This Terraform Module installs and configures
fluentd-cloudwatch on an EKS cluster, so that
each node runs fluentd to collect the logs and ship to CloudWatch.
This module uses the community helm chart, with a set of best practices inputs.
How does this work?
This module solves the problem of unifying the log streams in your Kubernetes cluster to be shipped to CloudWatch so
that you have a single interface to search and monitor your logs. To achieve this, the module installs a service
(fluentd) that monitors the log files on the filesystem, parses custom log formats into a unified format, and ships
the result to a centralized log aggregation service (CloudWatch).
fluentd is installed as a Kubernetes
DaemonSet, which ensures that there is one
fluentdPod running per node. In this way, we are able to ensure that all workers in the cluster are running the
fluentd service for shipping the logs into CloudWatch.
This module uses helm v3 to deploy fluentd to the Kubernetes cluster.
Cloudwatch Log Group
This module assumes the log group you would like to use already exists. You can use the
cloudwatch_log_group resource to create a
new log group in Terraform. For example:
This will create a new log group and assign a random unique name that you can then access using
aws_cloudwatch_log_group.eks_cluster.name.
IAM permissions
The container deployed in this module requires IAM permissions to access log streams in CloudWatch so that it can write
logs to it. Below is a sample IAM policy statement that grants the minimal set of permissions:
AWS CloudWatch Container
Insights is a set of
Kubernetes applications that run on your EKS cluster to collect metrics and log entries to ship to CloudWatch. This is
handled by deploying the CloudWatch Agent and FluentD as DaemonSets that run on each node to watch the metrics and log
entries.
This module also uses FluentD as a DaemonSet under the hood. However, there are a few differences in the setup:
This module is only scoped to collect the container logs. CloudWatch Container Insights on the other hand will observe
all logs on the server.
This module does not set up the CloudWatch Agent for collecting cluster metrics, and is only concerned with log
entries. CloudWatch Container Insights also includes observing cluster and pod metrics.
Questions? Ask away.
We're here to talk about our services, answer any questions, give advice, or just to chat.
{"treedata":{"name":"root","toggled":true,"children":[{"name":".circleci","children":[{"name":"config.yml","path":".circleci/config.yml","sha":"cd0f759ae90af4380a46377f990df626a9b4384f"}]},{"name":".gitignore","path":".gitignore","sha":"7f6cf4bc746bbfd6da4c7a21dbcf1a2296aa0c10"},{"name":".pre-commit-config.yaml","path":".pre-commit-config.yaml","sha":"b008949ef10a7bad93ab93e8821da77577a30c5c"},{"name":"CODEOWNERS","path":"CODEOWNERS","sha":"ecbeaab263c59e955b621268f161059633041e3d"},{"name":"CONTRIBUTING.md","path":"CONTRIBUTING.md","sha":"a7cc7bd94443c252390564fa988755dbbe80d87d"},{"name":"GRUNTWORK_PHILOSOPHY.md","path":"GRUNTWORK_PHILOSOPHY.md","sha":"02d9873a74c99fe6d9b6b26bd9f8eb4a7a699c32"},{"name":"LICENSE.md","path":"LICENSE.md","sha":"a2cf01ecdd725fddd718ab91c80c115882c94f3c"},{"name":"README.adoc","path":"README.adoc","sha":"d910b297cb8da321866768941c9e1bb5f38b12d5"},{"name":"_docs","children":[{"name":"eks-architecture.png","path":"_docs/eks-architecture.png","sha":"b4c9c46f88ed465c5575e915af54ad9920b56941"},{"name":"eks-icon.png","path":"_docs/eks-icon.png","sha":"83a29dc46e7bc6234ba5bb825e8ae283c56229a0"}]},{"name":"core-concepts.md","path":"core-concepts.md","sha":"3c504a547fc55ecff5536141534a32ed8a4a4ae7"},{"name":"examples","children":[{"name":"README.md","path":"examples/README.md","sha":"a70f3adc0c888e07b0b03cb32fbd156547c354da"},{"name":"eks-cluster-managed-workers","children":[{"name":"README.md","path":"examples/eks-cluster-managed-workers/README.md","sha":"21acaeb73c1d8a1819480bc7a8d1c35b8fa69081"},{"name":"dependencies.tf","path":"examples/eks-cluster-managed-workers/dependencies.tf","sha":"c51d22849120296cb44e2637625fbe0ef4405a53"},{"name":"main.tf","path":"examples/eks-cluster-managed-workers/main.tf","sha":"d2646b8c0d8e202d4b6ff2d394f0d6f59ab6a18f"},{"name":"outputs.tf","path":"examples/eks-cluster-managed-workers/outputs.tf","sha":"431bebd71e3f9d5c299c1740ba16b2eef717cbf0"},{"name":"variables.tf","path":"examples/eks-cluster-managed-workers/variables.tf","sha":"a574f2c8b45970431a4d8c0fb4eb372ee1676ea6"}]},{"name":"eks-cluster-with-iam-role-mappings","children":[{"name":"README.md","path":"examples/eks-cluster-with-iam-role-mappings/README.md","sha":"6479e81678f2e08df477d467f2124f5dc53e9e53"},{"name":"dependencies.tf","path":"examples/eks-cluster-with-iam-role-mappings/dependencies.tf","sha":"9652dab961175e0f2273b109b5f1724a38e3970f"},{"name":"main.tf","path":"examples/eks-cluster-with-iam-role-mappings/main.tf","sha":"85472aed315ae52f6793d3d911fc04e3c74f8d4f"},{"name":"outputs.tf","path":"examples/eks-cluster-with-iam-role-mappings/outputs.tf","sha":"3876c30890ffef1726d533a869c23e66fa244e6c"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/eks-cluster-with-iam-role-mappings/user-data/user-data.sh","sha":"b10c34bfe4c9d10101472b47edbc3b7dff42a88e"}]},{"name":"variables.tf","path":"examples/eks-cluster-with-iam-role-mappings/variables.tf","sha":"d312645223f2c0f65c38416b50145cc58762052b"}]},{"name":"eks-cluster-with-supporting-services","children":[{"name":"README.md","path":"examples/eks-cluster-with-supporting-services/README.md","sha":"381a926738c4630930441ad070c95d3e52a25754"},{"name":"core-services","children":[{"name":"README.md","path":"examples/eks-cluster-with-supporting-services/core-services/README.md","sha":"c1eb41e7cc60a67d29ef846daf3b2e974ca59e6e"},{"name":"dependencies.tf","path":"examples/eks-cluster-with-supporting-services/core-services/dependencies.tf","sha":"0176248910eed450c12b54d10e3d74c8702c17ca"},{"name":"main.tf","path":"examples/eks-cluster-with-supporting-services/core-services/main.tf","sha":"b4739bf4fffbdbcd4584c173df875e38b75f7152"},{"name":"outputs.tf","path":"examples/eks-cluster-with-supporting-services/core-services/outputs.tf","sha":"e69de29bb2d1d6434b8b29ae775ad8c2e48c5391"},{"name":"variables.tf","path":"examples/eks-cluster-with-supporting-services/core-services/variables.tf","sha":"1b244b6aa868a7e2265b55db57f1a4574891b934"}]},{"name":"eks-cluster","children":[{"name":"README.md","path":"examples/eks-cluster-with-supporting-services/eks-cluster/README.md","sha":"8a60a01004a93bbbf2091b730f0207f6dd2cc07e"},{"name":"dependencies.tf","path":"examples/eks-cluster-with-supporting-services/eks-cluster/dependencies.tf","sha":"58c85fb4cb629a91afe41602e56072c19905e79b"},{"name":"main.tf","path":"examples/eks-cluster-with-supporting-services/eks-cluster/main.tf","sha":"ed7f46af2ac6c55f16956f2612ae46edc2941d84"},{"name":"outputs.tf","path":"examples/eks-cluster-with-supporting-services/eks-cluster/outputs.tf","sha":"be23a13dd6f4063be394b8ca7358b631d50fab8a"},{"name":"user-data","children":[{"name":"app_worker_user_data.sh","path":"examples/eks-cluster-with-supporting-services/eks-cluster/user-data/app_worker_user_data.sh","sha":"c5fdd13d5bb04f765f1c90e9f12d23c48e94a252"},{"name":"core_worker_user_data.sh","path":"examples/eks-cluster-with-supporting-services/eks-cluster/user-data/core_worker_user_data.sh","sha":"0fa26153108b3d030ceeaae777aeb0a7e115404e"}]},{"name":"variables.tf","path":"examples/eks-cluster-with-supporting-services/eks-cluster/variables.tf","sha":"21c6ee87a2d2c628af70513000a8b071b1938578"}]},{"name":"nginx-service","children":[{"name":"README.md","path":"examples/eks-cluster-with-supporting-services/nginx-service/README.md","sha":"0f6649ddb0cbb5aa80a5bc1f3318ea1fd5d0dc35"},{"name":"dependencies.tf","path":"examples/eks-cluster-with-supporting-services/nginx-service/dependencies.tf","sha":"0176248910eed450c12b54d10e3d74c8702c17ca"},{"name":"main.tf","path":"examples/eks-cluster-with-supporting-services/nginx-service/main.tf","sha":"db605685e89d5d8ea0b04ae09d52b4acd815270c"},{"name":"templates","children":[{"name":"values.yaml","path":"examples/eks-cluster-with-supporting-services/nginx-service/templates/values.yaml","sha":"298435e01df9fa495b15d512073c62662d292cd3"}]},{"name":"variables.tf","path":"examples/eks-cluster-with-supporting-services/nginx-service/variables.tf","sha":"36ea6f8a36b19e34dbeeb25ae7e5fcf30c956b0f"}]},{"name":"packer","children":[{"name":"README.md","path":"examples/eks-cluster-with-supporting-services/packer/README.md","sha":"6a974a7fd5da7ac13309d9e0c4aaba7bd8cb46c7"},{"name":"build.json","path":"examples/eks-cluster-with-supporting-services/packer/build.json","sha":"25a003de2b3e9ad27915fb5227ffb7bd86d32a23"}]}]},{"name":"eks-fargate-cluster-with-irsa","children":[{"name":"README.md","path":"examples/eks-fargate-cluster-with-irsa/README.md","sha":"7dfcee13140ca3df3baf9f61e666a45dde71a98a"},{"name":"dependencies.tf","path":"examples/eks-fargate-cluster-with-irsa/dependencies.tf","sha":"88e84376868ae8dfc7b90483aa0fffe1c9d1a9ae"},{"name":"main.tf","path":"examples/eks-fargate-cluster-with-irsa/main.tf","sha":"69b807d8db501b38b30987a37743b860a5b3f844"},{"name":"outputs.tf","path":"examples/eks-fargate-cluster-with-irsa/outputs.tf","sha":"f059d7b74ffbfb06a0868d6d0a5d1831c8f45f10"},{"name":"variables.tf","path":"examples/eks-fargate-cluster-with-irsa/variables.tf","sha":"60a02795c83eddf91a610e4baf4a5ce001bc1eec"}]},{"name":"eks-fargate-cluster-with-supporting-services","children":[{"name":"README.md","path":"examples/eks-fargate-cluster-with-supporting-services/README.md","sha":"1612cec3482105c720bcb66db051ce17a69da57c"},{"name":"core-services","children":[{"name":"README.md","path":"examples/eks-fargate-cluster-with-supporting-services/core-services/README.md","sha":"cde0ae405e4d73e9e39c67045fb82de8187a673d"},{"name":"dependencies.tf","path":"examples/eks-fargate-cluster-with-supporting-services/core-services/dependencies.tf","sha":"0176248910eed450c12b54d10e3d74c8702c17ca"},{"name":"main.tf","path":"examples/eks-fargate-cluster-with-supporting-services/core-services/main.tf","sha":"b0903866b183a7447ee42c4474c11bbeacaf1320"},{"name":"variables.tf","path":"examples/eks-fargate-cluster-with-supporting-services/core-services/variables.tf","sha":"c63e2fdb8d5aa91830db61224ce75ee814d6fa56"}]},{"name":"eks-cluster","children":[{"name":"dependencies.tf","path":"examples/eks-fargate-cluster-with-supporting-services/eks-cluster/dependencies.tf","sha":"c7d533db5e590f72eddbe987d0b5353c11b570e1"},{"name":"main.tf","path":"examples/eks-fargate-cluster-with-supporting-services/eks-cluster/main.tf","sha":"a9475e79018631451acb838c3a9382df55d04d5e"},{"name":"outputs.tf","path":"examples/eks-fargate-cluster-with-supporting-services/eks-cluster/outputs.tf","sha":"edddf9a6ab6f5927db366689db79e1b91db9d8c8"},{"name":"variables.tf","path":"examples/eks-fargate-cluster-with-supporting-services/eks-cluster/variables.tf","sha":"72736ac2a85df7150da342545c059b1e9f6e4542"}]},{"name":"nginx-service","children":[{"name":"dependencies.tf","path":"examples/eks-fargate-cluster-with-supporting-services/nginx-service/dependencies.tf","sha":"0176248910eed450c12b54d10e3d74c8702c17ca"},{"name":"main.tf","path":"examples/eks-fargate-cluster-with-supporting-services/nginx-service/main.tf","sha":"1ae7751069711726f7c38fafe60d63d0c5f59494"},{"name":"templates","children":[{"name":"values.yaml","path":"examples/eks-fargate-cluster-with-supporting-services/nginx-service/templates/values.yaml","sha":"655914f91177135cb7c5f15b62166cfc82a62a91"}]},{"name":"variables.tf","path":"examples/eks-fargate-cluster-with-supporting-services/nginx-service/variables.tf","sha":"d3c166441cdc556b0839930fbc281b7e8a1bd57f"}]}]},{"name":"eks-fargate-cluster","children":[{"name":"README.md","path":"examples/eks-fargate-cluster/README.md","sha":"df681cdbe945d0592ca57bd3a8eb9ae5d88c2f4a"},{"name":"dependencies.tf","path":"examples/eks-fargate-cluster/dependencies.tf","sha":"88e84376868ae8dfc7b90483aa0fffe1c9d1a9ae"},{"name":"main.tf","path":"examples/eks-fargate-cluster/main.tf","sha":"eafb099d793a3c73ff60f416df4830a053a1746d"},{"name":"outputs.tf","path":"examples/eks-fargate-cluster/outputs.tf","sha":"9fb0eacd494d51072898a36f4d110a6c6ad77f6b"},{"name":"terraform.tfvars.back","path":"examples/eks-fargate-cluster/terraform.tfvars.back","sha":"6cb73f75cc7828c6b3efdc2a9b1787f75ed276d1"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/eks-fargate-cluster/user-data/user-data.sh","sha":"b10c34bfe4c9d10101472b47edbc3b7dff42a88e"}]},{"name":"variables.tf","path":"examples/eks-fargate-cluster/variables.tf","sha":"cd56d66d0980f4d88b0347ff59a96402962d6aa1"}]}]},{"name":"modules","children":[{"name":"eks-alb-ingress-controller-iam-policy","children":[{"name":"README.md","path":"modules/eks-alb-ingress-controller-iam-policy/README.md","sha":"c87be2ee00f8f59403f827303915b5a70c602002"},{"name":"iampolicy.json","path":"modules/eks-alb-ingress-controller-iam-policy/iampolicy.json","sha":"5cba0c1500ee2520d72e8d47b86e318958e4dbc7"},{"name":"main.tf","path":"modules/eks-alb-ingress-controller-iam-policy/main.tf","sha":"a79f5a2e6a0ba72562c5a87182db516d8824ed21"},{"name":"outputs.tf","path":"modules/eks-alb-ingress-controller-iam-policy/outputs.tf","sha":"b551b0bcc6eb1b43bfff1606696566658564cfb4"},{"name":"variables.tf","path":"modules/eks-alb-ingress-controller-iam-policy/variables.tf","sha":"250152e6bfeb02a16bed4151ffc7156636db1bd9"}]},{"name":"eks-alb-ingress-controller","children":[{"name":"README.md","path":"modules/eks-alb-ingress-controller/README.md","sha":"3bfcd0485ea2239eb786564e74c1de0715f23b57"},{"name":"main.tf","path":"modules/eks-alb-ingress-controller/main.tf","sha":"904eefe37cc316b36adbfed59f3c0ebdb218f343"},{"name":"templates","children":[{"name":"node_affinity.yaml","path":"modules/eks-alb-ingress-controller/templates/node_affinity.yaml","sha":"c6eaf8e94fa7c893857cc009df954443239a8fe0"},{"name":"values.yaml","path":"modules/eks-alb-ingress-controller/templates/values.yaml","sha":"9937ba0cbea50640aabca372efedb0e1bdc2ce6d"}]},{"name":"variables.tf","path":"modules/eks-alb-ingress-controller/variables.tf","sha":"0e7c5bdd84bf1835d3cda57a313a2046f310ba23"}]},{"name":"eks-cloudwatch-container-logs","children":[{"name":"README.md","path":"modules/eks-cloudwatch-container-logs/README.md","sha":"83b6cfce471a5b3d0dca1c17b8528d4a3397eae6","toggled":true},{"name":"main.tf","path":"modules/eks-cloudwatch-container-logs/main.tf","sha":"6827dfece6304e7f439c7bcfb1ccd37c24284c55"},{"name":"outputs.tf","path":"modules/eks-cloudwatch-container-logs/outputs.tf","sha":"7061ed458fec528c8b8b587291f0eccb4324fb72"},{"name":"templates","children":[{"name":"node_affinity.yaml","path":"modules/eks-cloudwatch-container-logs/templates/node_affinity.yaml","sha":"cf47b63d7c2b9699e0ab1e36e9a8dadad3a7f4c0"},{"name":"values.yaml","path":"modules/eks-cloudwatch-container-logs/templates/values.yaml","sha":"bff95a2bcea59db932239c8d197aea76d595bcec"}]},{"name":"variables.tf","path":"modules/eks-cloudwatch-container-logs/variables.tf","sha":"748747e26e3fef8f8a44849c752ba548d8531439"}],"toggled":true},{"name":"eks-cluster-control-plane","children":[{"name":"README.md","path":"modules/eks-cluster-control-plane/README.md","sha":"65d135a9506906c44ae7d592ec374afd3cb21c22"},{"name":"control_plane_scripts","children":[{"name":"bin","children":[{"name":"control_plane_scripts_py27_env.pex","path":"modules/eks-cluster-control-plane/control_plane_scripts/bin/control_plane_scripts_py27_env.pex","sha":"a02c9440827aac48475673ed80106b8cc1376bb4"},{"name":"control_plane_scripts_py3_env.pex","path":"modules/eks-cluster-control-plane/control_plane_scripts/bin/control_plane_scripts_py3_env.pex","sha":"3b4950866dbf6ad90a029585521aa90ed3e8887c"}]},{"name":"build.sh","path":"modules/eks-cluster-control-plane/control_plane_scripts/build.sh","sha":"33b5e9231babdb0c2c0997b04a964c27b98a4e13"},{"name":"cleanup_cluster_resources","children":[{"name":"__init__.py","path":"modules/eks-cluster-control-plane/control_plane_scripts/cleanup_cluster_resources/__init__.py","sha":"e69de29bb2d1d6434b8b29ae775ad8c2e48c5391"},{"name":"global_vars.py","path":"modules/eks-cluster-control-plane/control_plane_scripts/cleanup_cluster_resources/global_vars.py","sha":"47920d25645a8c168f196beb76eb37da60055dd3"},{"name":"main.py","path":"modules/eks-cluster-control-plane/control_plane_scripts/cleanup_cluster_resources/main.py","sha":"21dfb38d1bf8f4d15a03da5e09ae3ba575eb4501"},{"name":"vpc.py","path":"modules/eks-cluster-control-plane/control_plane_scripts/cleanup_cluster_resources/vpc.py","sha":"adaf19fe8e191badfad40513984778d36a059ba5"}]},{"name":"control_plane_scripts_utils","children":[{"name":"__init__.py","path":"modules/eks-cluster-control-plane/control_plane_scripts/control_plane_scripts_utils/__init__.py","sha":"37d050d1afd8ebb0c9d6916cff61fa674e6ac8a3"},{"name":"project_logging.py","path":"modules/eks-cluster-control-plane/control_plane_scripts/control_plane_scripts_utils/project_logging.py","sha":"c29bfb0dfe0a3d4e04aeaabff0b2e58387ccf12b"}]},{"name":"dev_requirements.txt","path":"modules/eks-cluster-control-plane/control_plane_scripts/dev_requirements.txt","sha":"430b91474dc8220624012e70d8c2e43582f17161"},{"name":"requirements.txt","path":"modules/eks-cluster-control-plane/control_plane_scripts/requirements.txt","sha":"0ae8cdb74f4c793658c5dfdd13ce1ec723f7b2a1"},{"name":"upgrade_cluster","children":[{"name":"__init__.py","path":"modules/eks-cluster-control-plane/control_plane_scripts/upgrade_cluster/__init__.py","sha":"e69de29bb2d1d6434b8b29ae775ad8c2e48c5391"},{"name":"eks.py","path":"modules/eks-cluster-control-plane/control_plane_scripts/upgrade_cluster/eks.py","sha":"d0aca412ffa983300df0d8926bee8829e148f85e"},{"name":"exceptions.py","path":"modules/eks-cluster-control-plane/control_plane_scripts/upgrade_cluster/exceptions.py","sha":"c35893a0f70e2c0d86dd64b7bce8d092e84355b3"},{"name":"global_vars.py","path":"modules/eks-cluster-control-plane/control_plane_scripts/upgrade_cluster/global_vars.py","sha":"e223eefafed2576c8988a708395d92f6908b3f49"},{"name":"k8s.py","path":"modules/eks-cluster-control-plane/control_plane_scripts/upgrade_cluster/k8s.py","sha":"c61fe768344f868303b7dac3b201b28b6ab10a1d"},{"name":"k8s_version_map.py","path":"modules/eks-cluster-control-plane/control_plane_scripts/upgrade_cluster/k8s_version_map.py","sha":"b25ddc93cfc13423cc8792ffa74b2f4127851173"},{"name":"main.py","path":"modules/eks-cluster-control-plane/control_plane_scripts/upgrade_cluster/main.py","sha":"30cf982ecf0a2304dcdb3467b28aad455d01e4e9"}]}]},{"name":"dependencies.tf","path":"modules/eks-cluster-control-plane/dependencies.tf","sha":"6389b5cb477cef74e9bae294c41bbdd05b8d8aa5"},{"name":"main.tf","path":"modules/eks-cluster-control-plane/main.tf","sha":"d2babf9edb4d77b71ca2d2f02cf3c78b1cb1092c"},{"name":"outputs.tf","path":"modules/eks-cluster-control-plane/outputs.tf","sha":"1d9c33ed79e9a4bdfec1dd228aa440a2932d74ef"},{"name":"templates","children":[{"name":"kubectl_config.tpl","path":"modules/eks-cluster-control-plane/templates/kubectl_config.tpl","sha":"083a5e914505363541190db3ee412d8d9e15b4ec"}]},{"name":"variables.tf","path":"modules/eks-cluster-control-plane/variables.tf","sha":"15d5a712ce52db18f0449d6fbea7e5b07e1df2d5"}]},{"name":"eks-cluster-managed-workers","children":[{"name":"README.md","path":"modules/eks-cluster-managed-workers/README.md","sha":"a44255e58e4c5949e3216339358124593ae2bbae"},{"name":"main.tf","path":"modules/eks-cluster-managed-workers/main.tf","sha":"56bad0a77dcc6eda3cf529007d2f354ba89bc82b"},{"name":"outputs.tf","path":"modules/eks-cluster-managed-workers/outputs.tf","sha":"391b5aff36a080568d94aae450d00b78488fb2e4"},{"name":"variables.tf","path":"modules/eks-cluster-managed-workers/variables.tf","sha":"fbb0d0efade0cb20f388b3c0f9cfeebf4cd87ff3"}]},{"name":"eks-cluster-workers-cross-access","children":[{"name":"README.md","path":"modules/eks-cluster-workers-cross-access/README.md","sha":"6c4e50bda62acc6c06d836488ef54f7119f27aee"},{"name":"main.tf","path":"modules/eks-cluster-workers-cross-access/main.tf","sha":"30885a053867992d0c3ee3804ba6833ae463c116"},{"name":"outputs.tf","path":"modules/eks-cluster-workers-cross-access/outputs.tf","sha":"c6c7f7a89007c55be5470ffd639c05c3fb052ad7"},{"name":"variables.tf","path":"modules/eks-cluster-workers-cross-access/variables.tf","sha":"d64aab893b6e909416189e985f072dd8809dfa2f"}]},{"name":"eks-cluster-workers","children":[{"name":"README.md","path":"modules/eks-cluster-workers/README.md","sha":"b846d1233c8a490fcb1bb0e7581c274f92d1c978"},{"name":"dependencies.tf","path":"modules/eks-cluster-workers/dependencies.tf","sha":"57ce2b550d2bd4a4a969fbb37cc058cd9825ea86"},{"name":"main.tf","path":"modules/eks-cluster-workers/main.tf","sha":"1b4ee8765da90838dea560a53e860e13216d94c5"},{"name":"outputs.tf","path":"modules/eks-cluster-workers/outputs.tf","sha":"15a01dabd1c0a11011e2488c4df1f43468312454"},{"name":"variables.tf","path":"modules/eks-cluster-workers/variables.tf","sha":"d646d70fb828c1c6385f6ff3c5935c27011ae4d0"}]},{"name":"eks-iam-role-assume-role-policy-for-service-account","children":[{"name":"README.md","path":"modules/eks-iam-role-assume-role-policy-for-service-account/README.md","sha":"efbbbd70fea3661c662750768facb7950239ffa3"},{"name":"main.tf","path":"modules/eks-iam-role-assume-role-policy-for-service-account/main.tf","sha":"be2fefe5e1a29a2582d1dcdc0b700b74f198cfc9"},{"name":"outputs.tf","path":"modules/eks-iam-role-assume-role-policy-for-service-account/outputs.tf","sha":"c2910cec89910bb06a157311ac8c4bf72835dfe5"},{"name":"variables.tf","path":"modules/eks-iam-role-assume-role-policy-for-service-account/variables.tf","sha":"dc660ddf84158851145289f6036a0fc19fbf7ce4"}]},{"name":"eks-k8s-cluster-autoscaler-iam-policy","children":[{"name":"README.md","path":"modules/eks-k8s-cluster-autoscaler-iam-policy/README.md","sha":"a22e2264a296fe1bf00f2c8b2f72ae728d0277c3"},{"name":"main.tf","path":"modules/eks-k8s-cluster-autoscaler-iam-policy/main.tf","sha":"c743f0e3523119155e2f2a6434e6f634d659aaee"},{"name":"outputs.tf","path":"modules/eks-k8s-cluster-autoscaler-iam-policy/outputs.tf","sha":"8b6c4e1747b3fa6a88c6233ec87aa2f450dfd334"},{"name":"variables.tf","path":"modules/eks-k8s-cluster-autoscaler-iam-policy/variables.tf","sha":"be3db9023160b3754187f2f21ce77772b43ced53"}]},{"name":"eks-k8s-cluster-autoscaler","children":[{"name":"README.md","path":"modules/eks-k8s-cluster-autoscaler/README.md","sha":"a74848607c42fcef696f121c2506ace0b83ced87"},{"name":"main.tf","path":"modules/eks-k8s-cluster-autoscaler/main.tf","sha":"f39dcbe11cfff6a81e23f3517c53d67420eccc37"},{"name":"templates","children":[{"name":"node_affinity.yaml","path":"modules/eks-k8s-cluster-autoscaler/templates/node_affinity.yaml","sha":"c6eaf8e94fa7c893857cc009df954443239a8fe0"},{"name":"values.yaml","path":"modules/eks-k8s-cluster-autoscaler/templates/values.yaml","sha":"4fad2031b54ad610fcd65abb03020d7d2db924de"}]},{"name":"variables.tf","path":"modules/eks-k8s-cluster-autoscaler/variables.tf","sha":"e900fccd3c1cb0cccbf5cc7e76667f54ea509a5b"}]},{"name":"eks-k8s-external-dns-iam-policy","children":[{"name":"README.md","path":"modules/eks-k8s-external-dns-iam-policy/README.md","sha":"a33d41f9824e6270ef4573d6b7e22b394224689c"},{"name":"main.tf","path":"modules/eks-k8s-external-dns-iam-policy/main.tf","sha":"b346bd0324c30907dd62ac89f93fe9cc7799fd4d"},{"name":"outputs.tf","path":"modules/eks-k8s-external-dns-iam-policy/outputs.tf","sha":"21604a63b741b94ea9ebffd20b18772131020fcf"},{"name":"variables.tf","path":"modules/eks-k8s-external-dns-iam-policy/variables.tf","sha":"250152e6bfeb02a16bed4151ffc7156636db1bd9"}]},{"name":"eks-k8s-external-dns","children":[{"name":"README.md","path":"modules/eks-k8s-external-dns/README.md","sha":"59199651539725e656c97f18fefee22e39e311a5"},{"name":"main.tf","path":"modules/eks-k8s-external-dns/main.tf","sha":"7696052822928880e4da50296c7dd2ccdf32e267"},{"name":"templates","children":[{"name":"node_affinity.yaml","path":"modules/eks-k8s-external-dns/templates/node_affinity.yaml","sha":"c6eaf8e94fa7c893857cc009df954443239a8fe0"},{"name":"values.yaml","path":"modules/eks-k8s-external-dns/templates/values.yaml","sha":"ed22e91abbdc486ba7b0e79f28f63853b3860969"}]},{"name":"variables.tf","path":"modules/eks-k8s-external-dns/variables.tf","sha":"5f385a2e0aeef50a2f99b9e94f8648ecb7561b7d"}]},{"name":"eks-k8s-role-mapping","children":[{"name":"README.md","path":"modules/eks-k8s-role-mapping/README.md","sha":"eda8f8d176a772c66fb9ba39e0db186cb51a3c9c"},{"name":"main.tf","path":"modules/eks-k8s-role-mapping/main.tf","sha":"6fcd7d1fefe10d1ed9b22cf16a1c272c347d1cfa"},{"name":"outputs.tf","path":"modules/eks-k8s-role-mapping/outputs.tf","sha":"95d4d4ec652bb541b91a2844e00f68064b423e60"},{"name":"variables.tf","path":"modules/eks-k8s-role-mapping/variables.tf","sha":"87e3ec8e2456d90175fa4c5cf0110bae86998170"}]},{"name":"eks-scripts","children":[{"name":"README.md","path":"modules/eks-scripts/README.md","sha":"96baaf535647b9f4c364d6a19057bcccb42df2be"},{"name":"bin","children":[{"name":"map-ec2-tags-to-node-labels","path":"modules/eks-scripts/bin/map-ec2-tags-to-node-labels","sha":"8087c82d4d47f25439f118c2a51e59d22689ada7"},{"name":"map_ec2_tags_to_node_labels.py","path":"modules/eks-scripts/bin/map_ec2_tags_to_node_labels.py","sha":"f75ad19587e95b2bd8924125ea2a1a697154909f"}]},{"name":"dev_requirements.txt","path":"modules/eks-scripts/dev_requirements.txt","sha":"f56f9d1629a85734fe16ed70f00f36b830cd97c9"},{"name":"install.sh","path":"modules/eks-scripts/install.sh","sha":"7f192fca97b098482a8a398019d4d53f45dba478"}]},{"name":"eks-vpc-tags","children":[{"name":"README.md","path":"modules/eks-vpc-tags/README.md","sha":"b53e923baaa79718b55a272158ff9b710871a6ce"},{"name":"outputs.tf","path":"modules/eks-vpc-tags/outputs.tf","sha":"0ef2787cfd02ea8668c687302b1929618079a0b2"},{"name":"variables.tf","path":"modules/eks-vpc-tags/variables.tf","sha":"a6e332e9da4e473e1e42b1ca6c7b0ba139a77cfb"},{"name":"versions.tf","path":"modules/eks-vpc-tags/versions.tf","sha":"e5d003c3e7a7296ca0f610fc77f94f2139fc59d2"}]}],"toggled":true},{"name":"rfc","children":[{"name":"shipping-logs-to-cloudwatch.md","path":"rfc/shipping-logs-to-cloudwatch.md","sha":"3ac6a0fd509477c36e1b4079e82ed3def7fe03d8"}]},{"name":"setup.cfg","path":"setup.cfg","sha":"981bc2bfd0b35029438d56c6d862a7f1519b8fe6"},{"name":"test","children":[{"name":"README.md","path":"test/README.md","sha":"9bf8180d731bdc892279fcdbcbb03d245f31f83a"},{"name":"eks_cluster_integration_test.go","path":"test/eks_cluster_integration_test.go","sha":"706f2eda374a9a831febfe04d72f2df01cf87533"},{"name":"eks_cluster_managed_workers_test.go","path":"test/eks_cluster_managed_workers_test.go","sha":"1eacfe2ec7d3a375c975ede65b028459bd9a0695"},{"name":"eks_cluster_test_helpers.go","path":"test/eks_cluster_test_helpers.go","sha":"ea30d40f827611931ca5bfa719e1d2de8f46d59a"},{"name":"eks_cluster_upgrade_test.go","path":"test/eks_cluster_upgrade_test.go","sha":"1b042cf51b93efaf8c14ee7fc0f7695266048627"},{"name":"eks_cluster_with_iam_role_test.go","path":"test/eks_cluster_with_iam_role_test.go","sha":"ca0b2f65ebffee9c417c59c49884b4034c6ca895"},{"name":"eks_cluster_with_supporting_services_test.go","path":"test/eks_cluster_with_supporting_services_test.go","sha":"0c99e8e8f747904133536fb3ca940f905e0e697e"},{"name":"eks_cluster_workers_optional_test.go","path":"test/eks_cluster_workers_optional_test.go","sha":"bc42df3ce9cf3ceb2aa9ae1484b4a25a389e7c8b"},{"name":"eks_envelope_encryption_test.go","path":"test/eks_envelope_encryption_test.go","sha":"3d8b92c4d3d4244c6431ccae95f0faeb0328bdce"},{"name":"eks_fargate_cluster_disable_public_endpoint_test.go","path":"test/eks_fargate_cluster_disable_public_endpoint_test.go","sha":"25ba0984ef5979ca146d16b63654559939d822db"},{"name":"eks_fargate_cluster_irsa_test.go","path":"test/eks_fargate_cluster_irsa_test.go","sha":"a066ec0cf9a8b7b949054de53f063d3ebe1c80e7"},{"name":"eks_fargate_cluster_public_access_cidr_test.go","path":"test/eks_fargate_cluster_public_access_cidr_test.go","sha":"2a82ad5a0bbb9311bb9c91a2c0be3f3dbe1b4d5e"},{"name":"eks_fargate_cluster_test.go","path":"test/eks_fargate_cluster_test.go","sha":"a50d3691cbdec0ba41e2212015105254d7a516c7"},{"name":"eks_fargate_cluster_with_supporting_services_test.go","path":"test/eks_fargate_cluster_with_supporting_services_test.go","sha":"a236dc2c1647da144a3fa973492b18ad80d64103"},{"name":"eks_mixed_cluster_dns_test.go","path":"test/eks_mixed_cluster_dns_test.go","sha":"dae0c9dd16808d92d6ba08977513798340767459"},{"name":"errors.go","path":"test/errors.go","sha":"be062fe0205ff82db8183d0fde639aa1883013ad"},{"name":"go.mod","path":"test/go.mod","sha":"ad9f275481179887ebada26ac28186866b827563"},{"name":"go.sum","path":"test/go.sum","sha":"7844bf26994c49320e11604a6ebb2b32afeecc6b"},{"name":"kubefixtures","children":[{"name":"autoscaler-test-pods-deployment.yml","path":"test/kubefixtures/autoscaler-test-pods-deployment.yml","sha":"b2d94c4bfa729b639290ee21629c19ca6ea694ee"},{"name":"eks-irsa-test.yml","path":"test/kubefixtures/eks-irsa-test.yml","sha":"db5439cf6d38873dbae71daa4197d6947990a94a"},{"name":"eks-k8s-role-mapping-test-role.yml","path":"test/kubefixtures/eks-k8s-role-mapping-test-role.yml","sha":"ede7587308d2a4ecf55042b05800099c43f3af7d"},{"name":"kube-system-sa-admin-binding.yml","path":"test/kubefixtures/kube-system-sa-admin-binding.yml","sha":"282d406512102cbe54e952575f26e7e0fbb2aa9a"},{"name":"nginx-deployment.yml","path":"test/kubefixtures/nginx-deployment.yml","sha":"a58866e59c113635af24982cfb0b530f0c416af0"},{"name":"robust-nginx-deployment.yml","path":"test/kubefixtures/robust-nginx-deployment.yml","sha":"87ead0f9733e422099bc430ed281e2054e698f10"}]},{"name":"script_tests","children":[{"name":"executor.sh","path":"test/script_tests/executor.sh","sha":"458c534996fbc045081d1cfae521c090f6787a7f"},{"name":"requirements.txt","path":"test/script_tests/requirements.txt","sha":"e855b2d366822bbc91b9d29140df9f060ceb6864"},{"name":"test_map_ec2_tags_to_node_labels.py","path":"test/script_tests/test_map_ec2_tags_to_node_labels.py","sha":"1bb3a5eae3727c0e6caf29c2cf4b7d596bb9a161"},{"name":"tox.ini","path":"test/script_tests/tox.ini","sha":"a7b8c79ca45e700e9cb7b8b493b37c68bc4408c2"}]},{"name":"terratest_options.go","path":"test/terratest_options.go","sha":"327f1900a48e4a1eb85c49e4dbbd2610f81685e7"},{"name":"test_debug_helpers.go","path":"test/test_debug_helpers.go","sha":"c71a7a9d5b68f0f59d2518496d9f5893206b5e22"},{"name":"test_helpers.go","path":"test/test_helpers.go","sha":"9c7eb9d7c3f2d1acc6d305bfc95371fca8ee0221"}]}]},"detailsContent":"<h1 class=\"preview__body--title\" id=\"eks-cloud-watch-container-logs-module\">EKS CloudWatch Container Logs Module</h1><div class=\"preview__body--border\"></div><p>This Terraform Module installs and configures\n<a href=\"https://github.com/helm/charts/tree/master/incubator/fluentd-cloudwatch\" class=\"preview__body--description--blue\" target=\"_blank\">fluentd-cloudwatch</a> on an EKS cluster, so that\neach node runs <a href=\"https://www.fluentd.org/\" class=\"preview__body--description--blue\" target=\"_blank\"><code>fluentd</code></a> to collect the logs and ship to CloudWatch.</p>\n<p>This module uses the community helm chart, with a set of best practices inputs.</p>\n<h2 class=\"preview__body--subtitle\" id=\"how-does-this-work\">How does this work?</h2>\n<p>This module solves the problem of unifying the log streams in your Kubernetes cluster to be shipped to CloudWatch so\nthat you have a single interface to search and monitor your logs. To achieve this, the module installs a service\n(<code>fluentd</code>) that monitors the log files on the filesystem, parses custom log formats into a unified format, and ships\nthe result to a centralized log aggregation service (CloudWatch).</p>\n<p><code>fluentd</code> is installed as a Kubernetes\n<a href=\"https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/\" class=\"preview__body--description--blue\" target=\"_blank\"><code>DaemonSet</code></a>, which ensures that there is one\n<code>fluentd</code> <code>Pod</code> running per node. In this way, we are able to ensure that all workers in the cluster are running the\n<code>fluentd</code> service for shipping the logs into CloudWatch.</p>\n<p>You can read more about <code>fluentd</code> in their <a href=\"https://www.fluentd.org/architecture\" class=\"preview__body--description--blue\" target=\"_blank\">official home page</a>. You can also\nlearn more about CloudWatch logging in the <a href=\"https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/WhatIsCloudWatchLogs.html\" class=\"preview__body--description--blue\" target=\"_blank\">official AWS\ndocs</a>.</p>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-you-use-this-module\">How do you use this module?</h2>\n<ul>\n<li>See the <a href=\"/repos/v0.25.0/terraform-aws-eks/README.adoc\" class=\"preview__body--description--blue\">root README</a> for instructions on using Terraform modules.</li>\n<li>See the <a href=\"/repos/v0.25.0/terraform-aws-eks/examples/eks-cluster-with-supporting-services\" class=\"preview__body--description--blue\">eks-cluster-with-supporting-services example</a> for example\nusage.</li>\n<li>See <a href=\"/repos/v0.25.0/terraform-aws-eks/modules/eks-cloudwatch-container-logs/variables.tf\" class=\"preview__body--description--blue\">variables.tf</a> for all the variables you can set on this module.</li>\n<li>See <a href=\"/repos/v0.25.0/terraform-aws-eks/modules/eks-cloudwatch-container-logs/outputs.tf\" class=\"preview__body--description--blue\">outputs.tf</a> for all the variables that are outputed by this module.</li>\n<li>This module uses <a href=\"https://www.terraform.io/docs/providers/kubernetes/index.html\" class=\"preview__body--description--blue\" target=\"_blank\">the <code>kubernetes</code> provider</a>.</li>\n<li>This module uses <a href=\"https://www.terraform.io/docs/providers/helm/index.html\" class=\"preview__body--description--blue\" target=\"_blank\">the <code>helm</code> provider</a>.</li>\n</ul>\n<h2 class=\"preview__body--subtitle\" id=\"prerequisites\">Prerequisites</h2>\n<h3 class=\"preview__body--subtitle\" id=\"helm-setup\">Helm setup</h3>\n<p>This module uses <a href=\"https://helm.sh/docs/\" class=\"preview__body--description--blue\" target=\"_blank\"><code>helm</code> v3</a> to deploy <code>fluentd</code> to the Kubernetes cluster.</p>\n<h3 class=\"preview__body--subtitle\" id=\"cloudwatch-log-group\">Cloudwatch Log Group</h3>\n<p>This module assumes the log group you would like to use already exists. You can use the\n<a href=\"https://www.terraform.io/docs/providers/aws/r/cloudwatch_log_group.html\" class=\"preview__body--description--blue\" target=\"_blank\"><code>cloudwatch_log_group</code></a> resource to create a\nnew log group in Terraform. For example:</p>\n<pre><span class=\"hljs-attribute\">resource</span> <span class=\"hljs-string\">\"aws_cloudwatch_log_group\"</span> <span class=\"hljs-string\">\"eks_cluster\"</span> {}\n</pre>\n<p>This will create a new log group and assign a random unique name that you can then access using\n<code>aws_cloudwatch_log_group.eks_cluster.name</code>.</p>\n<h3 class=\"preview__body--subtitle\" id=\"iam-permissions\">IAM permissions</h3>\n<p>The container deployed in this module requires IAM permissions to access log streams in CloudWatch so that it can write\nlogs to it. Below is a sample IAM policy statement that grants the minimal set of permissions:</p>\n<pre>{\n <span class=\"hljs-attr\">\"Version\"</span>: <span class=\"hljs-string\">\"2012-10-17\"</span>,\n <span class=\"hljs-attr\">\"Statement\"</span>: [\n {\n <span class=\"hljs-attr\">\"Sid\"</span>: <span class=\"hljs-string\">\"logs\"</span>,\n <span class=\"hljs-attr\">\"Effect\"</span>: <span class=\"hljs-string\">\"Allow\"</span>,\n <span class=\"hljs-attr\">\"Action\"</span>: [\n <span class=\"hljs-string\">\"logs:CreateLogStream\"</span>,\n <span class=\"hljs-string\">\"logs:PutLogEvents\"</span>,\n <span class=\"hljs-string\">\"logs:DescribeLogGroups\"</span>,\n <span class=\"hljs-string\">\"logs:DescribeLogStreams\"</span>\n ],\n <span class=\"hljs-attr\">\"Resource\"</span>: [\n <span class=\"hljs-string\">\"arn:aws:logs:*:*:*\"</span>\n ]\n }\n ]\n}\n</pre>\n<h2 class=\"preview__body--subtitle\" id=\"differences-with-cloud-watch-container-insights\">Differences with CloudWatch Container Insights</h2>\n<p>AWS <a href=\"https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/deploy-container-insights-EKS.html\" class=\"preview__body--description--blue\" target=\"_blank\">CloudWatch Container\nInsights</a> is a set of\nKubernetes applications that run on your EKS cluster to collect metrics and log entries to ship to CloudWatch. This is\nhandled by deploying the CloudWatch Agent and FluentD as <code>DaemonSets</code> that run on each node to watch the metrics and log\nentries.</p>\n<p>This module also uses FluentD as a <code>DaemonSet</code> under the hood. However, there are a few differences in the setup:</p>\n<ul>\n<li>This module is only scoped to collect the container logs. CloudWatch Container Insights on the other hand will observe\nall logs on the server.</li>\n<li>This module does not set up the CloudWatch Agent for collecting cluster metrics, and is only concerned with log\nentries. CloudWatch Container Insights also includes observing cluster and pod metrics.</li>\n</ul>\n","repoName":"terraform-aws-eks","repoRef":"v0.22.0","serviceDescriptor":{"serviceName":"EC2 Kubernetes Service (EKS) Cluster","serviceRepoName":"terraform-aws-eks","serviceRepoOrg":"gruntwork-io","cloudProviders":["aws"],"description":"Deploy a Kubernetes cluster on top of Amazon EC2 Kubernetes Service (EKS).","imageUrl":"eks.png","licenseType":"subscriber","technologies":["Terraform","Python","Bash"],"compliance":[],"tags":[""]},"serviceCategoryName":"Docker orchestration","fileName":"README.md","filePath":"/modules/eks-cloudwatch-container-logs","title":"Repo Browser: EC2 Kubernetes Service (EKS) Cluster","description":"Browse the repos in the Gruntwork Infrastructure as Code Library."}
.circleci
main.tf
