Merge pull request #19 from owensengoku/rename-for-workshop

rename .tf for more easy understanding

aws/eks/master/role.tf → aws/eks/master/role-eks.tf

@@ -28,29 +28,3 @@ resource "aws_iam_role_policy_attachment" "eks_service" {
   policy_arn = "arn:aws:iam::aws:policy/AmazonEKSServicePolicy"
   role       = "${aws_iam_role.eks.name}"
 }
-
-# Role for Spot Fleet
-resource "aws_iam_role" "spot_fleet" {
-  name = "${var.phase}-${var.project}-fleet-role"
-
-  assume_role_policy = <<EOF
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Action": "sts:AssumeRole",
-      "Principal": {
-        "Service": "spotfleet.amazonaws.com"
-      },
-      "Effect": "Allow",
-      "Sid": ""
-    }
-  ]
-}
-EOF
-}
-
-resource "aws_iam_role_policy_attachment" "spot_fleet" {
-  role       = "${aws_iam_role.spot_fleet.name}"
-  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetTaggingRole"
-}

aws/eks/master/role-spot.tf

@@ -0,0 +1,25 @@
+# Role for Spot Fleet
+resource "aws_iam_role" "spot_fleet" {
+  name = "${var.phase}-${var.project}-fleet-role"
+
+  assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": "sts:AssumeRole",
+      "Principal": {
+        "Service": "spotfleet.amazonaws.com"
+      },
+      "Effect": "Allow",
+      "Sid": ""
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_role_policy_attachment" "spot_fleet" {
+  role       = "${aws_iam_role.spot_fleet.name}"
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetTaggingRole"
+}

aws/eks/master/security-group-eks.tf

@@ -0,0 +1,30 @@
+resource "aws_security_group" "eks" {
+  name_prefix = "${var.phase}-${var.project}-master-"
+  vpc_id      = "${var.exist_vpc_id}"
+
+  tags = "${merge(map(
+      "Name", "${var.phase}-${var.project}-eks",
+      "Phase", "${var.phase}",
+      "Project", "${var.project}"
+    ), var.extra_tags)}"
+}
+
+resource "aws_security_group_rule" "eks_cluster_egress" {
+  type              = "egress"
+  security_group_id = "${aws_security_group.eks.id}"
+
+  from_port   = 0
+  to_port     = 0
+  protocol    = "-1"
+  cidr_blocks = ["0.0.0.0/0"]
+}
+
+resource "aws_security_group_rule" "eks_cluster_ingress_https" {
+  type              = "ingress"
+  security_group_id = "${aws_security_group.eks.id}"
+
+  protocol    = "tcp"
+  cidr_blocks = ["${var.vpc_cidr_block}"]
+  from_port   = 443
+  to_port     = 443
+}

aws/eks/master/sg.tf → aws/eks/master/security-group-worker.tf

@@ -1,35 +1,3 @@
-resource "aws_security_group" "eks" {
-  name_prefix = "${var.phase}-${var.project}-master-"
-  vpc_id      = "${var.exist_vpc_id}"
-
-  tags = "${merge(map(
-      "Name", "${var.phase}-${var.project}-eks",
-      "Phase", "${var.phase}",
-      "Project", "${var.project}"
-    ), var.extra_tags)}"
-}
-
-resource "aws_security_group_rule" "eks_cluster_egress" {
-  type              = "egress"
-  security_group_id = "${aws_security_group.eks.id}"
-
-  from_port   = 0
-  to_port     = 0
-  protocol    = "-1"
-  cidr_blocks = ["0.0.0.0/0"]
-}
-
-resource "aws_security_group_rule" "eks_cluster_ingress_https" {
-  type              = "ingress"
-  security_group_id = "${aws_security_group.eks.id}"
-
-  protocol    = "tcp"
-  cidr_blocks = ["${var.vpc_cidr_block}"]
-  from_port   = 443
-  to_port     = 443
-}
-
-
 resource "aws_security_group" "workers" {
   name_prefix = "${var.phase}-${var.project}-worker-"
   description = "Security group for all nodes in the cluster."

aws/eks/worker-common/ami.tf

@@ -6,7 +6,7 @@ module "container_linux" {
 }
 
 locals {
-  ami_owner = "595879546273"
+  ami_owner = "595879546273" # Amazon Account ID
   arn       = "aws"
 }