├── outputs.tf
├── backend.tf
├── access_entries.tf
├── kms.tf
├── oidc.tf
├── helm_metrics_server.tf
├── aws-auth.tf
├── providers.tf
├── data.tf
├── helm_kube_state_metrics.tf
├── eks.tf
├── iam_cluster.tf
├── nodes.tf
├── sg.tf
├── .gitignore
├── LICENSE
├── addons.tf
├── iam_nodes.tf
├── variables.tf
├── assets
    └── chip-primeira-aula.yml
└── README.md


/outputs.tf:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/backend.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 |   backend "s3" {
3 | 
4 |   }
5 | }


--------------------------------------------------------------------------------
/access_entries.tf:
--------------------------------------------------------------------------------
1 | resource "aws_eks_access_entry" "nodes" {
2 |   cluster_name  = aws_eks_cluster.main.id
3 |   principal_arn = aws_iam_role.eks_nodes_role.arn
4 |   type          = "EC2_LINUX"
5 | }


--------------------------------------------------------------------------------
/kms.tf:
--------------------------------------------------------------------------------
1 | resource "aws_kms_key" "main" {
2 |   description = var.project_name
3 | }
4 | 
5 | resource "aws_kms_alias" "main" {
6 |   name          = format("alias/%s", var.project_name)
7 |   target_key_id = aws_kms_key.main.id
8 | }


--------------------------------------------------------------------------------
/oidc.tf:
--------------------------------------------------------------------------------
 1 | data "tls_certificate" "eks" {
 2 |   url = aws_eks_cluster.main.identity[0].oidc[0].issuer
 3 | }
 4 | 
 5 | resource "aws_iam_openid_connect_provider" "eks" {
 6 |   client_id_list = ["sts.amazonaws.com"]
 7 |   thumbprint_list = [
 8 |     data.tls_certificate.eks.certificates[0].sha1_fingerprint,
 9 |     "9e99a48a9960b14926bb7f3b02e22da2b0ab7280"
10 |   ]
11 |   url = flatten(concat(aws_eks_cluster.main[*].identity[*].oidc.0.issuer, [""]))[0]
12 | }


--------------------------------------------------------------------------------
/helm_metrics_server.tf:
--------------------------------------------------------------------------------
 1 | resource "helm_release" "metrics_server" {
 2 |   name       = "metrics-server"
 3 |   repository = "https://charts.bitnami.com/bitnami"
 4 |   chart      = "metrics-server"
 5 |   namespace  = "kube-system"
 6 | 
 7 |   wait = false
 8 | 
 9 |   version = "7.2.16"
10 | 
11 |   set {
12 |     name  = "apiService.create"
13 |     value = "true"
14 |   }
15 | 
16 |   depends_on = [
17 |     aws_eks_cluster.main,
18 |     aws_eks_node_group.main
19 |   ]
20 | }


--------------------------------------------------------------------------------
/aws-auth.tf:
--------------------------------------------------------------------------------
 1 | # resource "kubernetes_config_map" "aws-auth" {
 2 | #   metadata {
 3 | #     name      = "aws-auth"
 4 | #     namespace = "kube-system"
 5 | #   }
 6 | 
 7 | #   data = {
 8 | #     mapRoles = <<YAML
 9 | # - rolearn: ${aws_iam_role.eks_nodes_role.arn}
10 | #   username: system:node:{{EC2PrivateDNSName}}
11 | #   groups:
12 | #   - system:bootstrappers
13 | #   - system:nodes
14 | #   - system:node-proxier
15 | # YAML
16 | #   }
17 | 
18 | #   depends_on = [
19 | #     aws_eks_cluster.main
20 | #   ]
21 | 
22 | # }


--------------------------------------------------------------------------------
/providers.tf:
--------------------------------------------------------------------------------
 1 | provider "aws" {
 2 |   region = var.region
 3 | }
 4 | 
 5 | 
 6 | provider "kubernetes" {
 7 |   host                   = aws_eks_cluster.main.endpoint
 8 |   cluster_ca_certificate = base64decode(aws_eks_cluster.main.certificate_authority.0.data)
 9 |   token                  = data.aws_eks_cluster_auth.default.token
10 | }
11 | 
12 | 
13 | provider "helm" {
14 |   kubernetes {
15 |     host                   = aws_eks_cluster.main.endpoint
16 |     cluster_ca_certificate = base64decode(aws_eks_cluster.main.certificate_authority.0.data)
17 |     token                  = data.aws_eks_cluster_auth.default.token
18 |   }
19 | }


--------------------------------------------------------------------------------
/data.tf:
--------------------------------------------------------------------------------
 1 | data "aws_ssm_parameter" "vpc" {
 2 |   name = var.ssm_vpc
 3 | }
 4 | 
 5 | data "aws_ssm_parameter" "public_subnets" {
 6 |   count = length(var.ssm_public_subnets)
 7 |   name  = var.ssm_public_subnets[count.index]
 8 | }
 9 | 
10 | data "aws_ssm_parameter" "private_subnets" {
11 |   count = length(var.ssm_private_subnets)
12 |   name  = var.ssm_private_subnets[count.index]
13 | }
14 | 
15 | data "aws_ssm_parameter" "pod_subnets" {
16 |   count = length(var.ssm_pod_subnets)
17 |   name  = var.ssm_pod_subnets[count.index]
18 | }
19 | 
20 | 
21 | data "aws_eks_cluster_auth" "default" {
22 |   name = aws_eks_cluster.main.id
23 | }
24 | 
25 | data "aws_caller_identity" "current" {}


--------------------------------------------------------------------------------
/helm_kube_state_metrics.tf:
--------------------------------------------------------------------------------
 1 | resource "helm_release" "kube_state_metrics" {
 2 |   name             = "kube-state-metrics"
 3 |   repository       = "https://prometheus-community.github.io/helm-charts"
 4 |   chart            = "kube-state-metrics"
 5 |   namespace        = "kube-system"
 6 |   create_namespace = true
 7 | 
 8 |   set {
 9 |     name  = "apiService.create"
10 |     value = "true"
11 |   }
12 | 
13 |   set {
14 |     name  = "metricLabelsAllowlist[0]"
15 |     value = "nodes=[*]"
16 |   }
17 | 
18 |   set {
19 |     name  = "metricAnnotationsAllowList[0]"
20 |     value = "nodes=[*]"
21 |   }
22 | 
23 |   depends_on = [
24 |     aws_eks_cluster.main,
25 |     aws_eks_node_group.main
26 |   ]
27 | }


--------------------------------------------------------------------------------
/eks.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_eks_cluster" "main" {
 2 |   name    = var.project_name
 3 |   version = var.k8s_version
 4 | 
 5 |   role_arn = aws_iam_role.eks_cluster_role.arn
 6 | 
 7 |   vpc_config {
 8 |     subnet_ids = data.aws_ssm_parameter.private_subnets[*].value
 9 |   }
10 | 
11 |   encryption_config {
12 |     provider {
13 |       key_arn = aws_kms_key.main.arn
14 |     }
15 |     resources = ["secrets"]
16 |   }
17 | 
18 |   access_config {
19 |     authentication_mode                         = "API_AND_CONFIG_MAP"
20 |     bootstrap_cluster_creator_admin_permissions = true
21 |   }
22 | 
23 |   enabled_cluster_log_types = [
24 |     "api", "audit", "authenticator", "controllerManager", "scheduler"
25 |   ]
26 | 
27 |   zonal_shift_config {
28 |     enabled = true
29 |   }
30 | 
31 |   tags = {
32 |     "kubernetes.io/cluster/${var.project_name}" = "shared"
33 |   }
34 | 
35 | }


--------------------------------------------------------------------------------
/iam_cluster.tf:
--------------------------------------------------------------------------------
 1 | data "aws_iam_policy_document" "cluster" {
 2 | 
 3 |   version = "2012-10-17"
 4 | 
 5 |   statement {
 6 |     actions = [
 7 |       "sts:AssumeRole"
 8 |     ]
 9 | 
10 | 
11 |     principals {
12 |       type = "Service"
13 |       identifiers = [
14 |         "eks.amazonaws.com"
15 |       ]
16 |     }
17 |   }
18 | 
19 | }
20 | 
21 | resource "aws_iam_role" "eks_cluster_role" {
22 |   name               = format("%s-cluster-role", var.project_name)
23 |   assume_role_policy = data.aws_iam_policy_document.cluster.json
24 | }
25 | 
26 | resource "aws_iam_role_policy_attachment" "eks_cluster_policy" {
27 |   policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"
28 |   role       = aws_iam_role.eks_cluster_role.name
29 | }
30 | 
31 | resource "aws_iam_role_policy_attachment" "eks_service_policy" {
32 |   policy_arn = "arn:aws:iam::aws:policy/AmazonEKSServicePolicy"
33 |   role       = aws_iam_role.eks_cluster_role.name
34 | }


--------------------------------------------------------------------------------
/nodes.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_eks_node_group" "main" {
 2 | 
 3 |   cluster_name    = aws_eks_cluster.main.id
 4 |   node_group_name = aws_eks_cluster.main.id
 5 | 
 6 |   node_role_arn = aws_iam_role.eks_nodes_role.arn
 7 | 
 8 |   instance_types = var.nodes_instance_sizes
 9 | 
10 |   subnet_ids = data.aws_ssm_parameter.pod_subnets[*].value
11 | 
12 |   scaling_config {
13 |     desired_size = lookup(var.auto_scale_options, "desired")
14 |     max_size     = lookup(var.auto_scale_options, "max")
15 |     min_size     = lookup(var.auto_scale_options, "min")
16 |   }
17 | 
18 |   labels = {
19 |     "ingress/ready" = "true"
20 |   }
21 | 
22 |   tags = {
23 |     "kubernetes.io/cluster/${var.project_name}" = "owned"
24 |   }
25 | 
26 |   depends_on = [
27 |     # kubernetes_config_map.aws-auth
28 |     aws_eks_access_entry.nodes
29 |   ]
30 | 
31 |   lifecycle {
32 |     ignore_changes = [
33 |       scaling_config[0].desired_size
34 |     ]
35 |   }
36 | 
37 |   timeouts {
38 |     create = "1h"
39 |     update = "2h"
40 |     delete = "2h"
41 |   }
42 | 
43 | }


--------------------------------------------------------------------------------
/sg.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_security_group_rule" "nodeports" {
 2 |   cidr_blocks       = ["0.0.0.0/0"]
 3 |   from_port         = 30000
 4 |   to_port           = 32768
 5 |   protocol          = "tcp"
 6 |   description       = "Nodeports"
 7 |   type              = "ingress"
 8 |   security_group_id = aws_eks_cluster.main.vpc_config[0].cluster_security_group_id
 9 | }
10 | 
11 | resource "aws_security_group_rule" "coredns_udp" {
12 |   cidr_blocks       = ["0.0.0.0/0"]
13 |   from_port         = 53
14 |   to_port           = 53
15 |   protocol          = "udp"
16 |   description       = "CoreDNS"
17 |   type              = "ingress"
18 |   security_group_id = aws_eks_cluster.main.vpc_config[0].cluster_security_group_id
19 | }
20 | 
21 | 
22 | resource "aws_security_group_rule" "coredns_tcp" {
23 |   cidr_blocks       = ["0.0.0.0/0"]
24 |   from_port         = 53
25 |   to_port           = 53
26 |   protocol          = "tcp"
27 |   description       = "CoreDNS"
28 |   type              = "ingress"
29 |   security_group_id = aws_eks_cluster.main.vpc_config[0].cluster_security_group_id
30 | }


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | # Local .terraform directories
 2 | **/.terraform/*
 3 | 
 4 | # .tfstate files
 5 | 
 6 | .terraform*
 7 | 
 8 | # Crash log files
 9 | crash.log
10 | crash.*.log
11 | 
12 | # Exclude all .tfvars files, which are likely to contain sensitive data, such as
13 | # password, private keys, and other secrets. These should not be part of version 
14 | # control as they are data points which are potentially sensitive and subject 
15 | # to change depending on the environment.
16 | *.tfvars
17 | *.tfvars.json
18 | 
19 | # Ignore override files as they are usually used to override resources locally and so
20 | # are not checked in
21 | override.tf
22 | override.tf.json
23 | *_override.tf
24 | *_override.tf.json
25 | 
26 | # Ignore transient lock info files created by terraform apply
27 | .terraform.tfstate.lock.info
28 | 
29 | # Include override files you do wish to add to version control using negated pattern
30 | # !example_override.tf
31 | 
32 | # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
33 | # example: *tfplan*
34 | 
35 | # Ignore CLI configuration files
36 | .terraformrc
37 | terraform.rc
38 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2024 Matheus Fidelis 
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/addons.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_eks_addon" "cni" {
 2 |   cluster_name = aws_eks_cluster.main.name
 3 |   addon_name   = "vpc-cni"
 4 | 
 5 |   addon_version               = var.addon_cni_version
 6 |   resolve_conflicts_on_create = "OVERWRITE"
 7 |   resolve_conflicts_on_update = "OVERWRITE"
 8 | 
 9 |   depends_on = [
10 |     aws_eks_access_entry.nodes
11 |   ]
12 | }
13 | 
14 | resource "aws_eks_addon" "coredns" {
15 |   cluster_name = aws_eks_cluster.main.name
16 |   addon_name   = "coredns"
17 | 
18 |   addon_version               = var.addon_coredns_version
19 |   resolve_conflicts_on_create = "OVERWRITE"
20 |   resolve_conflicts_on_update = "OVERWRITE"
21 | 
22 |   depends_on = [
23 |     aws_eks_access_entry.nodes
24 |   ]
25 | }
26 | 
27 | resource "aws_eks_addon" "kubeproxy" {
28 |   cluster_name = aws_eks_cluster.main.name
29 |   addon_name   = "kube-proxy"
30 | 
31 |   addon_version               = var.addon_kubeproxy_version
32 |   resolve_conflicts_on_create = "OVERWRITE"
33 |   resolve_conflicts_on_update = "OVERWRITE"
34 | 
35 |   depends_on = [
36 |     aws_eks_access_entry.nodes
37 |   ]
38 | }
39 | 
40 | 
41 | resource "aws_eks_addon" "pod_identity" {
42 |   cluster_name = aws_eks_cluster.main.name
43 |   addon_name   = "eks-pod-identity-agent"
44 | 
45 |   addon_version               = var.addon_pod_identity_version
46 |   resolve_conflicts_on_create = "OVERWRITE"
47 |   resolve_conflicts_on_update = "OVERWRITE"
48 | 
49 |   depends_on = [
50 |     aws_eks_access_entry.nodes
51 |   ]
52 | }


--------------------------------------------------------------------------------
/iam_nodes.tf:
--------------------------------------------------------------------------------
 1 | data "aws_iam_policy_document" "nodes" {
 2 | 
 3 |   version = "2012-10-17"
 4 | 
 5 |   statement {
 6 |     actions = [
 7 |       "sts:AssumeRole"
 8 |     ]
 9 | 
10 | 
11 |     principals {
12 |       type = "Service"
13 |       identifiers = [
14 |         "ec2.amazonaws.com"
15 |       ]
16 |     }
17 |   }
18 | 
19 | }
20 | 
21 | resource "aws_iam_role" "eks_nodes_role" {
22 |   name               = format("%s-nodes-role", var.project_name)
23 |   assume_role_policy = data.aws_iam_policy_document.nodes.json
24 | }
25 | 
26 | 
27 | resource "aws_iam_role_policy_attachment" "cni" {
28 |   policy_arn = "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"
29 |   role       = aws_iam_role.eks_nodes_role.name
30 | }
31 | 
32 | resource "aws_iam_role_policy_attachment" "nodes" {
33 |   policy_arn = "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy"
34 |   role       = aws_iam_role.eks_nodes_role.name
35 | }
36 | 
37 | resource "aws_iam_role_policy_attachment" "ecr" {
38 |   policy_arn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
39 |   role       = aws_iam_role.eks_nodes_role.name
40 | }
41 | 
42 | 
43 | resource "aws_iam_role_policy_attachment" "ssm" {
44 |   policy_arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
45 |   role       = aws_iam_role.eks_nodes_role.name
46 | }
47 | 
48 | resource "aws_iam_role_policy_attachment" "cloudwatch" {
49 |   policy_arn = "arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy"
50 |   role       = aws_iam_role.eks_nodes_role.name
51 | }
52 | 
53 | resource "aws_iam_instance_profile" "nodes" {
54 |   name = var.project_name
55 |   role = aws_iam_role.eks_nodes_role.name
56 | }


--------------------------------------------------------------------------------
/variables.tf:
--------------------------------------------------------------------------------
 1 | variable "project_name" {
 2 |   type        = string
 3 |   description = "Nome do projeto / cluster"
 4 | }
 5 | 
 6 | variable "region" {
 7 |   type        = string
 8 |   description = "Nome da região onde os recursos serão entregues"
 9 | }
10 | 
11 | variable "k8s_version" {
12 |   type        = string
13 |   description = "Versão do kubernetes do projeto"
14 | }
15 | 
16 | variable "ssm_vpc" {
17 |   type        = string
18 |   description = "ID do SSM onde está o id da VPC onde o projeto será criado"
19 | }
20 | 
21 | variable "ssm_public_subnets" {
22 |   type        = list(string)
23 |   description = "Lista dos ID's do SSM onde estão as subnets públicas do projeto"
24 | }
25 | 
26 | variable "ssm_private_subnets" {
27 |   type        = list(string)
28 |   description = "Lista dos ID's do SSM onde estão as subnets privadas do projeto"
29 | }
30 | 
31 | variable "ssm_pod_subnets" {
32 |   type        = list(string)
33 |   description = "Lista dos ID's do SSM onde estão as subnets de pods do projeto"
34 | }
35 | 
36 | variable "auto_scale_options" {
37 |   type = object({
38 |     min     = number
39 |     max     = number
40 |     desired = number
41 |   })
42 |   description = "Configurações de Autoscaling do Cluster"
43 | }
44 | 
45 | variable "nodes_instance_sizes" {
46 |   type        = list(string)
47 |   description = "Lista de tamanhos das instâncias do projeto"
48 | }
49 | 
50 | variable "addon_cni_version" {
51 |   type        = string
52 |   default     = "v1.18.3-eksbuild.2"
53 |   description = "Versão do Addon da VPC CNI"
54 | }
55 | 
56 | variable "addon_coredns_version" {
57 |   type        = string
58 |   default     = "v1.11.3-eksbuild.1"
59 |   description = "Versão do Addon do CoreDNS"
60 | }
61 | 
62 | variable "addon_kubeproxy_version" {
63 |   type        = string
64 |   default     = "v1.31.2-eksbuild.3"
65 |   description = "Versão do Addon do Kube-Proxy"
66 | }
67 | 
68 | variable "addon_pod_identity_version" {
69 |   type        = string
70 |   default     = "v1.3.4-eksbuild.1"
71 |   description = "Versão do Addon do Pod Identity"
72 | }


--------------------------------------------------------------------------------
/assets/chip-primeira-aula.yml:
--------------------------------------------------------------------------------
  1 | apiVersion: v1
  2 | kind: Namespace
  3 | metadata:
  4 |   name: chip
  5 | ---
  6 | apiVersion: apps/v1
  7 | kind: Deployment
  8 | metadata:
  9 |   labels:
 10 |     app: chip
 11 |   name: chip
 12 |   namespace: chip
 13 | spec:
 14 |   replicas: 2
 15 |   selector:
 16 |     matchLabels:
 17 |       app: chip
 18 |   template:
 19 |     metadata:       
 20 |       labels:
 21 |         app: chip
 22 |         name: chip
 23 |         version: v1
 24 |     spec:
 25 |       containers:
 26 |       - name: chip
 27 |         image: fidelissauro/chip:v1
 28 |         ports:
 29 |         - containerPort: 8080
 30 |           name: http
 31 |         resources:
 32 |           requests:
 33 |             cpu: 100m
 34 |             memory: 128Mi
 35 |         startupProbe:
 36 |           failureThreshold: 10
 37 |           httpGet:
 38 |             path: /readiness
 39 |             port: 8080
 40 |           periodSeconds: 10
 41 |         livenessProbe:
 42 |           failureThreshold: 10
 43 |           httpGet:
 44 |             httpHeaders:
 45 |             - name: Custom-Header
 46 |               value: Awesome
 47 |             path: /liveness
 48 |             port: 8080
 49 |           periodSeconds: 10
 50 |         env:
 51 |         - name: CHAOS_MONKEY_ENABLED
 52 |           value: "false"  
 53 |         - name: CHAOS_MONKEY_MODE
 54 |           value: "critical" 
 55 |         - name: CHAOS_MONKEY_LATENCY
 56 |           value: "true"            
 57 |         - name: CHAOS_MONKEY_EXCEPTION
 58 |           value: "true"   
 59 |         - name: CHAOS_MONKEY_APP_KILLER
 60 |           value: "true"   
 61 |         - name: CHAOS_MONKEY_MEMORY
 62 |           value: "true"                                        
 63 |       terminationGracePeriodSeconds: 60
 64 | ---
 65 | apiVersion: v1
 66 | kind: Service
 67 | metadata:
 68 |   name: chip
 69 |   namespace: chip 
 70 |   labels:
 71 |     app.kubernetes.io/name: chip
 72 |     app.kubernetes.io/instance: chip 
 73 | spec:
 74 |   ports:
 75 |   - name: web
 76 |     port: 8080
 77 |     protocol: TCP
 78 |   selector:
 79 |     app: chip
 80 |   type: ClusterIP
 81 | ---
 82 | apiVersion: autoscaling/v2
 83 | kind: HorizontalPodAutoscaler
 84 | metadata:
 85 |   name: chip
 86 |   namespace: chip
 87 | spec:
 88 |   maxReplicas: 6
 89 |   minReplicas: 2
 90 |   metrics:
 91 |     - type: Resource
 92 |       resource:
 93 |         name: cpu
 94 |         target:
 95 |           type: Utilization
 96 |           averageUtilization: 60
 97 |   scaleTargetRef:
 98 |     apiVersion: apps/v1
 99 |     kind: Deployment
100 |     name: chip 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # linuxtips-curso-containers-aws-eks-vanilla
 2 | Repositório do cluster minimo de EKS do curso
 3 | 
 4 | <!-- BEGIN_TF_DOCS -->
 5 | ## Requirements
 6 | 
 7 | No requirements.
 8 | 
 9 | ## Providers
10 | 
11 | | Name | Version |
12 | |------|---------|
13 | | <a name="provider_aws"></a> [aws](#provider\_aws) | 5.80.0 |
14 | | <a name="provider_helm"></a> [helm](#provider\_helm) | 2.16.1 |
15 | | <a name="provider_tls"></a> [tls](#provider\_tls) | 4.0.6 |
16 | 
17 | ## Modules
18 | 
19 | No modules.
20 | 
21 | ## Resources
22 | 
23 | | Name | Type |
24 | |------|------|
25 | | [aws_eks_access_entry.nodes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_access_entry) | resource |
26 | | [aws_eks_addon.cni](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) | resource |
27 | | [aws_eks_addon.coredns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) | resource |
28 | | [aws_eks_addon.kubeproxy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) | resource |
29 | | [aws_eks_cluster.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster) | resource |
30 | | [aws_eks_node_group.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_node_group) | resource |
31 | | [aws_iam_instance_profile.nodes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_instance_profile) | resource |
32 | | [aws_iam_openid_connect_provider.eks](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_openid_connect_provider) | resource |
33 | | [aws_iam_role.eks_cluster_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
34 | | [aws_iam_role.eks_nodes_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
35 | | [aws_iam_role_policy_attachment.cloudwatch](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
36 | | [aws_iam_role_policy_attachment.cni](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
37 | | [aws_iam_role_policy_attachment.ecr](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
38 | | [aws_iam_role_policy_attachment.eks_cluster_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
39 | | [aws_iam_role_policy_attachment.eks_service_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
40 | | [aws_iam_role_policy_attachment.nodes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
41 | | [aws_iam_role_policy_attachment.ssm](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
42 | | [aws_kms_alias.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_alias) | resource |
43 | | [aws_kms_key.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
44 | | [aws_security_group_rule.coredns_tcp](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
45 | | [aws_security_group_rule.coredns_udp](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
46 | | [aws_security_group_rule.nodeports](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
47 | | [helm_release.kube_state_metrics](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
48 | | [helm_release.metrics_server](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
49 | | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
50 | | [aws_eks_cluster_auth.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster_auth) | data source |
51 | | [aws_iam_policy_document.cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
52 | | [aws_iam_policy_document.nodes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
53 | | [aws_ssm_parameter.pod_subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ssm_parameter) | data source |
54 | | [aws_ssm_parameter.private_subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ssm_parameter) | data source |
55 | | [aws_ssm_parameter.public_subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ssm_parameter) | data source |
56 | | [aws_ssm_parameter.vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ssm_parameter) | data source |
57 | | [tls_certificate.eks](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/data-sources/certificate) | data source |
58 | 
59 | ## Inputs
60 | 
61 | | Name | Description | Type | Default | Required |
62 | |------|-------------|------|---------|:--------:|
63 | | <a name="input_addon_cni_version"></a> [addon\_cni\_version](#input\_addon\_cni\_version) | Versão do Addon da VPC CNI | `string` | `"v1.18.3-eksbuild.2"` | no |
64 | | <a name="input_addon_coredns_version"></a> [addon\_coredns\_version](#input\_addon\_coredns\_version) | Versão do Addon do CoreDNS | `string` | `"v1.11.3-eksbuild.1"` | no |
65 | | <a name="input_addon_kubeproxy_version"></a> [addon\_kubeproxy\_version](#input\_addon\_kubeproxy\_version) | Versão do Addon do Kube-Proxy | `string` | `"v1.31.2-eksbuild.3"` | no |
66 | | <a name="input_auto_scale_options"></a> [auto\_scale\_options](#input\_auto\_scale\_options) | Configurações de Autoscaling do Cluster | <pre>object({<br>    min     = number<br>    max     = number<br>    desired = number<br>  })</pre> | n/a | yes |
67 | | <a name="input_k8s_version"></a> [k8s\_version](#input\_k8s\_version) | Versão do kubernetes do projeto | `string` | n/a | yes |
68 | | <a name="input_nodes_instance_sizes"></a> [nodes\_instance\_sizes](#input\_nodes\_instance\_sizes) | Lista de tamanhos das instâncias do projeto | `list(string)` | n/a | yes |
69 | | <a name="input_project_name"></a> [project\_name](#input\_project\_name) | Nome do projeto / cluster | `string` | n/a | yes |
70 | | <a name="input_region"></a> [region](#input\_region) | Nome da região onde os recursos serão entregues | `string` | n/a | yes |
71 | | <a name="input_ssm_pod_subnets"></a> [ssm\_pod\_subnets](#input\_ssm\_pod\_subnets) | Lista dos ID's do SSM onde estão as subnets de pods do projeto | `list(string)` | n/a | yes |
72 | | <a name="input_ssm_private_subnets"></a> [ssm\_private\_subnets](#input\_ssm\_private\_subnets) | Lista dos ID's do SSM onde estão as subnets privadas do projeto | `list(string)` | n/a | yes |
73 | | <a name="input_ssm_public_subnets"></a> [ssm\_public\_subnets](#input\_ssm\_public\_subnets) | Lista dos ID's do SSM onde estão as subnets públicas do projeto | `list(string)` | n/a | yes |
74 | | <a name="input_ssm_vpc"></a> [ssm\_vpc](#input\_ssm\_vpc) | ID do SSM onde está o id da VPC onde o projeto será criado | `string` | n/a | yes |
75 | 
76 | ## Outputs
77 | 
78 | No outputs.
79 | <!-- END_TF_DOCS -->


--------------------------------------------------------------------------------