| Name | Version |
|---|---|
| terraform | >= 0.15 |
| Name | Version |
|---|---|
| aws | n/a |
| helm | n/a |
| kubernetes | n/a |
No modules.
| Name | Type |
|---|---|
| helm_release.istio-base | resource |
| helm_release.istiod | resource |
| kubernetes_secret.istio-ca | resource |
| aws_secretsmanager_secret_version.ca_cert | data source |
| aws_secretsmanager_secret_version.ca_cert_chain | data source |
| aws_secretsmanager_secret_version.ca_private_key | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| ca_cert | the aws secret arn to use for the ca_cert, required | string |
"" |
no |
| ca_cert_chain | the aws secret arn to use for the ca_cert_chain, required | string |
"" |
no |
| ca_private_key | the aws secret arn to use for ca_private_key, required | string |
"" |
no |
| cluster_name | k8s cluster name, required | any |
n/a | yes |
| create_namespace | Have helm_resource create the namespace, default true | bool |
true |
no |
| enable_aws_secret_manager_based_certs | If you would like to provide your own mTLS CA certs for istio to use, enable this flag and input AWS secret ARNs required | bool |
false |
no |
| force_update | (Optional) Force resource update through delete/recreate if needed. Defaults to false | bool |
false |
no |
| helm_chart_version | Version of the Helm chart | string |
"1.12.6" |
no |
| helm_repo_url | Helm repository | string |
"https://istio-release.storage.googleapis.com/charts" |
no |
| istio_base_settings | Additional settings which will be passed to the Helm chart values, yamldecode will be performed on the HCL | map(any) |
{} |
no |
| istiod_global_meshID | Istio telementry mesh name, default mesh1 | string |
"mesh1" |
no |
| istiod_global_network | Istio telementry network name, default network1 | string |
"network1" |
no |
| istiod_meshConfig_accessLogFile | The mesh config access log file | string |
"/dev/stdout" |
no |
| istiod_meshConfig_defaultConfig_envoyAccessLogService_address | The mesh default config envoy access log service address | string |
"gloo-mesh-agent.gloo-mesh:9977" |
no |
| istiod_meshConfig_defaultConfig_envoyMetricsService_address | The mesh default config envoy metrics service address | string |
"gloo-mesh-agent.gloo-mesh:9977" |
no |
| istiod_meshConfig_defaultConfig_proxyMetadata_IstioMetaDNSAutoAllocate | The mesh config default for ISTIO_META_DNS_AUTO_ALLOCATE, enable or disable, default 'true' | string |
"true" |
no |
| istiod_meshConfig_defaultConfig_proxyMetadata_IstioMetaDNSCapture | The mesh config default for ISTIO_META_DNS_CAPTURE, enable or disable, default 'true' | string |
"true" |
no |
| istiod_meshConfig_enableAutoMtls | The mesh config enable automtls, default 'true' | string |
"true" |
no |
| istiod_meshConfig_rootNamespace | The mesh config root namespace | string |
"istio-system" |
no |
| istiod_pilot_env_PilotSkipValidateTrustDomain | Pilot skip validate trust domain flag, default 'true' | string |
"true" |
no |
| k8s_namespace | The K8s namespace in which to install the Helm chart, default: 'istio-system' | string |
"istio-system" |
no |
| recreate_pods | (Optional) Perform pods restart during upgrade/rollback. Defaults to false. | bool |
false |
no |
No outputs.
Updated Readme by terraform-docs
terraform-docs markdown . --output-file README.md
Testing is done via GHA workflow using K8s Kind. See .tests/