From 6dc2b6f9695082c004e460a1de637054096550bd Mon Sep 17 00:00:00 2001
From: kfc-manager <kilianc0709@gmail.com>
Date: Thu, 4 Apr 2024 19:00:14 +0200
Subject: [PATCH] enha: added multiple variables for more configuration
 capabilities

---
 main.tf      |  9 ++++++---
 variables.tf | 20 ++++++++++++++++++--
 2 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/main.tf b/main.tf
index b145df5..ba0c2c3 100644
--- a/main.tf
+++ b/main.tf
@@ -119,11 +119,14 @@ resource "aws_iam_role_policy_attachment" "xray" {
 ################################
 
 resource "aws_eks_cluster" "main" {
-  name     = var.identifier
-  role_arn = aws_iam_role.master.arn
+  name                      = var.identifier
+  version                   = var.version
+  role_arn                  = aws_iam_role.master.arn
+  enabled_cluster_log_types = ["api", "audit", "authenticator", "controllerManager", "scheduler"]
 
   vpc_config {
-    subnet_ids = var.subnets
+    subnet_ids         = var.subnets
+    security_group_ids = var.security_groups
   }
 
   tags = var.tags
diff --git a/variables.tf b/variables.tf
index 85630f9..2136ddb 100644
--- a/variables.tf
+++ b/variables.tf
@@ -7,6 +7,12 @@ variable "identifier" {
   }
 }
 
+variable "version" {
+  description = "The Kubernetes version the cluster runs on."
+  type        = string
+  default     = "1.29"
+}
+
 variable "vpc" {
   description = "ID of the subnets' VPC."
   type        = string
@@ -20,8 +26,8 @@ variable "subnets" {
   description = "A list of IDs of subnets for the subnet group and potentially the RDS proxy."
   type        = list(string)
   validation {
-    condition     = length(var.subnets) > 1
-    error_message = "List of subnets must contain at least 2 elements"
+    condition     = length(var.subnets) > 0
+    error_message = "List of subnets must contain at least one element"
   }
   validation {
     condition     = !contains([for v in var.subnets : startswith(v, "subnet-")], false)
@@ -29,6 +35,16 @@ variable "subnets" {
   }
 }
 
+variable "security_groups" {
+  description = "A list of IDs of subnets for the subnet group and potentially the RDS proxy."
+  type        = list(string)
+
+  validation {
+    condition     = !contains([for v in var.subnets : startswith(v, "sg-")], false)
+    error_message = "Elements must be valid security group IDs"
+  }
+}
+
 variable "disk_size" {
   description = "Disk size in GiB of the node group."
   type        = number