Validation Output
```
Warning: Argument is deprecated
with module.vpc.aws_eip.nat,
on modules/vpc/routes.tf line 54, in resource "aws_eip" "nat":
54: vpc = true
use domain attribute instead
Success! The configuration is valid, but there were some validation warnings
as shown above.
```
Terraform Plan 📖success
Show Plan
```
terraform
module.project_eks.data.aws_iam_policy_document.eks_assume_role_policy: Reading...
module.project_eks.data.aws_iam_policy_document.eks_node_assume_role_policy: Reading...
data.aws_ami.amazon_linux_2: Reading...
data.aws_caller_identity.current: Reading...
module.project_eks.data.aws_iam_policy_document.eks_node_assume_role_policy: Read complete after 0s [id=2851119427]
module.project_eks.data.aws_iam_policy_document.eks_assume_role_policy: Read complete after 0s [id=3552664922]
data.aws_caller_identity.current: Read complete after 1s [id=661834931903]
data.aws_ami.amazon_linux_2: Read complete after 1s [id=ami-0db513e73ed5a7faa]
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
<= read (data resources)
Terraform will perform the following actions:
# data.aws_eks_cluster.cluster will be read during apply
# (config refers to values not yet known)
<= data "aws_eks_cluster" "cluster" {
+ access_config = (known after apply)
+ arn = (known after apply)
+ certificate_authority = (known after apply)
+ cluster_id = (known after apply)
+ created_at = (known after apply)
+ enabled_cluster_log_types = (known after apply)
+ endpoint = (known after apply)
+ id = (known after apply)
+ identity = (known after apply)
+ kubernetes_network_config = (known after apply)
+ name = (known after apply)
+ outpost_config = (known after apply)
+ platform_version = (known after apply)
+ role_arn = (known after apply)
+ status = (known after apply)
+ tags = (known after apply)
+ version = (known after apply)
+ vpc_config = (known after apply)
}
# data.aws_eks_cluster_auth.cluster will be read during apply
# (config refers to values not yet known)
<= data "aws_eks_cluster_auth" "cluster" {
+ id = (known after apply)
+ name = (known after apply)
+ token = (sensitive value)
}
# kubernetes_namespace.udacity will be created
+ resource "kubernetes_namespace" "udacity" {
+ id = (known after apply)
+ wait_for_default_service_account = false
+ metadata {
+ generation = (known after apply)
+ name = "udacity"
+ resource_version = (known after apply)
+ uid = (known after apply)
}
}
# module.project_ec2.data.aws_security_group.default will be read during apply
# (config refers to values not yet known)
<= data "aws_security_group" "default" {
+ arn = (known after apply)
+ description = (known after apply)
+ id = (known after apply)
+ name = "default"
+ tags = (known after apply)
+ vpc_id = (known after apply)
}
# module.project_ec2.data.aws_subnets.public will be read during apply
# (config refers to values not yet known)
<= data "aws_subnets" "public" {
+ id = (known after apply)
+ ids = (known after apply)
+ tags = (known after apply)
+ filter {
+ name = "tag:Name"
+ values = [
+ "*public*",
]
}
+ filter {
+ name = "vpc-id"
+ values = [
+ (known after apply),
]
}
}
# module.project_ec2.aws_instance.web will be created
+ resource "aws_instance" "web" {
+ ami = "ami-0ef8c7099ef697f3e"
+ arn = (known after apply)
+ associate_public_ip_address = (known after apply)
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ disable_api_stop = (known after apply)
+ disable_api_termination = (known after apply)
+ ebs_optimized = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ host_resource_group_arn = (known after apply)
+ iam_instance_profile = (known after apply)
+ id = (known after apply)
+ instance_initiated_shutdown_behavior = (known after apply)
+ instance_lifecycle = (known after apply)
+ instance_state = (known after apply)
+ instance_type = "t3.micro"
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = "udacity"
+ monitoring = (known after apply)
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ placement_partition_number = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ spot_instance_request_id = (known after apply)
+ subnet_id = (known after apply)
+ tags = {
+ "Name" = "ubuntu"
}
+ tags_all = {
+ "Name" = "ubuntu"
+ "Terraform" = "true"
}
+ tenancy = (known after apply)
+ user_data = (known after apply)
+ user_data_base64 = (known after apply)
+ user_data_replace_on_change = false
+ vpc_security_group_ids = (known after apply)
}
# module.project_ec2.aws_security_group.ec2_sg will be created
+ resource "aws_security_group" "ec2_sg" {
+ arn = (known after apply)
+ description = "Managed by Terraform"
+ egress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = []
+ self = false
+ to_port = 0
# (1 unchanged attribute hidden)
},
]
+ id = (known after apply)
+ ingress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = "monitoring"
+ from_port = 9100
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = 9100
},
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = "ssh port"
+ from_port = 22
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = 22
},
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = "web port"
+ from_port = 80
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = 80
},
]
+ name = "ec2_sg"
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags = {
+ "Name" = "ec2_sg"
}
+ tags_all = {
+ "Name" = "ec2_sg"
+ "Terraform" = "true"
}
+ vpc_id = (known after apply)
}
# module.project_eks.aws_eks_cluster.cluster will be created
+ resource "aws_eks_cluster" "cluster" {
+ arn = (known after apply)
+ certificate_authority = (known after apply)
+ cluster_id = (known after apply)
+ created_at = (known after apply)
+ endpoint = (known after apply)
+ id = (known after apply)
+ identity = (known after apply)
+ name = "udacity-cluster"
+ platform_version = (known after apply)
+ role_arn = (known after apply)
+ status = (known after apply)
+ tags_all = {
+ "Name" = "udacity"
+ "Terraform" = "true"
}
+ version = "1.21"
+ vpc_config {
+ cluster_security_group_id = (known after apply)
+ endpoint_private_access = false
+ endpoint_public_access = true
+ public_access_cidrs = (known after apply)
+ subnet_ids = (known after apply)
+ vpc_id = (known after apply)
}
}
# module.project_eks.aws_eks_node_group.node will be created
+ resource "aws_eks_node_group" "node" {
+ ami_type = (known after apply)
+ arn = (known after apply)
+ capacity_type = (known after apply)
+ cluster_name = "udacity-cluster"
+ disk_size = (known after apply)
+ id = (known after apply)
+ instance_types = [
+ "t3.medium",
]
+ node_group_name = "app-udacity-node-group"
+ node_group_name_prefix = (known after apply)
+ node_role_arn = (known after apply)
+ release_version = (known after apply)
+ resources = (known after apply)
+ status = (known after apply)
+ subnet_ids = (known after apply)
+ tags = {
+ "Name" = "eks-udacity-nodes"
}
+ tags_all = {
+ "Name" = "eks-udacity-nodes"
+ "Terraform" = "true"
}
+ version = (known after apply)
+ scaling_config {
+ desired_size = 1
+ max_size = 1
+ min_size = 1
}
}
# module.project_eks.aws_iam_policy.eks_cluster_role_cloudwatch_policy will be created
+ resource "aws_iam_policy" "eks_cluster_role_cloudwatch_policy" {
+ arn = (known after apply)
+ attachment_count = (known after apply)
+ description = "Policy allowing cloudwatch access to udacity resources."
+ id = (known after apply)
+ name = "app-udacity-eks-cluster-role-cloudwatch-policy"
+ name_prefix = (known after apply)
+ path = "/"
+ policy = jsonencode(
{
+ Statement = [
+ {
+ Action = [
+ "cloudwatch:*",
+ "logs:DescribeLogGroups",
+ "logs:DescribeLogStreams",
+ "logs:CreateLogGroup",
+ "logs:CreateLogStream",
+ "logs:PutLogEvents",
]
+ Effect = "Allow"
+ Resource = "*"
},
]
+ Version = "2012-10-17"
}
)
+ policy_id = (known after apply)
+ tags_all = {
+ "Name" = "udacity"
+ "Terraform" = "true"
}
}
# module.project_eks.aws_iam_policy.eks_node_instance_policy will be created
+ resource "aws_iam_policy" "eks_node_instance_policy" {
+ arn = (known after apply)
+ attachment_count = (known after apply)
+ description = "Policy allowing access to udacity resources."
+ id = (known after apply)
+ name = "app-udacity-instance-policy"
+ name_prefix = (known after apply)
+ path = "/"
+ policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "s3:*"
+ Effect = "Allow"
+ Resource = [
+ "arn:aws:s3:::*",
+ "arn:aws:s3:::*/*",
+ "arn:aws:s3:*:*:job/*",
]
},
+ {
+ Action = [
+ "logs:CreateLogGroup",
+ "logs:CreateLogStream",
+ "logs:PutLogEvents",
]
+ Effect = "Allow"
+ Resource = [
+ "arn:aws:logs:*:*:log-group:*",
+ "arn:aws:logs:*:*:log-group:*:*:*",
]
},
+ {
+ Action = [
+ "ecr:BatchCheckLayerAvailability",
+ "ecr:BatchGetImage",
+ "ecr:DescribeImages",
+ "ecr:DescribeRepositories",
+ "ecr:GetAuthorizationToken",
+ "ecr:GetDownloadUrlForLayer",
+ "ecr:GetRepositoryPolicy",
+ "ecr:ListImages",
]
+ Effect = "Allow"
+ Resource = "*"
},
+ {
+ Action = [
+ "sqs:ReceiveMessage",
+ "sqs:SendMessage",
+ "sqs:SendMessageBatch",
+ "sqs:DeleteMessage",
+ "sqs:DeleteMessageBatch",
+ "sqs:ChangeMessageVisibility",
+ "sqs:ChangeMessageVisibilityBatch",
]
+ Effect = "Allow"
+ Resource = [
+ "*",
]
},
+ {
+ Action = "eks:DescribeCluster"
+ Effect = "Allow"
+ Resource = "*"
},
]
+ Version = "2012-10-17"
}
)
+ policy_id = (known after apply)
+ tags_all = {
+ "Name" = "udacity"
+ "Terraform" = "true"
}
}
# module.project_eks.aws_iam_role.eks_cluster_role will be created
+ resource "aws_iam_role" "eks_cluster_role" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "eks.amazonaws.com"
}
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = "app-udacity-eks-cluster-role"
+ name_prefix = (known after apply)
+ path = "/"
+ tags_all = {
+ "Name" = "udacity"
+ "Terraform" = "true"
}
+ unique_id = (known after apply)
}
# module.project_eks.aws_iam_role.eks_node_cluster_role will be created
+ resource "aws_iam_role" "eks_node_cluster_role" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "ec2.amazonaws.com"
}
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = "app-udacity-eks-node-role"
+ name_prefix = (known after apply)
+ path = "/"
+ tags_all = {
+ "Name" = "udacity"
+ "Terraform" = "true"
}
+ unique_id = (known after apply)
}
# module.project_eks.aws_iam_role_policy_attachment.cluster_AmazonEKSCloudwatchPolicy will be created
+ resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSCloudwatchPolicy" {
+ id = (known after apply)
+ policy_arn = (known after apply)
+ role = "app-udacity-eks-node-role"
}
# module.project_eks.aws_iam_role_policy_attachment.cluster_AmazonEKSClusterPolicy will be created
+ resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSClusterPolicy" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"
+ role = "app-udacity-eks-cluster-role"
}
# module.project_eks.aws_iam_role_policy_attachment.cluster_AmazonEKSServicePolicy will be created
+ resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSServicePolicy" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/AmazonEKSServicePolicy"
+ role = "app-udacity-eks-cluster-role"
}
# module.project_eks.aws_iam_role_policy_attachment.node_AmazonEC2ContainerRegistryReadOnly will be created
+ resource "aws_iam_role_policy_attachment" "node_AmazonEC2ContainerRegistryReadOnly" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
+ role = "app-udacity-eks-node-role"
}
# module.project_eks.aws_iam_role_policy_attachment.node_AmazonEKSWorkerNodePolicy will be created
+ resource "aws_iam_role_policy_attachment" "node_AmazonEKSWorkerNodePolicy" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy"
+ role = "app-udacity-eks-node-role"
}
# module.project_eks.aws_iam_role_policy_attachment.node_AmazonEKS_CNI_Policy will be created
+ resource "aws_iam_role_policy_attachment" "node_AmazonEKS_CNI_Policy" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"
+ role = "app-udacity-eks-node-role"
}
# module.project_eks.aws_iam_role_policy_attachment.node_CloudWatchAgentServerPolicy will be created
+ resource "aws_iam_role_policy_attachment" "node_CloudWatchAgentServerPolicy" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy"
+ role = "app-udacity-eks-node-role"
}
# module.project_eks.aws_iam_role_policy_attachment.node_harmony_policy_attachment will be created
+ resource "aws_iam_role_policy_attachment" "node_harmony_policy_attachment" {
+ id = (known after apply)
+ policy_arn = (known after apply)
+ role = "app-udacity-eks-node-role"
}
# module.vpc.aws_eip.nat[0] will be created
+ resource "aws_eip" "nat" {
+ allocation_id = (known after apply)
+ arn = (known after apply)
+ association_id = (known after apply)
+ carrier_ip = (known after apply)
+ customer_owned_ip = (known after apply)
+ domain = (known after apply)
+ id = (known after apply)
+ instance = (known after apply)
+ network_border_group = (known after apply)
+ network_interface = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ ptr_record = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ public_ipv4_pool = (known after apply)
+ tags = {
+ "Name" = "udacity-project-us-east-2a"
}
+ tags_all = {
+ "Name" = "udacity-project-us-east-2a"
+ "Terraform" = "true"
}
+ vpc = true
}
# module.vpc.aws_internet_gateway.this[0] will be created
+ resource "aws_internet_gateway" "this" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "udacity-project"
}
+ tags_all = {
+ "Name" = "udacity-project"
+ "Terraform" = "true"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_nat_gateway.this[0] will be created
+ resource "aws_nat_gateway" "this" {
+ allocation_id = (known after apply)
+ association_id = (known after apply)
+ connectivity_type = "public"
+ id = (known after apply)
+ network_interface_id = (known after apply)
+ private_ip = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ip_address_count = (known after apply)
+ secondary_private_ip_addresses = (known after apply)
+ subnet_id = (known after apply)
+ tags = {
+ "Name" = "udacity-project-us-east-2a"
}
+ tags_all = {
+ "Name" = "udacity-project-us-east-2a"
+ "Terraform" = "true"
}
}
# module.vpc.aws_route.private_nat_gateway[0] will be created
+ resource "aws_route" "private_nat_gateway" {
+ destination_cidr_block = "0.0.0.0/0"
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ nat_gateway_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
+ timeouts {
+ create = "5m"
}
}
# module.vpc.aws_route.private_nat_gateway[1] will be created
+ resource "aws_route" "private_nat_gateway" {
+ destination_cidr_block = "0.0.0.0/0"
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ nat_gateway_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
+ timeouts {
+ create = "5m"
}
}
# module.vpc.aws_route.private_nat_gateway[2] will be created
+ resource "aws_route" "private_nat_gateway" {
+ destination_cidr_block = "0.0.0.0/0"
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ nat_gateway_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
+ timeouts {
+ create = "5m"
}
}
# module.vpc.aws_route.public_internet_gateway[0] will be created
+ resource "aws_route" "public_internet_gateway" {
+ destination_cidr_block = "0.0.0.0/0"
+ gateway_id = (known after apply)
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
+ timeouts {
+ create = "5m"
}
}
# module.vpc.aws_route.public_internet_gateway[1] will be created
+ resource "aws_route" "public_internet_gateway" {
+ destination_cidr_block = "0.0.0.0/0"
+ gateway_id = (known after apply)
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
+ timeouts {
+ create = "5m"
}
}
# module.vpc.aws_route.public_internet_gateway[2] will be created
+ resource "aws_route" "public_internet_gateway" {
+ destination_cidr_block = "0.0.0.0/0"
+ gateway_id = (known after apply)
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
+ timeouts {
+ create = "5m"
}
}
# module.vpc.aws_route_table.private[0] will be created
+ resource "aws_route_table" "private" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Name" = "udacity-project-private-us-east-2a"
}
+ tags_all = {
+ "Name" = "udacity-project-private-us-east-2a"
+ "Terraform" = "true"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_route_table.private[1] will be created
+ resource "aws_route_table" "private" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Name" = "udacity-project-private-us-east-2b"
}
+ tags_all = {
+ "Name" = "udacity-project-private-us-east-2b"
+ "Terraform" = "true"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_route_table.private[2] will be created
+ resource "aws_route_table" "private" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Name" = "udacity-project-private-us-east-2c"
}
+ tags_all = {
+ "Name" = "udacity-project-private-us-east-2c"
+ "Terraform" = "true"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_route_table.public[0] will be created
+ resource "aws_route_table" "public" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Name" = "udacity-project-public"
}
+ tags_all = {
+ "Name" = "udacity-project-public"
+ "Terraform" = "true"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_route_table_association.private[0] will be created
+ resource "aws_route_table_association" "private" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc.aws_route_table_association.private[1] will be created
+ resource "aws_route_table_association" "private" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc.aws_route_table_association.private[2] will be created
+ resource "aws_route_table_association" "private" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc.aws_route_table_association.public[0] will be created
+ resource "aws_route_table_association" "public" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc.aws_route_table_association.public[1] will be created
+ resource "aws_route_table_association" "public" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc.aws_route_table_association.public[2] will be created
+ resource "aws_route_table_association" "public" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc.aws_subnet.private[0] will be created
+ resource "aws_subnet" "private" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-2a"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.100.1.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Name" = "udacity-project-private-us-east-2a"
+ "kubernetes.io/role/internal-elb" = "1"
}
+ tags_all = {
+ "Name" = "udacity-project-private-us-east-2a"
+ "Terraform" = "true"
+ "kubernetes.io/role/internal-elb" = "1"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_subnet.private[1] will be created
+ resource "aws_subnet" "private" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-2b"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.100.2.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Name" = "udacity-project-private-us-east-2b"
+ "kubernetes.io/role/internal-elb" = "1"
}
+ tags_all = {
+ "Name" = "udacity-project-private-us-east-2b"
+ "Terraform" = "true"
+ "kubernetes.io/role/internal-elb" = "1"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_subnet.private[2] will be created
+ resource "aws_subnet" "private" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-2c"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.100.3.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Name" = "udacity-project-private-us-east-2c"
+ "kubernetes.io/role/internal-elb" = "1"
}
+ tags_all = {
+ "Name" = "udacity-project-private-us-east-2c"
+ "Terraform" = "true"
+ "kubernetes.io/role/internal-elb" = "1"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_subnet.public[0] will be created
+ resource "aws_subnet" "public" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-2a"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.100.10.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = true
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Name" = "udacity-project-public-us-east-2a"
+ "kubernetes.io/role/elb" = "1"
}
+ tags_all = {
+ "Name" = "udacity-project-public-us-east-2a"
+ "Terraform" = "true"
+ "kubernetes.io/role/elb" = "1"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_subnet.public[1] will be created
+ resource "aws_subnet" "public" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-2b"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.100.11.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = true
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Name" = "udacity-project-public-us-east-2b"
+ "kubernetes.io/role/elb" = "1"
}
+ tags_all = {
+ "Name" = "udacity-project-public-us-east-2b"
+ "Terraform" = "true"
+ "kubernetes.io/role/elb" = "1"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_subnet.public[2] will be created
+ resource "aws_subnet" "public" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-2c"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.100.12.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = true
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Name" = "udacity-project-public-us-east-2c"
+ "kubernetes.io/role/elb" = "1"
}
+ tags_all = {
+ "Name" = "udacity-project-public-us-east-2c"
+ "Terraform" = "true"
+ "kubernetes.io/role/elb" = "1"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_vpc.this will be created
+ resource "aws_vpc" "this" {
+ arn = (known after apply)
+ cidr_block = "10.100.0.0/16"
+ default_network_acl_id = (known after apply)
+ default_route_table_id = (known after apply)
+ default_security_group_id = (known after apply)
+ dhcp_options_id = (known after apply)
+ enable_dns_hostnames = true
+ enable_dns_support = true
+ enable_network_address_usage_metrics = (known after apply)
+ id = (known after apply)
+ instance_tenancy = "default"
+ ipv6_association_id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_network_border_group = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "udacity-project"
}
+ tags_all = {
+ "Name" = "udacity-project"
+ "Terraform" = "true"
}
}
Plan: 43 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ account_id = "661834931903"
+ caller_arn = "arn:aws:iam::661834931903:user/udacity"
+ caller_user = "AIDAZUGDPT27X6ZTKIEJE"
Warning: Argument is deprecated
with module.vpc.aws_eip.nat,
on modules/vpc/routes.tf line 54, in resource "aws_eip" "nat":
54: vpc = true
use domain attribute instead
(and one more similar warning elsewhere)
Invalid attribute in provider configuration
with provider["registry.terraform.io/hashicorp/kubernetes"],
on eks.tf line 1, in provider "kubernetes":
1: provider "kubernetes" {
'config_path' refers to an invalid path: "/home/runner/.kube/config": stat
/home/runner/.kube/config: no such file or directory
─────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
```
Pusher: @abcxyzbank, Action: pull_request, Working Directory: `, Workflow:Deploy to Amazon EKS`
Terraform Format and Style 🖌``
Terraform Initialization ⚙️``
Terraform Validation 🤖
successValidation Output
``` Warning: Argument is deprecated with module.vpc.aws_eip.nat, on modules/vpc/routes.tf line 54, in resource "aws_eip" "nat": 54: vpc = true use domain attribute instead Success! The configuration is valid, but there were some validation warnings as shown above. ```Terraform Plan 📖
successShow Plan
``` terraform module.project_eks.data.aws_iam_policy_document.eks_assume_role_policy: Reading... module.project_eks.data.aws_iam_policy_document.eks_node_assume_role_policy: Reading... data.aws_ami.amazon_linux_2: Reading... data.aws_caller_identity.current: Reading... module.project_eks.data.aws_iam_policy_document.eks_node_assume_role_policy: Read complete after 0s [id=2851119427] module.project_eks.data.aws_iam_policy_document.eks_assume_role_policy: Read complete after 0s [id=3552664922] data.aws_caller_identity.current: Read complete after 1s [id=661834931903] data.aws_ami.amazon_linux_2: Read complete after 1s [id=ami-0db513e73ed5a7faa] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create <= read (data resources) Terraform will perform the following actions: # data.aws_eks_cluster.cluster will be read during apply # (config refers to values not yet known) <= data "aws_eks_cluster" "cluster" { + access_config = (known after apply) + arn = (known after apply) + certificate_authority = (known after apply) + cluster_id = (known after apply) + created_at = (known after apply) + enabled_cluster_log_types = (known after apply) + endpoint = (known after apply) + id = (known after apply) + identity = (known after apply) + kubernetes_network_config = (known after apply) + name = (known after apply) + outpost_config = (known after apply) + platform_version = (known after apply) + role_arn = (known after apply) + status = (known after apply) + tags = (known after apply) + version = (known after apply) + vpc_config = (known after apply) } # data.aws_eks_cluster_auth.cluster will be read during apply # (config refers to values not yet known) <= data "aws_eks_cluster_auth" "cluster" { + id = (known after apply) + name = (known after apply) + token = (sensitive value) } # kubernetes_namespace.udacity will be created + resource "kubernetes_namespace" "udacity" { + id = (known after apply) + wait_for_default_service_account = false + metadata { + generation = (known after apply) + name = "udacity" + resource_version = (known after apply) + uid = (known after apply) } } # module.project_ec2.data.aws_security_group.default will be read during apply # (config refers to values not yet known) <= data "aws_security_group" "default" { + arn = (known after apply) + description = (known after apply) + id = (known after apply) + name = "default" + tags = (known after apply) + vpc_id = (known after apply) } # module.project_ec2.data.aws_subnets.public will be read during apply # (config refers to values not yet known) <= data "aws_subnets" "public" { + id = (known after apply) + ids = (known after apply) + tags = (known after apply) + filter { + name = "tag:Name" + values = [ + "*public*", ] } + filter { + name = "vpc-id" + values = [ + (known after apply), ] } } # module.project_ec2.aws_instance.web will be created + resource "aws_instance" "web" { + ami = "ami-0ef8c7099ef697f3e" + arn = (known after apply) + associate_public_ip_address = (known after apply) + availability_zone = (known after apply) + cpu_core_count = (known after apply) + cpu_threads_per_core = (known after apply) + disable_api_stop = (known after apply) + disable_api_termination = (known after apply) + ebs_optimized = (known after apply) + get_password_data = false + host_id = (known after apply) + host_resource_group_arn = (known after apply) + iam_instance_profile = (known after apply) + id = (known after apply) + instance_initiated_shutdown_behavior = (known after apply) + instance_lifecycle = (known after apply) + instance_state = (known after apply) + instance_type = "t3.micro" + ipv6_address_count = (known after apply) + ipv6_addresses = (known after apply) + key_name = "udacity" + monitoring = (known after apply) + outpost_arn = (known after apply) + password_data = (known after apply) + placement_group = (known after apply) + placement_partition_number = (known after apply) + primary_network_interface_id = (known after apply) + private_dns = (known after apply) + private_ip = (known after apply) + public_dns = (known after apply) + public_ip = (known after apply) + secondary_private_ips = (known after apply) + security_groups = (known after apply) + source_dest_check = true + spot_instance_request_id = (known after apply) + subnet_id = (known after apply) + tags = { + "Name" = "ubuntu" } + tags_all = { + "Name" = "ubuntu" + "Terraform" = "true" } + tenancy = (known after apply) + user_data = (known after apply) + user_data_base64 = (known after apply) + user_data_replace_on_change = false + vpc_security_group_ids = (known after apply) } # module.project_ec2.aws_security_group.ec2_sg will be created + resource "aws_security_group" "ec2_sg" { + arn = (known after apply) + description = "Managed by Terraform" + egress = [ + { + cidr_blocks = [ + "0.0.0.0/0", ] + from_port = 0 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "-1" + security_groups = [] + self = false + to_port = 0 # (1 unchanged attribute hidden) }, ] + id = (known after apply) + ingress = [ + { + cidr_blocks = [ + "0.0.0.0/0", ] + description = "monitoring" + from_port = 9100 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "tcp" + security_groups = [] + self = false + to_port = 9100 }, + { + cidr_blocks = [ + "0.0.0.0/0", ] + description = "ssh port" + from_port = 22 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "tcp" + security_groups = [] + self = false + to_port = 22 }, + { + cidr_blocks = [ + "0.0.0.0/0", ] + description = "web port" + from_port = 80 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "tcp" + security_groups = [] + self = false + to_port = 80 }, ] + name = "ec2_sg" + name_prefix = (known after apply) + owner_id = (known after apply) + revoke_rules_on_delete = false + tags = { + "Name" = "ec2_sg" } + tags_all = { + "Name" = "ec2_sg" + "Terraform" = "true" } + vpc_id = (known after apply) } # module.project_eks.aws_eks_cluster.cluster will be created + resource "aws_eks_cluster" "cluster" { + arn = (known after apply) + certificate_authority = (known after apply) + cluster_id = (known after apply) + created_at = (known after apply) + endpoint = (known after apply) + id = (known after apply) + identity = (known after apply) + name = "udacity-cluster" + platform_version = (known after apply) + role_arn = (known after apply) + status = (known after apply) + tags_all = { + "Name" = "udacity" + "Terraform" = "true" } + version = "1.21" + vpc_config { + cluster_security_group_id = (known after apply) + endpoint_private_access = false + endpoint_public_access = true + public_access_cidrs = (known after apply) + subnet_ids = (known after apply) + vpc_id = (known after apply) } } # module.project_eks.aws_eks_node_group.node will be created + resource "aws_eks_node_group" "node" { + ami_type = (known after apply) + arn = (known after apply) + capacity_type = (known after apply) + cluster_name = "udacity-cluster" + disk_size = (known after apply) + id = (known after apply) + instance_types = [ + "t3.medium", ] + node_group_name = "app-udacity-node-group" + node_group_name_prefix = (known after apply) + node_role_arn = (known after apply) + release_version = (known after apply) + resources = (known after apply) + status = (known after apply) + subnet_ids = (known after apply) + tags = { + "Name" = "eks-udacity-nodes" } + tags_all = { + "Name" = "eks-udacity-nodes" + "Terraform" = "true" } + version = (known after apply) + scaling_config { + desired_size = 1 + max_size = 1 + min_size = 1 } } # module.project_eks.aws_iam_policy.eks_cluster_role_cloudwatch_policy will be created + resource "aws_iam_policy" "eks_cluster_role_cloudwatch_policy" { + arn = (known after apply) + attachment_count = (known after apply) + description = "Policy allowing cloudwatch access to udacity resources." + id = (known after apply) + name = "app-udacity-eks-cluster-role-cloudwatch-policy" + name_prefix = (known after apply) + path = "/" + policy = jsonencode( { + Statement = [ + { + Action = [ + "cloudwatch:*", + "logs:DescribeLogGroups", + "logs:DescribeLogStreams", + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents", ] + Effect = "Allow" + Resource = "*" }, ] + Version = "2012-10-17" } ) + policy_id = (known after apply) + tags_all = { + "Name" = "udacity" + "Terraform" = "true" } } # module.project_eks.aws_iam_policy.eks_node_instance_policy will be created + resource "aws_iam_policy" "eks_node_instance_policy" { + arn = (known after apply) + attachment_count = (known after apply) + description = "Policy allowing access to udacity resources." + id = (known after apply) + name = "app-udacity-instance-policy" + name_prefix = (known after apply) + path = "/" + policy = jsonencode( { + Statement = [ + { + Action = "s3:*" + Effect = "Allow" + Resource = [ + "arn:aws:s3:::*", + "arn:aws:s3:::*/*", + "arn:aws:s3:*:*:job/*", ] }, + { + Action = [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents", ] + Effect = "Allow" + Resource = [ + "arn:aws:logs:*:*:log-group:*", + "arn:aws:logs:*:*:log-group:*:*:*", ] }, + { + Action = [ + "ecr:BatchCheckLayerAvailability", + "ecr:BatchGetImage", + "ecr:DescribeImages", + "ecr:DescribeRepositories", + "ecr:GetAuthorizationToken", + "ecr:GetDownloadUrlForLayer", + "ecr:GetRepositoryPolicy", + "ecr:ListImages", ] + Effect = "Allow" + Resource = "*" }, + { + Action = [ + "sqs:ReceiveMessage", + "sqs:SendMessage", + "sqs:SendMessageBatch", + "sqs:DeleteMessage", + "sqs:DeleteMessageBatch", + "sqs:ChangeMessageVisibility", + "sqs:ChangeMessageVisibilityBatch", ] + Effect = "Allow" + Resource = [ + "*", ] }, + { + Action = "eks:DescribeCluster" + Effect = "Allow" + Resource = "*" }, ] + Version = "2012-10-17" } ) + policy_id = (known after apply) + tags_all = { + "Name" = "udacity" + "Terraform" = "true" } } # module.project_eks.aws_iam_role.eks_cluster_role will be created + resource "aws_iam_role" "eks_cluster_role" { + arn = (known after apply) + assume_role_policy = jsonencode( { + Statement = [ + { + Action = "sts:AssumeRole" + Effect = "Allow" + Principal = { + Service = "eks.amazonaws.com" } }, ] + Version = "2012-10-17" } ) + create_date = (known after apply) + force_detach_policies = false + id = (known after apply) + managed_policy_arns = (known after apply) + max_session_duration = 3600 + name = "app-udacity-eks-cluster-role" + name_prefix = (known after apply) + path = "/" + tags_all = { + "Name" = "udacity" + "Terraform" = "true" } + unique_id = (known after apply) } # module.project_eks.aws_iam_role.eks_node_cluster_role will be created + resource "aws_iam_role" "eks_node_cluster_role" { + arn = (known after apply) + assume_role_policy = jsonencode( { + Statement = [ + { + Action = "sts:AssumeRole" + Effect = "Allow" + Principal = { + Service = "ec2.amazonaws.com" } }, ] + Version = "2012-10-17" } ) + create_date = (known after apply) + force_detach_policies = false + id = (known after apply) + managed_policy_arns = (known after apply) + max_session_duration = 3600 + name = "app-udacity-eks-node-role" + name_prefix = (known after apply) + path = "/" + tags_all = { + "Name" = "udacity" + "Terraform" = "true" } + unique_id = (known after apply) } # module.project_eks.aws_iam_role_policy_attachment.cluster_AmazonEKSCloudwatchPolicy will be created + resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSCloudwatchPolicy" { + id = (known after apply) + policy_arn = (known after apply) + role = "app-udacity-eks-node-role" } # module.project_eks.aws_iam_role_policy_attachment.cluster_AmazonEKSClusterPolicy will be created + resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSClusterPolicy" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy" + role = "app-udacity-eks-cluster-role" } # module.project_eks.aws_iam_role_policy_attachment.cluster_AmazonEKSServicePolicy will be created + resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSServicePolicy" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSServicePolicy" + role = "app-udacity-eks-cluster-role" } # module.project_eks.aws_iam_role_policy_attachment.node_AmazonEC2ContainerRegistryReadOnly will be created + resource "aws_iam_role_policy_attachment" "node_AmazonEC2ContainerRegistryReadOnly" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly" + role = "app-udacity-eks-node-role" } # module.project_eks.aws_iam_role_policy_attachment.node_AmazonEKSWorkerNodePolicy will be created + resource "aws_iam_role_policy_attachment" "node_AmazonEKSWorkerNodePolicy" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy" + role = "app-udacity-eks-node-role" } # module.project_eks.aws_iam_role_policy_attachment.node_AmazonEKS_CNI_Policy will be created + resource "aws_iam_role_policy_attachment" "node_AmazonEKS_CNI_Policy" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy" + role = "app-udacity-eks-node-role" } # module.project_eks.aws_iam_role_policy_attachment.node_CloudWatchAgentServerPolicy will be created + resource "aws_iam_role_policy_attachment" "node_CloudWatchAgentServerPolicy" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy" + role = "app-udacity-eks-node-role" } # module.project_eks.aws_iam_role_policy_attachment.node_harmony_policy_attachment will be created + resource "aws_iam_role_policy_attachment" "node_harmony_policy_attachment" { + id = (known after apply) + policy_arn = (known after apply) + role = "app-udacity-eks-node-role" } # module.vpc.aws_eip.nat[0] will be created + resource "aws_eip" "nat" { + allocation_id = (known after apply) + arn = (known after apply) + association_id = (known after apply) + carrier_ip = (known after apply) + customer_owned_ip = (known after apply) + domain = (known after apply) + id = (known after apply) + instance = (known after apply) + network_border_group = (known after apply) + network_interface = (known after apply) + private_dns = (known after apply) + private_ip = (known after apply) + ptr_record = (known after apply) + public_dns = (known after apply) + public_ip = (known after apply) + public_ipv4_pool = (known after apply) + tags = { + "Name" = "udacity-project-us-east-2a" } + tags_all = { + "Name" = "udacity-project-us-east-2a" + "Terraform" = "true" } + vpc = true } # module.vpc.aws_internet_gateway.this[0] will be created + resource "aws_internet_gateway" "this" { + arn = (known after apply) + id = (known after apply) + owner_id = (known after apply) + tags = { + "Name" = "udacity-project" } + tags_all = { + "Name" = "udacity-project" + "Terraform" = "true" } + vpc_id = (known after apply) } # module.vpc.aws_nat_gateway.this[0] will be created + resource "aws_nat_gateway" "this" { + allocation_id = (known after apply) + association_id = (known after apply) + connectivity_type = "public" + id = (known after apply) + network_interface_id = (known after apply) + private_ip = (known after apply) + public_ip = (known after apply) + secondary_private_ip_address_count = (known after apply) + secondary_private_ip_addresses = (known after apply) + subnet_id = (known after apply) + tags = { + "Name" = "udacity-project-us-east-2a" } + tags_all = { + "Name" = "udacity-project-us-east-2a" + "Terraform" = "true" } } # module.vpc.aws_route.private_nat_gateway[0] will be created + resource "aws_route" "private_nat_gateway" { + destination_cidr_block = "0.0.0.0/0" + id = (known after apply) + instance_id = (known after apply) + instance_owner_id = (known after apply) + nat_gateway_id = (known after apply) + network_interface_id = (known after apply) + origin = (known after apply) + route_table_id = (known after apply) + state = (known after apply) + timeouts { + create = "5m" } } # module.vpc.aws_route.private_nat_gateway[1] will be created + resource "aws_route" "private_nat_gateway" { + destination_cidr_block = "0.0.0.0/0" + id = (known after apply) + instance_id = (known after apply) + instance_owner_id = (known after apply) + nat_gateway_id = (known after apply) + network_interface_id = (known after apply) + origin = (known after apply) + route_table_id = (known after apply) + state = (known after apply) + timeouts { + create = "5m" } } # module.vpc.aws_route.private_nat_gateway[2] will be created + resource "aws_route" "private_nat_gateway" { + destination_cidr_block = "0.0.0.0/0" + id = (known after apply) + instance_id = (known after apply) + instance_owner_id = (known after apply) + nat_gateway_id = (known after apply) + network_interface_id = (known after apply) + origin = (known after apply) + route_table_id = (known after apply) + state = (known after apply) + timeouts { + create = "5m" } } # module.vpc.aws_route.public_internet_gateway[0] will be created + resource "aws_route" "public_internet_gateway" { + destination_cidr_block = "0.0.0.0/0" + gateway_id = (known after apply) + id = (known after apply) + instance_id = (known after apply) + instance_owner_id = (known after apply) + network_interface_id = (known after apply) + origin = (known after apply) + route_table_id = (known after apply) + state = (known after apply) + timeouts { + create = "5m" } } # module.vpc.aws_route.public_internet_gateway[1] will be created + resource "aws_route" "public_internet_gateway" { + destination_cidr_block = "0.0.0.0/0" + gateway_id = (known after apply) + id = (known after apply) + instance_id = (known after apply) + instance_owner_id = (known after apply) + network_interface_id = (known after apply) + origin = (known after apply) + route_table_id = (known after apply) + state = (known after apply) + timeouts { + create = "5m" } } # module.vpc.aws_route.public_internet_gateway[2] will be created + resource "aws_route" "public_internet_gateway" { + destination_cidr_block = "0.0.0.0/0" + gateway_id = (known after apply) + id = (known after apply) + instance_id = (known after apply) + instance_owner_id = (known after apply) + network_interface_id = (known after apply) + origin = (known after apply) + route_table_id = (known after apply) + state = (known after apply) + timeouts { + create = "5m" } } # module.vpc.aws_route_table.private[0] will be created + resource "aws_route_table" "private" { + arn = (known after apply) + id = (known after apply) + owner_id = (known after apply) + propagating_vgws = (known after apply) + route = (known after apply) + tags = { + "Name" = "udacity-project-private-us-east-2a" } + tags_all = { + "Name" = "udacity-project-private-us-east-2a" + "Terraform" = "true" } + vpc_id = (known after apply) } # module.vpc.aws_route_table.private[1] will be created + resource "aws_route_table" "private" { + arn = (known after apply) + id = (known after apply) + owner_id = (known after apply) + propagating_vgws = (known after apply) + route = (known after apply) + tags = { + "Name" = "udacity-project-private-us-east-2b" } + tags_all = { + "Name" = "udacity-project-private-us-east-2b" + "Terraform" = "true" } + vpc_id = (known after apply) } # module.vpc.aws_route_table.private[2] will be created + resource "aws_route_table" "private" { + arn = (known after apply) + id = (known after apply) + owner_id = (known after apply) + propagating_vgws = (known after apply) + route = (known after apply) + tags = { + "Name" = "udacity-project-private-us-east-2c" } + tags_all = { + "Name" = "udacity-project-private-us-east-2c" + "Terraform" = "true" } + vpc_id = (known after apply) } # module.vpc.aws_route_table.public[0] will be created + resource "aws_route_table" "public" { + arn = (known after apply) + id = (known after apply) + owner_id = (known after apply) + propagating_vgws = (known after apply) + route = (known after apply) + tags = { + "Name" = "udacity-project-public" } + tags_all = { + "Name" = "udacity-project-public" + "Terraform" = "true" } + vpc_id = (known after apply) } # module.vpc.aws_route_table_association.private[0] will be created + resource "aws_route_table_association" "private" { + id = (known after apply) + route_table_id = (known after apply) + subnet_id = (known after apply) } # module.vpc.aws_route_table_association.private[1] will be created + resource "aws_route_table_association" "private" { + id = (known after apply) + route_table_id = (known after apply) + subnet_id = (known after apply) } # module.vpc.aws_route_table_association.private[2] will be created + resource "aws_route_table_association" "private" { + id = (known after apply) + route_table_id = (known after apply) + subnet_id = (known after apply) } # module.vpc.aws_route_table_association.public[0] will be created + resource "aws_route_table_association" "public" { + id = (known after apply) + route_table_id = (known after apply) + subnet_id = (known after apply) } # module.vpc.aws_route_table_association.public[1] will be created + resource "aws_route_table_association" "public" { + id = (known after apply) + route_table_id = (known after apply) + subnet_id = (known after apply) } # module.vpc.aws_route_table_association.public[2] will be created + resource "aws_route_table_association" "public" { + id = (known after apply) + route_table_id = (known after apply) + subnet_id = (known after apply) } # module.vpc.aws_subnet.private[0] will be created + resource "aws_subnet" "private" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-2a" + availability_zone_id = (known after apply) + cidr_block = "10.100.1.0/24" + enable_dns64 = false + enable_resource_name_dns_a_record_on_launch = false + enable_resource_name_dns_aaaa_record_on_launch = false + id = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + ipv6_native = false + map_public_ip_on_launch = false + owner_id = (known after apply) + private_dns_hostname_type_on_launch = (known after apply) + tags = { + "Name" = "udacity-project-private-us-east-2a" + "kubernetes.io/role/internal-elb" = "1" } + tags_all = { + "Name" = "udacity-project-private-us-east-2a" + "Terraform" = "true" + "kubernetes.io/role/internal-elb" = "1" } + vpc_id = (known after apply) } # module.vpc.aws_subnet.private[1] will be created + resource "aws_subnet" "private" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-2b" + availability_zone_id = (known after apply) + cidr_block = "10.100.2.0/24" + enable_dns64 = false + enable_resource_name_dns_a_record_on_launch = false + enable_resource_name_dns_aaaa_record_on_launch = false + id = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + ipv6_native = false + map_public_ip_on_launch = false + owner_id = (known after apply) + private_dns_hostname_type_on_launch = (known after apply) + tags = { + "Name" = "udacity-project-private-us-east-2b" + "kubernetes.io/role/internal-elb" = "1" } + tags_all = { + "Name" = "udacity-project-private-us-east-2b" + "Terraform" = "true" + "kubernetes.io/role/internal-elb" = "1" } + vpc_id = (known after apply) } # module.vpc.aws_subnet.private[2] will be created + resource "aws_subnet" "private" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-2c" + availability_zone_id = (known after apply) + cidr_block = "10.100.3.0/24" + enable_dns64 = false + enable_resource_name_dns_a_record_on_launch = false + enable_resource_name_dns_aaaa_record_on_launch = false + id = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + ipv6_native = false + map_public_ip_on_launch = false + owner_id = (known after apply) + private_dns_hostname_type_on_launch = (known after apply) + tags = { + "Name" = "udacity-project-private-us-east-2c" + "kubernetes.io/role/internal-elb" = "1" } + tags_all = { + "Name" = "udacity-project-private-us-east-2c" + "Terraform" = "true" + "kubernetes.io/role/internal-elb" = "1" } + vpc_id = (known after apply) } # module.vpc.aws_subnet.public[0] will be created + resource "aws_subnet" "public" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-2a" + availability_zone_id = (known after apply) + cidr_block = "10.100.10.0/24" + enable_dns64 = false + enable_resource_name_dns_a_record_on_launch = false + enable_resource_name_dns_aaaa_record_on_launch = false + id = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + ipv6_native = false + map_public_ip_on_launch = true + owner_id = (known after apply) + private_dns_hostname_type_on_launch = (known after apply) + tags = { + "Name" = "udacity-project-public-us-east-2a" + "kubernetes.io/role/elb" = "1" } + tags_all = { + "Name" = "udacity-project-public-us-east-2a" + "Terraform" = "true" + "kubernetes.io/role/elb" = "1" } + vpc_id = (known after apply) } # module.vpc.aws_subnet.public[1] will be created + resource "aws_subnet" "public" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-2b" + availability_zone_id = (known after apply) + cidr_block = "10.100.11.0/24" + enable_dns64 = false + enable_resource_name_dns_a_record_on_launch = false + enable_resource_name_dns_aaaa_record_on_launch = false + id = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + ipv6_native = false + map_public_ip_on_launch = true + owner_id = (known after apply) + private_dns_hostname_type_on_launch = (known after apply) + tags = { + "Name" = "udacity-project-public-us-east-2b" + "kubernetes.io/role/elb" = "1" } + tags_all = { + "Name" = "udacity-project-public-us-east-2b" + "Terraform" = "true" + "kubernetes.io/role/elb" = "1" } + vpc_id = (known after apply) } # module.vpc.aws_subnet.public[2] will be created + resource "aws_subnet" "public" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-2c" + availability_zone_id = (known after apply) + cidr_block = "10.100.12.0/24" + enable_dns64 = false + enable_resource_name_dns_a_record_on_launch = false + enable_resource_name_dns_aaaa_record_on_launch = false + id = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + ipv6_native = false + map_public_ip_on_launch = true + owner_id = (known after apply) + private_dns_hostname_type_on_launch = (known after apply) + tags = { + "Name" = "udacity-project-public-us-east-2c" + "kubernetes.io/role/elb" = "1" } + tags_all = { + "Name" = "udacity-project-public-us-east-2c" + "Terraform" = "true" + "kubernetes.io/role/elb" = "1" } + vpc_id = (known after apply) } # module.vpc.aws_vpc.this will be created + resource "aws_vpc" "this" { + arn = (known after apply) + cidr_block = "10.100.0.0/16" + default_network_acl_id = (known after apply) + default_route_table_id = (known after apply) + default_security_group_id = (known after apply) + dhcp_options_id = (known after apply) + enable_dns_hostnames = true + enable_dns_support = true + enable_network_address_usage_metrics = (known after apply) + id = (known after apply) + instance_tenancy = "default" + ipv6_association_id = (known after apply) + ipv6_cidr_block = (known after apply) + ipv6_cidr_block_network_border_group = (known after apply) + main_route_table_id = (known after apply) + owner_id = (known after apply) + tags = { + "Name" = "udacity-project" } + tags_all = { + "Name" = "udacity-project" + "Terraform" = "true" } } Plan: 43 to add, 0 to change, 0 to destroy. Changes to Outputs: + account_id = "661834931903" + caller_arn = "arn:aws:iam::661834931903:user/udacity" + caller_user = "AIDAZUGDPT27X6ZTKIEJE" Warning: Argument is deprecated with module.vpc.aws_eip.nat, on modules/vpc/routes.tf line 54, in resource "aws_eip" "nat": 54: vpc = true use domain attribute instead (and one more similar warning elsewhere) Invalid attribute in provider configuration with provider["registry.terraform.io/hashicorp/kubernetes"], on eks.tf line 1, in provider "kubernetes": 1: provider "kubernetes" { 'config_path' refers to an invalid path: "/home/runner/.kube/config": stat /home/runner/.kube/config: no such file or directory ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```Pusher: @abcxyzbank, Action:
pull_request, Working Directory:`, Workflow:Deploy to Amazon EKS`