From 133b5041eca7c27cf089537fe785a02b2375edc0 Mon Sep 17 00:00:00 2001 From: Kai Hendry Date: Fri, 29 Jul 2022 14:04:40 +0800 Subject: [PATCH] Working without kms --- README.md | 4 ++++ init.tf | 2 +- main.tf | 18 +----------------- 3 files changed, 6 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 38682b0..441dac6 100644 --- a/README.md +++ b/README.md @@ -15,3 +15,7 @@ Run a service: argocd app create guestbook --repo https://github.com/argoproj/argocd-example-apps.git --path guestbook --dest-server https://kubernetes.default.svc --dest-namespace default argocd app get guestbook argocd app sync guestbook + +Run my service + + argocd app create sla --repo https://github.com/kaihendry/sla.git --path k8s --dest-server https://kubernetes.default.svc --dest-namespace kai diff --git a/init.tf b/init.tf index d151f1d..9a99dd7 100644 --- a/init.tf +++ b/init.tf @@ -1,7 +1,7 @@ terraform { required_providers { aws = { - source = "hashicorp/aws" + source = "hashicorp/aws" } } } diff --git a/main.tf b/main.tf index 8a4f520..aa27a77 100644 --- a/main.tf +++ b/main.tf @@ -1,5 +1,5 @@ locals { - name = "ex-${replace(basename(path.cwd), "_", "-")}" + name = "${replace(basename(path.cwd), "_", "-")}" cluster_version = "1.22" region = "ap-southeast-1" @@ -33,11 +33,6 @@ module "eks" { } } - cluster_encryption_config = [{ - provider_key_arn = aws_kms_key.eks.arn - resources = ["secrets"] - }] - vpc_id = module.vpc.vpc_id subnet_ids = module.vpc.private_subnets @@ -132,10 +127,6 @@ module "vpc" { single_nat_gateway = true enable_dns_hostnames = true - enable_flow_log = true - create_flow_log_cloudwatch_iam_role = true - create_flow_log_cloudwatch_log_group = true - public_subnet_tags = { "kubernetes.io/cluster/${local.name}" = "shared" "kubernetes.io/role/elb" = 1 @@ -149,10 +140,3 @@ module "vpc" { tags = local.tags } -resource "aws_kms_key" "eks" { - description = "EKS Secret Encryption Key" - deletion_window_in_days = 7 - enable_key_rotation = true - - tags = local.tags -}