}},\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"LoadBalancer\"},{\"Action\":\"shield:CreateProtection\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}},\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"ShieldProtection\"},{\"Action\":\"shield:TagResource\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}},\"Effect\":\"Allow\",\"Resource\":\"arn:aws:shield::*:protection/*\",\"Sid\":\"ShieldTagResource\"}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAT7O4IS4FOKMADCWTF", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.data.aws_iam_policy_document.custom", + "module.eks.module.eks.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_role", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:role/eks1-devel-cluster-20250719075633606000000008", + "assume_role_policy": "{\"Statement\":[{\"Action\":[\"sts:TagSession\",\"sts:AssumeRole\"],\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"eks.amazonaws.com\"},\"Sid\":\"EKSClusterAssumeRole\"}],\"Version\":\"2012-10-17\"}", + "create_date": "2025-07-19T07:56:33Z", + "description": "", + "force_detach_policies": true, + "id": "eks1-devel-cluster-20250719075633606000000008", + "inline_policy": [], + "managed_policy_arns": [ + "arn:aws:iam::273729230602:policy/eks1-devel-cluster-2025071907563363730000000b", + "arn:aws:iam::273729230602:policy/eks1-devel-cluster-ClusterEncryption20250719075654985100000019", + "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy", + "arn:aws:iam::aws:policy/AmazonEKSVPCResourceController" + ], + "max_session_duration": 3600, + "name": "eks1-devel-cluster-20250719075633606000000008", + "name_prefix": "eks1-devel-cluster-", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "unique_id": "AROAT7O4IS4FJXPJNXY4D" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "cluster_encryption", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "eks1-devel-cluster-20250719075633606000000008-2025071907565538500000001a", + "policy_arn": "arn:aws:iam::273729230602:policy/eks1-devel-cluster-ClusterEncryption20250719075654985100000019", + "role": "eks1-devel-cluster-20250719075633606000000008" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_iam_policy.cluster_encryption", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "custom", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "eks1-devel-cluster-20250719075633606000000008-2025071907563420370000000f", + "policy_arn": "arn:aws:iam::273729230602:policy/eks1-devel-cluster-2025071907563363730000000b", + "role": "eks1-devel-cluster-20250719075633606000000008" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_iam_policy.custom", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.custom", + "module.eks.module.eks.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "AmazonEKSClusterPolicy", + "schema_version": 0, + "attributes": { + "id": "eks1-devel-cluster-20250719075633606000000008-2025071907563413140000000d", + "policy_arn": "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy", + "role": "eks1-devel-cluster-20250719075633606000000008" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "AmazonEKSVPCResourceController", + "schema_version": 0, + "attributes": { + "id": "eks1-devel-cluster-20250719075633606000000008-2025071907563417810000000e", + "policy_arn": "arn:aws:iam::aws:policy/AmazonEKSVPCResourceController", + "role": "eks1-devel-cluster-20250719075633606000000008" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_security_group", + "name": "cluster", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:security-group/sg-083197778dd666866", + "description": "EKS cluster security group", + "egress": [], + "id": "sg-083197778dd666866", + "ingress": [ + { + "cidr_blocks": [], + "description": "Node groups to cluster API", + "from_port": 443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-063a641aa5386b819" + ], + "self": false, + "to_port": 443 + } + ], + "name": "eks1-devel-cluster-20250719075633405800000007", + "name_prefix": "eks1-devel-cluster-", + "owner_id": "273729230602", + "revoke_rules_on_delete": false, + "tags": { + "Name": "eks1-devel-cluster" + }, + "tags_all": { + "Environment": "devel", + "Name": "eks1-devel-cluster", + "Service": "Kubernetes" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_security_group", + "name": "node", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:security-group/sg-063a641aa5386b819", + "description": "EKS node shared security group", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "Allow all egress", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-063a641aa5386b819", + "ingress": [ + { + "cidr_blocks": [], + "description": "Cluster API to node 4443/tcp webhook", + "from_port": 4443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-083197778dd666866" + ], + "self": false, + "to_port": 4443 + }, + { + "cidr_blocks": [], + "description": "Cluster API to node 6443/tcp webhook", + "from_port": 6443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-083197778dd666866" + ], + "self": false, + "to_port": 6443 + }, + { + "cidr_blocks": [], + "description": "Cluster API to node 8443/tcp webhook", + "from_port": 8443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-083197778dd666866" + ], + "self": false, + "to_port": 8443 + }, + { + "cidr_blocks": [], + "description": "Cluster API to node 9443/tcp webhook", + "from_port": 9443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-083197778dd666866" + ], + "self": false, + "to_port": 9443 + }, + { + "cidr_blocks": [], + "description": "Cluster API to node groups", + "from_port": 443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-083197778dd666866" + ], + "self": false, + "to_port": 443 + }, + { + "cidr_blocks": [], + "description": "Cluster API to node kubelets", + "from_port": 10250, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-083197778dd666866" + ], + "self": false, + "to_port": 10250 + }, + { + "cidr_blocks": [], + "description": "Node to node CoreDNS UDP", + "from_port": 53, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "udp", + "security_groups": [], + "self": true, + "to_port": 53 + }, + { + "cidr_blocks": [], + "description": "Node to node CoreDNS", + "from_port": 53, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": true, + "to_port": 53 + }, + { + "cidr_blocks": [], + "description": "Node to node ingress on ephemeral ports", + "from_port": 1025, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": true, + "to_port": 65535 + }, + { + "cidr_blocks": [], + "description": "elbv2.k8s.aws/targetGroupBinding=shared", + "from_port": 80, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-08edcfa4ed8f2750c" + ], + "self": false, + "to_port": 443 + } + ], + "name": "eks1-devel-node-20250719075633361600000006", + "name_prefix": "eks1-devel-node-", + "owner_id": "273729230602", + "revoke_rules_on_delete": false, + "tags": { + "Name": "eks1-devel-node", + "kubernetes.io/cluster/eks1-devel": "owned" + }, + "tags_all": { + "Environment": "devel", + "Name": "eks1-devel-node", + "Service": "Kubernetes", + "kubernetes.io/cluster/eks1-devel": "owned" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "cluster", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "ingress_nodes_443", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Node groups to cluster API", + "from_port": 443, + "id": "sgrule-3717588776", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-083197778dd666866", + "security_group_rule_id": "sgr-07dae13a6cd8bce1c", + "self": false, + "source_security_group_id": "sg-063a641aa5386b819", + "timeouts": null, + "to_port": 443, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "node", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "egress_all", + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "Allow all egress", + "from_port": 0, + "id": "sgrule-3441080525", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "-1", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0ea964a89d843a0a0", + "self": false, + "source_security_group_id": null, + "timeouts": null, + "to_port": 0, + "type": "egress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_cluster_443", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Cluster API to node groups", + "from_port": 443, + "id": "sgrule-986645080", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0e2f50fd542c0a7c8", + "self": false, + "source_security_group_id": "sg-083197778dd666866", + "timeouts": null, + "to_port": 443, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_cluster_4443_webhook", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Cluster API to node 4443/tcp webhook", + "from_port": 4443, + "id": "sgrule-2457107927", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0b0bd0151369d45ff", + "self": false, + "source_security_group_id": "sg-083197778dd666866", + "timeouts": null, + "to_port": 4443, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_cluster_6443_webhook", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Cluster API to node 6443/tcp webhook", + "from_port": 6443, + "id": "sgrule-1530272321", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0f8f97800e1c5e042", + "self": false, + "source_security_group_id": "sg-083197778dd666866", + "timeouts": null, + "to_port": 6443, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_cluster_8443_webhook", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Cluster API to node 8443/tcp webhook", + "from_port": 8443, + "id": "sgrule-1214916192", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0c411c3c91bee611f", + "self": false, + "source_security_group_id": "sg-083197778dd666866", + "timeouts": null, + "to_port": 8443, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_cluster_9443_webhook", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Cluster API to node 9443/tcp webhook", + "from_port": 9443, + "id": "sgrule-751506859", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0a9f4327f22f355fd", + "self": false, + "source_security_group_id": "sg-083197778dd666866", + "timeouts": null, + "to_port": 9443, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_cluster_kubelet", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Cluster API to node kubelets", + "from_port": 10250, + "id": "sgrule-1437854411", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0774a9650224677b4", + "self": false, + "source_security_group_id": "sg-083197778dd666866", + "timeouts": null, + "to_port": 10250, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_nodes_ephemeral", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Node to node ingress on ephemeral ports", + "from_port": 1025, + "id": "sgrule-3550635973", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-08b37530bc90d30c0", + "self": true, + "source_security_group_id": null, + "timeouts": null, + "to_port": 65535, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_self_coredns_tcp", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Node to node CoreDNS", + "from_port": 53, + "id": "sgrule-141682456", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-057ac0a5263496085", + "self": true, + "source_security_group_id": null, + "timeouts": null, + "to_port": 53, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_self_coredns_udp", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Node to node CoreDNS UDP", + "from_port": 53, + "id": "sgrule-2888713463", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "udp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0ef59508e058468d0", + "self": true, + "source_security_group_id": null, + "timeouts": null, + "to_port": 53, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "time_sleep", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/time\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "create_duration": "30s", + "destroy_duration": null, + "id": "2025-07-19T08:08:34Z", + "triggers": { + "cluster_certificate_authority_data": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCVENDQWUyZ0F3SUJBZ0lJTUtzRlVZekl3NU13RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TlRBM01Ua3dOelUyTkRKYUZ3MHpOVEEzTVRjd09EQXhOREphTUJVeApFekFSQmdOVkJBTVRDbXQxWW1WeWJtVjBaWE13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUUMvREF1NHI0aGgxNXltRVV6OUwzcUlHM05haW4zSm56VTBrVmhSRVpHNUo0dWJxeU1Wd0VnVEh6alkKY2Rid0FWbWhYeXNYdkc0NzBIWDJPSUNMWlVvTG5EejlLNlNnWmpVanFhMXVON25aRXNiMTZoTDBoUmxxOWhkVgo5WWFGZzh1NkJNSlZsYTNWZnhUa1YyQVhCYTVkNGYxd0J2SkFKV2JCUFZBSUhMVyt5djdDTmNFbmwzK2ZMWCtUCkRVUTVvRDF4elU3SFhRV3B5eGZNcW9keGJWcXl4akIrSlNCOCtZRmM5WTA2WTEzUk5KSW9YM2FtaXNwcGNpVVIKdWhtUFlVSGdHQVFySnM5enRHUm05SkYxY3NjQjc2NmNPdDVNTVY2c0daaFIyaFBOUXhPSTFqVWtjQjRxRk9GMQpxUkk0ZDdFckIzbXp5UThUc1h5WDNSNW90Tk4xQWdNQkFBR2pXVEJYTUE0R0ExVWREd0VCL3dRRUF3SUNwREFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJRNHNpMGVqbHJlODlqdVkrT0ZDcm54NTRxOWJEQVYKQmdOVkhSRUVEakFNZ2dwcmRXSmxjbTVsZEdWek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQW53VW56TDZLUAo5dUxmTjh6ZnUwcnRNeXFpZnV5SFFjOS9ZdWNYNEhWMDhkay8yVGpmZWczU29VR1F6WFVPZ09Xd0tvS2VKQ3JqCnVQYWljbDM1QnJEZXdHVC94dHcxbFAwT29PcFo0dHBUaG5XUFAyS0t5VzF6aHJQZnRYMDNrUlZPcXRJbWRPc3QKWjlTajhUcCt0ZXNFTkNQQllIMlg3Wnc0NnZ4N1gvUi9KZzhtR210VmZ4Y1BqOUtNK0JrTThMbTZUOG5jY1U5MQpPZjFFTldwY2U5emxqQUZVNnc3VlpzMEEveXpzb21CMWc1UGVydE4ram1hbS9PcUswb2hPUVA3VEtITHZUMlpXCkUzbjNOb3dGMkdqcmRmVjVvVWhQT0FJc084cll0OUhMZ0dSZ0cvZnZLL2ZiU1ZURmU3eG4wR21QT2ZvK3daQjMKd2VwTGxyTndjK0UzCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K", + "cluster_endpoint": "https://90F53ECE705908D3A306F170FF42DF7A.gr7.us-east-1.eks.amazonaws.com", + "cluster_name": "eks1-devel", + "cluster_service_cidr": "10.100.0.0/16", + "cluster_version": "1.33" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "273729230602", + "arn": "arn:aws:sts::273729230602:assumed-role/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/ryan", + "id": "273729230602", + "user_id": "AROAT7O4IS4FGZRTFR25S:ryan" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "assume_role_policy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "2560088296", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"EKSNodeAssumeRole\",\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"EKSNodeAssumeRole\",\"Effect\":\"Allow\",\"Action\":\"sts:AssumeRole\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sts:AssumeRole" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "ec2.amazonaws.com" + ], + "type": "Service" + } + ], + "resources": [], + "sid": "EKSNodeAssumeRole" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "data", + "type": "aws_partition", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "dns_suffix": "amazonaws.com", + "id": "aws", + "partition": "aws", + "reverse_dns_prefix": "com.amazonaws" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "managed", + "type": "aws_eks_node_group", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "ami_type": "AL2023_x86_64_STANDARD", + "arn": "arn:aws:eks:us-east-1:273729230602:nodegroup/eks1-devel/ng-20250720075452134700000007/9ecc136a-0ed4-ed3d-4abc-e209bf79bbc4", + "capacity_type": "ON_DEMAND", + "cluster_name": "eks1-devel", + "disk_size": 0, + "force_update_version": null, + "id": "eks1-devel:ng-20250720075452134700000007", + "instance_types": [ + "m5.large" + ], + "labels": {}, + "launch_template": [ + { + "id": "lt-0abd256b85e9cea74", + "name": "ng-20250720075446265800000005", + "version": "1" + } + ], + "node_group_name": "ng-20250720075452134700000007", + "node_group_name_prefix": "ng-", + "node_repair_config": [], + "node_role_arn": "arn:aws:iam::273729230602:role/ng-eks-node-group-20250720075445339700000001", + "release_version": "1.33.0-20250715", + "remote_access": [], + "resources": [ + { + "autoscaling_groups": [ + { + "name": "eks-ng-20250720075452134700000007-9ecc136a-0ed4-ed3d-4abc-e209bf79bbc4" + } + ], + "remote_access_security_group_id": "" + } + ], + "scaling_config": [ + { + "desired_size": 1, + "max_size": 10, + "min_size": 1 + } + ], + "status": "ACTIVE", + "subnet_ids": [ + "subnet-0115e5b05ab6b132c", + "subnet-03b49ea861522bc48", + "subnet-0556ce01354322097", + "subnet-0a6eed6971e44375c", + "subnet-0cee9908287eaa414", + "subnet-0f439778eb62eac4d" + ], + "tags": { + "Name": "ng" + }, + "tags_all": { + "Environment": "devel", + "Name": "ng", + "Service": "Kubernetes" + }, + "taint": [], + "timeouts": { + "create": null, + "delete": null, + "update": null + }, + "update_config": [ + { + "max_unavailable": 0, + "max_unavailable_percentage": 33 + } + ], + "version": "1.33" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozNjAwMDAwMDAwMDAwLCJkZWxldGUiOjM2MDAwMDAwMDAwMDAsInVwZGF0ZSI6MzYwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "managed", + "type": "aws_iam_role", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:role/ng-eks-node-group-20250720075445339700000001", + "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Sid\":\"EKSNodeAssumeRole\"}],\"Version\":\"2012-10-17\"}", + "create_date": "2025-07-20T07:54:45Z", + "description": "EKS managed node group IAM role", + "force_detach_policies": true, + "id": "ng-eks-node-group-20250720075445339700000001", + "inline_policy": [], + "managed_policy_arns": [ + "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly", + "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy", + "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy" + ], + "max_session_duration": 3600, + "name": "ng-eks-node-group-20250720075445339700000001", + "name_prefix": "ng-eks-node-group-", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "unique_id": "AROAT7O4IS4FF3VCO5L57" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "AmazonEC2ContainerRegistryReadOnly", + "schema_version": 0, + "attributes": { + "id": "ng-eks-node-group-20250720075445339700000001-20250720075446120700000004", + "policy_arn": "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly", + "role": "ng-eks-node-group-20250720075445339700000001" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "AmazonEKSWorkerNodePolicy", + "schema_version": 0, + "attributes": { + "id": "ng-eks-node-group-20250720075445339700000001-20250720075446120300000003", + "policy_arn": "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy", + "role": "ng-eks-node-group-20250720075445339700000001" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "AmazonEKS_CNI_Policy", + "schema_version": 0, + "attributes": { + "id": "ng-eks-node-group-20250720075445339700000001-20250720075446018000000002", + "policy_arn": "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy", + "role": "ng-eks-node-group-20250720075445339700000001" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "managed", + "type": "aws_launch_template", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:launch-template/lt-0abd256b85e9cea74", + "block_device_mappings": [], + "capacity_reservation_specification": [], + "cpu_options": [], + "credit_specification": [], + "default_version": 1, + "description": "Custom launch template for ng EKS managed node group", + "disable_api_stop": false, + "disable_api_termination": false, + "ebs_optimized": "", + "elastic_gpu_specifications": [], + "elastic_inference_accelerator": [], + "enclave_options": [], + "hibernation_options": [], + "iam_instance_profile": [], + "id": "lt-0abd256b85e9cea74", + "image_id": "", + "instance_initiated_shutdown_behavior": "", + "instance_market_options": [], + "instance_requirements": [], + "instance_type": "", + "kernel_id": "", + "key_name": "", + "latest_version": 1, + "license_specification": [], + "maintenance_options": [], + "metadata_options": [ + { + "http_endpoint": "enabled", + "http_protocol_ipv6": "", + "http_put_response_hop_limit": 2, + "http_tokens": "required", + "instance_metadata_tags": "" + } + ], + "monitoring": [ + { + "enabled": true + } + ], + "name": "ng-20250720075446265800000005", + "name_prefix": "ng-", + "network_interfaces": [], + "placement": [], + "private_dns_name_options": [], + "ram_disk_id": "", + "security_group_names": [], + "tag_specifications": [ + { + "resource_type": "instance", + "tags": { + "Name": "ng" + } + }, + { + "resource_type": "network-interface", + "tags": { + "Name": "ng" + } + }, + { + "resource_type": "volume", + "tags": { + "Name": "ng" + } + } + ], + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "update_default_version": true, + "user_data": "", + "vpc_security_group_ids": [ + "sg-063a641aa5386b819" + ] + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"].module.user_data", + "mode": "managed", + "type": "null_resource", + "name": "validate_cluster_service_cidr", + "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "9138203175680545676", + "triggers": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks.module.kms", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "account_id": "273729230602", + "arn": "arn:aws:sts::273729230602:assumed-role/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/ryan", + "id": "273729230602", + "user_id": "AROAT7O4IS4FGZRTFR25S:ryan" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks.module.kms", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "3322799044", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"Default\",\n \"Effect\": \"Allow\",\n \"Action\": \"kms:*\",\n \"Resource\": \"*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::273729230602:root\"\n }\n },\n {\n \"Sid\": \"KeyAdministration\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"kms:Update*\",\n \"kms:UntagResource\",\n \"kms:TagResource\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:Revoke*\",\n \"kms:ReplicateKey\",\n \"kms:Put*\",\n \"kms:List*\",\n \"kms:ImportKeyMaterial\",\n \"kms:Get*\",\n \"kms:Enable*\",\n \"kms:Disable*\",\n \"kms:Describe*\",\n \"kms:Delete*\",\n \"kms:Create*\",\n \"kms:CancelKeyDeletion\"\n ],\n \"Resource\": \"*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687\"\n }\n },\n {\n \"Sid\": \"KeyUsage\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"kms:ReEncrypt*\",\n \"kms:GenerateDataKey*\",\n \"kms:Encrypt\",\n \"kms:DescribeKey\",\n \"kms:Decrypt\"\n ],\n \"Resource\": \"*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::273729230602:role/eks1-devel-cluster-20250719075633606000000008\"\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Default\",\"Effect\":\"Allow\",\"Action\":\"kms:*\",\"Resource\":\"*\",\"Principal\":{\"AWS\":\"arn:aws:iam::273729230602:root\"}},{\"Sid\":\"KeyAdministration\",\"Effect\":\"Allow\",\"Action\":[\"kms:Update*\",\"kms:UntagResource\",\"kms:TagResource\",\"kms:ScheduleKeyDeletion\",\"kms:Revoke*\",\"kms:ReplicateKey\",\"kms:Put*\",\"kms:List*\",\"kms:ImportKeyMaterial\",\"kms:Get*\",\"kms:Enable*\",\"kms:Disable*\",\"kms:Describe*\",\"kms:Delete*\",\"kms:Create*\",\"kms:CancelKeyDeletion\"],\"Resource\":\"*\",\"Principal\":{\"AWS\":\"arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687\"}},{\"Sid\":\"KeyUsage\",\"Effect\":\"Allow\",\"Action\":[\"kms:ReEncrypt*\",\"kms:GenerateDataKey*\",\"kms:Encrypt\",\"kms:DescribeKey\",\"kms:Decrypt\"],\"Resource\":\"*\",\"Principal\":{\"AWS\":\"arn:aws:iam::273729230602:role/eks1-devel-cluster-20250719075633606000000008\"}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "kms:*" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "arn:aws:iam::273729230602:root" + ], + "type": "AWS" + } + ], + "resources": [ + "*" + ], + "sid": "Default" + }, + { + "actions": [ + "kms:CancelKeyDeletion", + "kms:Create*", + "kms:Delete*", + "kms:Describe*", + "kms:Disable*", + "kms:Enable*", + "kms:Get*", + "kms:ImportKeyMaterial", + "kms:List*", + "kms:Put*", + "kms:ReplicateKey", + "kms:Revoke*", + "kms:ScheduleKeyDeletion", + "kms:TagResource", + "kms:UntagResource", + "kms:Update*" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687" + ], + "type": "AWS" + } + ], + "resources": [ + "*" + ], + "sid": "KeyAdministration" + }, + { + "actions": [ + "kms:Decrypt", + "kms:DescribeKey", + "kms:Encrypt", + "kms:GenerateDataKey*", + "kms:ReEncrypt*" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "arn:aws:iam::273729230602:role/eks1-devel-cluster-20250719075633606000000008" + ], + "type": "AWS" + } + ], + "resources": [ + "*" + ], + "sid": "KeyUsage" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks.module.kms", + "mode": "data", + "type": "aws_partition", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "dns_suffix": "amazonaws.com", + "id": "aws", + "partition": "aws", + "reverse_dns_prefix": "com.amazonaws" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks.module.kms", + "mode": "managed", + "type": "aws_kms_alias", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "cluster", + "schema_version": 0, + "attributes": { + "arn": "arn:aws:kms:us-east-1:273729230602:alias/eks/eks1-devel", + "id": "alias/eks/eks1-devel", + "name": "alias/eks/eks1-devel", + "name_prefix": "", + "target_key_arn": "arn:aws:kms:us-east-1:273729230602:key/592722d1-13ec-4bf0-9ebe-202421243587", + "target_key_id": "592722d1-13ec-4bf0-9ebe-202421243587" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks.module.kms", + "mode": "managed", + "type": "aws_kms_key", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:kms:us-east-1:273729230602:key/592722d1-13ec-4bf0-9ebe-202421243587", + "bypass_policy_lockout_safety_check": false, + "custom_key_store_id": "", + "customer_master_key_spec": "SYMMETRIC_DEFAULT", + "deletion_window_in_days": null, + "description": "eks1-devel cluster encryption key", + "enable_key_rotation": true, + "id": "592722d1-13ec-4bf0-9ebe-202421243587", + "is_enabled": true, + "key_id": "592722d1-13ec-4bf0-9ebe-202421243587", + "key_usage": "ENCRYPT_DECRYPT", + "multi_region": false, + "policy": "{\"Statement\":[{\"Action\":\"kms:*\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::273729230602:root\"},\"Resource\":\"*\",\"Sid\":\"Default\"},{\"Action\":[\"kms:Update*\",\"kms:UntagResource\",\"kms:TagResource\",\"kms:ScheduleKeyDeletion\",\"kms:Revoke*\",\"kms:ReplicateKey\",\"kms:Put*\",\"kms:List*\",\"kms:ImportKeyMaterial\",\"kms:Get*\",\"kms:Enable*\",\"kms:Disable*\",\"kms:Describe*\",\"kms:Delete*\",\"kms:Create*\",\"kms:CancelKeyDeletion\"],\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687\"},\"Resource\":\"*\",\"Sid\":\"KeyAdministration\"},{\"Action\":[\"kms:ReEncrypt*\",\"kms:GenerateDataKey*\",\"kms:Encrypt\",\"kms:DescribeKey\",\"kms:Decrypt\"],\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::273729230602:role/eks1-devel-cluster-20250719075633606000000008\"},\"Resource\":\"*\",\"Sid\":\"KeyUsage\"}],\"Version\":\"2012-10-17\"}", + "rotation_period_in_days": 365, + "tags": { + "terraform-aws-modules": "eks" + }, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes", + "terraform-aws-modules": "eks" + }, + "timeouts": null, + "xks_key_id": "" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "data", + "type": "aws_availability_zones", + "name": "available", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_availability_zones": null, + "exclude_names": null, + "exclude_zone_ids": [ + "cac1-az3", + "use1-az3", + "usw1-az2" + ], + "filter": [ + { + "name": "opt-in-status", + "values": [ + "opt-in-not-required" + ] + } + ], + "group_names": [ + "us-east-1-zg-1" + ], + "id": "us-east-1", + "names": [ + "us-east-1a", + "us-east-1b", + "us-east-1c", + "us-east-1d", + "us-east-1f" + ], + "state": null, + "timeouts": null, + "zone_ids": [ + "use1-az1", + "use1-az2", + "use1-az4", + "use1-az6", + "use1-az5" + ] + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.network", + "mode": "data", + "type": "aws_internet_gateway", + "name": "default", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:internet-gateway/igw-04c8aad5899c55659", + "attachments": [ + { + "state": "available", + "vpc_id": "vpc-0271dff7a4b4bbf76" + } + ], + "filter": [ + { + "name": "attachment.vpc-id", + "values": [ + "vpc-0271dff7a4b4bbf76" + ] + } + ], + "id": "igw-04c8aad5899c55659", + "internet_gateway_id": "igw-04c8aad5899c55659", + "owner_id": "273729230602", + "tags": {}, + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.network", + "mode": "data", + "type": "aws_vpc", + "name": "selected", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:vpc/vpc-0271dff7a4b4bbf76", + "cidr_block": "172.31.0.0/16", + "cidr_block_associations": [ + { + "association_id": "vpc-cidr-assoc-05f4dfb5fe3092d82", + "cidr_block": "172.31.0.0/16", + "state": "associated" + } + ], + "default": true, + "dhcp_options_id": "dopt-0271d6713d96f2254", + "enable_dns_hostnames": true, + "enable_dns_support": true, + "enable_network_address_usage_metrics": false, + "filter": null, + "id": "vpc-0271dff7a4b4bbf76", + "instance_tenancy": "default", + "ipv6_association_id": "", + "ipv6_cidr_block": "", + "main_route_table_id": "rtb-01ff49732ea0b5a76", + "owner_id": "273729230602", + "state": null, + "tags": {}, + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_eip", + "name": "nat", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "address": null, + "allocation_id": "eipalloc-073d8354af914f72c", + "arn": "arn:aws:ec2:us-east-1:273729230602:elastic-ip/eipalloc-073d8354af914f72c", + "associate_with_private_ip": null, + "association_id": "eipassoc-0c8ecf10aa0025b3f", + "carrier_ip": "", + "customer_owned_ip": "", + "customer_owned_ipv4_pool": "", + "domain": "vpc", + "id": "eipalloc-073d8354af914f72c", + "instance": "", + "ipam_pool_id": null, + "network_border_group": "us-east-1", + "network_interface": "eni-04e0f8c6777b3ee96", + "private_dns": "ip-172-31-176-157.ec2.internal", + "private_ip": "172.31.176.157", + "ptr_record": "", + "public_dns": "ec2-52-3-194-240.compute-1.amazonaws.com", + "public_ip": "52.3.194.240", + "public_ipv4_pool": "amazon", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": null, + "vpc": true + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjoxODAwMDAwMDAwMDAsInJlYWQiOjkwMDAwMDAwMDAwMCwidXBkYXRlIjozMDAwMDAwMDAwMDB9fQ==", + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_nat_gateway", + "name": "nat_gateway", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "allocation_id": "eipalloc-073d8354af914f72c", + "association_id": "eipassoc-0c8ecf10aa0025b3f", + "connectivity_type": "public", + "id": "nat-0d8a564a42b566896", + "network_interface_id": "eni-04e0f8c6777b3ee96", + "private_ip": "172.31.176.157", + "public_ip": "52.3.194.240", + "secondary_allocation_ids": [], + "secondary_private_ip_address_count": 0, + "secondary_private_ip_addresses": [], + "subnet_id": "subnet-0f439778eb62eac4d", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTgwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_route", + "name": "nat_gateway", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "us-east-1a", + "schema_version": 0, + "attributes": { + "carrier_gateway_id": "", + "core_network_arn": "", + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "id": "r-rtb-02f0a19caa65e83691080289494", + "instance_id": "", + "instance_owner_id": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-0d8a564a42b566896", + "network_interface_id": "", + "origin": "CreateRoute", + "route_table_id": "rtb-02f0a19caa65e8369", + "state": "active", + "timeouts": null, + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route_table.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1b", + "schema_version": 0, + "attributes": { + "carrier_gateway_id": "", + "core_network_arn": "", + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "id": "r-rtb-090b5b849bbd970f71080289494", + "instance_id": "", + "instance_owner_id": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-0d8a564a42b566896", + "network_interface_id": "", + "origin": "CreateRoute", + "route_table_id": "rtb-090b5b849bbd970f7", + "state": "active", + "timeouts": null, + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route_table.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1c", + "schema_version": 0, + "attributes": { + "carrier_gateway_id": "", + "core_network_arn": "", + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "id": "r-rtb-06cf7753a59edf1461080289494", + "instance_id": "", + "instance_owner_id": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-0d8a564a42b566896", + "network_interface_id": "", + "origin": "CreateRoute", + "route_table_id": "rtb-06cf7753a59edf146", + "state": "active", + "timeouts": null, + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route_table.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_route", + "name": "public_internet_gateway", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "carrier_gateway_id": "", + "core_network_arn": "", + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "igw-04c8aad5899c55659", + "id": "r-rtb-0b75357b0e74c52a81080289494", + "instance_id": "", + "instance_owner_id": "", + "local_gateway_id": "", + "nat_gateway_id": "", + "network_interface_id": "", + "origin": "CreateRoute", + "route_table_id": "rtb-0b75357b0e74c52a8", + "state": "active", + "timeouts": null, + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.public", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_route_table", + "name": "private", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "us-east-1a", + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:route-table/rtb-02f0a19caa65e8369", + "id": "rtb-02f0a19caa65e8369", + "owner_id": "273729230602", + "propagating_vgws": [], + "route": [ + { + "carrier_gateway_id": "", + "cidr_block": "0.0.0.0/0", + "core_network_arn": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "ipv6_cidr_block": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-0d8a564a42b566896", + "network_interface_id": "", + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + } + ], + "tags": { + "Name": "EKS (eks1-devel) private subnet (us-east-1a)" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) private subnet (us-east-1a)", + "Service": "Kubernetes" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1b", + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:route-table/rtb-090b5b849bbd970f7", + "id": "rtb-090b5b849bbd970f7", + "owner_id": "273729230602", + "propagating_vgws": [], + "route": [ + { + "carrier_gateway_id": "", + "cidr_block": "0.0.0.0/0", + "core_network_arn": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "ipv6_cidr_block": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-0d8a564a42b566896", + "network_interface_id": "", + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + } + ], + "tags": { + "Name": "EKS (eks1-devel) private subnet (us-east-1b)" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) private subnet (us-east-1b)", + "Service": "Kubernetes" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1c", + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:route-table/rtb-06cf7753a59edf146", + "id": "rtb-06cf7753a59edf146", + "owner_id": "273729230602", + "propagating_vgws": [], + "route": [ + { + "carrier_gateway_id": "", + "cidr_block": "0.0.0.0/0", + "core_network_arn": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "ipv6_cidr_block": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-0d8a564a42b566896", + "network_interface_id": "", + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + } + ], + "tags": { + "Name": "EKS (eks1-devel) private subnet (us-east-1c)" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) private subnet (us-east-1c)", + "Service": "Kubernetes" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_route_table", + "name": "public", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:route-table/rtb-0b75357b0e74c52a8", + "id": "rtb-0b75357b0e74c52a8", + "owner_id": "273729230602", + "propagating_vgws": [], + "route": [ + { + "carrier_gateway_id": "", + "cidr_block": "0.0.0.0/0", + "core_network_arn": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "igw-04c8aad5899c55659", + "ipv6_cidr_block": "", + "local_gateway_id": "", + "nat_gateway_id": "", + "network_interface_id": "", + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + } + ], + "tags": { + "Name": "EKS (eks1-devel) public subnet" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) public subnet", + "Service": "Kubernetes" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_route_table_association", + "name": "private", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "us-east-1a", + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-0be084cf118e2a836", + "route_table_id": "rtb-02f0a19caa65e8369", + "subnet_id": "subnet-0a6eed6971e44375c", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.private", + "module.network.aws_subnet.private", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1b", + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-03ed3dddfe0888d54", + "route_table_id": "rtb-090b5b849bbd970f7", + "subnet_id": "subnet-0115e5b05ab6b132c", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.private", + "module.network.aws_subnet.private", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1c", + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-0ecf7bbeaba18e3aa", + "route_table_id": "rtb-06cf7753a59edf146", + "subnet_id": "subnet-0556ce01354322097", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.private", + "module.network.aws_subnet.private", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_route_table_association", + "name": "public", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "us-east-1a", + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-05ced21d9d8fffc1e", + "route_table_id": "rtb-0b75357b0e74c52a8", + "subnet_id": "subnet-0f439778eb62eac4d", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.public", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1b", + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-0ff340c12926faca6", + "route_table_id": "rtb-0b75357b0e74c52a8", + "subnet_id": "subnet-03b49ea861522bc48", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.public", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1c", + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-0a0d8a182f16ffe19", + "route_table_id": "rtb-0b75357b0e74c52a8", + "subnet_id": "subnet-0cee9908287eaa414", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.public", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_subnet", + "name": "private", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "us-east-1a", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:subnet/subnet-0a6eed6971e44375c", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-east-1a", + "availability_zone_id": "use1-az1", + "cidr_block": "172.31.128.0/20", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0a6eed6971e44375c", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "273729230602", + "private_dns_hostname_type_on_launch": "ip-name", + "tags": { + "Name": "EKS (eks1-devel) private subnet (us-east-1a)", + "kubernetes.io/role/internal-elb": "1" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) private subnet (us-east-1a)", + "Service": "Kubernetes", + "kubernetes.io/role/internal-elb": "1" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1b", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:subnet/subnet-0115e5b05ab6b132c", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-east-1b", + "availability_zone_id": "use1-az2", + "cidr_block": "172.31.144.0/20", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0115e5b05ab6b132c", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "273729230602", + "private_dns_hostname_type_on_launch": "ip-name", + "tags": { + "Name": "EKS (eks1-devel) private subnet (us-east-1b)", + "kubernetes.io/role/internal-elb": "1" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) private subnet (us-east-1b)", + "Service": "Kubernetes", + "kubernetes.io/role/internal-elb": "1" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1c", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:subnet/subnet-0556ce01354322097", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-east-1c", + "availability_zone_id": "use1-az4", + "cidr_block": "172.31.160.0/20", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0556ce01354322097", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "273729230602", + "private_dns_hostname_type_on_launch": "ip-name", + "tags": { + "Name": "EKS (eks1-devel) private subnet (us-east-1c)", + "kubernetes.io/role/internal-elb": "1" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) private subnet (us-east-1c)", + "Service": "Kubernetes", + "kubernetes.io/role/internal-elb": "1" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_subnet", + "name": "public", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "us-east-1a", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:subnet/subnet-0f439778eb62eac4d", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-east-1a", + "availability_zone_id": "use1-az1", + "cidr_block": "172.31.176.0/24", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0f439778eb62eac4d", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": true, + "outpost_arn": "", + "owner_id": "273729230602", + "private_dns_hostname_type_on_launch": "ip-name", + "tags": { + "Name": "EKS (eks1-devel) public subnet (us-east-1a)", + "kubernetes.io/role/elb": "1" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) public subnet (us-east-1a)", + "Service": "Kubernetes", + "kubernetes.io/role/elb": "1" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1b", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:subnet/subnet-03b49ea861522bc48", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-east-1b", + "availability_zone_id": "use1-az2", + "cidr_block": "172.31.177.0/24", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-03b49ea861522bc48", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": true, + "outpost_arn": "", + "owner_id": "273729230602", + "private_dns_hostname_type_on_launch": "ip-name", + "tags": { + "Name": "EKS (eks1-devel) public subnet (us-east-1b)", + "kubernetes.io/role/elb": "1" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) public subnet (us-east-1b)", + "Service": "Kubernetes", + "kubernetes.io/role/elb": "1" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1c", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:subnet/subnet-0cee9908287eaa414", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-east-1c", + "availability_zone_id": "use1-az4", + "cidr_block": "172.31.178.0/24", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0cee9908287eaa414", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": true, + "outpost_arn": "", + "owner_id": "273729230602", + "private_dns_hostname_type_on_launch": "ip-name", + "tags": { + "Name": "EKS (eks1-devel) public subnet (us-east-1c)", + "kubernetes.io/role/elb": "1" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) public subnet (us-east-1c)", + "Service": "Kubernetes", + "kubernetes.io/role/elb": "1" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + } + ], + "check_results": [ + { + "object_kind": "resource", + "config_addr": "module.eks.module.eks.module.self_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "status": "pass", + "objects": null + }, + { + "object_kind": "resource", + "config_addr": "module.eks.module.eks.module.eks_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "status": "pass", + "objects": [ + { + "object_addr": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"].module.user_data.null_resource.validate_cluster_service_cidr", + "status": "pass" + } + ] + }, + { + "object_kind": "var", + "config_addr": "module.eks.module.eks.module.self_managed_node_group.var.platform", + "status": "pass", + "objects": null + } + ] +} diff --git a/environments/development/terraform.tfstate.backup b/environments/development/terraform.tfstate.backup new file mode 100644 index 0000000..d15cc06 --- /dev/null +++ b/environments/development/terraform.tfstate.backup @@ -0,0 +1,4958 @@ +{ + "version": 4, + "terraform_version": "1.12.2", + "serial": 3240, + "lineage": "8bb850d3-2dbc-b205-47b4-36da62ae84f3", + "outputs": {}, + "resources": [ + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_policy", + "name": "AWSLoadBalancerControllerIAMPolicy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:policy/AWSLoadBalancerControllerIAMPolicy", + "attachment_count": 1, + "description": "", + "id": "arn:aws:iam::273729230602:policy/AWSLoadBalancerControllerIAMPolicy", + "name": "AWSLoadBalancerControllerIAMPolicy", + "name_prefix": "", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":[\"iam:CreateServiceLinkedRole\"],\"Condition\":{\"StringEquals\":{\"iam:AWSServiceName\":\"elasticloadbalancing.amazonaws.com\"}},\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"ec2:DescribeAccountAttributes\",\"ec2:DescribeAddresses\",\"ec2:DescribeAvailabilityZones\",\"ec2:DescribeInternetGateways\",\"ec2:DescribeVpcs\",\"ec2:DescribeVpcPeeringConnections\",\"ec2:DescribeSubnets\",\"ec2:DescribeSecurityGroups\",\"ec2:DescribeInstances\",\"ec2:DescribeNetworkInterfaces\",\"ec2:DescribeTags\",\"ec2:GetCoipPoolUsage\",\"ec2:DescribeCoipPools\",\"ec2:GetSecurityGroupsForVpc\",\"ec2:DescribeIpamPools\",\"ec2:DescribeRouteTables\",\"elasticloadbalancing:DescribeLoadBalancers\",\"elasticloadbalancing:DescribeLoadBalancerAttributes\",\"elasticloadbalancing:DescribeListeners\",\"elasticloadbalancing:DescribeListenerCertificates\",\"elasticloadbalancing:DescribeSSLPolicies\",\"elasticloadbalancing:DescribeRules\",\"elasticloadbalancing:DescribeTargetGroups\",\"elasticloadbalancing:DescribeTargetGroupAttributes\",\"elasticloadbalancing:DescribeTargetHealth\",\"elasticloadbalancing:DescribeTags\",\"elasticloadbalancing:DescribeTrustStores\",\"elasticloadbalancing:DescribeListenerAttributes\",\"elasticloadbalancing:DescribeCapacityReservation\"],\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"cognito-idp:DescribeUserPoolClient\",\"acm:ListCertificates\",\"acm:DescribeCertificate\",\"iam:ListServerCertificates\",\"iam:GetServerCertificate\",\"waf-regional:GetWebACL\",\"waf-regional:GetWebACLForResource\",\"waf-regional:AssociateWebACL\",\"waf-regional:DisassociateWebACL\",\"wafv2:GetWebACL\",\"wafv2:GetWebACLForResource\",\"wafv2:AssociateWebACL\",\"wafv2:DisassociateWebACL\",\"shield:GetSubscriptionState\",\"shield:DescribeProtection\",\"shield:CreateProtection\",\"shield:DeleteProtection\"],\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"ec2:AuthorizeSecurityGroupIngress\",\"ec2:RevokeSecurityGroupIngress\"],\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"ec2:CreateSecurityGroup\"],\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"ec2:CreateTags\"],\"Condition\":{\"Null\":{\"aws:RequestTag/elbv2.k8s.aws/cluster\":\"false\"},\"StringEquals\":{\"ec2:CreateAction\":\"CreateSecurityGroup\"}},\"Effect\":\"Allow\",\"Resource\":\"arn:aws:ec2:*:*:security-group/*\"},{\"Action\":[\"ec2:CreateTags\",\"ec2:DeleteTags\"],\"Condition\":{\"Null\":{\"aws:RequestTag/elbv2.k8s.aws/cluster\":\"true\",\"aws:ResourceTag/elbv2.k8s.aws/cluster\":\"false\"}},\"Effect\":\"Allow\",\"Resource\":\"arn:aws:ec2:*:*:security-group/*\"},{\"Action\":[\"ec2:AuthorizeSecurityGroupIngress\",\"ec2:RevokeSecurityGroupIngress\",\"ec2:DeleteSecurityGroup\"],\"Condition\":{\"Null\":{\"aws:ResourceTag/elbv2.k8s.aws/cluster\":\"false\"}},\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"elasticloadbalancing:CreateLoadBalancer\",\"elasticloadbalancing:CreateTargetGroup\"],\"Condition\":{\"Null\":{\"aws:RequestTag/elbv2.k8s.aws/cluster\":\"false\"}},\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"elasticloadbalancing:CreateListener\",\"elasticloadbalancing:DeleteListener\",\"elasticloadbalancing:CreateRule\",\"elasticloadbalancing:DeleteRule\"],\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"elasticloadbalancing:AddTags\",\"elasticloadbalancing:RemoveTags\"],\"Condition\":{\"Null\":{\"aws:RequestTag/elbv2.k8s.aws/cluster\":\"true\",\"aws:ResourceTag/elbv2.k8s.aws/cluster\":\"false\"}},\"Effect\":\"Allow\",\"Resource\":[\"arn:aws:elasticloadbalancing:*:*:targetgroup/*/*\",\"arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*\",\"arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*\"]},{\"Action\":[\"elasticloadbalancing:AddTags\",\"elasticloadbalancing:RemoveTags\"],\"Effect\":\"Allow\",\"Resource\":[\"arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*\",\"arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*\",\"arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*\",\"arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*\"]},{\"Action\":[\"elasticloadbalancing:ModifyLoadBalancerAttributes\",\"elasticloadbalancing:SetIpAddressType\",\"elasticloadbalancing:SetSecurityGroups\",\"elasticloadbalancing:SetSubnets\",\"elasticloadbalancing:DeleteLoadBalancer\",\"elasticloadbalancing:ModifyTargetGroup\",\"elasticloadbalancing:ModifyTargetGroupAttributes\",\"elasticloadbalancing:DeleteTargetGroup\",\"elasticloadbalancing:ModifyListenerAttributes\",\"elasticloadbalancing:ModifyCapacityReservation\",\"elasticloadbalancing:ModifyIpPools\"],\"Condition\":{\"Null\":{\"aws:ResourceTag/elbv2.k8s.aws/cluster\":\"false\"}},\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":[\"elasticloadbalancing:AddTags\"],\"Condition\":{\"Null\":{\"aws:RequestTag/elbv2.k8s.aws/cluster\":\"false\"},\"StringEquals\":{\"elasticloadbalancing:CreateAction\":[\"CreateTargetGroup\",\"CreateLoadBalancer\"]}},\"Effect\":\"Allow\",\"Resource\":[\"arn:aws:elasticloadbalancing:*:*:targetgroup/*/*\",\"arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*\",\"arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*\"]},{\"Action\":[\"elasticloadbalancing:RegisterTargets\",\"elasticloadbalancing:DeregisterTargets\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:elasticloadbalancing:*:*:targetgroup/*/*\"},{\"Action\":[\"elasticloadbalancing:SetWebAcl\",\"elasticloadbalancing:ModifyListener\",\"elasticloadbalancing:AddListenerCertificates\",\"elasticloadbalancing:RemoveListenerCertificates\",\"elasticloadbalancing:ModifyRule\",\"elasticloadbalancing:SetRulePriorities\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAT7O4IS4FABCUGGJOJ", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_policy", + "name": "AllowExternalDNSUpdates", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:policy/AllowExternalDNSUpdates", + "attachment_count": 1, + "description": "", + "id": "arn:aws:iam::273729230602:policy/AllowExternalDNSUpdates", + "name": "AllowExternalDNSUpdates", + "name_prefix": "", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":[\"route53:ChangeResourceRecordSets\"],\"Effect\":\"Allow\",\"Resource\":[\"arn:aws:route53:::hostedzone/*\"]},{\"Action\":[\"route53:ListHostedZones\",\"route53:ListResourceRecordSets\",\"route53:ListTagsForResource\"],\"Effect\":\"Allow\",\"Resource\":[\"*\"]}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAT7O4IS4FMVTRS5KI5", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_policy", + "name": "ClusterAutoscalerIAMPolicy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:policy/ClusterAutoscalerIAMPolicy", + "attachment_count": 1, + "description": "", + "id": "arn:aws:iam::273729230602:policy/ClusterAutoscalerIAMPolicy", + "name": "ClusterAutoscalerIAMPolicy", + "name_prefix": "", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":[\"autoscaling:DescribeAutoScalingGroups\",\"autoscaling:DescribeAutoScalingInstances\",\"autoscaling:DescribeLaunchConfigurations\",\"autoscaling:DescribeScalingActivities\",\"ec2:DescribeInstanceTypes\",\"ec2:DescribeLaunchTemplateVersions\"],\"Effect\":\"Allow\",\"Resource\":[\"*\"]},{\"Action\":[\"autoscaling:SetDesiredCapacity\",\"autoscaling:TerminateInstanceInAutoScalingGroup\"],\"Effect\":\"Allow\",\"Resource\":[\"*\"]}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAT7O4IS4FLO47ADJSH", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_role", + "name": "aws-load-balancer-controller", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:role/aws-load-balancer-controller", + "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRoleWithWebIdentity\",\"Condition\":{\"StringEquals\":{\"oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A:aud\":\"sts.amazonaws.com\",\"oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A:sub\":\"system:serviceaccount:kube-system:aws-load-balancer-controller\"}},\"Effect\":\"Allow\",\"Principal\":{\"Federated\":\"arn:aws:iam::273729230602:oidc-provider/oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A\"},\"Sid\":\"\"}],\"Version\":\"2012-10-17\"}", + "create_date": "2025-07-19T08:08:05Z", + "description": "", + "force_detach_policies": false, + "id": "aws-load-balancer-controller", + "inline_policy": [], + "managed_policy_arns": [ + "arn:aws:iam::273729230602:policy/AWSLoadBalancerControllerIAMPolicy" + ], + "max_session_duration": 3600, + "name": "aws-load-balancer-controller", + "name_prefix": "", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "unique_id": "AROAT7O4IS4FD7OQTHZZI" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_openid_connect_provider.oidc_provider", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_role", + "name": "cluster-autoscaler", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:role/aws-cluster-autoscaler", + "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRoleWithWebIdentity\",\"Condition\":{\"StringEquals\":{\"oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A:aud\":\"sts.amazonaws.com\",\"oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A:sub\":\"system:serviceaccount:kube-system:cluster-autoscaler\"}},\"Effect\":\"Allow\",\"Principal\":{\"Federated\":\"arn:aws:iam::273729230602:oidc-provider/oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A\"},\"Sid\":\"\"}],\"Version\":\"2012-10-17\"}", + "create_date": "2025-07-19T08:08:05Z", + "description": "", + "force_detach_policies": false, + "id": "aws-cluster-autoscaler", + "inline_policy": [], + "managed_policy_arns": [ + "arn:aws:iam::273729230602:policy/ClusterAutoscalerIAMPolicy" + ], + "max_session_duration": 3600, + "name": "aws-cluster-autoscaler", + "name_prefix": "", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "unique_id": "AROAT7O4IS4FG7WIYJBVJ" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_openid_connect_provider.oidc_provider", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_role", + "name": "external-dns", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:role/external-dns", + "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRoleWithWebIdentity\",\"Condition\":{\"StringEquals\":{\"oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A:aud\":\"sts.amazonaws.com\",\"oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A:sub\":\"system:serviceaccount:default:external-dns\"}},\"Effect\":\"Allow\",\"Principal\":{\"Federated\":\"arn:aws:iam::273729230602:oidc-provider/oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A\"},\"Sid\":\"\"}],\"Version\":\"2012-10-17\"}", + "create_date": "2025-07-20T06:32:32Z", + "description": "", + "force_detach_policies": false, + "id": "external-dns", + "inline_policy": [], + "managed_policy_arns": [ + "arn:aws:iam::273729230602:policy/AllowExternalDNSUpdates" + ], + "max_session_duration": 3600, + "name": "external-dns", + "name_prefix": "", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "unique_id": "AROAT7O4IS4FHOVHRHZZF" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_openid_connect_provider.oidc_provider", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "aws-load-balancer-controller", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "aws-load-balancer-controller-2025071908080601560000001b", + "policy_arn": "arn:aws:iam::273729230602:policy/AWSLoadBalancerControllerIAMPolicy", + "role": "aws-load-balancer-controller" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.aws_iam_policy.AWSLoadBalancerControllerIAMPolicy", + "module.eks.aws_iam_role.aws-load-balancer-controller", + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_openid_connect_provider.oidc_provider", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "cluster-autoscaler", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "aws-cluster-autoscaler-2025071908080606430000001c", + "policy_arn": "arn:aws:iam::273729230602:policy/ClusterAutoscalerIAMPolicy", + "role": "aws-cluster-autoscaler" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.aws_iam_policy.ClusterAutoscalerIAMPolicy", + "module.eks.aws_iam_role.cluster-autoscaler", + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_openid_connect_provider.oidc_provider", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "external-dns", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "external-dns-20250720063232744000000001", + "policy_arn": "arn:aws:iam::273729230602:policy/AllowExternalDNSUpdates", + "role": "external-dns" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.aws_iam_policy.AllowExternalDNSUpdates", + "module.eks.aws_iam_role.external-dns", + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_openid_connect_provider.oidc_provider", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "account_id": "273729230602", + "arn": "arn:aws:sts::273729230602:assumed-role/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/ryan", + "id": "273729230602", + "user_id": "AROAT7O4IS4FGZRTFR25S:ryan" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "aws_eks_addon_version", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "coredns", + "schema_version": 0, + "attributes": { + "addon_name": "coredns", + "id": "coredns", + "kubernetes_version": "1.33", + "most_recent": false, + "version": "v1.12.1-eksbuild.2" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + }, + { + "index_key": "eks-pod-identity-agent", + "schema_version": 0, + "attributes": { + "addon_name": "eks-pod-identity-agent", + "id": "eks-pod-identity-agent", + "kubernetes_version": "1.33", + "most_recent": false, + "version": "v1.3.8-eksbuild.2" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + }, + { + "index_key": "kube-proxy", + "schema_version": 0, + "attributes": { + "addon_name": "kube-proxy", + "id": "kube-proxy", + "kubernetes_version": "1.33", + "most_recent": false, + "version": "v1.33.0-eksbuild.2" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + }, + { + "index_key": "vpc-cni", + "schema_version": 0, + "attributes": { + "addon_name": "vpc-cni", + "id": "vpc-cni", + "kubernetes_version": "1.33", + "most_recent": false, + "version": "v1.19.5-eksbuild.1" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "assume_role_policy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "2830595799", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"EKSClusterAssumeRole\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sts:TagSession\",\n \"sts:AssumeRole\"\n ],\n \"Principal\": {\n \"Service\": \"eks.amazonaws.com\"\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"EKSClusterAssumeRole\",\"Effect\":\"Allow\",\"Action\":[\"sts:TagSession\",\"sts:AssumeRole\"],\"Principal\":{\"Service\":\"eks.amazonaws.com\"}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sts:AssumeRole", + "sts:TagSession" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "eks.amazonaws.com" + ], + "type": "Service" + } + ], + "resources": [], + "sid": "EKSClusterAssumeRole" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "custom", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "513122117", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"Compute\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:RunInstances\",\n \"ec2:CreateLaunchTemplate\",\n \"ec2:CreateFleet\"\n ],\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:RequestTag/eks:eks-cluster-name\": \"${aws:PrincipalTag/eks:eks-cluster-name}\"\n },\n \"StringLike\": {\n \"aws:RequestTag/eks:kubernetes-node-class-name\": \"*\",\n \"aws:RequestTag/eks:kubernetes-node-pool-name\": \"*\"\n }\n }\n },\n {\n \"Sid\": \"Storage\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:CreateVolume\",\n \"ec2:CreateSnapshot\"\n ],\n \"Resource\": [\n \"arn:aws:ec2:*:*:volume/*\",\n \"arn:aws:ec2:*:*:snapshot/*\"\n ],\n \"Condition\": {\n \"StringEquals\": {\n \"aws:RequestTag/eks:eks-cluster-name\": \"${aws:PrincipalTag/eks:eks-cluster-name}\"\n }\n }\n },\n {\n \"Sid\": \"Networking\",\n \"Effect\": \"Allow\",\n \"Action\": \"ec2:CreateNetworkInterface\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:RequestTag/eks:eks-cluster-name\": \"${aws:PrincipalTag/eks:eks-cluster-name}\",\n \"aws:RequestTag/eks:kubernetes-cni-node-name\": \"*\"\n }\n }\n },\n {\n \"Sid\": \"LoadBalancer\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"elasticloadbalancing:CreateTargetGroup\",\n \"elasticloadbalancing:CreateRule\",\n \"elasticloadbalancing:CreateLoadBalancer\",\n \"elasticloadbalancing:CreateListener\",\n \"ec2:CreateSecurityGroup\"\n ],\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:RequestTag/eks:eks-cluster-name\": \"${aws:PrincipalTag/eks:eks-cluster-name}\"\n }\n }\n },\n {\n \"Sid\": \"ShieldProtection\",\n \"Effect\": \"Allow\",\n \"Action\": \"shield:CreateProtection\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:RequestTag/eks:eks-cluster-name\": \"${aws:PrincipalTag/eks:eks-cluster-name}\"\n }\n }\n },\n {\n \"Sid\": \"ShieldTagResource\",\n \"Effect\": \"Allow\",\n \"Action\": \"shield:TagResource\",\n \"Resource\": \"arn:aws:shield::*:protection/*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:RequestTag/eks:eks-cluster-name\": \"${aws:PrincipalTag/eks:eks-cluster-name}\"\n }\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Compute\",\"Effect\":\"Allow\",\"Action\":[\"ec2:RunInstances\",\"ec2:CreateLaunchTemplate\",\"ec2:CreateFleet\"],\"Resource\":\"*\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"},\"StringLike\":{\"aws:RequestTag/eks:kubernetes-node-class-name\":\"*\",\"aws:RequestTag/eks:kubernetes-node-pool-name\":\"*\"}}},{\"Sid\":\"Storage\",\"Effect\":\"Allow\",\"Action\":[\"ec2:CreateVolume\",\"ec2:CreateSnapshot\"],\"Resource\":[\"arn:aws:ec2:*:*:volume/*\",\"arn:aws:ec2:*:*:snapshot/*\"],\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}}},{\"Sid\":\"Networking\",\"Effect\":\"Allow\",\"Action\":\"ec2:CreateNetworkInterface\",\"Resource\":\"*\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\",\"aws:RequestTag/eks:kubernetes-cni-node-name\":\"*\"}}},{\"Sid\":\"LoadBalancer\",\"Effect\":\"Allow\",\"Action\":[\"elasticloadbalancing:CreateTargetGroup\",\"elasticloadbalancing:CreateRule\",\"elasticloadbalancing:CreateLoadBalancer\",\"elasticloadbalancing:CreateListener\",\"ec2:CreateSecurityGroup\"],\"Resource\":\"*\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}}},{\"Sid\":\"ShieldProtection\",\"Effect\":\"Allow\",\"Action\":\"shield:CreateProtection\",\"Resource\":\"*\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}}},{\"Sid\":\"ShieldTagResource\",\"Effect\":\"Allow\",\"Action\":\"shield:TagResource\",\"Resource\":\"arn:aws:shield::*:protection/*\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "ec2:CreateFleet", + "ec2:CreateLaunchTemplate", + "ec2:RunInstances" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "${aws:PrincipalTag/eks:eks-cluster-name}" + ], + "variable": "aws:RequestTag/eks:eks-cluster-name" + }, + { + "test": "StringLike", + "values": [ + "*" + ], + "variable": "aws:RequestTag/eks:kubernetes-node-class-name" + }, + { + "test": "StringLike", + "values": [ + "*" + ], + "variable": "aws:RequestTag/eks:kubernetes-node-pool-name" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "*" + ], + "sid": "Compute" + }, + { + "actions": [ + "ec2:CreateSnapshot", + "ec2:CreateVolume" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "${aws:PrincipalTag/eks:eks-cluster-name}" + ], + "variable": "aws:RequestTag/eks:eks-cluster-name" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:ec2:*:*:snapshot/*", + "arn:aws:ec2:*:*:volume/*" + ], + "sid": "Storage" + }, + { + "actions": [ + "ec2:CreateNetworkInterface" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "${aws:PrincipalTag/eks:eks-cluster-name}" + ], + "variable": "aws:RequestTag/eks:eks-cluster-name" + }, + { + "test": "StringEquals", + "values": [ + "*" + ], + "variable": "aws:RequestTag/eks:kubernetes-cni-node-name" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "*" + ], + "sid": "Networking" + }, + { + "actions": [ + "ec2:CreateSecurityGroup", + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:CreateTargetGroup" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "${aws:PrincipalTag/eks:eks-cluster-name}" + ], + "variable": "aws:RequestTag/eks:eks-cluster-name" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "*" + ], + "sid": "LoadBalancer" + }, + { + "actions": [ + "shield:CreateProtection" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "${aws:PrincipalTag/eks:eks-cluster-name}" + ], + "variable": "aws:RequestTag/eks:eks-cluster-name" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "*" + ], + "sid": "ShieldProtection" + }, + { + "actions": [ + "shield:TagResource" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "${aws:PrincipalTag/eks:eks-cluster-name}" + ], + "variable": "aws:RequestTag/eks:eks-cluster-name" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:shield::*:protection/*" + ], + "sid": "ShieldTagResource" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "aws_iam_session_context", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sts::273729230602:assumed-role/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/ryan", + "id": "arn:aws:sts::273729230602:assumed-role/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/ryan", + "issuer_arn": "arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687", + "issuer_id": "AROAT7O4IS4FGZRTFR25S", + "issuer_name": "AWSReservedSSO_AdministratorAccess_b8026af88eb7c687", + "session_name": "ryan" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "aws_partition", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "dns_suffix": "amazonaws.com", + "id": "aws", + "partition": "aws", + "reverse_dns_prefix": "com.amazonaws" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "data", + "type": "tls_certificate", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/tls\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "certificates": [ + { + "cert_pem": "-----BEGIN CERTIFICATE-----\nMIIEdTCCA12gAwIBAgIJAKcOSkw0grd/MA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV\nBAYTAlVTMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTIw\nMAYDVQQLEylTdGFyZmllbGQgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0\neTAeFw0wOTA5MDIwMDAwMDBaFw0zNDA2MjgxNzM5MTZaMIGYMQswCQYDVQQGEwJV\nUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTElMCMGA1UE\nChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjE7MDkGA1UEAxMyU3RhcmZp\nZWxkIFNlcnZpY2VzIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVDDrEKvlO4vW+GZdfjohTsR8/\ny8+fIBNtKTrID30892t2OGPZNmCom15cAICyL1l/9of5JUOG52kbUpqQ4XHj2C0N\nTm/2yEnZtvMaVq4rtnQU68/7JuMauh2WLmo7WJSJR1b/JaCTcFOD2oR0FMNnngRo\nOt+OQFodSk7PQ5E751bWAHDLUu57fa4657wx+UX2wmDPE1kCK4DMNEffud6QZW0C\nzyyRpqbn3oUYSXxmTqM6bam17jQuug0DuDPfR+uxa40l2ZvOgdFFRjKWcIfeAg5J\nQ4W2bHO7ZOphQazJ1FTfhy/HIrImzJ9ZVGif/L4qL8RVHHVAYBeFAlU5i38FAgMB\nAAGjgfAwge0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0O\nBBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMB8GA1UdIwQYMBaAFL9ft9HO3R+G9FtV\nrNzXEMIOqYjnME8GCCsGAQUFBwEBBEMwQTAcBggrBgEFBQcwAYYQaHR0cDovL28u\nc3MyLnVzLzAhBggrBgEFBQcwAoYVaHR0cDovL3guc3MyLnVzL3guY2VyMCYGA1Ud\nHwQfMB0wG6AZoBeGFWh0dHA6Ly9zLnNzMi51cy9yLmNybDARBgNVHSAECjAIMAYG\nBFUdIAAwDQYJKoZIhvcNAQELBQADggEBACMd44pXyn3pF3lM8R5V/cxTbj5HD9/G\nVfKyBDbtgB9TxF00KGu+x1X8Z+rLP3+QsjPNG1gQggL4+C/1E2DUBc7xgQjB3ad1\nl08YuW3e95ORCLp+QCztweq7dp4zBncdDQh/U90bZKuCJ/Fp1U1ervShw3WnWEQt\n8jxwmKy6abaVd38PMV4s/KCHOkdp8Hlf9BRUpJVeEXgSYCfOn8J3/yNTd126/+pZ\n59vPr5KW7ySaNRB6nJHGDn2Z9j8Z3/VyVOEVqQdZe4O/Ui5GjLIAZHYcSNPYeehu\nVsyuLAOQ1xk4meTKCRlb/weWsKh/NEnfVqn3sF/tM+2MR7cwA130A4w=\n-----END CERTIFICATE-----\n", + "is_ca": true, + "issuer": "OU=Starfield Class 2 Certification Authority,O=Starfield Technologies\\, Inc.,C=US", + "not_after": "2034-06-28T17:39:16Z", + "not_before": "2009-09-02T00:00:00Z", + "public_key_algorithm": "RSA", + "serial_number": "12037640545166866303", + "sha1_fingerprint": "9e99a48a9960b14926bb7f3b02e22da2b0ab7280", + "signature_algorithm": "SHA256-RSA", + "subject": "CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies\\, Inc.,L=Scottsdale,ST=Arizona,C=US", + "version": 3 + }, + { + "cert_pem": "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgITBn+USionzfP6wq4rAfkI7rnExjANBgkqhkiG9w0BAQsF\nADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNj\nb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4x\nOzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1\ndGhvcml0eSAtIEcyMB4XDTE1MDUyNTEyMDAwMFoXDTM3MTIzMTAxMDAwMFowOTEL\nMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv\nb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj\nca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM\n9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw\nIFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6\nVOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L\n93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm\njgSubJrIqg0CAwEAAaOCATEwggEtMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/\nBAQDAgGGMB0GA1UdDgQWBBSEGMyFNOy8DJSULghZnMeyEE4KCDAfBgNVHSMEGDAW\ngBScXwDfqgHXMCs4iKK4bUqc8hGRgzB4BggrBgEFBQcBAQRsMGowLgYIKwYBBQUH\nMAGGImh0dHA6Ly9vY3NwLnJvb3RnMi5hbWF6b250cnVzdC5jb20wOAYIKwYBBQUH\nMAKGLGh0dHA6Ly9jcnQucm9vdGcyLmFtYXpvbnRydXN0LmNvbS9yb290ZzIuY2Vy\nMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwucm9vdGcyLmFtYXpvbnRydXN0\nLmNvbS9yb290ZzIuY3JsMBEGA1UdIAQKMAgwBgYEVR0gADANBgkqhkiG9w0BAQsF\nAAOCAQEAYjdCXLwQtT6LLOkMm2xF4gcAevnFWAu5CIw+7bMlPLVvUOTNNWqnkzSW\nMiGpSESrnO09tKpzbeR/FoCJbM8oAxiDR3mjEH4wW6w7sGDgd9QIpuEdfF7Au/ma\neyKdpwAJfqxGF4PcnCZXmTA5YpaP7dreqsXMGz7KQ2hsVxa81Q4gLv7/wmpdLqBK\nbRRYh5TmOTFffHPLkIhqhBGWJ6bt2YFGpn6jcgAKUj6DiAdjd4lpFw85hdKrCEVN\n0FE6/V1dN2RMfjCyVSRCnTawXZwXgWHxyvkQAiSr6w10kY17RSlQOYiypok1JR4U\nakcjMS9cmvqtmg5iUaQqqcT5NJ0hGA==\n-----END CERTIFICATE-----\n", + "is_ca": true, + "issuer": "CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies\\, Inc.,L=Scottsdale,ST=Arizona,C=US", + "not_after": "2037-12-31T01:00:00Z", + "not_before": "2015-05-25T12:00:00Z", + "public_key_algorithm": "RSA", + "serial_number": "144918191876577076464031512351042010504348870", + "sha1_fingerprint": "06b25927c42a721631c1efd9431e648fa62e1e39", + "signature_algorithm": "SHA256-RSA", + "subject": "CN=Amazon Root CA 1,O=Amazon,C=US", + "version": 3 + }, + { + "cert_pem": "-----BEGIN CERTIFICATE-----\nMIIEXjCCA0agAwIBAgITB3MSTNQG0mfAmRzdKZqfODF5hTANBgkqhkiG9w0BAQsF\nADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\nb24gUm9vdCBDQSAxMB4XDTIyMDgyMzIyMjYwNFoXDTMwMDgyMzIyMjYwNFowPDEL\nMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEcMBoGA1UEAxMTQW1hem9uIFJT\nQSAyMDQ4IE0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALd/pVko\n8vuM475Tf45HV3BbCl/B9Jy89G1CRkFjcPY06WA9lS+7dWbUA7GtWUKoksr69hKM\nwcMsNpxlw7b3jeXFgxB09/nmalcAWtnLzF+LaDKEA5DQmvKzuh1nfIfqEiKCQSmX\nXh09Xs+dO7cm5qbaL2hhNJCSAejciwcvOFgFNgEMR42wm6KIFHsQW28jhA+1u/M0\np6fVwReuEgZfLfdx82Px0LJck3lST3EB/JfbdsdOzzzg5YkY1dfuqf8y5fUeZ7Cz\nWXbTjujwX/TovmeWKA36VLCz75azW6tDNuDn66FOpADZZ9omVaF6BqNJiLMVl6P3\n/c0OiUMC6Z5OfKcCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYD\nVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNV\nHQ4EFgQUVdkYX9IczAHhWLS+q9lVQgHXLgIwHwYDVR0jBBgwFoAUhBjMhTTsvAyU\nlC4IWZzHshBOCggwewYIKwYBBQUHAQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8v\nb2NzcC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDov\nL2NydC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8E\nODA2MDSgMqAwhi5odHRwOi8vY3JsLnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jv\nb3RjYTEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA0GCSqGSIb3DQEBCwUAA4IB\nAQAGjeWm2cC+3z2MzSCnte46/7JZvj3iQZDY7EvODNdZF41n71Lrk9kbfNwerK0d\nVNzW36Wefr7j7ZSwBVg50W5ay65jNSN74TTQV1yt4WnSbVvN6KlMs1hiyOZdoHKs\nKDV2UGNxbdoBYCQNa2GYF8FQIWLugNp35aSOpMy6cFlymFQomIrnOQHwK1nvVY4q\nxDSJMU/gNJz17D8ArPN3ngnyZ2TwepJ0uBINz3G5te2rdFUF4i4Y3Bb7FUlHDYm4\nu8aIRGpk2ZpfXmxaoxnbIBZRvGLPSUuPwnwoUOMsJ8jirI5vs2dvchPb7MtI1rle\ni02f2ivH2vxkjDLltSpe2fiC\n-----END CERTIFICATE-----\n", + "is_ca": true, + "issuer": "CN=Amazon Root CA 1,O=Amazon,C=US", + "not_after": "2030-08-23T22:26:04Z", + "not_before": "2022-08-23T22:26:04Z", + "public_key_algorithm": "RSA", + "serial_number": "166129356476704345391986644047206454194698629", + "sha1_fingerprint": "d9fe0a65fa00cabf61f5120d373a8135e1461f15", + "signature_algorithm": "SHA256-RSA", + "subject": "CN=Amazon RSA 2048 M03,O=Amazon,C=US", + "version": 3 + }, + { + "cert_pem": "-----BEGIN CERTIFICATE-----\nMIIF5zCCBM+gAwIBAgIQB8/B5LYdWaaSLNb9DZLprTANBgkqhkiG9w0BAQsFADA8\nMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g\nUlNBIDIwNDggTTAzMB4XDTI1MDIyNjAwMDAwMFoXDTI2MDMyNzIzNTk1OVowKDEm\nMCQGA1UEAwwdKi5la3MudXMtZWFzdC0xLmFtYXpvbmF3cy5jb20wggEiMA0GCSqG\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoHWcgrIv/D6CxSXSxAq0GuOPoCJqnVz6U\nMhp1YLE9OZs3jH8EfYlNpGtqOtLa1vZb8Lp4CZdATHTj1SoK01MwmXXIDm2Jj+Km\niQvZ0BBe5xroDWvf3r/LWG/WMkRtR4F+qPb9pVYlM9N3WZdSAKfTQTowGxebugLc\nM/+ZLvAxxdtaXK+LID6JRKRa2BIRHcfILiNJo7vIS/I+DOqXn9Rb0VFnkpYpGE+k\nm47kVkFFsToior7zlAwPv6VWsm+zZV9zNnCpu9FpJ3vkZE9OGHS6aChtSya2Qpyr\njyF98KIFTQ+FKtDZHf9XLHmV5v/IP2bWk7lzmPYW4PwcPhDUmC9PAgMBAAGjggL3\nMIIC8zAfBgNVHSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQU\n6mCbzMC1FaJuw7tKpv7muQZDZrowKAYDVR0RBCEwH4IdKi5la3MudXMtZWFzdC0x\nLmFtYXpvbmF3cy5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQD\nAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCg\nLqAshipodHRwOi8vY3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmww\ndQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5h\nbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1h\nem9udHJ1c3QuY29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHW\neQIEAgSCAW8EggFrAWkAdgAOV5S8866pPjMbLJkHs/eQ35vCPXEyJd0hqSWsYcVO\nIQAAAZVBW4SGAAAEAwBHMEUCIQC+CghIdRNpEnK+JGxaeHOel/pYJSUsog1eklre\nLGmoTwIgAj1vm4d6u/93S7GVfw7qotajiMfgHeEf7lANQf0mxf4AdgBkEcRspBLs\np4kcogIuALyrTygH1B41J6vq/tUDyX3N8AAAAZVBW4Q1AAAEAwBHMEUCIAYyeDIv\nJD1IhUkb1E59cbCwTcAYChrSArEZOOAib3dJAiEAix8XjjqXhMNuji/u2fzLxeZ7\nc5PCtDHWx3Ky7QYBfCUAdwBJnJtp3h187Pw23s2HZKa4W68Kh4AZ0VVS++nrKd34\nwwAAAZVBW4RMAAAEAwBIMEYCIQCsj67XcK6jtETNJEPTYPaFqJOMlNtM0TeJwGhm\nBc81sQIhAJoirhaQzC4ydAzLvjpVqKYyuqLktiHkTqFq8IGxBAkIMA0GCSqGSIb3\nDQEBCwUAA4IBAQAjjE2au5fdV/DrlD3e5zZ5hTB4CicIARTWvJQ6EsQm/vbXPoUY\nSHRZkOodq0AJWEC/RImGu8bnVY8RzGsELkMzI4A8UxdlH2YGP8obg6MfP6yGZaHM\nnS4wLX05EnmrABaoRB/apt7tE4w+yRa7QoxUgiTPpFzaQVv1mTcGaWMG55U8tPg7\nLXm539O4OBukbP8HNvjBZ8+N0RYrtG0u0M4FMX1hMKG0bkjJiU6MVZfGJWcgp7I4\nbd5cj5SfE1EHL70P7ELaocXjnWKbys9Mc870aoRXVfAC4bZWU6F9Ke3O7ioXXd5L\n0mKQwrjkiglpYaXc247Qi8IUCdk6s13xHJ4e\n-----END CERTIFICATE-----\n", + "is_ca": false, + "issuer": "CN=Amazon RSA 2048 M03,O=Amazon,C=US", + "not_after": "2026-03-27T23:59:59Z", + "not_before": "2025-02-26T00:00:00Z", + "public_key_algorithm": "RSA", + "serial_number": "10383334045647432453656403708671617453", + "sha1_fingerprint": "63462dda480d8b900e0a7dbfaf6238a62ba4fce0", + "signature_algorithm": "SHA256-RSA", + "subject": "CN=*.eks.us-east-1.amazonaws.com", + "version": 3 + } + ], + "content": null, + "id": "922877a0975ad078a65b8ff11ebc47b8311945c7", + "url": "https://oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A", + "verify_chain": true + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_cloudwatch_log_group", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:logs:us-east-1:273729230602:log-group:/aws/eks/eks1-devel/cluster", + "id": "/aws/eks/eks1-devel/cluster", + "kms_key_id": "", + "log_group_class": "STANDARD", + "name": "/aws/eks/eks1-devel/cluster", + "name_prefix": "", + "retention_in_days": 90, + "skip_destroy": false, + "tags": { + "Name": "/aws/eks/eks1-devel/cluster" + }, + "tags_all": { + "Environment": "devel", + "Name": "/aws/eks/eks1-devel/cluster", + "Service": "Kubernetes" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_eks_access_entry", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "cluster_creator", + "schema_version": 0, + "attributes": { + "access_entry_arn": "arn:aws:eks:us-east-1:273729230602:access-entry/eks1-devel/role/273729230602/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/66cc10dc-ed50-38ab-ada1-21d9a0375aef", + "cluster_name": "eks1-devel", + "created_at": "2025-07-19T08:08:05Z", + "id": "eks1-devel:arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687", + "kubernetes_groups": [], + "modified_at": "2025-07-19T08:08:05Z", + "principal_arn": "arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": null, + "type": "STANDARD", + "user_name": "arn:aws:sts::273729230602:assumed-role/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/{{SessionName}}" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_eks_access_policy_association", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "cluster_creator_admin", + "schema_version": 0, + "attributes": { + "access_scope": [ + { + "namespaces": [], + "type": "cluster" + } + ], + "associated_at": "2025-07-19 08:08:05.895 +0000 UTC", + "cluster_name": "eks1-devel", + "id": "eks1-devel#arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687#arn:aws:eks::aws:cluster-access-policy/AmazonEKSClusterAdminPolicy", + "modified_at": "2025-07-19 08:08:05.895 +0000 UTC", + "policy_arn": "arn:aws:eks::aws:cluster-access-policy/AmazonEKSClusterAdminPolicy", + "principal_arn": "arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_access_entry.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_eks_addon", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "coredns", + "schema_version": 0, + "attributes": { + "addon_name": "coredns", + "addon_version": "v1.12.1-eksbuild.2", + "arn": "arn:aws:eks:us-east-1:273729230602:addon/eks1-devel/coredns/22cc10de-08ca-1449-559c-2064d0e73e23", + "cluster_name": "eks1-devel", + "configuration_values": "", + "created_at": "2025-07-19T08:10:30Z", + "id": "eks1-devel:coredns", + "modified_at": "2025-07-19T08:10:42Z", + "pod_identity_association": [], + "preserve": true, + "resolve_conflicts": null, + "resolve_conflicts_on_create": "OVERWRITE", + "resolve_conflicts_on_update": "OVERWRITE", + "service_account_role_arn": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": { + "create": null, + "delete": null, + "update": null + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjI0MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_eks_addon_version.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_eks_node_group.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.module.fargate_profile.aws_eks_fargate_profile.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.fargate_profile.data.aws_caller_identity.current", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.fargate_profile.data.aws_partition.current", + "module.eks.module.eks.module.fargate_profile.data.aws_region.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_group.this", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.self_managed_node_group.aws_eks_access_entry.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_instance_profile.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.self_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.self_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.self_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.self_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + }, + { + "index_key": "eks-pod-identity-agent", + "schema_version": 0, + "attributes": { + "addon_name": "eks-pod-identity-agent", + "addon_version": "v1.3.8-eksbuild.2", + "arn": "arn:aws:eks:us-east-1:273729230602:addon/eks1-devel/eks-pod-identity-agent/86cc10de-08c0-80ee-d37b-8fa3d54675f3", + "cluster_name": "eks1-devel", + "configuration_values": "", + "created_at": "2025-07-19T08:10:30Z", + "id": "eks1-devel:eks-pod-identity-agent", + "modified_at": "2025-07-19T08:11:06Z", + "pod_identity_association": [], + "preserve": true, + "resolve_conflicts": null, + "resolve_conflicts_on_create": "OVERWRITE", + "resolve_conflicts_on_update": "OVERWRITE", + "service_account_role_arn": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": { + "create": null, + "delete": null, + "update": null + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjI0MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_eks_addon_version.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_eks_node_group.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.module.fargate_profile.aws_eks_fargate_profile.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.fargate_profile.data.aws_caller_identity.current", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.fargate_profile.data.aws_partition.current", + "module.eks.module.eks.module.fargate_profile.data.aws_region.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_group.this", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.self_managed_node_group.aws_eks_access_entry.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_instance_profile.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.self_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.self_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.self_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.self_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + }, + { + "index_key": "kube-proxy", + "schema_version": 0, + "attributes": { + "addon_name": "kube-proxy", + "addon_version": "v1.33.0-eksbuild.2", + "arn": "arn:aws:eks:us-east-1:273729230602:addon/eks1-devel/kube-proxy/7ecc10de-08c9-6c05-a647-aafa3a2b4c52", + "cluster_name": "eks1-devel", + "configuration_values": "", + "created_at": "2025-07-19T08:10:30Z", + "id": "eks1-devel:kube-proxy", + "modified_at": "2025-07-19T08:10:36Z", + "pod_identity_association": [], + "preserve": true, + "resolve_conflicts": null, + "resolve_conflicts_on_create": "OVERWRITE", + "resolve_conflicts_on_update": "OVERWRITE", + "service_account_role_arn": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": { + "create": null, + "delete": null, + "update": null + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjI0MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_eks_addon_version.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_eks_node_group.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.module.fargate_profile.aws_eks_fargate_profile.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.fargate_profile.data.aws_caller_identity.current", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.fargate_profile.data.aws_partition.current", + "module.eks.module.eks.module.fargate_profile.data.aws_region.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_group.this", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.self_managed_node_group.aws_eks_access_entry.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_instance_profile.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.self_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.self_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.self_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.self_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + }, + { + "index_key": "vpc-cni", + "schema_version": 0, + "attributes": { + "addon_name": "vpc-cni", + "addon_version": "v1.19.5-eksbuild.1", + "arn": "arn:aws:eks:us-east-1:273729230602:addon/eks1-devel/vpc-cni/30cc10de-08ca-a1d4-f69e-192827a61e68", + "cluster_name": "eks1-devel", + "configuration_values": "", + "created_at": "2025-07-19T08:10:30Z", + "id": "eks1-devel:vpc-cni", + "modified_at": "2025-07-19T08:11:07Z", + "pod_identity_association": [], + "preserve": true, + "resolve_conflicts": null, + "resolve_conflicts_on_create": "OVERWRITE", + "resolve_conflicts_on_update": "OVERWRITE", + "service_account_role_arn": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": { + "create": null, + "delete": null, + "update": null + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjI0MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_eks_addon_version.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_eks_node_group.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.module.fargate_profile.aws_eks_fargate_profile.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy.this", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.fargate_profile.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.fargate_profile.data.aws_caller_identity.current", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.fargate_profile.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.fargate_profile.data.aws_partition.current", + "module.eks.module.eks.module.fargate_profile.data.aws_region.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_group.this", + "module.eks.module.eks.module.self_managed_node_group.aws_autoscaling_schedule.this", + "module.eks.module.eks.module.self_managed_node_group.aws_eks_access_entry.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_instance_profile.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy.this", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.self_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.self_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.self_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.self_managed_node_group.data.aws_iam_policy_document.role", + "module.eks.module.eks.module.self_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.self_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.self_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.self_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_eks_cluster", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 1, + "attributes": { + "access_config": [ + { + "authentication_mode": "API_AND_CONFIG_MAP", + "bootstrap_cluster_creator_admin_permissions": false + } + ], + "arn": "arn:aws:eks:us-east-1:273729230602:cluster/eks1-devel", + "bootstrap_self_managed_addons": true, + "certificate_authority": [ + { + "data": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCVENDQWUyZ0F3SUJBZ0lJTUtzRlVZekl3NU13RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TlRBM01Ua3dOelUyTkRKYUZ3MHpOVEEzTVRjd09EQXhOREphTUJVeApFekFSQmdOVkJBTVRDbXQxWW1WeWJtVjBaWE13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUUMvREF1NHI0aGgxNXltRVV6OUwzcUlHM05haW4zSm56VTBrVmhSRVpHNUo0dWJxeU1Wd0VnVEh6alkKY2Rid0FWbWhYeXNYdkc0NzBIWDJPSUNMWlVvTG5EejlLNlNnWmpVanFhMXVON25aRXNiMTZoTDBoUmxxOWhkVgo5WWFGZzh1NkJNSlZsYTNWZnhUa1YyQVhCYTVkNGYxd0J2SkFKV2JCUFZBSUhMVyt5djdDTmNFbmwzK2ZMWCtUCkRVUTVvRDF4elU3SFhRV3B5eGZNcW9keGJWcXl4akIrSlNCOCtZRmM5WTA2WTEzUk5KSW9YM2FtaXNwcGNpVVIKdWhtUFlVSGdHQVFySnM5enRHUm05SkYxY3NjQjc2NmNPdDVNTVY2c0daaFIyaFBOUXhPSTFqVWtjQjRxRk9GMQpxUkk0ZDdFckIzbXp5UThUc1h5WDNSNW90Tk4xQWdNQkFBR2pXVEJYTUE0R0ExVWREd0VCL3dRRUF3SUNwREFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJRNHNpMGVqbHJlODlqdVkrT0ZDcm54NTRxOWJEQVYKQmdOVkhSRUVEakFNZ2dwcmRXSmxjbTVsZEdWek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQW53VW56TDZLUAo5dUxmTjh6ZnUwcnRNeXFpZnV5SFFjOS9ZdWNYNEhWMDhkay8yVGpmZWczU29VR1F6WFVPZ09Xd0tvS2VKQ3JqCnVQYWljbDM1QnJEZXdHVC94dHcxbFAwT29PcFo0dHBUaG5XUFAyS0t5VzF6aHJQZnRYMDNrUlZPcXRJbWRPc3QKWjlTajhUcCt0ZXNFTkNQQllIMlg3Wnc0NnZ4N1gvUi9KZzhtR210VmZ4Y1BqOUtNK0JrTThMbTZUOG5jY1U5MQpPZjFFTldwY2U5emxqQUZVNnc3VlpzMEEveXpzb21CMWc1UGVydE4ram1hbS9PcUswb2hPUVA3VEtITHZUMlpXCkUzbjNOb3dGMkdqcmRmVjVvVWhQT0FJc084cll0OUhMZ0dSZ0cvZnZLL2ZiU1ZURmU3eG4wR21QT2ZvK3daQjMKd2VwTGxyTndjK0UzCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" + } + ], + "cluster_id": null, + "compute_config": [], + "created_at": "2025-07-19T07:56:57Z", + "enabled_cluster_log_types": [ + "api", + "audit", + "authenticator" + ], + "encryption_config": [ + { + "provider": [ + { + "key_arn": "arn:aws:kms:us-east-1:273729230602:key/592722d1-13ec-4bf0-9ebe-202421243587" + } + ], + "resources": [ + "secrets" + ] + } + ], + "endpoint": "https://90F53ECE705908D3A306F170FF42DF7A.gr7.us-east-1.eks.amazonaws.com", + "force_update_version": null, + "id": "eks1-devel", + "identity": [ + { + "oidc": [ + { + "issuer": "https://oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A" + } + ] + } + ], + "kubernetes_network_config": [ + { + "elastic_load_balancing": [ + { + "enabled": false + } + ], + "ip_family": "ipv4", + "service_ipv4_cidr": "10.100.0.0/16", + "service_ipv6_cidr": "" + } + ], + "name": "eks1-devel", + "outpost_config": [], + "platform_version": "eks.6", + "remote_network_config": [], + "role_arn": "arn:aws:iam::273729230602:role/eks1-devel-cluster-20250719075633606000000008", + "status": "ACTIVE", + "storage_config": [], + "tags": { + "terraform-aws-modules": "eks" + }, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes", + "terraform-aws-modules": "eks" + }, + "timeouts": { + "create": null, + "delete": null, + "update": null + }, + "upgrade_policy": [ + { + "support_type": "EXTENDED" + } + ], + "version": "1.33", + "vpc_config": [ + { + "cluster_security_group_id": "sg-04bdddfe491ab9609", + "endpoint_private_access": true, + "endpoint_public_access": true, + "public_access_cidrs": [ + "0.0.0.0/0" + ], + "security_group_ids": [ + "sg-083197778dd666866" + ], + "subnet_ids": [ + "subnet-0115e5b05ab6b132c", + "subnet-03b49ea861522bc48", + "subnet-0556ce01354322097", + "subnet-0a6eed6971e44375c", + "subnet-0cee9908287eaa414", + "subnet-0f439778eb62eac4d" + ], + "vpc_id": "vpc-0271dff7a4b4bbf76" + } + ], + "zonal_shift_config": [] + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjkwMDAwMDAwMDAwMCwidXBkYXRlIjozNjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_openid_connect_provider", + "name": "oidc_provider", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:oidc-provider/oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A", + "client_id_list": [ + "sts.amazonaws.com" + ], + "id": "arn:aws:iam::273729230602:oidc-provider/oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A", + "tags": { + "Name": "eks1-devel-eks-irsa" + }, + "tags_all": { + "Environment": "devel", + "Name": "eks1-devel-eks-irsa", + "Service": "Kubernetes" + }, + "thumbprint_list": [ + "9e99a48a9960b14926bb7f3b02e22da2b0ab7280" + ], + "url": "oidc.eks.us-east-1.amazonaws.com/id/90F53ECE705908D3A306F170FF42DF7A" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.data.tls_certificate.this", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_policy", + "name": "cluster_encryption", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:policy/eks1-devel-cluster-ClusterEncryption20250719075654985100000019", + "attachment_count": 1, + "description": "Cluster encryption policy to allow cluster role to utilize CMK provided", + "id": "arn:aws:iam::273729230602:policy/eks1-devel-cluster-ClusterEncryption20250719075654985100000019", + "name": "eks1-devel-cluster-ClusterEncryption20250719075654985100000019", + "name_prefix": "eks1-devel-cluster-ClusterEncryption", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":[\"kms:Encrypt\",\"kms:Decrypt\",\"kms:ListGrants\",\"kms:DescribeKey\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:kms:us-east-1:273729230602:key/592722d1-13ec-4bf0-9ebe-202421243587\"}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAT7O4IS4FGQBA7MP5J", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_policy", + "name": "custom", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:policy/eks1-devel-cluster-2025071907563363730000000b", + "attachment_count": 1, + "description": "", + "id": "arn:aws:iam::273729230602:policy/eks1-devel-cluster-2025071907563363730000000b", + "name": "eks1-devel-cluster-2025071907563363730000000b", + "name_prefix": "eks1-devel-cluster-", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":[\"ec2:RunInstances\",\"ec2:CreateLaunchTemplate\",\"ec2:CreateFleet\"],\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"},\"StringLike\":{\"aws:RequestTag/eks:kubernetes-node-class-name\":\"*\",\"aws:RequestTag/eks:kubernetes-node-pool-name\":\"*\"}},\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"Compute\"},{\"Action\":[\"ec2:CreateVolume\",\"ec2:CreateSnapshot\"],\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}},\"Effect\":\"Allow\",\"Resource\":[\"arn:aws:ec2:*:*:volume/*\",\"arn:aws:ec2:*:*:snapshot/*\"],\"Sid\":\"Storage\"},{\"Action\":\"ec2:CreateNetworkInterface\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\",\"aws:RequestTag/eks:kubernetes-cni-node-name\":\"*\"}},\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"Networking\"},{\"Action\":[\"elasticloadbalancing:CreateTargetGroup\",\"elasticloadbalancing:CreateRule\",\"elasticloadbalancing:CreateLoadBalancer\",\"elasticloadbalancing:CreateListener\",\"ec2:CreateSecurityGroup\"],\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}},\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"LoadBalancer\"},{\"Action\":\"shield:CreateProtection\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}},\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"ShieldProtection\"},{\"Action\":\"shield:TagResource\",\"Condition\":{\"StringEquals\":{\"aws:RequestTag/eks:eks-cluster-name\":\"${aws:PrincipalTag/eks:eks-cluster-name}\"}},\"Effect\":\"Allow\",\"Resource\":\"arn:aws:shield::*:protection/*\",\"Sid\":\"ShieldTagResource\"}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAT7O4IS4FOKMADCWTF", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.data.aws_iam_policy_document.custom", + "module.eks.module.eks.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_role", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:role/eks1-devel-cluster-20250719075633606000000008", + "assume_role_policy": "{\"Statement\":[{\"Action\":[\"sts:TagSession\",\"sts:AssumeRole\"],\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"eks.amazonaws.com\"},\"Sid\":\"EKSClusterAssumeRole\"}],\"Version\":\"2012-10-17\"}", + "create_date": "2025-07-19T07:56:33Z", + "description": "", + "force_detach_policies": true, + "id": "eks1-devel-cluster-20250719075633606000000008", + "inline_policy": [], + "managed_policy_arns": [ + "arn:aws:iam::273729230602:policy/eks1-devel-cluster-2025071907563363730000000b", + "arn:aws:iam::273729230602:policy/eks1-devel-cluster-ClusterEncryption20250719075654985100000019", + "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy", + "arn:aws:iam::aws:policy/AmazonEKSVPCResourceController" + ], + "max_session_duration": 3600, + "name": "eks1-devel-cluster-20250719075633606000000008", + "name_prefix": "eks1-devel-cluster-", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "unique_id": "AROAT7O4IS4FJXPJNXY4D" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "cluster_encryption", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "eks1-devel-cluster-20250719075633606000000008-2025071907565538500000001a", + "policy_arn": "arn:aws:iam::273729230602:policy/eks1-devel-cluster-ClusterEncryption20250719075654985100000019", + "role": "eks1-devel-cluster-20250719075633606000000008" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_iam_policy.cluster_encryption", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "custom", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "eks1-devel-cluster-20250719075633606000000008-2025071907563420370000000f", + "policy_arn": "arn:aws:iam::273729230602:policy/eks1-devel-cluster-2025071907563363730000000b", + "role": "eks1-devel-cluster-20250719075633606000000008" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_iam_policy.custom", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.custom", + "module.eks.module.eks.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "AmazonEKSClusterPolicy", + "schema_version": 0, + "attributes": { + "id": "eks1-devel-cluster-20250719075633606000000008-2025071907563413140000000d", + "policy_arn": "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy", + "role": "eks1-devel-cluster-20250719075633606000000008" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "AmazonEKSVPCResourceController", + "schema_version": 0, + "attributes": { + "id": "eks1-devel-cluster-20250719075633606000000008-2025071907563417810000000e", + "policy_arn": "arn:aws:iam::aws:policy/AmazonEKSVPCResourceController", + "role": "eks1-devel-cluster-20250719075633606000000008" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_security_group", + "name": "cluster", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:security-group/sg-083197778dd666866", + "description": "EKS cluster security group", + "egress": [], + "id": "sg-083197778dd666866", + "ingress": [ + { + "cidr_blocks": [], + "description": "Node groups to cluster API", + "from_port": 443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-063a641aa5386b819" + ], + "self": false, + "to_port": 443 + } + ], + "name": "eks1-devel-cluster-20250719075633405800000007", + "name_prefix": "eks1-devel-cluster-", + "owner_id": "273729230602", + "revoke_rules_on_delete": false, + "tags": { + "Name": "eks1-devel-cluster" + }, + "tags_all": { + "Environment": "devel", + "Name": "eks1-devel-cluster", + "Service": "Kubernetes" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_security_group", + "name": "node", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:security-group/sg-063a641aa5386b819", + "description": "EKS node shared security group", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "Allow all egress", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-063a641aa5386b819", + "ingress": [ + { + "cidr_blocks": [], + "description": "Cluster API to node 4443/tcp webhook", + "from_port": 4443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-083197778dd666866" + ], + "self": false, + "to_port": 4443 + }, + { + "cidr_blocks": [], + "description": "Cluster API to node 6443/tcp webhook", + "from_port": 6443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-083197778dd666866" + ], + "self": false, + "to_port": 6443 + }, + { + "cidr_blocks": [], + "description": "Cluster API to node 8443/tcp webhook", + "from_port": 8443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-083197778dd666866" + ], + "self": false, + "to_port": 8443 + }, + { + "cidr_blocks": [], + "description": "Cluster API to node 9443/tcp webhook", + "from_port": 9443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-083197778dd666866" + ], + "self": false, + "to_port": 9443 + }, + { + "cidr_blocks": [], + "description": "Cluster API to node groups", + "from_port": 443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-083197778dd666866" + ], + "self": false, + "to_port": 443 + }, + { + "cidr_blocks": [], + "description": "Cluster API to node kubelets", + "from_port": 10250, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-083197778dd666866" + ], + "self": false, + "to_port": 10250 + }, + { + "cidr_blocks": [], + "description": "Node to node CoreDNS UDP", + "from_port": 53, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "udp", + "security_groups": [], + "self": true, + "to_port": 53 + }, + { + "cidr_blocks": [], + "description": "Node to node CoreDNS", + "from_port": 53, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": true, + "to_port": 53 + }, + { + "cidr_blocks": [], + "description": "Node to node ingress on ephemeral ports", + "from_port": 1025, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": true, + "to_port": 65535 + }, + { + "cidr_blocks": [], + "description": "elbv2.k8s.aws/targetGroupBinding=shared", + "from_port": 80, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-08edcfa4ed8f2750c" + ], + "self": false, + "to_port": 443 + } + ], + "name": "eks1-devel-node-20250719075633361600000006", + "name_prefix": "eks1-devel-node-", + "owner_id": "273729230602", + "revoke_rules_on_delete": false, + "tags": { + "Name": "eks1-devel-node", + "kubernetes.io/cluster/eks1-devel": "owned" + }, + "tags_all": { + "Environment": "devel", + "Name": "eks1-devel-node", + "Service": "Kubernetes", + "kubernetes.io/cluster/eks1-devel": "owned" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "cluster", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "ingress_nodes_443", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Node groups to cluster API", + "from_port": 443, + "id": "sgrule-3717588776", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-083197778dd666866", + "security_group_rule_id": "sgr-07dae13a6cd8bce1c", + "self": false, + "source_security_group_id": "sg-063a641aa5386b819", + "timeouts": null, + "to_port": 443, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "node", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "egress_all", + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "Allow all egress", + "from_port": 0, + "id": "sgrule-3441080525", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "-1", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0ea964a89d843a0a0", + "self": false, + "source_security_group_id": null, + "timeouts": null, + "to_port": 0, + "type": "egress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_cluster_443", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Cluster API to node groups", + "from_port": 443, + "id": "sgrule-986645080", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0e2f50fd542c0a7c8", + "self": false, + "source_security_group_id": "sg-083197778dd666866", + "timeouts": null, + "to_port": 443, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_cluster_4443_webhook", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Cluster API to node 4443/tcp webhook", + "from_port": 4443, + "id": "sgrule-2457107927", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0b0bd0151369d45ff", + "self": false, + "source_security_group_id": "sg-083197778dd666866", + "timeouts": null, + "to_port": 4443, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_cluster_6443_webhook", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Cluster API to node 6443/tcp webhook", + "from_port": 6443, + "id": "sgrule-1530272321", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0f8f97800e1c5e042", + "self": false, + "source_security_group_id": "sg-083197778dd666866", + "timeouts": null, + "to_port": 6443, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_cluster_8443_webhook", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Cluster API to node 8443/tcp webhook", + "from_port": 8443, + "id": "sgrule-1214916192", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0c411c3c91bee611f", + "self": false, + "source_security_group_id": "sg-083197778dd666866", + "timeouts": null, + "to_port": 8443, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_cluster_9443_webhook", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Cluster API to node 9443/tcp webhook", + "from_port": 9443, + "id": "sgrule-751506859", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0a9f4327f22f355fd", + "self": false, + "source_security_group_id": "sg-083197778dd666866", + "timeouts": null, + "to_port": 9443, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_cluster_kubelet", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Cluster API to node kubelets", + "from_port": 10250, + "id": "sgrule-1437854411", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0774a9650224677b4", + "self": false, + "source_security_group_id": "sg-083197778dd666866", + "timeouts": null, + "to_port": 10250, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_nodes_ephemeral", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Node to node ingress on ephemeral ports", + "from_port": 1025, + "id": "sgrule-3550635973", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-08b37530bc90d30c0", + "self": true, + "source_security_group_id": null, + "timeouts": null, + "to_port": 65535, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_self_coredns_tcp", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Node to node CoreDNS", + "from_port": 53, + "id": "sgrule-141682456", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-057ac0a5263496085", + "self": true, + "source_security_group_id": null, + "timeouts": null, + "to_port": 53, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "ingress_self_coredns_udp", + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": "Node to node CoreDNS UDP", + "from_port": 53, + "id": "sgrule-2888713463", + "ipv6_cidr_blocks": null, + "prefix_list_ids": [], + "protocol": "udp", + "security_group_id": "sg-063a641aa5386b819", + "security_group_rule_id": "sgr-0ef59508e058468d0", + "self": true, + "source_security_group_id": null, + "timeouts": null, + "to_port": 53, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks", + "mode": "managed", + "type": "time_sleep", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/time\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "create_duration": "30s", + "destroy_duration": null, + "id": "2025-07-19T08:08:34Z", + "triggers": { + "cluster_certificate_authority_data": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCVENDQWUyZ0F3SUJBZ0lJTUtzRlVZekl3NU13RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TlRBM01Ua3dOelUyTkRKYUZ3MHpOVEEzTVRjd09EQXhOREphTUJVeApFekFSQmdOVkJBTVRDbXQxWW1WeWJtVjBaWE13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUUMvREF1NHI0aGgxNXltRVV6OUwzcUlHM05haW4zSm56VTBrVmhSRVpHNUo0dWJxeU1Wd0VnVEh6alkKY2Rid0FWbWhYeXNYdkc0NzBIWDJPSUNMWlVvTG5EejlLNlNnWmpVanFhMXVON25aRXNiMTZoTDBoUmxxOWhkVgo5WWFGZzh1NkJNSlZsYTNWZnhUa1YyQVhCYTVkNGYxd0J2SkFKV2JCUFZBSUhMVyt5djdDTmNFbmwzK2ZMWCtUCkRVUTVvRDF4elU3SFhRV3B5eGZNcW9keGJWcXl4akIrSlNCOCtZRmM5WTA2WTEzUk5KSW9YM2FtaXNwcGNpVVIKdWhtUFlVSGdHQVFySnM5enRHUm05SkYxY3NjQjc2NmNPdDVNTVY2c0daaFIyaFBOUXhPSTFqVWtjQjRxRk9GMQpxUkk0ZDdFckIzbXp5UThUc1h5WDNSNW90Tk4xQWdNQkFBR2pXVEJYTUE0R0ExVWREd0VCL3dRRUF3SUNwREFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJRNHNpMGVqbHJlODlqdVkrT0ZDcm54NTRxOWJEQVYKQmdOVkhSRUVEakFNZ2dwcmRXSmxjbTVsZEdWek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQW53VW56TDZLUAo5dUxmTjh6ZnUwcnRNeXFpZnV5SFFjOS9ZdWNYNEhWMDhkay8yVGpmZWczU29VR1F6WFVPZ09Xd0tvS2VKQ3JqCnVQYWljbDM1QnJEZXdHVC94dHcxbFAwT29PcFo0dHBUaG5XUFAyS0t5VzF6aHJQZnRYMDNrUlZPcXRJbWRPc3QKWjlTajhUcCt0ZXNFTkNQQllIMlg3Wnc0NnZ4N1gvUi9KZzhtR210VmZ4Y1BqOUtNK0JrTThMbTZUOG5jY1U5MQpPZjFFTldwY2U5emxqQUZVNnc3VlpzMEEveXpzb21CMWc1UGVydE4ram1hbS9PcUswb2hPUVA3VEtITHZUMlpXCkUzbjNOb3dGMkdqcmRmVjVvVWhQT0FJc084cll0OUhMZ0dSZ0cvZnZLL2ZiU1ZURmU3eG4wR21QT2ZvK3daQjMKd2VwTGxyTndjK0UzCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K", + "cluster_endpoint": "https://90F53ECE705908D3A306F170FF42DF7A.gr7.us-east-1.eks.amazonaws.com", + "cluster_name": "eks1-devel", + "cluster_service_cidr": "10.100.0.0/16", + "cluster_version": "1.33" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "273729230602", + "arn": "arn:aws:sts::273729230602:assumed-role/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/ryan", + "id": "273729230602", + "user_id": "AROAT7O4IS4FGZRTFR25S:ryan" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "assume_role_policy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "2560088296", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"EKSNodeAssumeRole\",\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"EKSNodeAssumeRole\",\"Effect\":\"Allow\",\"Action\":\"sts:AssumeRole\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sts:AssumeRole" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "ec2.amazonaws.com" + ], + "type": "Service" + } + ], + "resources": [], + "sid": "EKSNodeAssumeRole" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "data", + "type": "aws_partition", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "dns_suffix": "amazonaws.com", + "id": "aws", + "partition": "aws", + "reverse_dns_prefix": "com.amazonaws" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "managed", + "type": "aws_eks_node_group", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "ami_type": "AL2023_x86_64_STANDARD", + "arn": "arn:aws:eks:us-east-1:273729230602:nodegroup/eks1-devel/ng-20250720075452134700000007/9ecc136a-0ed4-ed3d-4abc-e209bf79bbc4", + "capacity_type": "ON_DEMAND", + "cluster_name": "eks1-devel", + "disk_size": 0, + "force_update_version": null, + "id": "eks1-devel:ng-20250720075452134700000007", + "instance_types": [ + "m5.large" + ], + "labels": null, + "launch_template": [ + { + "id": "lt-0abd256b85e9cea74", + "name": "ng-20250720075446265800000005", + "version": "1" + } + ], + "node_group_name": "ng-20250720075452134700000007", + "node_group_name_prefix": "ng-", + "node_repair_config": [], + "node_role_arn": "arn:aws:iam::273729230602:role/ng-eks-node-group-20250720075445339700000001", + "release_version": "1.33.0-20250715", + "remote_access": [], + "resources": [ + { + "autoscaling_groups": [ + { + "name": "eks-ng-20250720075452134700000007-9ecc136a-0ed4-ed3d-4abc-e209bf79bbc4" + } + ], + "remote_access_security_group_id": "" + } + ], + "scaling_config": [ + { + "desired_size": 1, + "max_size": 10, + "min_size": 1 + } + ], + "status": "ACTIVE", + "subnet_ids": [ + "subnet-0115e5b05ab6b132c", + "subnet-03b49ea861522bc48", + "subnet-0556ce01354322097", + "subnet-0a6eed6971e44375c", + "subnet-0cee9908287eaa414", + "subnet-0f439778eb62eac4d" + ], + "tags": { + "Name": "ng" + }, + "tags_all": { + "Environment": "devel", + "Name": "ng", + "Service": "Kubernetes" + }, + "taint": [], + "timeouts": { + "create": null, + "delete": null, + "update": null + }, + "update_config": [ + { + "max_unavailable": 0, + "max_unavailable_percentage": 33 + } + ], + "version": "1.33" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozNjAwMDAwMDAwMDAwLCJkZWxldGUiOjM2MDAwMDAwMDAwMDAsInVwZGF0ZSI6MzYwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_launch_template.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type_offerings.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ssm_parameter.ami", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_subnets.placement_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "managed", + "type": "aws_iam_role", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::273729230602:role/ng-eks-node-group-20250720075445339700000001", + "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Sid\":\"EKSNodeAssumeRole\"}],\"Version\":\"2012-10-17\"}", + "create_date": "2025-07-20T07:54:45Z", + "description": "EKS managed node group IAM role", + "force_detach_policies": true, + "id": "ng-eks-node-group-20250720075445339700000001", + "inline_policy": [], + "managed_policy_arns": [], + "max_session_duration": 3600, + "name": "ng-eks-node-group-20250720075445339700000001", + "name_prefix": "ng-eks-node-group-", + "path": "/", + "permissions_boundary": "", + "tags": null, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "unique_id": "AROAT7O4IS4FF3VCO5L57" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "AmazonEC2ContainerRegistryReadOnly", + "schema_version": 0, + "attributes": { + "id": "ng-eks-node-group-20250720075445339700000001-20250720075446120700000004", + "policy_arn": "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly", + "role": "ng-eks-node-group-20250720075445339700000001" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "AmazonEKSWorkerNodePolicy", + "schema_version": 0, + "attributes": { + "id": "ng-eks-node-group-20250720075445339700000001-20250720075446120300000003", + "policy_arn": "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy", + "role": "ng-eks-node-group-20250720075445339700000001" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "AmazonEKS_CNI_Policy", + "schema_version": 0, + "attributes": { + "id": "ng-eks-node-group-20250720075445339700000001-20250720075446018000000002", + "policy_arn": "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy", + "role": "ng-eks-node-group-20250720075445339700000001" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"]", + "mode": "managed", + "type": "aws_launch_template", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:launch-template/lt-0abd256b85e9cea74", + "block_device_mappings": [], + "capacity_reservation_specification": [], + "cpu_options": [], + "credit_specification": [], + "default_version": 1, + "description": "Custom launch template for ng EKS managed node group", + "disable_api_stop": false, + "disable_api_termination": false, + "ebs_optimized": "", + "elastic_gpu_specifications": [], + "elastic_inference_accelerator": [], + "enclave_options": [], + "hibernation_options": [], + "iam_instance_profile": [], + "id": "lt-0abd256b85e9cea74", + "image_id": "", + "instance_initiated_shutdown_behavior": "", + "instance_market_options": [], + "instance_requirements": [], + "instance_type": "", + "kernel_id": "", + "key_name": "", + "latest_version": 1, + "license_specification": [], + "maintenance_options": [], + "metadata_options": [ + { + "http_endpoint": "enabled", + "http_protocol_ipv6": "", + "http_put_response_hop_limit": 2, + "http_tokens": "required", + "instance_metadata_tags": "" + } + ], + "monitoring": [ + { + "enabled": true + } + ], + "name": "ng-20250720075446265800000005", + "name_prefix": "ng-", + "network_interfaces": [], + "placement": [], + "private_dns_name_options": [], + "ram_disk_id": "", + "security_group_names": null, + "tag_specifications": [ + { + "resource_type": "instance", + "tags": { + "Name": "ng" + } + }, + { + "resource_type": "network-interface", + "tags": { + "Name": "ng" + } + }, + { + "resource_type": "volume", + "tags": { + "Name": "ng" + } + } + ], + "tags": null, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "update_default_version": true, + "user_data": "", + "vpc_security_group_ids": [ + "sg-063a641aa5386b819" + ] + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.additional", + "module.eks.module.eks.module.eks_managed_node_group.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.module.eks_managed_node_group.aws_placement_group.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_caller_identity.current", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_ec2_instance_type.this", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.module.eks_managed_node_group.data.aws_partition.current", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.al2023_eks_managed_node_group", + "module.eks.module.eks.module.eks_managed_node_group.module.user_data.data.cloudinit_config.linux_eks_managed_node_group", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"].module.user_data", + "mode": "managed", + "type": "null_resource", + "name": "validate_cluster_service_cidr", + "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "9138203175680545676", + "triggers": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "dependencies": [ + "module.eks.module.eks.aws_cloudwatch_log_group.this", + "module.eks.module.eks.aws_eks_cluster.this", + "module.eks.module.eks.aws_iam_policy.cni_ipv6_policy", + "module.eks.module.eks.aws_iam_role.eks_auto", + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.aws_iam_role_policy_attachment.this", + "module.eks.module.eks.aws_security_group.cluster", + "module.eks.module.eks.aws_security_group.node", + "module.eks.module.eks.aws_security_group_rule.cluster", + "module.eks.module.eks.aws_security_group_rule.node", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_policy_document.cni_ipv6_policy", + "module.eks.module.eks.data.aws_iam_policy_document.node_assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.data.aws_partition.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.eks.module.eks.time_sleep.this", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks.module.kms", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "account_id": "273729230602", + "arn": "arn:aws:sts::273729230602:assumed-role/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687/ryan", + "id": "273729230602", + "user_id": "AROAT7O4IS4FGZRTFR25S:ryan" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks.module.kms", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "3322799044", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"Default\",\n \"Effect\": \"Allow\",\n \"Action\": \"kms:*\",\n \"Resource\": \"*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::273729230602:root\"\n }\n },\n {\n \"Sid\": \"KeyAdministration\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"kms:Update*\",\n \"kms:UntagResource\",\n \"kms:TagResource\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:Revoke*\",\n \"kms:ReplicateKey\",\n \"kms:Put*\",\n \"kms:List*\",\n \"kms:ImportKeyMaterial\",\n \"kms:Get*\",\n \"kms:Enable*\",\n \"kms:Disable*\",\n \"kms:Describe*\",\n \"kms:Delete*\",\n \"kms:Create*\",\n \"kms:CancelKeyDeletion\"\n ],\n \"Resource\": \"*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687\"\n }\n },\n {\n \"Sid\": \"KeyUsage\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"kms:ReEncrypt*\",\n \"kms:GenerateDataKey*\",\n \"kms:Encrypt\",\n \"kms:DescribeKey\",\n \"kms:Decrypt\"\n ],\n \"Resource\": \"*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::273729230602:role/eks1-devel-cluster-20250719075633606000000008\"\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Default\",\"Effect\":\"Allow\",\"Action\":\"kms:*\",\"Resource\":\"*\",\"Principal\":{\"AWS\":\"arn:aws:iam::273729230602:root\"}},{\"Sid\":\"KeyAdministration\",\"Effect\":\"Allow\",\"Action\":[\"kms:Update*\",\"kms:UntagResource\",\"kms:TagResource\",\"kms:ScheduleKeyDeletion\",\"kms:Revoke*\",\"kms:ReplicateKey\",\"kms:Put*\",\"kms:List*\",\"kms:ImportKeyMaterial\",\"kms:Get*\",\"kms:Enable*\",\"kms:Disable*\",\"kms:Describe*\",\"kms:Delete*\",\"kms:Create*\",\"kms:CancelKeyDeletion\"],\"Resource\":\"*\",\"Principal\":{\"AWS\":\"arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687\"}},{\"Sid\":\"KeyUsage\",\"Effect\":\"Allow\",\"Action\":[\"kms:ReEncrypt*\",\"kms:GenerateDataKey*\",\"kms:Encrypt\",\"kms:DescribeKey\",\"kms:Decrypt\"],\"Resource\":\"*\",\"Principal\":{\"AWS\":\"arn:aws:iam::273729230602:role/eks1-devel-cluster-20250719075633606000000008\"}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "kms:*" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "arn:aws:iam::273729230602:root" + ], + "type": "AWS" + } + ], + "resources": [ + "*" + ], + "sid": "Default" + }, + { + "actions": [ + "kms:CancelKeyDeletion", + "kms:Create*", + "kms:Delete*", + "kms:Describe*", + "kms:Disable*", + "kms:Enable*", + "kms:Get*", + "kms:ImportKeyMaterial", + "kms:List*", + "kms:Put*", + "kms:ReplicateKey", + "kms:Revoke*", + "kms:ScheduleKeyDeletion", + "kms:TagResource", + "kms:UntagResource", + "kms:Update*" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687" + ], + "type": "AWS" + } + ], + "resources": [ + "*" + ], + "sid": "KeyAdministration" + }, + { + "actions": [ + "kms:Decrypt", + "kms:DescribeKey", + "kms:Encrypt", + "kms:GenerateDataKey*", + "kms:ReEncrypt*" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "arn:aws:iam::273729230602:role/eks1-devel-cluster-20250719075633606000000008" + ], + "type": "AWS" + } + ], + "resources": [ + "*" + ], + "sid": "KeyUsage" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks.module.kms", + "mode": "data", + "type": "aws_partition", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "dns_suffix": "amazonaws.com", + "id": "aws", + "partition": "aws", + "reverse_dns_prefix": "com.amazonaws" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.eks.module.eks.module.kms", + "mode": "managed", + "type": "aws_kms_alias", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "cluster", + "schema_version": 0, + "attributes": { + "arn": "arn:aws:kms:us-east-1:273729230602:alias/eks/eks1-devel", + "id": "alias/eks/eks1-devel", + "name": "alias/eks/eks1-devel", + "name_prefix": "", + "target_key_arn": "arn:aws:kms:us-east-1:273729230602:key/592722d1-13ec-4bf0-9ebe-202421243587", + "target_key_id": "592722d1-13ec-4bf0-9ebe-202421243587" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.module.kms.aws_kms_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_external_key.this", + "module.eks.module.eks.module.kms.aws_kms_replica_key.this", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ] + } + ] + }, + { + "module": "module.eks.module.eks.module.kms", + "mode": "managed", + "type": "aws_kms_key", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:kms:us-east-1:273729230602:key/592722d1-13ec-4bf0-9ebe-202421243587", + "bypass_policy_lockout_safety_check": false, + "custom_key_store_id": "", + "customer_master_key_spec": "SYMMETRIC_DEFAULT", + "deletion_window_in_days": null, + "description": "eks1-devel cluster encryption key", + "enable_key_rotation": true, + "id": "592722d1-13ec-4bf0-9ebe-202421243587", + "is_enabled": true, + "key_id": "592722d1-13ec-4bf0-9ebe-202421243587", + "key_usage": "ENCRYPT_DECRYPT", + "multi_region": false, + "policy": "{\"Statement\":[{\"Action\":\"kms:*\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::273729230602:root\"},\"Resource\":\"*\",\"Sid\":\"Default\"},{\"Action\":[\"kms:Update*\",\"kms:UntagResource\",\"kms:TagResource\",\"kms:ScheduleKeyDeletion\",\"kms:Revoke*\",\"kms:ReplicateKey\",\"kms:Put*\",\"kms:List*\",\"kms:ImportKeyMaterial\",\"kms:Get*\",\"kms:Enable*\",\"kms:Disable*\",\"kms:Describe*\",\"kms:Delete*\",\"kms:Create*\",\"kms:CancelKeyDeletion\"],\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::273729230602:role/aws-reserved/sso.amazonaws.com/us-east-2/AWSReservedSSO_AdministratorAccess_b8026af88eb7c687\"},\"Resource\":\"*\",\"Sid\":\"KeyAdministration\"},{\"Action\":[\"kms:ReEncrypt*\",\"kms:GenerateDataKey*\",\"kms:Encrypt\",\"kms:DescribeKey\",\"kms:Decrypt\"],\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::273729230602:role/eks1-devel-cluster-20250719075633606000000008\"},\"Resource\":\"*\",\"Sid\":\"KeyUsage\"}],\"Version\":\"2012-10-17\"}", + "rotation_period_in_days": 365, + "tags": { + "terraform-aws-modules": "eks" + }, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes", + "terraform-aws-modules": "eks" + }, + "timeouts": null, + "xks_key_id": "" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.eks.module.eks.aws_iam_role.this", + "module.eks.module.eks.data.aws_caller_identity.current", + "module.eks.module.eks.data.aws_iam_policy_document.assume_role_policy", + "module.eks.module.eks.data.aws_iam_session_context.current", + "module.eks.module.eks.module.kms.data.aws_caller_identity.current", + "module.eks.module.eks.module.kms.data.aws_iam_policy_document.this", + "module.eks.module.eks.module.kms.data.aws_partition.current", + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route.nat_gateway", + "module.network.aws_route.public_internet_gateway", + "module.network.aws_route_table.private", + "module.network.aws_route_table.public", + "module.network.aws_route_table_association.private", + "module.network.aws_route_table_association.public", + "module.network.aws_subnet.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "data", + "type": "aws_availability_zones", + "name": "available", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_availability_zones": null, + "exclude_names": null, + "exclude_zone_ids": [ + "cac1-az3", + "use1-az3", + "usw1-az2" + ], + "filter": [ + { + "name": "opt-in-status", + "values": [ + "opt-in-not-required" + ] + } + ], + "group_names": [ + "us-east-1-zg-1" + ], + "id": "us-east-1", + "names": [ + "us-east-1a", + "us-east-1b", + "us-east-1c", + "us-east-1d", + "us-east-1f" + ], + "state": null, + "timeouts": null, + "zone_ids": [ + "use1-az1", + "use1-az2", + "use1-az4", + "use1-az6", + "use1-az5" + ] + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.network", + "mode": "data", + "type": "aws_internet_gateway", + "name": "default", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:internet-gateway/igw-04c8aad5899c55659", + "attachments": [ + { + "state": "available", + "vpc_id": "vpc-0271dff7a4b4bbf76" + } + ], + "filter": [ + { + "name": "attachment.vpc-id", + "values": [ + "vpc-0271dff7a4b4bbf76" + ] + } + ], + "id": "igw-04c8aad5899c55659", + "internet_gateway_id": "igw-04c8aad5899c55659", + "owner_id": "273729230602", + "tags": {}, + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.network", + "mode": "data", + "type": "aws_vpc", + "name": "selected", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:vpc/vpc-0271dff7a4b4bbf76", + "cidr_block": "172.31.0.0/16", + "cidr_block_associations": [ + { + "association_id": "vpc-cidr-assoc-05f4dfb5fe3092d82", + "cidr_block": "172.31.0.0/16", + "state": "associated" + } + ], + "default": true, + "dhcp_options_id": "dopt-0271d6713d96f2254", + "enable_dns_hostnames": true, + "enable_dns_support": true, + "enable_network_address_usage_metrics": false, + "filter": null, + "id": "vpc-0271dff7a4b4bbf76", + "instance_tenancy": "default", + "ipv6_association_id": "", + "ipv6_cidr_block": "", + "main_route_table_id": "rtb-01ff49732ea0b5a76", + "owner_id": "273729230602", + "state": null, + "tags": {}, + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_eip", + "name": "nat", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "address": null, + "allocation_id": "eipalloc-073d8354af914f72c", + "arn": "arn:aws:ec2:us-east-1:273729230602:elastic-ip/eipalloc-073d8354af914f72c", + "associate_with_private_ip": null, + "association_id": "eipassoc-0c8ecf10aa0025b3f", + "carrier_ip": "", + "customer_owned_ip": "", + "customer_owned_ipv4_pool": "", + "domain": "vpc", + "id": "eipalloc-073d8354af914f72c", + "instance": "", + "ipam_pool_id": null, + "network_border_group": "us-east-1", + "network_interface": "eni-04e0f8c6777b3ee96", + "private_dns": "ip-172-31-176-157.ec2.internal", + "private_ip": "172.31.176.157", + "ptr_record": "", + "public_dns": "ec2-52-3-194-240.compute-1.amazonaws.com", + "public_ip": "52.3.194.240", + "public_ipv4_pool": "amazon", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": null, + "vpc": true + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjoxODAwMDAwMDAwMDAsInJlYWQiOjkwMDAwMDAwMDAwMCwidXBkYXRlIjozMDAwMDAwMDAwMDB9fQ==", + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_nat_gateway", + "name": "nat_gateway", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "allocation_id": "eipalloc-073d8354af914f72c", + "association_id": "eipassoc-0c8ecf10aa0025b3f", + "connectivity_type": "public", + "id": "nat-0d8a564a42b566896", + "network_interface_id": "eni-04e0f8c6777b3ee96", + "private_ip": "172.31.176.157", + "public_ip": "52.3.194.240", + "secondary_allocation_ids": [], + "secondary_private_ip_address_count": 0, + "secondary_private_ip_addresses": [], + "subnet_id": "subnet-0f439778eb62eac4d", + "tags": {}, + "tags_all": { + "Environment": "devel", + "Service": "Kubernetes" + }, + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTgwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_route", + "name": "nat_gateway", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "us-east-1a", + "schema_version": 0, + "attributes": { + "carrier_gateway_id": "", + "core_network_arn": "", + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "id": "r-rtb-02f0a19caa65e83691080289494", + "instance_id": "", + "instance_owner_id": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-0d8a564a42b566896", + "network_interface_id": "", + "origin": "CreateRoute", + "route_table_id": "rtb-02f0a19caa65e8369", + "state": "active", + "timeouts": null, + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route_table.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1b", + "schema_version": 0, + "attributes": { + "carrier_gateway_id": "", + "core_network_arn": "", + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "id": "r-rtb-090b5b849bbd970f71080289494", + "instance_id": "", + "instance_owner_id": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-0d8a564a42b566896", + "network_interface_id": "", + "origin": "CreateRoute", + "route_table_id": "rtb-090b5b849bbd970f7", + "state": "active", + "timeouts": null, + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route_table.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1c", + "schema_version": 0, + "attributes": { + "carrier_gateway_id": "", + "core_network_arn": "", + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "id": "r-rtb-06cf7753a59edf1461080289494", + "instance_id": "", + "instance_owner_id": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-0d8a564a42b566896", + "network_interface_id": "", + "origin": "CreateRoute", + "route_table_id": "rtb-06cf7753a59edf146", + "state": "active", + "timeouts": null, + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_eip.nat", + "module.network.aws_nat_gateway.nat_gateway", + "module.network.aws_route_table.private", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_route", + "name": "public_internet_gateway", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "carrier_gateway_id": "", + "core_network_arn": "", + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "igw-04c8aad5899c55659", + "id": "r-rtb-0b75357b0e74c52a81080289494", + "instance_id": "", + "instance_owner_id": "", + "local_gateway_id": "", + "nat_gateway_id": "", + "network_interface_id": "", + "origin": "CreateRoute", + "route_table_id": "rtb-0b75357b0e74c52a8", + "state": "active", + "timeouts": null, + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.public", + "module.network.data.aws_internet_gateway.default", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_route_table", + "name": "private", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "us-east-1a", + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:route-table/rtb-02f0a19caa65e8369", + "id": "rtb-02f0a19caa65e8369", + "owner_id": "273729230602", + "propagating_vgws": [], + "route": [ + { + "carrier_gateway_id": "", + "cidr_block": "0.0.0.0/0", + "core_network_arn": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "ipv6_cidr_block": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-0d8a564a42b566896", + "network_interface_id": "", + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + } + ], + "tags": { + "Name": "EKS (eks1-devel) private subnet (us-east-1a)" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) private subnet (us-east-1a)", + "Service": "Kubernetes" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1b", + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:route-table/rtb-090b5b849bbd970f7", + "id": "rtb-090b5b849bbd970f7", + "owner_id": "273729230602", + "propagating_vgws": [], + "route": [ + { + "carrier_gateway_id": "", + "cidr_block": "0.0.0.0/0", + "core_network_arn": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "ipv6_cidr_block": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-0d8a564a42b566896", + "network_interface_id": "", + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + } + ], + "tags": { + "Name": "EKS (eks1-devel) private subnet (us-east-1b)" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) private subnet (us-east-1b)", + "Service": "Kubernetes" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1c", + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:route-table/rtb-06cf7753a59edf146", + "id": "rtb-06cf7753a59edf146", + "owner_id": "273729230602", + "propagating_vgws": [], + "route": [ + { + "carrier_gateway_id": "", + "cidr_block": "0.0.0.0/0", + "core_network_arn": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "ipv6_cidr_block": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-0d8a564a42b566896", + "network_interface_id": "", + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + } + ], + "tags": { + "Name": "EKS (eks1-devel) private subnet (us-east-1c)" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) private subnet (us-east-1c)", + "Service": "Kubernetes" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_route_table", + "name": "public", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:route-table/rtb-0b75357b0e74c52a8", + "id": "rtb-0b75357b0e74c52a8", + "owner_id": "273729230602", + "propagating_vgws": [], + "route": [ + { + "carrier_gateway_id": "", + "cidr_block": "0.0.0.0/0", + "core_network_arn": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "igw-04c8aad5899c55659", + "ipv6_cidr_block": "", + "local_gateway_id": "", + "nat_gateway_id": "", + "network_interface_id": "", + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + } + ], + "tags": { + "Name": "EKS (eks1-devel) public subnet" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) public subnet", + "Service": "Kubernetes" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_route_table_association", + "name": "private", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "us-east-1a", + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-0be084cf118e2a836", + "route_table_id": "rtb-02f0a19caa65e8369", + "subnet_id": "subnet-0a6eed6971e44375c", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.private", + "module.network.aws_subnet.private", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1b", + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-03ed3dddfe0888d54", + "route_table_id": "rtb-090b5b849bbd970f7", + "subnet_id": "subnet-0115e5b05ab6b132c", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.private", + "module.network.aws_subnet.private", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1c", + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-0ecf7bbeaba18e3aa", + "route_table_id": "rtb-06cf7753a59edf146", + "subnet_id": "subnet-0556ce01354322097", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.private", + "module.network.aws_subnet.private", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_route_table_association", + "name": "public", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "us-east-1a", + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-05ced21d9d8fffc1e", + "route_table_id": "rtb-0b75357b0e74c52a8", + "subnet_id": "subnet-0f439778eb62eac4d", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.public", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1b", + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-0ff340c12926faca6", + "route_table_id": "rtb-0b75357b0e74c52a8", + "subnet_id": "subnet-03b49ea861522bc48", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.public", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1c", + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-0a0d8a182f16ffe19", + "route_table_id": "rtb-0b75357b0e74c52a8", + "subnet_id": "subnet-0cee9908287eaa414", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.network.aws_route_table.public", + "module.network.aws_subnet.public", + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_subnet", + "name": "private", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "us-east-1a", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:subnet/subnet-0a6eed6971e44375c", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-east-1a", + "availability_zone_id": "use1-az1", + "cidr_block": "172.31.128.0/20", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0a6eed6971e44375c", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "273729230602", + "private_dns_hostname_type_on_launch": "ip-name", + "tags": { + "Name": "EKS (eks1-devel) private subnet (us-east-1a)", + "kubernetes.io/role/internal-elb": "1" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) private subnet (us-east-1a)", + "Service": "Kubernetes", + "kubernetes.io/role/internal-elb": "1" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1b", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:subnet/subnet-0115e5b05ab6b132c", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-east-1b", + "availability_zone_id": "use1-az2", + "cidr_block": "172.31.144.0/20", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0115e5b05ab6b132c", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "273729230602", + "private_dns_hostname_type_on_launch": "ip-name", + "tags": { + "Name": "EKS (eks1-devel) private subnet (us-east-1b)", + "kubernetes.io/role/internal-elb": "1" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) private subnet (us-east-1b)", + "Service": "Kubernetes", + "kubernetes.io/role/internal-elb": "1" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1c", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:subnet/subnet-0556ce01354322097", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-east-1c", + "availability_zone_id": "use1-az4", + "cidr_block": "172.31.160.0/20", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0556ce01354322097", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "273729230602", + "private_dns_hostname_type_on_launch": "ip-name", + "tags": { + "Name": "EKS (eks1-devel) private subnet (us-east-1c)", + "kubernetes.io/role/internal-elb": "1" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) private subnet (us-east-1c)", + "Service": "Kubernetes", + "kubernetes.io/role/internal-elb": "1" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.network", + "mode": "managed", + "type": "aws_subnet", + "name": "public", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "us-east-1a", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:subnet/subnet-0f439778eb62eac4d", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-east-1a", + "availability_zone_id": "use1-az1", + "cidr_block": "172.31.176.0/24", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0f439778eb62eac4d", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": true, + "outpost_arn": "", + "owner_id": "273729230602", + "private_dns_hostname_type_on_launch": "ip-name", + "tags": { + "Name": "EKS (eks1-devel) public subnet (us-east-1a)", + "kubernetes.io/role/elb": "1" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) public subnet (us-east-1a)", + "Service": "Kubernetes", + "kubernetes.io/role/elb": "1" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1b", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:subnet/subnet-03b49ea861522bc48", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-east-1b", + "availability_zone_id": "use1-az2", + "cidr_block": "172.31.177.0/24", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-03b49ea861522bc48", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": true, + "outpost_arn": "", + "owner_id": "273729230602", + "private_dns_hostname_type_on_launch": "ip-name", + "tags": { + "Name": "EKS (eks1-devel) public subnet (us-east-1b)", + "kubernetes.io/role/elb": "1" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) public subnet (us-east-1b)", + "Service": "Kubernetes", + "kubernetes.io/role/elb": "1" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + }, + { + "index_key": "us-east-1c", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-east-1:273729230602:subnet/subnet-0cee9908287eaa414", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-east-1c", + "availability_zone_id": "use1-az4", + "cidr_block": "172.31.178.0/24", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0cee9908287eaa414", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": true, + "outpost_arn": "", + "owner_id": "273729230602", + "private_dns_hostname_type_on_launch": "ip-name", + "tags": { + "Name": "EKS (eks1-devel) public subnet (us-east-1c)", + "kubernetes.io/role/elb": "1" + }, + "tags_all": { + "Environment": "devel", + "Name": "EKS (eks1-devel) public subnet (us-east-1c)", + "Service": "Kubernetes", + "kubernetes.io/role/elb": "1" + }, + "timeouts": null, + "vpc_id": "vpc-0271dff7a4b4bbf76" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.network.data.aws_availability_zones.available", + "module.network.data.aws_vpc.selected" + ], + "create_before_destroy": true + } + ] + } + ], + "check_results": [ + { + "object_kind": "resource", + "config_addr": "module.eks.module.eks.module.eks_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "status": "pass", + "objects": [ + { + "object_addr": "module.eks.module.eks.module.eks_managed_node_group[\"ng\"].module.user_data.null_resource.validate_cluster_service_cidr", + "status": "pass" + } + ] + }, + { + "object_kind": "var", + "config_addr": "module.eks.module.eks.module.self_managed_node_group.var.platform", + "status": "pass", + "objects": null + }, + { + "object_kind": "resource", + "config_addr": "module.eks.module.eks.module.self_managed_node_group.module.user_data.null_resource.validate_cluster_service_cidr", + "status": "pass", + "objects": null + } + ] +} diff --git a/environments/development/variables.tf b/environments/development/variables.tf new file mode 100644 index 0000000..ac8eb2d --- /dev/null +++ b/environments/development/variables.tf @@ -0,0 +1,43 @@ +variable "environment" { + description = "The deployment environment" + type = string + default = "devel" +} + +variable "region" { + description = "AWS region" + type = string + default = "us-east-1" +} + +variable "vpc_id" { + description = "VPC ID" + type = string + default = "vpc-0271dff7a4b4bbf76" +} + +variable "cluster_name" { + description = "EKS cluster name" + type = string + default = "eks1" +} + +variable "private_subnets" { + description = "List of private subnet CIDRs (one per AZ)" + type = list(string) + default = [ + "172.31.128.0/20", + "172.31.144.0/20", + "172.31.160.0/20", + ] +} + +variable "public_subnets" { + description = "List of public subnet CIDRs (one per AZ)" + type = list(string) + default = [ + "172.31.176.0/24", + "172.31.177.0/24", + "172.31.178.0/24", + ] +} diff --git a/modules/eks/aws-load-balancer-controller-iam-policy.json b/modules/eks/aws-load-balancer-controller-iam-policy.json new file mode 100644 index 0000000..761d0e7 --- /dev/null +++ b/modules/eks/aws-load-balancer-controller-iam-policy.json @@ -0,0 +1,251 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "iam:CreateServiceLinkedRole" + ], + "Resource": "*", + "Condition": { + "StringEquals": { + "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAddresses", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeVpcs", + "ec2:DescribeVpcPeeringConnections", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeInstances", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeTags", + "ec2:GetCoipPoolUsage", + "ec2:DescribeCoipPools", + "ec2:GetSecurityGroupsForVpc", + "ec2:DescribeIpamPools", + "ec2:DescribeRouteTables", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "elasticloadbalancing:DescribeSSLPolicies", + "elasticloadbalancing:DescribeRules", + "elasticloadbalancing:DescribeTargetGroups", + "elasticloadbalancing:DescribeTargetGroupAttributes", + "elasticloadbalancing:DescribeTargetHealth", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DescribeTrustStores", + "elasticloadbalancing:DescribeListenerAttributes", + "elasticloadbalancing:DescribeCapacityReservation" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cognito-idp:DescribeUserPoolClient", + "acm:ListCertificates", + "acm:DescribeCertificate", + "iam:ListServerCertificates", + "iam:GetServerCertificate", + "waf-regional:GetWebACL", + "waf-regional:GetWebACLForResource", + "waf-regional:AssociateWebACL", + "waf-regional:DisassociateWebACL", + "wafv2:GetWebACL", + "wafv2:GetWebACLForResource", + "wafv2:AssociateWebACL", + "wafv2:DisassociateWebACL", + "shield:GetSubscriptionState", + "shield:DescribeProtection", + "shield:CreateProtection", + "shield:DeleteProtection" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateSecurityGroup" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "StringEquals": { + "ec2:CreateAction": "CreateSecurityGroup" + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "Resource": "arn:aws:ec2:*:*:security-group/*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "ec2:AuthorizeSecurityGroupIngress", + "ec2:RevokeSecurityGroupIngress", + "ec2:DeleteSecurityGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateTargetGroup" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:CreateRule", + "elasticloadbalancing:DeleteRule" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "true", + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", + "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:SetIpAddressType", + "elasticloadbalancing:SetSecurityGroups", + "elasticloadbalancing:SetSubnets", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyTargetGroup", + "elasticloadbalancing:ModifyTargetGroupAttributes", + "elasticloadbalancing:DeleteTargetGroup", + "elasticloadbalancing:ModifyListenerAttributes", + "elasticloadbalancing:ModifyCapacityReservation", + "elasticloadbalancing:ModifyIpPools" + ], + "Resource": "*", + "Condition": { + "Null": { + "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:AddTags" + ], + "Resource": [ + "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", + "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" + ], + "Condition": { + "StringEquals": { + "elasticloadbalancing:CreateAction": [ + "CreateTargetGroup", + "CreateLoadBalancer" + ] + }, + "Null": { + "aws:RequestTag/elbv2.k8s.aws/cluster": "false" + } + } + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:RegisterTargets", + "elasticloadbalancing:DeregisterTargets" + ], + "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" + }, + { + "Effect": "Allow", + "Action": [ + "elasticloadbalancing:SetWebAcl", + "elasticloadbalancing:ModifyListener", + "elasticloadbalancing:AddListenerCertificates", + "elasticloadbalancing:RemoveListenerCertificates", + "elasticloadbalancing:ModifyRule", + "elasticloadbalancing:SetRulePriorities" + ], + "Resource": "*" + } + ] +} diff --git a/modules/eks/iam.tf b/modules/eks/iam.tf new file mode 100644 index 0000000..ccfb571 --- /dev/null +++ b/modules/eks/iam.tf @@ -0,0 +1,408 @@ +// AWS Load Balancer Controller +resource "aws_iam_role" "aws-load-balancer-controller" { + name = "aws-load-balancer-controller" + + assume_role_policy = jsonencode({ + Version = "2012-10-17", + Statement = [{ + Sid = "" + Effect = "Allow", + Principal = { + Federated = module.eks.oidc_provider_arn + }, + Action = "sts:AssumeRoleWithWebIdentity", + Condition = { + StringEquals = { + "${module.eks.oidc_provider}:sub" = "system:serviceaccount:kube-system:aws-load-balancer-controller" + "${module.eks.oidc_provider}:aud" = "sts.amazonaws.com" + } + } + }] + }) +} + +resource "aws_iam_policy" "AWSLoadBalancerControllerIAMPolicy" { + name = "AWSLoadBalancerControllerIAMPolicy" + + // policy = + // file("${path.module}/aws-load-balancer-controller-iam-policy.json") + + policy = < { + instance_types = var.instance_types + ami_type = var.ami_type + min_size = var.min_size + max_size = var.max_size + desired_size = var.desired_size + placement_group_az = az + } } + */ + eks_managed_node_groups = { + ng = { + instance_types = var.instance_types + ami_type = var.ami_type + min_size = var.min_size + max_size = var.max_size + desired_size = var.desired_size + } + } + + cluster_endpoint_public_access = true + cluster_endpoint_private_access = true + enable_cluster_creator_admin_permissions = true +} diff --git a/modules/eks/variables.tf b/modules/eks/variables.tf new file mode 100644 index 0000000..b4f0fe6 --- /dev/null +++ b/modules/eks/variables.tf @@ -0,0 +1,51 @@ +variable "vpc_id" { + description = "VPC ID" + type = string +} + +variable "subnet_ids" { + description = "EKS subnet IDs" + type = list(string) +} + +variable "instance_types" { + description = "EC2 instance types" + default = ["m5.large"] +} + +variable "ami_type" { + description = "EC2 AMI type" + default = "AL2023_x86_64_STANDARD" +} + +variable "cluster_name" { + description = "Cluster name" +} + +variable "cluster_version" { + description = "Cluster Kubernetes version" + default = "1.33" +} + +variable "azs" { + description = "Availability zones" +} + +variable "min_size" { + description = "EKS managed node group minimum size" + type = number + default = 1 +} + +variable "max_size" { + description = "EKS managed node group maximum size" + type = number + default = 10 +} + +variable "desired_size" { + description = "EKS managed node group desired size" + type = number + default = 1 +} + diff --git a/modules/network/data.tf b/modules/network/data.tf new file mode 100644 index 0000000..3f9ba97 --- /dev/null +++ b/modules/network/data.tf @@ -0,0 +1,19 @@ +data "aws_availability_zones" "available" { + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } + + exclude_zone_ids = ["use1-az3", "usw1-az2", "cac1-az3"] +} + +data "aws_vpc" "selected" { + id = var.vpc_id +} + +data "aws_internet_gateway" "default" { + filter { + name = "attachment.vpc-id" + values = [data.aws_vpc.selected.id] + } +} diff --git a/modules/network/locals.tf b/modules/network/locals.tf new file mode 100644 index 0000000..8da53cc --- /dev/null +++ b/modules/network/locals.tf @@ -0,0 +1,7 @@ +locals { + azs = slice(data.aws_availability_zones.available.names, 0, 3) + + az_private_subnets = zipmap(local.azs, var.private_subnets) + + az_public_subnets = zipmap(local.azs, var.public_subnets) +} diff --git a/modules/network/main.tf b/modules/network/main.tf new file mode 100644 index 0000000..688d295 --- /dev/null +++ b/modules/network/main.tf @@ -0,0 +1,74 @@ +// Private subnet +resource "aws_subnet" "private" { + for_each = local.az_private_subnets + vpc_id = data.aws_vpc.selected.id + cidr_block = each.value + availability_zone = each.key + tags = { + Name = "EKS (${var.cluster_name}) private subnet (${each.key})", + "kubernetes.io/role/internal-elb" = 1 + } +} + +resource "aws_route_table" "private" { + for_each = local.az_private_subnets + vpc_id = data.aws_vpc.selected.id + tags = { + Name = "EKS (${var.cluster_name}) private subnet (${each.key})" + } +} + +resource "aws_route_table_association" "private" { + for_each = local.az_private_subnets + subnet_id = aws_subnet.private[each.key].id + route_table_id = aws_route_table.private[each.key].id +} + +// Public subnet +resource "aws_subnet" "public" { + for_each = local.az_public_subnets + vpc_id = data.aws_vpc.selected.id + cidr_block = each.value + availability_zone = each.key + tags = { + Name = "EKS (${var.cluster_name}) public subnet (${each.key})" + "kubernetes.io/role/elb" = 1 + } + map_public_ip_on_launch = true +} + +resource "aws_route_table" "public" { + vpc_id = data.aws_vpc.selected.id + tags = { + Name = "EKS (${var.cluster_name}) public subnet" + } +} + +resource "aws_route_table_association" "public" { + for_each = local.az_public_subnets + subnet_id = aws_subnet.public[each.key].id + route_table_id = aws_route_table.public.id +} + +resource "aws_route" "public_internet_gateway" { + route_table_id = aws_route_table.public.id + destination_cidr_block = "0.0.0.0/0" + gateway_id = data.aws_internet_gateway.default.id +} + +// NAT gateway +resource "aws_eip" "nat" { + domain = "vpc" +} + +resource "aws_nat_gateway" "nat_gateway" { + allocation_id = aws_eip.nat.id + subnet_id = aws_subnet.public[local.azs[0]].id +} + +resource "aws_route" "nat_gateway" { + for_each = local.az_private_subnets + route_table_id = aws_route_table.private[each.key].id + destination_cidr_block = "0.0.0.0/0" + nat_gateway_id = aws_nat_gateway.nat_gateway.id +} diff --git a/modules/network/outputs.tf b/modules/network/outputs.tf new file mode 100644 index 0000000..b310ce2 --- /dev/null +++ b/modules/network/outputs.tf @@ -0,0 +1,15 @@ +output "azs" { + value = local.azs +} + +output "vpc" { + value = data.aws_vpc.selected +} + +output "private_subnet_ids" { + value = [for k in aws_subnet.private : k.id] +} + +output "public_subnet_ids" { + value = [for k in aws_subnet.public : k.id] +} diff --git a/modules/network/variables.tf b/modules/network/variables.tf new file mode 100644 index 0000000..0f0dc07 --- /dev/null +++ b/modules/network/variables.tf @@ -0,0 +1,18 @@ +variable "vpc_id" { + description = "VPC ID" + type = string +} + +variable "cluster_name" { + description = "The name of the cluster" +} + +variable "private_subnets" { + description = "Private subnets}" + type = list(string) +} + +variable "public_subnets" { + description = "Public subnets}" + type = list(string) +}