terraform_eks_cluster
Cloud Kubernetes
• 2 min

Using Terraform for EKS cluster

Kimelyne Servais
Kimelyne Servais

Posted on 13 May 2020, updated on 21 December 2023.

If you are a regular reader of our blog, you may know how to deploy a cluster with Terraform on GCP. We will learn in this article how to set up an AWS account with a free trial and use it to deploy an EKS cluster with Terraform.

Reminder of Terraform

Terraform is an open-source Infrastructure as Code (IaC) software tool created by HashiCorp. It enables users to define and provision a data center infrastructure. Download and install Terraform.

Terraform will execute all *.tf, so for this tutorial, I propose this architecture:

  • provider.tf
  • eks.tf
  • outputs.tf

Get an AWS free trial account

If you already have an Amazon Web Services account, you can skip this section.

For this tutorial, you need to have an AWS account. But don’t worry, AWS offers you a free trial account to try most services they propose.

First, you have to create your AWS account. You will have to enter your credit card but don’t worry, every component you will deploy will not incur fees.

Then you also have to install AWS CLI.

After these steps, you can log in to your account.

Purpose of this tutorial

The purpose of this tutorial is to create an Elastic Kubernetes Service (EKS) cluster with Terraform. Amazon Elastic Kubernetes Service (Amazon EKS) is a fully managed Kubernetes service by AWS. To go deeper you can read this article, which explains another way to deploy an EKS cluster with eksctl.

Step 1: Set up Terraform with AWS


The first thing to set up is your Terraform. We will create AWS IAM users for Terraform.

In your AWS console, go to the IAM section and create a user named “FullAccess”. Then add your user to a group named “FullAccessGroup”. Attaches to this group the following rights:

  • AdministratorAccess
  • AmazonEKSClusterPolicy

After these steps, AWS will provide you a Secret Access Key and Access Key ID. Save them preciously because this will be the only time AWS gives them to you.

In your own console, create a ~/.aws/credentials file and put your credentials in it:

The last step is to create this file:

You are now able to run some Terraform.

Step 2: create provider.tf


We will start this tutorial by creating a provider.tf file. This file contains all the information about which provider you want to use with Terraform.

We specify here to Terraform that we want to use an AWS provider. You also have to be precise in which region you will deploy it and which configuration you will use. See step 1 to set up your AWS configuration.

Step 3: create all resources you need


So we want to create a Kubernetes cluster with EKS. This EKS will be deployed in the default VPC of your account. First, you need to check in your AWS console, the subnet of the default VPC.

By default, you have 3 different subnets, each in different availability zones (AZ). Our EKS needs to be deployed on 2 AZ so you need to pick 2 different subnets.

Here Terraform will create an IAM role for EKS, with 2 policies, our EKS cluster, and finally an eks managed node group with 3 policies. We defined that we want one pod.

Step 4: Add output.tf


You can create a file outputs.tf. It will show you everything you need to connect to your EKS cluster. Here we want the endpoint of EKS and his certificate.

Step 5: Deploy all your resources


Once you have finished declaring the resources you want to create, you can deploy them. With terraform it is possible with a simple command:

  • Terraform init: it is used to initialize a working directory containing Terraform configuration files.
  • Terraform apply: it is used to apply the changes required to reach the desired state of the configuration.

When you launch the “terraform apply” command, Terraform will describe every resource you will create:

Check if it is all good and then you can accept by writing “yes”.

After the complete creation, you can go to your Amazon Web Services account to see your resources:

AWS account

You can also work with your EKS cluster with AWS CLI by using the command “aws eks update-kubeconfig --name <eks_cluster_name>”. This command constructs a configuration with prepopulated server and certificate authority data values for the cluster you specified.

Step 6: Destroy everything


If you want to destroy your resources with Terraform, you just have to run this command:

terraform destroy

Terraform will show you every resource it will destroy and if you agree you can accept by writing “yes”.

Congratulations! You have just created your first EKS cluster.