apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig

metadata:
  name: eks-saga-demoType
  region: regionId

cloudWatch:
  clusterLogging:
    enableTypes: ["*"]

iam:
  withOIDC: true
  serviceAccounts:
    - metadata:
        name: aws-load-balancer-controller
        namespace: kube-system
        labels: { aws-usage: "alb" }
      attachPolicyARNs:
        - "arn:aws:iam::accountId:policy/eks-saga-elb-orche-policy"
    - metadata:
        name: eks-saga
        namespace: eks-saga
        labels: { aws-usage: "application" }
      attachPolicyARNs:
        - "arn:aws:iam::accountId:policy/eks-saga-rds-orche-policy"
        - "arn:aws:iam::accountId:policy/eks-saga-sns-orche-policy"
        - "arn:aws:iam::accountId:policy/eks-saga-sqs-orche-policy"

managedNodeGroups:
  - name: ng-db
    labels: { role: db }
    instanceType: m5.large
    desiredCapacity: 1
    privateNetworking: true
    iam:
      attachPolicyARNs:
        - "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy"
        - "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
        - "arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy"
  - name: ng-web
    labels: { role: web }
    instanceType: m5.large
    desiredCapacity: 1
    privateNetworking: false
    iam:
      attachPolicyARNs:
        - "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy"
        - "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
        - "arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy"