diff --git a/terraform/modules/aws-acm/main.tf b/terraform/modules/aws-acm/main.tf index 3076981..9a6070a 100644 --- a/terraform/modules/aws-acm/main.tf +++ b/terraform/modules/aws-acm/main.tf @@ -14,8 +14,9 @@ module "acm" { create_certificate = var.create_acm_certificate - domain_name = var.domain_name - zone_id = var.zone_id + domain_name = var.domain_name + zone_id = var.zone_id + validation_method = var.validation_method subject_alternative_names = [ "*.${var.domain_name}"] } diff --git a/terraform/modules/aws-acm/variables.tf b/terraform/modules/aws-acm/variables.tf index 4ba055d..14005ca 100644 --- a/terraform/modules/aws-acm/variables.tf +++ b/terraform/modules/aws-acm/variables.tf @@ -12,3 +12,8 @@ variable "zone_id" { default = "" description = "R53 zone id for public domain" } + +variable "validation_method" { + default = "DNS" + description = "Which method to use for validation. DNS or EMAIL are valid. This parameter must not be set for certificates that were imported into ACM and then into Terraform." +} diff --git a/terraform/modules/k8s-addons/eks-aws-loadbalancer-controller.tf b/terraform/modules/k8s-addons/eks-aws-loadbalancer-controller.tf index 159c603..4a2b4f7 100644 --- a/terraform/modules/k8s-addons/eks-aws-loadbalancer-controller.tf +++ b/terraform/modules/k8s-addons/eks-aws-loadbalancer-controller.tf @@ -411,6 +411,7 @@ resource "helm_release" "aws_loadbalancer_controller" { version = local.aws_load_balancer_controller.chart_version namespace = module.aws_load_balancer_controller_namespace[count.index].name max_history = var.helm_release_history_size + wait = true values = [ local.aws_load_balancer_controller_values @@ -428,7 +429,7 @@ resource "helm_release" "aws_loadbalancer_controller" { value = tls_private_key.aws_loadbalancer_controller_webhook[0].private_key_pem } - depends_on = [helm_release.karpenter] + depends_on = [kubectl_manifest.karpenter_nodepool_default] } resource "kubernetes_ingress_v1" "default" { @@ -468,7 +469,7 @@ resource "kubernetes_ingress_v1" "default" { } wait_for_load_balancer = true - depends_on = [helm_release.aws_loadbalancer_controller, helm_release.ingress_nginx, module.aws_iam_aws_loadbalancer_controller, tls_locally_signed_cert.aws_loadbalancer_controller_webhook] + depends_on = [kubectl_manifest.karpenter_nodepool_default, helm_release.ingress_nginx, module.aws_iam_aws_loadbalancer_controller] #, helm_release.aws_loadbalancer_controller, module.aws_iam_aws_loadbalancer_controller, tls_locally_signed_cert.aws_loadbalancer_controller_webhook } resource "aws_route53_record" "default_ingress" { diff --git a/terraform/modules/k8s-addons/eks-ingress-nginx-controller.tf b/terraform/modules/k8s-addons/eks-ingress-nginx-controller.tf index 2c53e91..720b1c1 100644 --- a/terraform/modules/k8s-addons/eks-ingress-nginx-controller.tf +++ b/terraform/modules/k8s-addons/eks-ingress-nginx-controller.tf @@ -208,11 +208,12 @@ resource "helm_release" "ingress_nginx" { version = local.ingress_nginx.chart_version namespace = module.ingress_nginx_namespace[count.index].name max_history = var.helm_release_history_size + wait = true values = [ local.ingress_nginx_general_values, var.nginx_ingress_ssl_terminator == "lb" ? local.ingress_nginx_and_aws_load_balancer_controller : local.ingress_pod_ssl_termination_values ] - depends_on = [kubectl_manifest.kube_prometheus_stack_operator_crds] + depends_on = [kubectl_manifest.kube_prometheus_stack_operator_crds, helm_release.aws_loadbalancer_controller] } diff --git a/terraform/modules/k8s-addons/eks-karpenter.tf b/terraform/modules/k8s-addons/eks-karpenter.tf index c356810..f060613 100644 --- a/terraform/modules/k8s-addons/eks-karpenter.tf +++ b/terraform/modules/k8s-addons/eks-karpenter.tf @@ -16,7 +16,7 @@ settings: serviceAccount: annotations: - eks.amazonaws.com/role-arn: ${module.karpenter[0].irsa_arn} + eks.amazonaws.com/role-arn: ${module.karpenter[0].iam_role_arn} controller: resources: @@ -35,20 +35,23 @@ module "karpenter" { count = local.karpenter.enabled ? 1 : 0 source = "terraform-aws-modules/eks/aws//modules/karpenter" - version = "20.8.4" + version = "20.17.2" cluster_name = local.eks_cluster_id - policies = { + node_iam_role_additional_policies = { AmazonSSMManagedInstanceCore = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore" } - irsa_oidc_provider_arn = local.eks_oidc_provider_arn - irsa_namespace_service_accounts = ["karpenter:karpenter"] + enable_irsa = true + irsa_oidc_provider_arn = local.eks_oidc_provider_arn + enable_pod_identity = false + + create_node_iam_role = false + node_iam_role_arn = var.node_group_default_iam_role_arn + # Since the node group role will already have an access entry + create_access_entry = false - create_iam_role = false - enable_karpenter_instance_profile_creation = true - iam_role_arn = var.node_group_default_iam_role_arn } module "karpenter_namespace" { @@ -68,7 +71,7 @@ metadata: name: private namespace: karpenter spec: - amiFamily: AL2 # Amazon Linux 2 + amiFamily: AL2023 # Amazon Linux 2023 role: ${var.node_group_default_iam_role_name} # replace with your cluster name NODE ROLE ID from the aws-base subnetSelectorTerms: - tags: @@ -99,7 +102,7 @@ metadata: name: public namespace: karpenter spec: - amiFamily: AL2 # Amazon Linux 2 + amiFamily: AL2023 # Amazon Linux 2023 role: ${var.node_group_default_iam_role_name} # replace with your cluster name NODE ROLE ID from the aws-base subnetSelectorTerms: - tags: @@ -186,7 +189,7 @@ spec: EOF - depends_on = [helm_release.karpenter] + depends_on = [kubectl_manifest.karpenter_ec2nodeclass_private] } resource "kubectl_manifest" "karpenter_nodepool_ci" { @@ -257,7 +260,7 @@ spec: EOF - depends_on = [helm_release.karpenter] + depends_on = [kubectl_manifest.karpenter_ec2nodeclass_public] } resource "helm_release" "karpenter" { diff --git a/terraform/modules/k8s-addons/eks-kube-prometheus-stack.tf b/terraform/modules/k8s-addons/eks-kube-prometheus-stack.tf index e32109e..9739593 100644 --- a/terraform/modules/k8s-addons/eks-kube-prometheus-stack.tf +++ b/terraform/modules/k8s-addons/eks-kube-prometheus-stack.tf @@ -527,7 +527,7 @@ resource "helm_release" "prometheus_operator" { ]) depends_on = [ - kubectl_manifest.kube_prometheus_stack_operator_crds + helm_release.ingress_nginx ] } diff --git a/terraform/modules/k8s-addons/eks-prometheus-operator-crds.tf b/terraform/modules/k8s-addons/eks-prometheus-operator-crds.tf index 9240f03..dd96063 100644 --- a/terraform/modules/k8s-addons/eks-prometheus-operator-crds.tf +++ b/terraform/modules/k8s-addons/eks-prometheus-operator-crds.tf @@ -1,13 +1,13 @@ locals { kube_prometheus_stack_operator_crds = [ - "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/crds/crd-alertmanagerconfigs.yaml", - "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/crds/crd-alertmanagers.yaml", - "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/crds/crd-podmonitors.yaml", - "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/crds/crd-probes.yaml", - "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/crds/crd-prometheuses.yaml", - "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/crds/crd-prometheusrules.yaml", - "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/crds/crd-servicemonitors.yaml", - "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/crds/crd-thanosrulers.yaml" + "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagerconfigs.yaml", + "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagers.yaml", + "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/charts/crds/crds/crd-podmonitors.yaml", + "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/charts/crds/crds/crd-probes.yaml", + "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheuses.yaml", + "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusrules.yaml", + "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/charts/crds/crds/crd-servicemonitors.yaml", + "https://raw.githubusercontent.com/prometheus-community/helm-charts/kube-prometheus-stack-${local.kube_prometheus_stack.chart_version}/charts/kube-prometheus-stack/charts/crds/crds/crd-thanosrulers.yaml" ] } diff --git a/terraform/modules/k8s-addons/helm-releases.yaml b/terraform/modules/k8s-addons/helm-releases.yaml index 1d29152..1a4315d 100644 --- a/terraform/modules/k8s-addons/helm-releases.yaml +++ b/terraform/modules/k8s-addons/helm-releases.yaml @@ -63,7 +63,7 @@ releases: enabled: true chart: karpenter repository: oci://public.ecr.aws/karpenter - chart_version: v0.36.1 + chart_version: 0.37.0 namespace: karpenter - id: keda enabled: false @@ -81,7 +81,7 @@ releases: enabled: true chart: kube-prometheus-stack repository: https://prometheus-community.github.io/helm-charts - chart_version: 58.5.3 + chart_version: 61.3.1 namespace: monitoring - id: loki-stack enabled: true @@ -99,5 +99,5 @@ releases: enabled: false chart: victoria-metrics-k8s-stack repository: https://victoriametrics.github.io/helm-charts - chart_version: 0.22.11 + chart_version: 0.24.1 namespace: monitoring diff --git a/terraform/modules/k8s-addons/main.tf b/terraform/modules/k8s-addons/main.tf index b128740..c156377 100644 --- a/terraform/modules/k8s-addons/main.tf +++ b/terraform/modules/k8s-addons/main.tf @@ -18,7 +18,7 @@ provider "helm" { } experiments { - manifest = true + manifest = false } } diff --git a/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-acm/.terraform.lock.hcl b/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-acm/.terraform.lock.hcl index 7ae56bb..c798843 100644 --- a/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-acm/.terraform.lock.hcl +++ b/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-acm/.terraform.lock.hcl @@ -2,24 +2,24 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.49.0" - constraints = ">= 4.40.0, 5.49.0" + version = "5.58.0" + constraints = "5.58.0" hashes = [ - "h1:RZtXnBRpO4LNmmz0tXJQLa2heqk9VFGblFZtRCZkm/M=", - "zh:0979b07cdeffb868ea605e4bbc008adc7cccb5f3ba1d3a0b794ea3e8fff20932", - "zh:2121a0a048a1d9419df69f3561e524b7e8a6b74ba0f57bd8948799f12b6ad3a1", - "zh:573362042ba0bd18e98567a4f45d91b09eb0d223513518ba04f16a646a906403", - "zh:57be7a4d6c362be2fa586d270203f4eac1ee239816239a9503b86ebc8fa1fef0", - "zh:5c72ed211d9234edd70eac9d77c3cafc7bbf819d1c28332a6d77acf227c9a23c", - "zh:7786d1a9781f8e8c0079bf58f4ed4aeddec0caf54ad7ddcf43c47936d545a04f", - "zh:82133e7d39787ee91ed41988da71beecc2ecb900b5da94b3f3d77fbc4d4dc722", - "zh:8cdb1c154dead85be8352afd30eaf41c59249de9e7e0a8eb4ab8e625b90a4922", + "h1:XnAwb/MGeP7sxz/0SKLQF1ujaP7Bg15ol+ca7KZruio=", + "zh:15e9be54a8febe8e560362b10967cb60b680ca3f78fe207d7209b76e076f59d3", + "zh:240f6899a2cec259aa2729ce031f6af2b453f90a8b59118bb2571c54acc65db8", + "zh:2b6e8e2ab1a3dce1001503dba6086a128bb2a71652b0d0b3b107db665b7d6881", + "zh:579b0ed95247a0bd8bfb3fac7fb767547dde76026c578f4f184b5743af5e32cc", + "zh:6adcd10fd12be0be9eb78a89e745a5b77ae0d8b3522cd782456a71178aad8ccb", + "zh:7f829cef82f0a02faa97d0fbe1417a40b73fc5142e883b12eebc5b71015efac9", + "zh:81977f001998c9096f7b59710996e159774a9313c1bc03db3beb81c3e016ebef", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:ac215fd1c3bd647ae38868940651b97a53197688daefcd70b3595c84560e5267", - "zh:c45db22356d20e431639061a72e07da5201f4937c1df6b9f03f32019facf3905", - "zh:c9ba90e62db9a4708ed1a4e094849f88ce9d44c52b49f613b30bb3f7523b8d97", - "zh:d2be3607be2209995c80dc1d66086d527de5d470f73509e813254067e8287106", - "zh:e3fa20090f3cebf3911fc7ef122bd8c0505e3330ab7d541fa945fea861205007", - "zh:ef1b9d5c0b6279323f2ecfc322db8083e141984cfe1bb2f33c0f4934fccb69e3", + "zh:a5d98ac6fab6e6c85164ca7dd38f94a1e44bd70c0e8354c61f7fbabf698957cd", + "zh:c27fa4fed50f6f83ca911bef04f05d635a7b7a01a89dc8fc5d66a277588f08df", + "zh:d4042bdf86ca6dc10e0cca91c4fcc592b12572d26185b3d37bbbb9e2026ac68b", + "zh:d536482cf4ace0d49a2a86c931150921649beae59337d0c02a785879fe943cf3", + "zh:e205f8243274a621fb9ef2b5e2c71e84c1670be1d23697739439f5a831fa620f", + "zh:eb76ce0c77fd76c47f57122c91c4fcf0f72c01423538ed7833eaa7eeaae2edf6", + "zh:ffe04e494af6cc7348ceb8d85f4c1d5a847a44510827b4496513c810a4d9196d", ] } diff --git a/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-eks/.terraform.lock.hcl b/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-eks/.terraform.lock.hcl index a285cb4..8b9ce68 100644 --- a/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-eks/.terraform.lock.hcl +++ b/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-eks/.terraform.lock.hcl @@ -2,25 +2,25 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.49.0" - constraints = ">= 4.0.0, >= 4.33.0, >= 5.40.0, 5.49.0" + version = "5.58.0" + constraints = "5.58.0" hashes = [ - "h1:RZtXnBRpO4LNmmz0tXJQLa2heqk9VFGblFZtRCZkm/M=", - "zh:0979b07cdeffb868ea605e4bbc008adc7cccb5f3ba1d3a0b794ea3e8fff20932", - "zh:2121a0a048a1d9419df69f3561e524b7e8a6b74ba0f57bd8948799f12b6ad3a1", - "zh:573362042ba0bd18e98567a4f45d91b09eb0d223513518ba04f16a646a906403", - "zh:57be7a4d6c362be2fa586d270203f4eac1ee239816239a9503b86ebc8fa1fef0", - "zh:5c72ed211d9234edd70eac9d77c3cafc7bbf819d1c28332a6d77acf227c9a23c", - "zh:7786d1a9781f8e8c0079bf58f4ed4aeddec0caf54ad7ddcf43c47936d545a04f", - "zh:82133e7d39787ee91ed41988da71beecc2ecb900b5da94b3f3d77fbc4d4dc722", - "zh:8cdb1c154dead85be8352afd30eaf41c59249de9e7e0a8eb4ab8e625b90a4922", + "h1:XnAwb/MGeP7sxz/0SKLQF1ujaP7Bg15ol+ca7KZruio=", + "zh:15e9be54a8febe8e560362b10967cb60b680ca3f78fe207d7209b76e076f59d3", + "zh:240f6899a2cec259aa2729ce031f6af2b453f90a8b59118bb2571c54acc65db8", + "zh:2b6e8e2ab1a3dce1001503dba6086a128bb2a71652b0d0b3b107db665b7d6881", + "zh:579b0ed95247a0bd8bfb3fac7fb767547dde76026c578f4f184b5743af5e32cc", + "zh:6adcd10fd12be0be9eb78a89e745a5b77ae0d8b3522cd782456a71178aad8ccb", + "zh:7f829cef82f0a02faa97d0fbe1417a40b73fc5142e883b12eebc5b71015efac9", + "zh:81977f001998c9096f7b59710996e159774a9313c1bc03db3beb81c3e016ebef", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:ac215fd1c3bd647ae38868940651b97a53197688daefcd70b3595c84560e5267", - "zh:c45db22356d20e431639061a72e07da5201f4937c1df6b9f03f32019facf3905", - "zh:c9ba90e62db9a4708ed1a4e094849f88ce9d44c52b49f613b30bb3f7523b8d97", - "zh:d2be3607be2209995c80dc1d66086d527de5d470f73509e813254067e8287106", - "zh:e3fa20090f3cebf3911fc7ef122bd8c0505e3330ab7d541fa945fea861205007", - "zh:ef1b9d5c0b6279323f2ecfc322db8083e141984cfe1bb2f33c0f4934fccb69e3", + "zh:a5d98ac6fab6e6c85164ca7dd38f94a1e44bd70c0e8354c61f7fbabf698957cd", + "zh:c27fa4fed50f6f83ca911bef04f05d635a7b7a01a89dc8fc5d66a277588f08df", + "zh:d4042bdf86ca6dc10e0cca91c4fcc592b12572d26185b3d37bbbb9e2026ac68b", + "zh:d536482cf4ace0d49a2a86c931150921649beae59337d0c02a785879fe943cf3", + "zh:e205f8243274a621fb9ef2b5e2c71e84c1670be1d23697739439f5a831fa620f", + "zh:eb76ce0c77fd76c47f57122c91c4fcf0f72c01423538ed7833eaa7eeaae2edf6", + "zh:ffe04e494af6cc7348ceb8d85f4c1d5a847a44510827b4496513c810a4d9196d", ] } @@ -86,23 +86,22 @@ provider "registry.terraform.io/hashicorp/null" { } provider "registry.terraform.io/hashicorp/time" { - version = "0.11.1" - constraints = ">= 0.9.0" + version = "0.11.2" + constraints = "0.11.2" hashes = [ - "h1:UyhbtF79Wy4EVNrnvMcOPzmZLVQQyzM2ostfjs2l5PI=", - "h1:pQGSL9mdgw4qsLndFYsEF93mbsIxyxNoAyIbBqhS3Xo=", - "zh:19a393db736ec4fd024d098d55aefaef07056c37a448ece3b55b3f5f4c2c7e4a", - "zh:227fa1e221de2907f37be78d40c06ca6a6f7b243a1ec33ade014dfaf6d92cd9c", - "zh:29970fecbf4a3ca23bacbb05d6b90cdd33dd379f90059fe39e08289951502d9f", - "zh:65024596f22f10e7dcb5e0e4a75277f275b529daa0bc0daf34ca7901c678ab88", - "zh:694d080cb5e3bf5ef08c7409208d061c135a4f5f4cdc93ea8607860995264b2e", + "h1:qg3O4PmHnlPcvuZ2LvzOYEAPGOKtccgD5kPdQPZw094=", + "zh:02588b5b8ba5d31e86d93edc93b306bcbf47c789f576769245968cc157a9e8c5", + "zh:088a30c23796133678d1d6614da5cf5544430570408a17062288b58c0bd67ac8", + "zh:0df5faa072d67616154d38021934d8a8a316533429a3f582df3b4b48c836cf89", + "zh:12edeeaef96c47f694bd1ba7ead6ccdb96028b25df352eea4bc5e40de7a59177", + "zh:1e859504a656a6e988f07b908e6ffe946b28bfb56889417c0a07ea9605a3b7b0", + "zh:64a6ae0320d4956c4fdb05629cfcebd03bcbd2206e2d733f2f18e4a97f4d5c7c", "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:b29d15d13e1b3412e6a4e1627d378dbd102659132f7488f64017dd6b6d5216d3", - "zh:bb79f4cae9f8c17c73998edc54aa16c2130a03227f7f4e71fc6ac87e230575ec", - "zh:ceccf80e95929d97f62dcf1bb3c7c7553d5757b2d9e7d222518722fc934f7ad5", - "zh:f40e638336527490e294d9c938ae55919069e6987e85a80506784ba90348792a", - "zh:f99ef33b1629a3b2278201142a3011a8489e66d92da832a5b99e442204de18fb", - "zh:fded14754ea46fdecc62a52cd970126420d4cd190e598cb61190b4724a727edb", + "zh:924d137959193bf7aee6ebf241fbb9aec46d6eef828c5cf8d3c588770acae7b2", + "zh:b3cc76281a4faa9c2293a2460fc6962f6539e900994053f85185304887dddab8", + "zh:cbb40c791d4a1cdba56cffa43a9c0ed8e69930d49aa6bd931546b18c36e3b720", + "zh:d227d43594f8cb3d24f1fdd71382f14502cbe2a6deaddbc74242656bb5b38daf", + "zh:d4840641c46176bb9d70ba3aff09de749282136c779996b546c81e5ff701bbf6", ] } diff --git a/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-r53/.terraform.lock.hcl b/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-r53/.terraform.lock.hcl index 90ff521..c798843 100644 --- a/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-r53/.terraform.lock.hcl +++ b/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-r53/.terraform.lock.hcl @@ -2,24 +2,24 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.49.0" - constraints = "5.49.0" + version = "5.58.0" + constraints = "5.58.0" hashes = [ - "h1:RZtXnBRpO4LNmmz0tXJQLa2heqk9VFGblFZtRCZkm/M=", - "zh:0979b07cdeffb868ea605e4bbc008adc7cccb5f3ba1d3a0b794ea3e8fff20932", - "zh:2121a0a048a1d9419df69f3561e524b7e8a6b74ba0f57bd8948799f12b6ad3a1", - "zh:573362042ba0bd18e98567a4f45d91b09eb0d223513518ba04f16a646a906403", - "zh:57be7a4d6c362be2fa586d270203f4eac1ee239816239a9503b86ebc8fa1fef0", - "zh:5c72ed211d9234edd70eac9d77c3cafc7bbf819d1c28332a6d77acf227c9a23c", - "zh:7786d1a9781f8e8c0079bf58f4ed4aeddec0caf54ad7ddcf43c47936d545a04f", - "zh:82133e7d39787ee91ed41988da71beecc2ecb900b5da94b3f3d77fbc4d4dc722", - "zh:8cdb1c154dead85be8352afd30eaf41c59249de9e7e0a8eb4ab8e625b90a4922", + "h1:XnAwb/MGeP7sxz/0SKLQF1ujaP7Bg15ol+ca7KZruio=", + "zh:15e9be54a8febe8e560362b10967cb60b680ca3f78fe207d7209b76e076f59d3", + "zh:240f6899a2cec259aa2729ce031f6af2b453f90a8b59118bb2571c54acc65db8", + "zh:2b6e8e2ab1a3dce1001503dba6086a128bb2a71652b0d0b3b107db665b7d6881", + "zh:579b0ed95247a0bd8bfb3fac7fb767547dde76026c578f4f184b5743af5e32cc", + "zh:6adcd10fd12be0be9eb78a89e745a5b77ae0d8b3522cd782456a71178aad8ccb", + "zh:7f829cef82f0a02faa97d0fbe1417a40b73fc5142e883b12eebc5b71015efac9", + "zh:81977f001998c9096f7b59710996e159774a9313c1bc03db3beb81c3e016ebef", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:ac215fd1c3bd647ae38868940651b97a53197688daefcd70b3595c84560e5267", - "zh:c45db22356d20e431639061a72e07da5201f4937c1df6b9f03f32019facf3905", - "zh:c9ba90e62db9a4708ed1a4e094849f88ce9d44c52b49f613b30bb3f7523b8d97", - "zh:d2be3607be2209995c80dc1d66086d527de5d470f73509e813254067e8287106", - "zh:e3fa20090f3cebf3911fc7ef122bd8c0505e3330ab7d541fa945fea861205007", - "zh:ef1b9d5c0b6279323f2ecfc322db8083e141984cfe1bb2f33c0f4934fccb69e3", + "zh:a5d98ac6fab6e6c85164ca7dd38f94a1e44bd70c0e8354c61f7fbabf698957cd", + "zh:c27fa4fed50f6f83ca911bef04f05d635a7b7a01a89dc8fc5d66a277588f08df", + "zh:d4042bdf86ca6dc10e0cca91c4fcc592b12572d26185b3d37bbbb9e2026ac68b", + "zh:d536482cf4ace0d49a2a86c931150921649beae59337d0c02a785879fe943cf3", + "zh:e205f8243274a621fb9ef2b5e2c71e84c1670be1d23697739439f5a831fa620f", + "zh:eb76ce0c77fd76c47f57122c91c4fcf0f72c01423538ed7833eaa7eeaae2edf6", + "zh:ffe04e494af6cc7348ceb8d85f4c1d5a847a44510827b4496513c810a4d9196d", ] } diff --git a/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-vpc/.terraform.lock.hcl b/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-vpc/.terraform.lock.hcl index 7916a11..c798843 100644 --- a/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-vpc/.terraform.lock.hcl +++ b/terragrunt/ACCOUNT_ID/us-east-1/demo/common/aws-vpc/.terraform.lock.hcl @@ -2,24 +2,24 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.49.0" - constraints = ">= 5.30.0, 5.49.0" + version = "5.58.0" + constraints = "5.58.0" hashes = [ - "h1:RZtXnBRpO4LNmmz0tXJQLa2heqk9VFGblFZtRCZkm/M=", - "zh:0979b07cdeffb868ea605e4bbc008adc7cccb5f3ba1d3a0b794ea3e8fff20932", - "zh:2121a0a048a1d9419df69f3561e524b7e8a6b74ba0f57bd8948799f12b6ad3a1", - "zh:573362042ba0bd18e98567a4f45d91b09eb0d223513518ba04f16a646a906403", - "zh:57be7a4d6c362be2fa586d270203f4eac1ee239816239a9503b86ebc8fa1fef0", - "zh:5c72ed211d9234edd70eac9d77c3cafc7bbf819d1c28332a6d77acf227c9a23c", - "zh:7786d1a9781f8e8c0079bf58f4ed4aeddec0caf54ad7ddcf43c47936d545a04f", - "zh:82133e7d39787ee91ed41988da71beecc2ecb900b5da94b3f3d77fbc4d4dc722", - "zh:8cdb1c154dead85be8352afd30eaf41c59249de9e7e0a8eb4ab8e625b90a4922", + "h1:XnAwb/MGeP7sxz/0SKLQF1ujaP7Bg15ol+ca7KZruio=", + "zh:15e9be54a8febe8e560362b10967cb60b680ca3f78fe207d7209b76e076f59d3", + "zh:240f6899a2cec259aa2729ce031f6af2b453f90a8b59118bb2571c54acc65db8", + "zh:2b6e8e2ab1a3dce1001503dba6086a128bb2a71652b0d0b3b107db665b7d6881", + "zh:579b0ed95247a0bd8bfb3fac7fb767547dde76026c578f4f184b5743af5e32cc", + "zh:6adcd10fd12be0be9eb78a89e745a5b77ae0d8b3522cd782456a71178aad8ccb", + "zh:7f829cef82f0a02faa97d0fbe1417a40b73fc5142e883b12eebc5b71015efac9", + "zh:81977f001998c9096f7b59710996e159774a9313c1bc03db3beb81c3e016ebef", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:ac215fd1c3bd647ae38868940651b97a53197688daefcd70b3595c84560e5267", - "zh:c45db22356d20e431639061a72e07da5201f4937c1df6b9f03f32019facf3905", - "zh:c9ba90e62db9a4708ed1a4e094849f88ce9d44c52b49f613b30bb3f7523b8d97", - "zh:d2be3607be2209995c80dc1d66086d527de5d470f73509e813254067e8287106", - "zh:e3fa20090f3cebf3911fc7ef122bd8c0505e3330ab7d541fa945fea861205007", - "zh:ef1b9d5c0b6279323f2ecfc322db8083e141984cfe1bb2f33c0f4934fccb69e3", + "zh:a5d98ac6fab6e6c85164ca7dd38f94a1e44bd70c0e8354c61f7fbabf698957cd", + "zh:c27fa4fed50f6f83ca911bef04f05d635a7b7a01a89dc8fc5d66a277588f08df", + "zh:d4042bdf86ca6dc10e0cca91c4fcc592b12572d26185b3d37bbbb9e2026ac68b", + "zh:d536482cf4ace0d49a2a86c931150921649beae59337d0c02a785879fe943cf3", + "zh:e205f8243274a621fb9ef2b5e2c71e84c1670be1d23697739439f5a831fa620f", + "zh:eb76ce0c77fd76c47f57122c91c4fcf0f72c01423538ed7833eaa7eeaae2edf6", + "zh:ffe04e494af6cc7348ceb8d85f4c1d5a847a44510827b4496513c810a4d9196d", ] } diff --git a/terragrunt/ACCOUNT_ID/us-east-1/demo/env.yaml b/terragrunt/ACCOUNT_ID/us-east-1/demo/env.yaml index 20401a8..2e4faeb 100644 --- a/terragrunt/ACCOUNT_ID/us-east-1/demo/env.yaml +++ b/terragrunt/ACCOUNT_ID/us-east-1/demo/env.yaml @@ -1,17 +1,16 @@ --- name : "maddevs" -environment: "demo" +environment: "max" domain_name: "maddevs.org" create_r53_zone: false -create_acm_certificate: true +create_acm_certificate: false allowed_ips: - "0.0.0.0/0" -vpc_cidr: "10.0.0.0/16" +vpc_cidr: "10.100.0.0/16" single_nat_gateway: true -eks_cluster_version: "1.29" - +eks_cluster_version: "1.30" diff --git a/terragrunt/ACCOUNT_ID/us-east-1/demo/k8s-addons/terragrunt.hcl b/terragrunt/ACCOUNT_ID/us-east-1/demo/k8s-addons/terragrunt.hcl index 08f8adc..202cdc0 100644 --- a/terragrunt/ACCOUNT_ID/us-east-1/demo/k8s-addons/terragrunt.hcl +++ b/terragrunt/ACCOUNT_ID/us-east-1/demo/k8s-addons/terragrunt.hcl @@ -1,5 +1,5 @@ include "root" { - path = find_in_parent_folders() + path = find_in_parent_folders() expose = true } @@ -68,7 +68,7 @@ terraform { version = "${include.root.locals.tf_providers.kubernetes}" } kubectl = { - source = "avinbunney/kubectl" + source = "gavinbunney/kubectl" version = "${include.root.locals.tf_providers.kubectl}" } helm = { @@ -86,6 +86,16 @@ EOF terraform { source = "${get_path_to_repo_root()}/terraform/modules//k8s-addons" + + extra_arguments "apply_args" { + commands = [ + "apply" + ] + + arguments = [ + "-parallelism=20", + ] + } } inputs = { @@ -93,6 +103,7 @@ inputs = { name_wo_region = include.env.locals.name_wo_region environment = include.env.locals.values.environment vpc_cidr = include.env.locals.values.vpc_cidr + domain_name = include.env.locals.values.domain_name vpc_id = dependency.vpc.outputs.vpc_id eks_cluster_id = dependency.eks.outputs.eks_cluster_id eks_oidc_provider_arn = dependency.eks.outputs.eks_oidc_provider_arn diff --git a/terragrunt/terragrunt.hcl b/terragrunt/terragrunt.hcl index 82e3980..296cbcc 100644 --- a/terragrunt/terragrunt.hcl +++ b/terragrunt/terragrunt.hcl @@ -2,11 +2,11 @@ terragrunt_version_constraint = ">= 0.58" skip = true locals { - remote_state_bucket_region = "us-east-1" #get_env("TF_REMOTE_STATE_BUCKET_REGION") - remote_state_bucket = "maddevs-atv-use1-tfstate" #get_env("TF_REMOTE_STATE_BUCKET") + remote_state_bucket_region = "us-east-1" #get_env("TF_REMOTE_STATE_BUCKET_REGION") + remote_state_bucket = "maddevs-max-use1-tfstate" #get_env("TF_REMOTE_STATE_BUCKET") tf_providers = { - aws = "5.49.0" + aws = "5.58.0" kubernetes = "2.30.0" kubectl = "1.14.0" helm = "2.13.2"