terraform-aws-modules / terraform-aws-eks

Terraform module to create Amazon Elastic Kubernetes (EKS) resources 🇺🇦
https://registry.terraform.io/modules/terraform-aws-modules/eks/aws
Apache License 2.0
4.46k stars 4.07k forks source link

Remove dependency on the terraform-aws-kms module #3191

Closed jebbens closed 1 week ago

jebbens commented 1 week ago

Is your request related to a new offering from AWS?

Is this functionality available in the AWS provider for Terraform? See CHANGELOG.md, too.

Is your request related to a problem? Please describe.

The dependency on the terraform-aws-kms module makes it impossible to use this module when deploying in isolated environments without forking the repository and making changes.

Describe the solution you'd like.

Remove the terraform-aws-kms module from main.tf and rely exclusively on input variables for configuring any encryption options. The examples can show how to use the kms module to generate the keys for use with the eks modules.

Describe alternatives you've considered.

Forking the repo, deleting all KMS related code form main.tf, and using it as the source.

Additional context

bryantbiggs commented 1 week ago

unfortunately, we do not have plans to do that. if anything, we have plans to add in additional modules to offload shared functionality (such as the ASG module) and reduce maintenance duplication

jebbens commented 1 week ago

Hmm, that seems to trade-off ease of maintaining this repo vs actually using the repo. That said, in my alternatives, I should have also included forking the repo, modifying the source of the kms module, and then continuing to merge in changes to that fork over time. Not ideal, but do-able.