Create an Amazon VPC for EKS

Provisioning Virtual Private Cloud for EKS using Terraform

This article covers how to create an Amazon VPC (Virtual Private Cloud) using Terraform for the purposes of provisioning EKS (Elastic Kubernetes Service).

  1. Provisioning EKS with Existing VPC using eksctl
  2. Provisioning EKS with Existing VPC using Terraform

The Wonderful EKSCtl Tool

The eksctl tool is great because you can setup a complete production ready Amazon EKS cluster with a single command and a small eksctl config file to describe your cluster. The automation also can add canned policies, like access to ECR (Elastic Container Registry), Route53, ALB (Application Load Balancer), or custom policies for pods running on the cluster.

The Tools Involved

You will need to get these tools:

  • AWS CLI: tool that allows access to automate AWS cloud services.

Part 1: The VPC Module

We’re going to create module that has the parameters we want, which then ultimately passes this Terraform AWS VPC module.

Create Project Area

Create some place to put out code:

mkdir -p ~/my_vpc_project
export PROJECT=~/my_vpc_project

Create Structure and Files for the VPC Module

Using bash we create the files we’ll use for this exercise with:

mkdir -p $PROJECT/vpc
touch $PROJECT/vpc/{locals,main,variables,versions}.tf


This code will require Terraform 0.12 and above, and we should use a recent version of AWS provider.



We’ll set some default variables that’ll use for this the VPC. We’ll specify an optional eks_cluster_name used for tagging the subnets for a future EKS.



We can set a local variable to default to name if eks_cluster_name is blank.



We pass all these variables and locals to external public domain vpc module that is published on Terraform registry.


Part 2: Using the VPC Module

So now we have a usable module, let’s use it.

touch $PROJECT/{main,provider}.tf $PROJECT/terraform.tfvars


At this level, we want to specify all the providers that we will use, which in this case is just AWS. We have to tell the provider what region we’ll use.


We’ll only use two variables, name and region, which the operator should specify at time of provisioning these resources. We could supply an eks_cluster_name, but instead will rely on the default behavior.

External Variables

For variables that outside of this code, we can set them in terraform.tfvars file, which we can create with bash.

cat <<-EOF > terraform.tfvars
region = "us-east-2"
name = "acme-test-cluster"

Part 3: Create It

To run this, you can do the following:

cd $PROJECT# download providers and modules
terraform init
# apply the infrastructure
terraform apply

Part 4: Destroy It

If you no longer need this infrastructure, you can delete it:

terraform destroy


Blog Source Code

Terraform Modules

Next Article


This is a good introduction to AWS and Terraform modules, as well as useful in decoupling creating VPC infrastructure from EKS, or useful is creating a infrastructure with private and public subnets.

Linux NinjaPants Automation Engineering Mutant — exploring DevOps, o11y, k8s, progressive deployment (ci/cd), cloud native infra, infra as code