mirror of
https://github.com/cdr/code-server.git
synced 2025-12-22 00:13:21 +01:00
b8094ac6a0
This commit adds complete Terraform infrastructure as code for deploying code-server on both EC2 and EKS platforms with enterprise-grade security and SAML/OIDC authentication. Features: - EC2 deployment with Auto Scaling Groups and Application Load Balancer - EKS deployment with managed node groups and AWS Load Balancer Controller - Private network setup with VPC, private subnets, and NAT gateways - SAML/OIDC authentication using OAuth2 Proxy - Security hardening: - KMS encryption for data at rest - TLS encryption in transit - IAM roles with least privilege - Security groups with minimal access - VPC Flow Logs - IMDSv2 enforcement - Auto-scaling capabilities for both EC2 and EKS - CloudWatch logging and monitoring - Automated deployment scripts Terraform Modules: - modules/vpc: VPC with public/private subnets, NAT, and VPC endpoints - modules/security: Security groups, IAM roles, and KMS keys - modules/ec2: EC2 Auto Scaling deployment with ALB - modules/eks: EKS cluster with managed node groups and addons Deployments: - deployments/ec2: EC2 deployment configuration - deployments/eks: EKS deployment configuration with Kubernetes manifests Documentation: - README.md: Comprehensive deployment and operations guide - QUICK-START.md: Quick reference for fast deployment - SAML-SETUP-GUIDE.md: Step-by-step IdP configuration guide Scripts: - scripts/deploy-ec2.sh: Automated EC2 deployment - scripts/deploy-eks.sh: Automated EKS deployment - scripts/destroy-ec2.sh: EC2 cleanup - scripts/destroy-eks.sh: EKS cleanup
67 lines
1.9 KiB
HCL
67 lines
1.9 KiB
HCL
# EKS Module Outputs
|
|
|
|
output "cluster_id" {
|
|
description = "ID of the EKS cluster"
|
|
value = aws_eks_cluster.main.id
|
|
}
|
|
|
|
output "cluster_arn" {
|
|
description = "ARN of the EKS cluster"
|
|
value = aws_eks_cluster.main.arn
|
|
}
|
|
|
|
output "cluster_endpoint" {
|
|
description = "Endpoint of the EKS cluster"
|
|
value = aws_eks_cluster.main.endpoint
|
|
}
|
|
|
|
output "cluster_version" {
|
|
description = "Kubernetes version of the EKS cluster"
|
|
value = aws_eks_cluster.main.version
|
|
}
|
|
|
|
output "cluster_security_group_id" {
|
|
description = "Security group ID of the EKS cluster"
|
|
value = aws_eks_cluster.main.vpc_config[0].cluster_security_group_id
|
|
}
|
|
|
|
output "cluster_certificate_authority_data" {
|
|
description = "Certificate authority data for the EKS cluster"
|
|
value = aws_eks_cluster.main.certificate_authority[0].data
|
|
sensitive = true
|
|
}
|
|
|
|
output "cluster_oidc_issuer_url" {
|
|
description = "OIDC issuer URL of the EKS cluster"
|
|
value = aws_eks_cluster.main.identity[0].oidc[0].issuer
|
|
}
|
|
|
|
output "oidc_provider_arn" {
|
|
description = "ARN of the OIDC provider for EKS"
|
|
value = var.enable_irsa ? aws_iam_openid_connect_provider.eks[0].arn : null
|
|
}
|
|
|
|
output "node_group_id" {
|
|
description = "ID of the EKS node group"
|
|
value = aws_eks_node_group.main.id
|
|
}
|
|
|
|
output "node_group_arn" {
|
|
description = "ARN of the EKS node group"
|
|
value = aws_eks_node_group.main.arn
|
|
}
|
|
|
|
output "node_group_status" {
|
|
description = "Status of the EKS node group"
|
|
value = aws_eks_node_group.main.status
|
|
}
|
|
|
|
output "aws_load_balancer_controller_role_arn" {
|
|
description = "ARN of the AWS Load Balancer Controller IAM role"
|
|
value = var.enable_aws_load_balancer_controller ? aws_iam_role.aws_load_balancer_controller[0].arn : null
|
|
}
|
|
|
|
output "cloudwatch_log_group_name" {
|
|
description = "Name of the CloudWatch log group for EKS"
|
|
value = aws_cloudwatch_log_group.eks_cluster.name
|
|
}
|