Updating EKS container insights- Adding doc and fixing pre-commit errors

docs/container-insights/eks.md

@@ -48,7 +48,7 @@ Next, you have to update your Application to `Configure application metrics and
 1. **Annotate Workload** auto-instruments a single workload in the cluster.
     - Paste the below line into the PodTemplate section of the workload manifest.
     ```
-    annotations: instrumentation.opentelemetry.io/inject-java: "true" 
+    annotations: instrumentation.opentelemetry.io/inject-java: "true"
     ```
     - In your terminal, enter `kubectl apply -f your_deployment_yaml` to apply the change.
 

examples/eks-container-insights/README.md

@@ -12,9 +12,6 @@ under **Amazon CloudWatch Container Insights**
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.1.0 |
 | <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0.0 |
-| <a name="requirement_helm"></a> [helm](#requirement\_helm) | >= 2.4.1 |
-| <a name="requirement_kubectl"></a> [kubectl](#requirement\_kubectl) | >= 2.0.3 |
-| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 2.10 |
 
 ## Providers
 
@@ -41,10 +38,11 @@ under **Amazon CloudWatch Container Insights**
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_aws_region"></a> [aws\_region](#input\_aws\_region) | EKS cluster region | `string` | n/a | yes |
-| <a name="input_eks_cluster_id"></a> [eks\_cluster\_id](#input\_eks\_cluster\_id) | EKS cluster name | `string` | n/a | yes |
-| <a name="input_irsa_iam_permissions_boundary"></a> [irsa\_iam\_permissions\_boundary](#input\_irsa\_iam\_permissions\_boundary) | IAM permissions boundary for IRSA roles | `string` | `null` | no |
-| <a name="input_irsa_iam_role_path"></a> [irsa\_iam\_role\_path](#input\_irsa\_iam\_role\_path) | IAM role path for IRSA roles | `string` | `"/"` | no |
+| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | EKS cluster name | `string` | n/a | yes |
+| <a name="input_eks_cluster_domain"></a> [eks\_cluster\_domain](#input\_eks\_cluster\_domain) | The domain for the EKS cluster | `string` | `""` | no |
+| <a name="input_eks_cluster_version"></a> [eks\_cluster\_version](#input\_eks\_cluster\_version) | The Kubernetes version for the cluster | `string` | `"1.28"` | no |
+| <a name="input_eks_oidc_provider"></a> [eks\_oidc\_provider](#input\_eks\_oidc\_provider) | The OpenID Connect identity provider (issuer URL without leading `https://`) | `string` | `null` | no |
+| <a name="input_eks_oidc_provider_arn"></a> [eks\_oidc\_provider\_arn](#input\_eks\_oidc\_provider\_arn) | The OpenID Connect identity provider ARN | `string` | `null` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Additional tags (e.g. `map('BusinessUnit`,`XYZ`) | `map(string)` | `{}` | no |
 
 ## Outputs

examples/eks-container-insights/data.tf

@@ -0,0 +1,7 @@
+data "aws_partition" "current" {}
+data "aws_caller_identity" "current" {}
+data "aws_region" "current" {}
+
+data "aws_eks_cluster" "eks_cluster" {
+  name = var.cluster_name
+}

examples/eks-container-insights/main.tf

@@ -1,5 +1,5 @@
 module "eks_container_insights" {
-  source                                    = "./modules/eks-container-insights"
+  source                                    = "../../modules/eks-container-insights"
   cluster_name                              = var.cluster_name
   enable_amazon_eks_cw_observability        = true
   create_cloudwatch_observability_irsa_role = true

modules/eks-container-insights/README.md

@@ -14,9 +14,6 @@ Use CloudWatch Container Insights to collect, aggregate, and summarize metrics a
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.1.0 |
 | <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0.0 |
-| <a name="requirement_helm"></a> [helm](#requirement\_helm) | >= 2.4.1 |
-| <a name="requirement_kubectl"></a> [kubectl](#requirement\_kubectl) | >= 2.0.3 |
-| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 2.10 |
 
 ## Providers
 
@@ -28,37 +25,35 @@ Use CloudWatch Container Insights to collect, aggregate, and summarize metrics a
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_helm_addon"></a> [helm\_addon](#module\_helm\_addon) | github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/helm-addon | v4.32.1 |
+| <a name="module_cloudwatch_observability_irsa_role"></a> [cloudwatch\_observability\_irsa\_role](#module\_cloudwatch\_observability\_irsa\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | v5.33.0 |
 
 ## Resources
 
 | Name | Type |
 |------|------|
+| [aws_eks_addon.amazon_cloudwatch_observability](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) | resource |
+| [aws_iam_service_linked_role.application_signals_cw](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_service_linked_role) | resource |
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_eks_addon_version.eks_addon_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_addon_version) | data source |
 | [aws_eks_cluster.eks_cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source |
-| [aws_iam_policy.irsa](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source |
 | [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_aws_cloudwatch_metrics_chart_verison"></a> [aws\_cloudwatch\_metrics\_chart\_verison](#input\_aws\_cloudwatch\_metrics\_chart\_verison) | AWS CloudWatch Observability Metrics helm chart version | `string` | `"0.0.7"` | no |
-| <a name="input_eks_cluster_id"></a> [eks\_cluster\_id](#input\_eks\_cluster\_id) | EKS Cluster Id | `string` | n/a | yes |
-| <a name="input_helm_config"></a> [helm\_config](#input\_helm\_config) | Helm provider config for adot-exporter-for-eks-on-ec2 | `any` | `{}` | no |
-| <a name="input_irsa_iam_permissions_boundary"></a> [irsa\_iam\_permissions\_boundary](#input\_irsa\_iam\_permissions\_boundary) | IAM permissions boundary for IRSA roles | `string` | `null` | no |
-| <a name="input_irsa_iam_role_path"></a> [irsa\_iam\_role\_path](#input\_irsa\_iam\_role\_path) | IAM role path for IRSA roles | `string` | `"/"` | no |
-| <a name="input_irsa_policies"></a> [irsa\_policies](#input\_irsa\_policies) | Additional IAM policies for a IAM role for service accounts | `list(string)` | `[]` | no |
-| <a name="input_manage_via_gitops"></a> [manage\_via\_gitops](#input\_manage\_via\_gitops) | Determines if the add-on should be managed via GitOps. | `bool` | `false` | no |
+| <a name="input_addon_config"></a> [addon\_config](#input\_addon\_config) | Amazon EKS Managed CloudWatch Observability Add-on config | `any` | `{}` | no |
+| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Name of the EKS cluster | `string` | `"eks-cw"` | no |
+| <a name="input_create_cloudwatch_application_signals_role"></a> [create\_cloudwatch\_application\_signals\_role](#input\_create\_cloudwatch\_application\_signals\_role) | Create a Cloudwatch Application Signals service-linked role | `string` | `true` | no |
+| <a name="input_create_cloudwatch_observability_irsa_role"></a> [create\_cloudwatch\_observability\_irsa\_role](#input\_create\_cloudwatch\_observability\_irsa\_role) | Create a Cloudwatch Observability IRSA | `string` | `true` | no |
+| <a name="input_eks_oidc_provider_arn"></a> [eks\_oidc\_provider\_arn](#input\_eks\_oidc\_provider\_arn) | The OIDC Provider ARN of AWS EKS cluster | `string` | `""` | no |
+| <a name="input_enable_amazon_eks_cw_observability"></a> [enable\_amazon\_eks\_cw\_observability](#input\_enable\_amazon\_eks\_cw\_observability) | Enable Amazon EKS CloudWatch Observability add-on | `bool` | `false` | no |
+| <a name="input_kubernetes_version"></a> [kubernetes\_version](#input\_kubernetes\_version) | Kubernetes version | `string` | `"1.28"` | no |
+| <a name="input_most_recent"></a> [most\_recent](#input\_most\_recent) | Most Recent | `string` | `"false"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Additional tags (e.g. `map('BusinessUnit`,`XYZ`) | `map(string)` | `{}` | no |
 
 ## Outputs
 
-| Name | Description |
-|------|-------------|
-| <a name="output_irsa_arn"></a> [irsa\_arn](#output\_irsa\_arn) | IAM role ARN for the service account |
-| <a name="output_irsa_name"></a> [irsa\_name](#output\_irsa\_name) | IAM role name for the service account |
-| <a name="output_release_metadata"></a> [release\_metadata](#output\_release\_metadata) | Map of attributes of the Helm release metadata |
-| <a name="output_service_account"></a> [service\_account](#output\_service\_account) | Name of Kubernetes service account |
+No outputs.
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

modules/eks-container-insights/data.tf

@@ -4,4 +4,4 @@ data "aws_region" "current" {}
 
 data "aws_eks_cluster" "eks_cluster" {
   name = var.cluster_name
-}
+}

modules/eks-container-insights/locals.tf

@@ -1,5 +1,4 @@
 locals {
-  name                = "amazon-cloudwatch-observability"
   kubernetes_version  = var.kubernetes_version
   eks_oidc_issuer_url = replace(data.aws_eks_cluster.eks_cluster.identity[0].oidc[0].issuer, "https://", "")
 

modules/eks-container-insights/main.tf

@@ -3,9 +3,10 @@ locals {
 }
 
 module "cloudwatch_observability_irsa_role" {
-  source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
-  count  = var.create_cloudwatch_observability_irsa_role ? 1 : 0
+  count = var.create_cloudwatch_observability_irsa_role ? 1 : 0
 
+  source                                 = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
+  version                                = "v5.33.0"
   role_name                              = "cloudwatch-observability"
   attach_cloudwatch_observability_policy = true
 
@@ -23,7 +24,7 @@ data "aws_eks_addon_version" "eks_addon_version" {
   most_recent        = var.most_recent
 }
 
-resource "aws_eks_addon" "amazon-cloudwatch-observability" {
+resource "aws_eks_addon" "amazon_cloudwatch_observability" {
   count = var.enable_amazon_eks_cw_observability ? 1 : 0
 
   cluster_name                = var.cluster_name
@@ -40,7 +41,7 @@ resource "aws_eks_addon" "amazon-cloudwatch-observability" {
   )
 }
 
-resource "aws_iam_service_linked_role" "application-signals-cw" {
+resource "aws_iam_service_linked_role" "application_signals_cw" {
   count            = var.create_cloudwatch_application_signals_role ? 1 : 0
   aws_service_name = "application-signals.cloudwatch.amazonaws.com"
 }

modules/eks-container-insights/variables.tf

@@ -1,6 +1,7 @@
 variable "cluster_name" {
-  default = "eks-cw"
-  type    = string
+  description = "Name of the EKS cluster"
+  default     = "eks-cw"
+  type        = string
 }
 
 variable "enable_amazon_eks_cw_observability" {
@@ -22,13 +23,15 @@ variable "kubernetes_version" {
 }
 
 variable "most_recent" {
-  type    = string
-  default = "false"
+  description = "Most Recent"
+  type        = string
+  default     = "false"
 }
 
 variable "eks_oidc_provider_arn" {
-  type    = string
-  default = ""
+  description = "The OIDC Provider ARN of AWS EKS cluster"
+  type        = string
+  default     = ""
 }
 
 variable "create_cloudwatch_observability_irsa_role" {
@@ -47,4 +50,4 @@ variable "tags" {
   description = "Additional tags (e.g. `map('BusinessUnit`,`XYZ`)"
   type        = map(string)
   default     = {}
-}
+}