Advanced Terraform for AWS EKS and VPC (TF v1.5. K8s v.1.27)
Learn production-proof Terraform & AWS EKS Best Practices using Handson concepts and labs
Description
*Updated the course material on Aug 2023
Terraform version: 1.5.2
Kubernetes version: 1.27
If I summarize this course in one sentence?
Learn production-proof Terraform & AWS EKS Best Practices using Handson concepts and labs
☆Please check preview videos to see if this course is really for you☆
Are you one of the below?
You learned Terraform basics but don't know how to write Terraform code for production-ready AWS infra
You don't know how to use Terraform Remote Modules for VPC, IAM, Security Group, EKS, etc
You learned AWS EKS best practices using EKSCTL CLI but now you want to apply them using Terraform
You want to create AWS EKS using Terraform, and want to be able to give right permissions to AWS IAM identities in K8s cluster using ClusterRoleBinding (RBAC: Role Based Access Control)
You don't know how to configure pod-level AWS IAM authentication (IRSA: IAM Role for Service Account) using Terraform
You want to setup Cluster Autoscaler in Terraform
You want to auto-mount EFS to EKS worker nodes using userdata script
Who should take this course
you have intermediate knowledge of AWS (EC2, VPC, subnet, load balancer, IAM, EKS, S3, SSM, KMS, etc)
you have learned EKS best practices
you have learned Terraform basics
you want to deploy AWS and EKS for production
you want to learn DevOps IaC best practices
you want to level up your DevOps game to senior level, and get promotion, raise, or switch jobs
who should NOT need to take this course
you don't plan to deploy AWS EKS using Terraform
you haven't learned AWS EKS best practices (in my other course "AWS EKS Handson")
you haven't learned Terraform basics (in my other course "Terraform Masterclass (v0.14")
Terraform & EKS knowledge and skills you will acquire from this course will put you on a fast-tracked path to a senior level DevOps.
With these handson skills, you can make real and immediate impacts to your work. It's only a matter of time before you can discuss your next promotion and raise with your manager!
5 Reasons why you should take this course:
1. Instructed by a cloud DevOps engineer (with CKA and certified AWS DevOps pro) working at US company in SF
I have been pretty handson with Kubernetes, AWS, and AWS EKS. With 6.5+ industry experience in both North America and Europe, I breakdown and explain hard concepts using diagrams
2. Practical, Scalable, and Extensible Terraform Design Pattern that abstracts and modularzises resources well
It is not enough to take some basic Terraform courses to build production-ready cloud infrastructures.
Most courses don't teach you how to make Terraform code scalable, actually they don't even mention it.
The standard software design principles still apply to Terraform and I will cover one of those in this course (i.e. Facade pattern), so that you can build clean, scalable, manageable, and extensible terraform code.
3. Production-ready best practices of EKS (security, IRSA, CA, EFS, Logging etc)
In this course, we are going in parallel with my other course "AWS EKS Handson" when it comes to EKS best practices.
We will cover:
- encrypting K8s secrets and EBS volumes
- AWS identity authentication & authorization into K8s cluster
- adding taints and labels to K8s worker nodes from Terraform
- enabling master node's logging
- pod-level AWS IAM role (IRSA)
- Cluster Autoscaler
- customizing EKS worker node's userdata script to auto-mount EFS
all using terraform code.
4. Level up your DevOps game to Senior level and get promoted & raise
Terraform & EKS knowledge and skills you will acquire from this course will put you on a fast-tracked path to a senior level DevOps.
With these handson skills, you can make real and immediate impacts to your work. It's only a matter of time before you can discuss your next promotion and raise with your manager!
5. Entire course under SIX HOURS
I tried to make this course compact and concise so students can learn the concepts and handson skills in shorted amount of time, because I know a life of software engineer is already pretty busy :)
My background & Education & Career experience
Cloud DevOps Software Engineer with 7+ years experience
Bachelor of Science in Computing Science from a Canadian university
Knows Java, C#, C++, Bash, Python, JavaScript, Terraform, IaC
Expert in AWS (holds AWS DevOps Professional certification) and Kubernetes (holds Certified Kubernetes Administrator, CKA)
I will see you inside!
What You Will Learn!
- Terraform best practice of 3 layered modules architecture
- Create Terraform Remote Backend in 3-layered Module Architecture
- Create VPC with 3-layered subnets using Terraform Remote Module for VPC
- Create EKS Cluster in private subnet using Terraform Remote Module for EKS
- Encrypt K8s secrets using AWS KMS
- Encrypt AWS EBS Volumes used by AWS EKS Worker Nodes
- AWS Identity Authentication and Authorization in K8s Cluster using aws-auth configmap and clusterrolebinding
- Add K8s taint and label to worker nodes from `kubelet-extra-args` attribute
- Enable K8s Control Plane (Master Components) Logging
- Configure Pod Level Authorization using IRSA (IAM Role for Service Account)
- Scale K8s worker nodes using Cluster Autoscaler (CA)
- Auto Mount EFS to K8s Worker Nodes (EC2) using userdata script
Who Should Attend!
- You learned Terraform basics but don't know how to write Terraform code for production-ready AWS infra
- You don't know how to use Terraform Remote Modules for VPC, IAM, Security Group, EKS, etc
- You learned AWS EKS best practices using EKSCTL CLI but now you want to apply them using Terraform
- You want to create AWS EKS using Terraform, and want to be able to give right permissions to AWS IAM identities in K8s cluster using ClusterRoleBinding (RBAC: Role Based Access Control)
- You don't know how to configure pod-level AWS IAM authentication (IRSA: IAM Role for Service Account) using Terraform
- You want to setup Cluster Autoscaler in Terraform
- You want to auto-mount EFS to EKS worker nodes using userdata script