Enterprise-grade AWS EKS cluster automation using AWS CLI with comprehensive security, monitoring, and cost optimization for GitHub Free tier.
- Automated EKS Cluster Deployment - Complete cluster setup with AWS CLI
- Multi-AZ VPC Configuration - High availability across 3 availability zones
- Security Best Practices - Pod Security Standards, Network Policies, IAM roles
- Monitoring & Observability - Prometheus, Grafana integration
- Cost Optimization - GitHub Free tier compatible, resource optimization
- CI/CD Integration - Automated testing and deployment workflows
- AWS CLI v2.x installed and configured
- kubectl installed
- Helm 3.x installed
- jq for JSON processing
- Valid AWS credentials with EKS permissions
-
Clone the repository
git clone https://github.com/uldyssian-sh/aws-eks-cluster-awscli.git cd aws-eks-cluster-awscli -
Configure environment
cp .env.template .env # Edit .env with your AWS configuration -
Create VPC infrastructure
./scripts/create-vpc.sh
-
Deploy EKS cluster
./scripts/create-eks.sh
-
Configure kubectl
./scripts/configure-kubectl.sh
-
Install add-ons
./scripts/install-addons.sh
βββ .github/ # GitHub workflows and templates
βββ cloudformation/ # CloudFormation templates
βββ docs/ # Documentation
β βββ COST_OPTIMIZATION.md # Cost optimization guide
β βββ SECURITY_BEST_PRACTICES.md # Security guidelines
βββ examples/ # Example configurations
βββ iam/ # IAM policies
βββ manifests/ # Kubernetes manifests
βββ scripts/ # Automation scripts
β βββ create-eks.sh # Enhanced EKS creation
β βββ validate-cluster.sh # Cluster validation
βββ terraform/ # Terraform configurations
βββ tests/ # Test scripts
| Variable | Description | Default |
|---|---|---|
AWS_REGION |
AWS region | eu-central-1 |
CLUSTER_NAME |
EKS cluster name | eks-demo |
K8S_VERSION |
Kubernetes version | 1.29 |
INSTANCE_TYPE |
Node instance type | t3.medium |
DESIRED_SIZE |
Desired node count | 3 |
The CloudFormation template creates:
- VPC with 3 public and 3 private subnets
- Internet Gateway and NAT Gateway
- Route tables and security groups
- EKS-optimized networking
- Pod Security Standards - Enforced security policies
- Network Policies - Traffic segmentation
- IAM Roles - Least privilege access
- Secrets Management - Secure credential handling
- Prometheus - Metrics collection
- Grafana - Visualization dashboards
- Cluster Autoscaler - Automatic scaling
- AWS Load Balancer Controller - Ingress management
- Health Monitoring - Automated cluster validation
The project includes comprehensive health monitoring:
- Automated cluster validation
- Node health verification
- Pod status monitoring
- Network connectivity tests
Run the test suite:
./tests/test-cluster.shValidate cluster health and configuration:
./scripts/validate-cluster.shThis script checks:
- Cluster status and connectivity
- Node group health
- System pods status
- AWS Load Balancer Controller
- OIDC provider configuration
- Network configuration
The repository includes automated CI/CD workflows:
- CI Pipeline - Code validation and testing
- Deployment Pipeline - Automated infrastructure deployment
This project is optimized for GitHub Free tier:
- Single NAT Gateway configuration
- t3.medium instances for cost efficiency
- Automated resource cleanup scripts
- Monitoring for cost tracking
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests if applicable
- Submit a pull request
See CONTRIBUTING.md for detailed guidelines.
This project is licensed under the MIT License - see the LICENSE file for details.
Maintained by: uldyssian-sh
β Star this repository if you find it helpful!
Disclaimer: Use of this code is at your own risk. Author bears no responsibility for any damages caused by the code.