Just looking for some clarification if possible..
If we look at the below cluster.yaml for eksctl;
metadata:
name: blah
region: blah
version: blah
managedNodeGroups:
- name: blah
instance_type: blah
blah
blah
blah
iam:
withAddonPolicies:
appMesh: true
xray: true
I'm not using this to build the cluster, it's being built using Terraform.. but I'm looking for clarification as to how to apply the addon policies using TF? Is it simply using the aws_eks_addon resource?
So would it simply look like:
resource "aws_eks_addon" "xray" {
cluster_name = aws_eks_cluster.example.name
addon_name = "xray"
}
Am I barking up the right tree?
TIA
The nodeGroups.iam.withAddonPolicies in the eksctl YAML files is about adding extra IAM policies to a specified node group.
In your example in the question it's creating a managed node group with extra IAM policies allowing the nodes in the node group to use AWS App Mesh and X-Ray.
Cluster add-ons, on the other hand, add extra components to your cluster as a managed service. These would normally be deployed as a deployment via kubectl or helm etc and creates pods on your cluster to manage specific things. Currently this is limited to running CoreDNS, the VPC CNI plugin and kube-proxy so you wouldn't be able to apply your Terraform example as there is no xray cluster add-on.