@dhineshbabuelango wrote:
Hi All, We are using AWS EKS. Since EKS endpoint will not get resolved from peered VPC, we always use route53 resovler by creating inbound and outbound endpoint and then create rule.
Here we haev created the inbound and outbound endpoint but while creating the rule, we need to pass the ip address created from the inbound connection, but its throwing an error when we try to use dynamic blocks.
variable “region” {
default = “ap-southeast-1”
}
provider “aws” {
region = “${var.region}”
}resource “aws_route53_resolver_endpoint” “eks-resolver” {
name = “test-eks-dev_inboundendpoint”
direction = “INBOUND”security_group_ids = [
“${var.inbound-sg}”,
]ip_address {
subnet_id = “${var.subnet-inbound}”
}ip_address {
subnet_id = “${var.subnet-inbound-2}”}
}
resource “aws_route53_resolver_endpoint” “eks-resolver-outbound” {
name = “test-eks-dev_outboundendpoint”
direction = “OUTBOUND”security_group_ids = [
“${var.outbound-sg}”,
]ip_address {
subnet_id = “${var.subnet-outbound}”
}ip_address {
subnet_id = “${var.subnet-outbound-2}”}
}
output “eks-resolver” {
value = “${aws_route53_resolver_endpoint.eks-resolver.ip_address}”
}output “eks-resolver-outbound” {
value = “${aws_route53_resolver_endpoint.eks-resolver-outbound}”
}resource “aws_route53_resolver_rule” “double” {
domain_name = “EE3891EAE6181FEDECD789EF73FAD9C8.yl4.XX-XXXXXXX-1.eks.amazonaws.com”
name = “eks-resolver-rule”
rule_type = “FORWARD”
resolver_endpoint_id = “${aws_route53_resolver_endpoint.eks-resolver-outbound.id}”dynamic “target_ip” {
for_each = “${aws_route53_resolver_endpoint.eks-resolver.ip_address}”content { ip = target_ip.ip }}
}
Posts: 2
Participants: 2