--- apiVersion: apiextensions.crossplane.io/v1 kind: Composition metadata: name: amazon-eks-cluster labels: provider: aws service: eks compute: managed spec: writeConnectionSecretsToNamespace: crossplane-system compositeTypeRef: apiVersion: eks.sarathy.io/v1beta1 kind: EKSCluster patchSets: - name: common-parameters patches: - fromFieldPath: "spec.parameters.region" toFieldPath: "spec.forProvider.region" resources: - name: vpc base: apiVersion: ec2.aws.crossplane.io/v1beta1 kind: VPC spec: forProvider: enableDnsSupport: true enableDnsHostNames: true tags: - key: Name patches: - type: PatchSet patchSetName: common-parameters - fromFieldPath: spec.parameters.vpc-cidrBlock toFieldPath: spec.forProvider.cidrBlock - fromFieldPath: spec.parameters.vpc-name toFieldPath: spec.forProvider.tags[0].value - name: internetgateway base: apiVersion: ec2.aws.crossplane.io/v1beta1 kind: InternetGateway metadata: labels: type: igw spec: forProvider: vpcIdSelector: matchControllerRef: true tags: - key: Name patches: - type: PatchSet patchSetName: common-parameters - type: CombineFromComposite combine: variables: - fromFieldPath: spec.parameters.vpc-name strategy: string string: fmt: "%s-igw" toFieldPath: spec.forProvider.tags[0].value policy: fromFieldPath: Required - name: subnet-public-1 base: apiVersion: ec2.aws.crossplane.io/v1beta1 kind: Subnet metadata: labels: type: subnet visibility: public spec: forProvider: mapPublicIpOnLaunch: true vpcIdSelector: matchControllerRef: true tags: - key: Name - key: kubernetes.io/role/elb value: "1" patches: - type: CombineFromComposite combine: variables: - fromFieldPath: spec.parameters.vpc-name - fromFieldPath: spec.parameters.subnet1-public-name strategy: string string: fmt: "%s-%s" toFieldPath: spec.forProvider.tags[0].value policy: fromFieldPath: Required - type: PatchSet patchSetName: common-parameters - fromFieldPath: spec.parameters.subnet1-public-cidrBlock toFieldPath: spec.forProvider.cidrBlock - fromFieldPath: spec.parameters.subnet1-public-availabilityZone toFieldPath: spec.forProvider.availabilityZone - fromFieldPath: spec.parameters.subnet1-public-availabilityZone toFieldPath: metadata.labels.zone - name: subnet-public-2 base: apiVersion: ec2.aws.crossplane.io/v1beta1 kind: Subnet metadata: labels: type: subnet visibility: public spec: forProvider: mapPublicIpOnLaunch: true vpcIdSelector: matchControllerRef: true tags: - key: Name - key: kubernetes.io/role/elb value: "1" patches: - type: CombineFromComposite combine: variables: - fromFieldPath: spec.parameters.vpc-name - fromFieldPath: spec.parameters.subnet2-public-name strategy: string string: fmt: "%s-%s" toFieldPath: spec.forProvider.tags[0].value policy: fromFieldPath: Required - type: PatchSet patchSetName: common-parameters - fromFieldPath: spec.parameters.subnet2-public-cidrBlock toFieldPath: spec.forProvider.cidrBlock - fromFieldPath: spec.parameters.subnet2-public-availabilityZone toFieldPath: spec.forProvider.availabilityZone - fromFieldPath: spec.parameters.subnet2-public-availabilityZone toFieldPath: metadata.labels.zone - name: subnet-private-1 base: apiVersion: ec2.aws.crossplane.io/v1beta1 kind: Subnet metadata: labels: type: subnet visibility: private spec: forProvider: mapPublicIpOnLaunch: false vpcIdSelector: matchControllerRef: true tags: - key: Name - key: kubernetes.io/role/internal-elb value: "1" patches: - type: CombineFromComposite combine: variables: - fromFieldPath: spec.parameters.vpc-name - fromFieldPath: spec.parameters.subnet1-private-name strategy: string string: fmt: "%s-%s" toFieldPath: spec.forProvider.tags[0].value policy: fromFieldPath: Required - type: PatchSet patchSetName: common-parameters - fromFieldPath: spec.parameters.subnet1-private-cidrBlock toFieldPath: spec.forProvider.cidrBlock - fromFieldPath: spec.parameters.subnet1-private-availabilityZone toFieldPath: spec.forProvider.availabilityZone - fromFieldPath: spec.parameters.subnet1-private-availabilityZone toFieldPath: metadata.labels.zone - name: subnet-private-2 base: apiVersion: ec2.aws.crossplane.io/v1beta1 kind: Subnet metadata: labels: type: subnet visibility: private spec: forProvider: mapPublicIpOnLaunch: false vpcIdSelector: matchControllerRef: true tags: - key: Name - key: kubernetes.io/role/internal-elb value: "1" patches: - type: CombineFromComposite combine: variables: - fromFieldPath: spec.parameters.vpc-name - fromFieldPath: spec.parameters.subnet2-private-name strategy: string string: fmt: "%s-%s" toFieldPath: spec.forProvider.tags[0].value policy: fromFieldPath: Required - type: PatchSet patchSetName: common-parameters - fromFieldPath: spec.parameters.subnet2-private-cidrBlock toFieldPath: spec.forProvider.cidrBlock - fromFieldPath: spec.parameters.subnet2-private-availabilityZone toFieldPath: spec.forProvider.availabilityZone - fromFieldPath: spec.parameters.subnet2-private-availabilityZone toFieldPath: metadata.labels.zone - name: elastic-ip-1 base: apiVersion: ec2.aws.crossplane.io/v1beta1 kind: Address metadata: labels: type: eip-1 spec: forProvider: domain: vpc patches: - type: PatchSet patchSetName: common-parameters - name: elastic-ip-2 base: apiVersion: ec2.aws.crossplane.io/v1beta1 kind: Address metadata: labels: type: eip-2 spec: forProvider: domain: vpc patches: - type: PatchSet patchSetName: common-parameters - name: natgateway-1 base: apiVersion: ec2.aws.crossplane.io/v1beta1 kind: NATGateway metadata: labels: type: natgw-1 spec: forProvider: allocationIdSelector: matchLabels: type: eip-1 vpcIdSelector: matchControllerRef: true subnetIdSelector: matchLabels: type: subnet visibility: public tags: - key: Name patches: - type: CombineFromComposite combine: variables: - fromFieldPath: spec.parameters.vpc-name strategy: string string: fmt: "%s-nat-gateway-1" toFieldPath: spec.forProvider.tags[0].value policy: fromFieldPath: Required - type: PatchSet patchSetName: common-parameters - fromFieldPath: spec.parameters.subnet1-public-availabilityZone toFieldPath: spec.forProvider.subnetIdSelector.matchLabels.zone - name: natgateway-2 base: apiVersion: ec2.aws.crossplane.io/v1beta1 kind: NATGateway metadata: labels: type: natgw-2 spec: forProvider: allocationIdSelector: matchLabels: type: eip-2 vpcIdSelector: matchControllerRef: true subnetIdSelector: matchLabels: type: subnet visibility: public tags: - key: Name patches: - type: CombineFromComposite combine: variables: - fromFieldPath: spec.parameters.vpc-name strategy: string string: fmt: "%s-nat-gateway-2" toFieldPath: spec.forProvider.tags[0].value policy: fromFieldPath: Required - type: PatchSet patchSetName: common-parameters - fromFieldPath: spec.parameters.subnet2-public-availabilityZone toFieldPath: spec.forProvider.subnetIdSelector.matchLabels.zone - name: routetable-public base: apiVersion: ec2.aws.crossplane.io/v1beta1 kind: RouteTable spec: forProvider: vpcIdSelector: matchControllerRef: true routes: - destinationCidrBlock: 0.0.0.0/0 gatewayIdSelector: matchLabels: type: igw associations: - subnetIdSelector: matchLabels: type: subnet visibility: public - subnetIdSelector: matchLabels: type: subnet visibility: public tags: - key: Name patches: - type: CombineFromComposite combine: variables: - fromFieldPath: spec.parameters.vpc-name strategy: string string: fmt: "%s-public-route-table" toFieldPath: spec.forProvider.tags[0].value policy: fromFieldPath: Required - type: PatchSet patchSetName: common-parameters - fromFieldPath: spec.parameters.subnet1-public-availabilityZone toFieldPath: spec.forProvider.associations[0].subnetIdSelector.matchLabels.zone - fromFieldPath: spec.parameters.subnet2-public-availabilityZone toFieldPath: spec.forProvider.associations[1].subnetIdSelector.matchLabels.zone - name: routetable-private-1 base: apiVersion: ec2.aws.crossplane.io/v1beta1 kind: RouteTable spec: forProvider: vpcIdSelector: matchControllerRef: true routes: - destinationCidrBlock: 0.0.0.0/0 natGatewayIdSelector: matchLabels: type: natgw-1 associations: - subnetIdSelector: matchLabels: type: subnet visibility: private tags: - key: Name patches: - type: CombineFromComposite combine: variables: - fromFieldPath: spec.parameters.vpc-name strategy: string string: fmt: "%s-private-route-table-1" toFieldPath: spec.forProvider.tags[0].value policy: fromFieldPath: Required - type: PatchSet patchSetName: common-parameters - fromFieldPath: spec.parameters.subnet1-public-availabilityZone toFieldPath: spec.forProvider.associations[0].subnetIdSelector.matchLabels.zone - name: routetable-private-2 base: apiVersion: ec2.aws.crossplane.io/v1beta1 kind: RouteTable spec: forProvider: vpcIdSelector: matchControllerRef: true routes: - destinationCidrBlock: 0.0.0.0/0 natGatewayIdSelector: matchLabels: type: natgw-2 associations: - subnetIdSelector: matchLabels: type: subnet visibility: private tags: - key: Name patches: - type: CombineFromComposite combine: variables: - fromFieldPath: spec.parameters.vpc-name strategy: string string: fmt: "%s-private-route-table-2" toFieldPath: spec.forProvider.tags[0].value policy: fromFieldPath: Required - type: PatchSet patchSetName: common-parameters - fromFieldPath: spec.parameters.subnet2-public-availabilityZone toFieldPath: spec.forProvider.associations[0].subnetIdSelector.matchLabels.zone - name: eks-cluster base: apiVersion: eks.aws.crossplane.io/v1beta1 kind: Cluster spec: forProvider: resourcesVpcConfig: endpointPrivateAccess: false endpointPublicAccess: true subnetIdSelector: matchLabels: type: subnet writeConnectionSecretToRef: namespace: crossplane-system patches: - type: PatchSet patchSetName: common-parameters - fromFieldPath: "spec.parameters.k8s-version" toFieldPath: "spec.forProvider.version" - fromFieldPath: "metadata.uid" toFieldPath: "spec.writeConnectionSecretToRef.name" transforms: - type: string string: fmt: "%s-ekscluster-connection" - fromFieldPath: "spec.parameters.cluster-role" toFieldPath: "spec.forProvider.roleArn" connectionDetails: - name: cluster-ca fromConnectionSecretKey: clusterCA - name: apiserver-endpoint fromConnectionSecretKey: endpoint - name: value fromConnectionSecretKey: kubeconfig - name: eks-nodegroup base: apiVersion: eks.aws.crossplane.io/v1alpha1 kind: NodeGroup spec: forProvider: instanceTypes: - m5.large scalingConfig: minSize: 1 subnetSelector: matchLabels: type: subnet visibility: private clusterNameSelector: matchControllerRef: true patches: - type: PatchSet patchSetName: common-parameters - fromFieldPath: "spec.parameters.workers-size" toFieldPath: "spec.forProvider.scalingConfig.desiredSize" - fromFieldPath: "spec.parameters.workers-size" toFieldPath: "spec.forProvider.scalingConfig.maxSize" - fromFieldPath: "spec.parameters.workload-type" toFieldPath: "spec.forProvider.amiType" transforms: - type: map map: gpu: AL2_x86_64_GPU non-gpu: AL2_x86_64 - fromFieldPath: "spec.parameters.workernode-role" toFieldPath: "spec.forProvider.nodeRole"