This module can be found on Github and Terraform Registry

The Container Insights Terraform Module is used to deploy AWS’ Container Insights agent onto a Kubernetes Cluster (EKS Specifically).
This allows for enabling deeper visibility into the operations of your K8 cluster via metrics and logs sent to AWS CloudWatch.

The module connects to the Kubernetes cluster via the management endpoint to run a custom-written Helm Chart.
This helm chart deploys the Container Insights Agent to the cluster as a DeamonSet and configures it to use IAM roles for service accounts, with an IAM Role this module also creates.

The module is based on the quickstart published by AWS and found here. This uses Fluent Bit for sending logs and the CloudWatch Agent for metrics.

Using this module:

1. First add the helm provider to your Terraform code

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

provider "helm" {
  kubernetes {
    host                   = <eks endpoint>
    cluster_ca_certificate = base64decode(<eks certificate authority>)
    exec {
      api_version = "client.authentication.k8s.io/v1alpha1"
      args        = ["eks", "get-token", "--cluster-name", <eks cluster name>, "--region", <aws region>]
      command     = "aws"
    }
  }
}

2. Then add the module itself:

1
2
3
4
5
6
7
8

module "container-insights" {
  source  = "gooygeek/container-insights/helm"
  version = "x.x.x"

  eks_cluster_name      = <eks cluster name>
  eks_oidc_provider_url = <eks oidc provider's url>
  eks_oidc_provider_arn = <eks oidc provider's arn>
}

It is recommended to deploy this in a separate Terraform Workspace than the one that created the EKS cluster for stability reasons.