Real-Time Walkthrough to Create the

Kubernetes Cluster Using Terraform Script

This documentation provides a step-by-step guide to creating an Amazon Elastic Kubernetes Service
(EKS) cluster using Terraform, with a focus on addressing the omission of the IAM user. The steps include
an explanation of the Terraform script and necessary modifications

Prerequisites
Required Tools:

• Terraform installed on your local system.

• AWS CLI configured with your credentials.

Architecture:

1. Folder Structure
project-root/

├── main.tf # Core Terraform configuration

├── variables.tf # Input variable definitions

├── outputs.tf # Output definitions

└── README.md # Documentation

2. IAM User Creation:

2. Terraform Script Overview
Main.tf

provider "aws" {
region = var.aws_region
}

# Create a VPC
resource "aws_vpc" "eks_vpc" {
cidr_block = var.vpc_cidr_block
enable_dns_support = true
enable_dns_hostnames = true

tags = {
Name = "${var.cluster_name}-vpc"
}
}

# Data source for Availability Zones

data "aws_availability_zones" "available" {}

# Create Subnets
resource "aws_subnet" "example_subnet" {
count = length(var.subnet_cidr_blocks)
vpc_id = aws_vpc.eks_vpc.id
 cidr_block = var.subnet_cidr_blocks[count.index]
availability_zone = data.aws_availability_zones.available.names[count.index]

tags = {
Name = "${var.cluster_name}-subnet-${count.index}"
}
}

# Create an EKS Cluster

resource "aws_eks_cluster" "eks_cluster" {
name = var.cluster_name
role_arn = aws_iam_role.eks_role.arn

vpc_config {
subnet_ids = aws_subnet.example_subnet[*].id
}
}

# IAM Role for EKS

resource "aws_iam_role" "eks_role" {
name = "${var.cluster_name}-role"

assume_role_policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Effect = "Allow"
Principal = {
Service = "eks.amazonaws.com"
}
Action = "sts:AssumeRole"
}
]
})
}

# Attach EKS Managed Policies to the Role

resource "aws_iam_role_policy_attachment" "eks_policies" {
for_each = toset([
"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy",
"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController",
])

role = aws_iam_role.eks_role.name
policy_arn = each.value
}

output.tf
output "eks_cluster_name" {
description = "Name of the EKS cluster"
value = aws_eks_cluster.eks_cluster.name
}

output "eks_cluster_endpoint" {
description = "EKS Cluster endpoint"
value = aws_eks_cluster.eks_cluster.endpoint
}

output "eks_cluster_arn" {
description = "EKS Cluster ARN"
value = aws_eks_cluster.eks_cluster.arn
}
variable.tf

variable "aws_region" {
description = "AWS region to deploy resources"
default = "ap-south-1"
}

variable "cluster_name" {
description = "Name of the EKS cluster"
default = "alvin-eks-cluster"
}

# VPC CIDR block for the newly created VPC

variable "vpc_cidr_block" {
description = "CIDR block for the VPC"
default = "10.0.0.0/16"
}

# Subnet CIDR blocks for the VPC

variable "subnet_cidr_blocks" {
description = "List of CIDR blocks for the subnets"
type = list(string)
default = ["10.0.1.0/24", "10.0.2.0/24"]
}

# (Optional) VPC ID if you want to specify an existing VPC

variable "vpc_id" {
description = "ID of the VPC where subnets will be created"
type = string
default = ""
}
3. Execution Steps
Initialize Terraform:

terraform init

terraform plan
Before executing the terraform apply command, I retrieved and reviewed the EKS output.

terraform apply
To validate the EKS cluster:
1. Navigate to the **Amazon EKS console**.

2. Review the cluster's status and configuration details to ensure it has been created successfully.

To destroy the resources:

 1. Run the following command:

terraform destroy
Conclusion

This configuration demonstrates a complete setup for deploying a scalable and secure EKS cluster on
AWS. It’s designed for flexibility, allowing easy modifications to suit specific requirements. If you're
interested in modern DevOps practices or cloud-native solutions, this is a great starting point!