feat: Add Sagemaker, MemoryDB, Opensearch and ECR Controllers (#68)

aws-ia · Aug 10, 2024 · 173df26 · 173df26
1 parent 21e49dd
commit 173df26
Show file tree

Hide file tree

Showing 5 changed files with 792 additions and 325 deletions.
diff --git a/README.md b/README.md
@@ -18,6 +18,10 @@ module "eks_ack_addons" {
   ecrpublic_token    = "<ecr token>"
 
   # Controllers to enable
+  enable_sagemaker         = true
+  enable_memorydb          = true
+  enable_opensearchservice = true
+  enable_ecr               = true
   enable_sns               = true
   enable_sqs               = true
   enable_lambda            = true
@@ -72,16 +76,20 @@ Examples codified under the [`examples`](https://github.com/aws-ia/terraform-aws
 | <a name="module_apigatewayv2"></a> [apigatewayv2](#module\_apigatewayv2) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_dynamodb"></a> [dynamodb](#module\_dynamodb) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_ec2"></a> [ec2](#module\_ec2) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
+| <a name="module_ecr"></a> [ecr](#module\_ecr) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_eks"></a> [eks](#module\_eks) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_elasticache"></a> [elasticache](#module\_elasticache) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_emrcontainers"></a> [emrcontainers](#module\_emrcontainers) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_eventbridge"></a> [eventbridge](#module\_eventbridge) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_iam"></a> [iam](#module\_iam) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_kms"></a> [kms](#module\_kms) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_lambda"></a> [lambda](#module\_lambda) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
+| <a name="module_memorydb"></a> [memorydb](#module\_memorydb) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
+| <a name="module_opensearchservice"></a> [opensearchservice](#module\_opensearchservice) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_prometheusservice"></a> [prometheusservice](#module\_prometheusservice) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_rds"></a> [rds](#module\_rds) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_s3"></a> [s3](#module\_s3) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
+| <a name="module_sagemaker"></a> [sagemaker](#module\_sagemaker) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_sfn"></a> [sfn](#module\_sfn) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_sns"></a> [sns](#module\_sns) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
 | <a name="module_sqs"></a> [sqs](#module\_sqs) | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
@@ -90,20 +98,24 @@ Examples codified under the [`examples`](https://github.com/aws-ia/terraform-aws
 
 | Name | Type |
 |------|------|
-| [aws_iam_policy.acmpolicy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.ekspolicy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.acm](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.eks](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_policy.emrcontainers](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.iampolicy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.kmspolicy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.lambdapolicy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.sfnpasspolicy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.snspolicy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.sqspolicy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.iam](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.kms](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.prometheusservice](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.sfn](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [time_sleep.this](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_iam_policy_document.acm](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.eks](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_iam_policy_document.emrcontainers](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
-| [aws_iam_policy_document.lambda_controller](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
-| [aws_iam_policy_document.sns_controller](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
-| [aws_iam_policy_document.sqs_controller](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.iam](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.kms](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.prometheusservice](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.sfn](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 
@@ -120,6 +132,7 @@ Examples codified under the [`examples`](https://github.com/aws-ia/terraform-aws
 | <a name="input_create_kubernetes_resources"></a> [create\_kubernetes\_resources](#input\_create\_kubernetes\_resources) | Create Kubernetes resource with Helm or Kubernetes provider | `bool` | `true` | no |
 | <a name="input_dynamodb"></a> [dynamodb](#input\_dynamodb) | ACK dynamodb Helm Chart config | `any` | `{}` | no |
 | <a name="input_ec2"></a> [ec2](#input\_ec2) | ACK ec2 Helm Chart config | `any` | `{}` | no |
+| <a name="input_ecr"></a> [ecr](#input\_ecr) | ACK ECR Helm Chart config | `any` | `{}` | no |
 | <a name="input_ecrpublic_token"></a> [ecrpublic\_token](#input\_ecrpublic\_token) | Password decoded from the authorization token for accessing public ECR | `string` | `""` | no |
 | <a name="input_ecrpublic_username"></a> [ecrpublic\_username](#input\_ecrpublic\_username) | User name decoded from the authorization token for accessing public ECR | `string` | `""` | no |
 | <a name="input_eks"></a> [eks](#input\_eks) | ACK eks Helm Chart config | `any` | `{}` | no |
@@ -129,27 +142,34 @@ Examples codified under the [`examples`](https://github.com/aws-ia/terraform-aws
 | <a name="input_enable_apigatewayv2"></a> [enable\_apigatewayv2](#input\_enable\_apigatewayv2) | Enable ACK API gateway v2 add-on | `bool` | `false` | no |
 | <a name="input_enable_dynamodb"></a> [enable\_dynamodb](#input\_enable\_dynamodb) | Enable ACK dynamodb add-on | `bool` | `false` | no |
 | <a name="input_enable_ec2"></a> [enable\_ec2](#input\_enable\_ec2) | Enable ACK ec2 add-on | `bool` | `false` | no |
+| <a name="input_enable_ecr"></a> [enable\_ecr](#input\_enable\_ecr) | Enable ACK ECR add-on | `bool` | `false` | no |
 | <a name="input_enable_eks"></a> [enable\_eks](#input\_enable\_eks) | Enable ACK eks add-on | `bool` | `false` | no |
 | <a name="input_enable_elasticache"></a> [enable\_elasticache](#input\_enable\_elasticache) | Enable ACK elasticache add-on | `bool` | `false` | no |
 | <a name="input_enable_emrcontainers"></a> [enable\_emrcontainers](#input\_enable\_emrcontainers) | Enable ACK EMR container add-on | `bool` | `false` | no |
 | <a name="input_enable_eventbridge"></a> [enable\_eventbridge](#input\_enable\_eventbridge) | Enable ACK EventBridge add-on | `bool` | `false` | no |
 | <a name="input_enable_iam"></a> [enable\_iam](#input\_enable\_iam) | Enable ACK iam add-on | `bool` | `false` | no |
 | <a name="input_enable_kms"></a> [enable\_kms](#input\_enable\_kms) | Enable ACK kms add-on | `bool` | `false` | no |
 | <a name="input_enable_lambda"></a> [enable\_lambda](#input\_enable\_lambda) | Enable ACK Lambda add-on | `bool` | `false` | no |
+| <a name="input_enable_memorydb"></a> [enable\_memorydb](#input\_enable\_memorydb) | Enable ACK MemoryDB add-on | `bool` | `false` | no |
+| <a name="input_enable_opensearchservice"></a> [enable\_opensearchservice](#input\_enable\_opensearchservice) | Enable ACK Opensearch Service add-on | `bool` | `false` | no |
 | <a name="input_enable_prometheusservice"></a> [enable\_prometheusservice](#input\_enable\_prometheusservice) | Enable ACK prometheusservice add-on | `bool` | `false` | no |
 | <a name="input_enable_rds"></a> [enable\_rds](#input\_enable\_rds) | Enable ACK rds add-on | `bool` | `false` | no |
 | <a name="input_enable_s3"></a> [enable\_s3](#input\_enable\_s3) | Enable ACK s3 add-on | `bool` | `false` | no |
+| <a name="input_enable_sagemaker"></a> [enable\_sagemaker](#input\_enable\_sagemaker) | Enable ACK Sagemaker add-on | `bool` | `false` | no |
 | <a name="input_enable_sfn"></a> [enable\_sfn](#input\_enable\_sfn) | Enable ACK step functions add-on | `bool` | `false` | no |
 | <a name="input_enable_sns"></a> [enable\_sns](#input\_enable\_sns) | Enable ACK SNS add-on | `bool` | `false` | no |
 | <a name="input_enable_sqs"></a> [enable\_sqs](#input\_enable\_sqs) | Enable ACK SQS add-on | `bool` | `false` | no |
 | <a name="input_eventbridge"></a> [eventbridge](#input\_eventbridge) | ACK EventBridge Helm Chart config | `any` | `{}` | no |
 | <a name="input_iam"></a> [iam](#input\_iam) | ACK iam Helm Chart config | `any` | `{}` | no |
 | <a name="input_kms"></a> [kms](#input\_kms) | ACK kms Helm Chart config | `any` | `{}` | no |
 | <a name="input_lambda"></a> [lambda](#input\_lambda) | ACK Lambda Helm Chart config | `any` | `{}` | no |
+| <a name="input_memorydb"></a> [memorydb](#input\_memorydb) | ACK MemoryDB Helm Chart config | `any` | `{}` | no |
 | <a name="input_oidc_provider_arn"></a> [oidc\_provider\_arn](#input\_oidc\_provider\_arn) | The ARN of the cluster OIDC Provider | `string` | n/a | yes |
+| <a name="input_opensearchservice"></a> [opensearchservice](#input\_opensearchservice) | ACK Opensearch Service Helm Chart config | `any` | `{}` | no |
 | <a name="input_prometheusservice"></a> [prometheusservice](#input\_prometheusservice) | ACK prometheusservice Helm Chart config | `any` | `{}` | no |
 | <a name="input_rds"></a> [rds](#input\_rds) | ACK rds Helm Chart config | `any` | `{}` | no |
 | <a name="input_s3"></a> [s3](#input\_s3) | ACK s3 Helm Chart config | `any` | `{}` | no |
+| <a name="input_sagemaker"></a> [sagemaker](#input\_sagemaker) | ACK Sagemaker Helm Chart config | `any` | `{}` | no |
 | <a name="input_sfn"></a> [sfn](#input\_sfn) | ACK step functions Helm Chart config | `any` | `{}` | no |
 | <a name="input_sns"></a> [sns](#input\_sns) | ACK SNS Helm Chart config | `any` | `{}` | no |
 | <a name="input_sqs"></a> [sqs](#input\_sqs) | ACK SQS Helm Chart config | `any` | `{}` | no |

diff --git a/examples/complete/README.md b/examples/complete/README.md
@@ -6,16 +6,20 @@ Configuration in this directory creates an AWS EKS cluster with the following AC
 - Amazon ApiGatewayV2 Controller
 - Amazon DynamoDB Controller
 - Amazon EC2 Controller
+- Amazon ECR Controller
 - Amazon EKS Controller
 - Amazon ElastiCache Controller
 - Amazon EMR Containers Controller
 - Amazon EventBridge Controller
 - Amazon IAM Controller
 - Amazon KMS Controller
 - AWS Lambda Controller
+- Amazon MemoryDB Controller
+- Amazon OpenSearch Service Controller
 - Amazon Prometheus Service Controller
 - Amazon RDS Controller
 - Amazon S3 Controller
+- Amazon SageMaker Controller
 - AWS SFN Controller
 - Amazon SNS Controller
 - Amazon SQS Controller
@@ -59,37 +63,41 @@ aws eks --region <REGION> update-kubeconfig --name <CLUSTER_NAME>
 kubectl get pods -A
 
 NAMESPACE     NAME                                            READY   STATUS    RESTARTS   AGE
-ack-system    ack-acm-5ffccbd5d5-62kx9                        1/1     Running   0          11m
-ack-system    ack-apigatewayv2-cf6cd9d67-vxhsk                1/1     Running   0          11m
-ack-system    ack-dynamodb-bd47f88b7-7jbgw                    1/1     Running   0          10m
-ack-system    ack-ec2-54dfcf968-pdbs2                         1/1     Running   0          10m
-ack-system    ack-eks-9cb44fc-95k6x                           1/1     Running   0          11m
-ack-system    ack-elasticache-5758ff66bd-6vbgc                1/1     Running   0          11m
-ack-system    ack-emrcontainers-69ffb54758-78ksb              1/1     Running   0          11m
-ack-system    ack-eventbridge-58c7d4c8f5-vvfz5                1/1     Running   0          11m
-ack-system    ack-iam-7486c996c8-kbb2h                        1/1     Running   0          11m
-ack-system    ack-kms-bb956b4fc-x69lv                         1/1     Running   0          11m
-ack-system    ack-lambda-65bd7fbc8d-6jn8k                     1/1     Running   0          11m
-ack-system    ack-prometheusservice-5bccddc6f-7tkl5           1/1     Running   0          11m
-ack-system    ack-rds-57499b447d-pg9tq                        1/1     Running   0          10m
-ack-system    ack-s3-78b44bf586-b8qnj                         1/1     Running   0          11m
-ack-system    ack-sfn-7494cbccf-vx6g7                         1/1     Running   0          10m
-ack-system    ack-sns-56bb579874-h26s5                        1/1     Running   0          11m
-ack-system    ack-sqs-5f7bc84d45-47zw4                        1/1     Running   0          11m
-kube-system   aws-load-balancer-controller-84b5bf9c5f-45fkt   1/1     Running   0          10m
-kube-system   aws-load-balancer-controller-84b5bf9c5f-vtwj4   1/1     Running   0          10m
-kube-system   aws-node-btph9                                  2/2     Running   0          10m
-kube-system   aws-node-dqh67                                  2/2     Running   0          10m
-kube-system   aws-node-kt5mp                                  2/2     Running   0          10m
-kube-system   coredns-787cb67946-hlqfm                        1/1     Running   0          14m
-kube-system   coredns-787cb67946-q8lzj                        1/1     Running   0          14m
-kube-system   eks-pod-identity-agent-lhj4d                    1/1     Running   0          10m
-kube-system   eks-pod-identity-agent-vvf46                    1/1     Running   0          10m
-kube-system   eks-pod-identity-agent-zw2qv                    1/1     Running   0          10m
-kube-system   kube-proxy-27k5q                                1/1     Running   0          10m
-kube-system   kube-proxy-6q78s                                1/1     Running   0          10m
-kube-system   kube-proxy-x5hhm                                1/1     Running   0          10m
-kube-system   metrics-server-7577444cf8-9l7h8                 1/1     Running   0          12m
+ack-system    ack-acm-5ffccbd5d5-6ns6v                        1/1     Running   0          60s
+ack-system    ack-apigatewayv2-cf6cd9d67-gfw5k                1/1     Running   0          60s
+ack-system    ack-dynamodb-bd47f88b7-4smb5                    1/1     Running   0          60s
+ack-system    ack-ec2-54dfcf968-2vvcf                         1/1     Running   0          60s
+ack-system    ack-ecr-5b4699f87b-n5bfp                        1/1     Running   0          60s
+ack-system    ack-eks-9cb44fc-vgsvf                           1/1     Running   0          59s
+ack-system    ack-elasticache-5758ff66bd-fn7cv                1/1     Running   0          59s
+ack-system    ack-emrcontainers-69ffb54758-s4d25              1/1     Running   0          59s
+ack-system    ack-eventbridge-58c7d4c8f5-hzc7m                1/1     Running   0          59s
+ack-system    ack-iam-7486c996c8-qmmd6                        1/1     Running   0          58s
+ack-system    ack-kms-bb956b4fc-vtn7x                         1/1     Running   0          58s
+ack-system    ack-lambda-65bd7fbc8d-lql8x                     1/1     Running   0          58s
+ack-system    ack-memorydb-76c988f6dd-zxprv                   1/1     Running   0          58s
+ack-system    ack-opensearchservice-7fd9d8c866-xzqfh          1/1     Running   0          57s
+ack-system    ack-prometheusservice-5bccddc6f-clnz9           1/1     Running   0          57s
+ack-system    ack-rds-57499b447d-qqf7w                        1/1     Running   0          57s
+ack-system    ack-s3-78b44bf586-4f25v                         1/1     Running   0          57s
+ack-system    ack-sagemaker-74f65d4cb9-9r74h                  1/1     Running   0          57s
+ack-system    ack-sfn-7494cbccf-mwq7z                         1/1     Running   0          56s
+ack-system    ack-sns-56bb579874-hk78c                        1/1     Running   0          56s
+ack-system    ack-sqs-5f7bc84d45-jtd5b                        1/1     Running   0          56s
+kube-system   aws-load-balancer-controller-84b5bf9c5f-4dm9s   1/1     Running   0          34m
+kube-system   aws-load-balancer-controller-84b5bf9c5f-62km5   1/1     Running   0          34m
+kube-system   aws-node-2pfp8                                  2/2     Running   0          32m
+kube-system   aws-node-c6mdg                                  2/2     Running   0          32m
+kube-system   aws-node-d8m55                                  2/2     Running   0          32m
+kube-system   coredns-787cb67946-8psqv                        1/1     Running   0          38m
+kube-system   coredns-787cb67946-nvtnt                        1/1     Running   0          38m
+kube-system   eks-pod-identity-agent-2lw9f                    1/1     Running   0          33m
+kube-system   eks-pod-identity-agent-dhdxs                    1/1     Running   0          33m
+kube-system   eks-pod-identity-agent-zt7gz                    1/1     Running   0          33m
+kube-system   kube-proxy-2xjzt                                1/1     Running   0          33m
+kube-system   kube-proxy-h27hw                                1/1     Running   0          34m
+kube-system   kube-proxy-kd57b                                1/1     Running   0          33m
+kube-system   metrics-server-7577444cf8-7f95q                 1/1     Running   0          35m
 ```
 
 ## Sample Application Deployment

diff --git a/examples/complete/main.tf b/examples/complete/main.tf
@@ -131,6 +131,10 @@ module "eks_ack_addons" {
   ecrpublic_token    = data.aws_ecrpublic_authorization_token.token.password
 
   # Controllers to enable
+  enable_sagemaker         = true
+  enable_memorydb          = true
+  enable_opensearchservice = true
+  enable_ecr               = true
   enable_sns               = true
   enable_sqs               = true
   enable_lambda            = true