diff --git a/kubernetes/cloud/amazon/terraform/main.tf b/kubernetes/cloud/amazon/terraform/main.tf
new file mode 100644
index 0000000..3d3297c
--- /dev/null
+++ b/kubernetes/cloud/amazon/terraform/main.tf
@@ -0,0 +1,31 @@
+provider "aws" {
+ version = ">= 2.28.1"
+ region = var.region
+ access_key = var.access_key
+ secret_key = var.secret_key
+}
+
+module "network" {
+ source = "./modules/network/"
+}
+
+
+module "cluster" {
+ source = "./modules/cluster/"
+ vpc_id = "${module.network.vpc_id}"
+ private_subnets = "${module.network.private_subnets}"
+ public_subnets = "${module.network.public_subnets}"
+ #worker_group_1_security_id = "${module.network.security_group_worker_1_id}"
+ #worker_group_all_security_id= "${module.network.security_group_worker_all_id}"
+
+ #location = var.location
+ #kubernetes_version = var.kubernetes_version
+
+}
+
+module "k8s" {
+ source = "./modules/k8s/"
+ host = "${module.cluster.host}"
+ token = "${module.cluster.token}"
+ cluster_ca_certificate= "${module.cluster.cluster_ca_certificate}"
+}
diff --git a/kubernetes/cloud/amazon/terraform/modules/cluster/cluster.tf b/kubernetes/cloud/amazon/terraform/modules/cluster/cluster.tf
new file mode 100644
index 0000000..d0d7fc1
--- /dev/null
+++ b/kubernetes/cloud/amazon/terraform/modules/cluster/cluster.tf
@@ -0,0 +1,57 @@
+provider "local" {
+ version = "~> 1.2"
+}
+
+provider "null" {
+ version = "~> 2.1"
+}
+
+provider "template" {
+ version = "~> 2.1"
+}
+
+module "eks" {
+ source = "terraform-aws-modules/eks/aws"
+ version = "~> 12.1.0"
+ cluster_name = "eks-getting-started"
+ cluster_version = "1.16"
+ subnets = var.private_subnets
+ vpc_id = var.vpc_id
+
+ node_groups_defaults = {
+ ami_type = "AL2_x86_64"
+ disk_size = 50
+ }
+
+ node_groups = {
+ example = {
+ desired_capacity = 1
+ max_capacity = 10
+ min_capacity = 1
+ instance_type = "t2.small"
+ }
+ }
+}
+
+
+/*
+ worker_additional_security_group_ids = [var.worker_group_all_security_id]
+ worker_groups = [
+ {
+ name = "worker-group-1"
+ instance_type = "t2.small"
+ additional_userdata = "echo foo bar"
+ asg_desired_capacity = 1
+ additional_security_group_ids = [var.worker_group_1_security_id]
+ },
+ ]
+}
+*/
+
+data "aws_eks_cluster" "cluster" {
+ name = module.eks.cluster_id
+}
+
+data "aws_eks_cluster_auth" "cluster" {
+ name = module.eks.cluster_id
+}
\ No newline at end of file
diff --git a/kubernetes/cloud/amazon/terraform/modules/cluster/outputs.tf b/kubernetes/cloud/amazon/terraform/modules/cluster/outputs.tf
new file mode 100644
index 0000000..b820cec
--- /dev/null
+++ b/kubernetes/cloud/amazon/terraform/modules/cluster/outputs.tf
@@ -0,0 +1,11 @@
+output "host" {
+ value = data.aws_eks_cluster.cluster.endpoint
+}
+
+output "token" {
+ value = data.aws_eks_cluster_auth.cluster.token
+}
+
+output "cluster_ca_certificate" {
+ value = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
+}
\ No newline at end of file
diff --git a/kubernetes/cloud/amazon/terraform/modules/cluster/variables.tf b/kubernetes/cloud/amazon/terraform/modules/cluster/variables.tf
new file mode 100644
index 0000000..97d5ba7
--- /dev/null
+++ b/kubernetes/cloud/amazon/terraform/modules/cluster/variables.tf
@@ -0,0 +1,35 @@
+variable "vpc_id" {
+}
+
+variable "private_subnets" {
+}
+
+variable "public_subnets" {
+}
+
+# variable "worker_group_1_security_id" {
+# }
+
+# variable "worker_group_all_security_id" {
+# }
+
+# variable "worker_group_2_security_id" {
+
+# }
+
+# variable "serviceprinciple_id" {
+# }
+
+# variable "serviceprinciple_key" {
+# }
+
+# variable "location" {
+# default = "australiaeast"
+# }
+
+# variable "kubernetes_version" {
+# default = "1.16.10"
+# }
+
+# variable "ssh_key" {
+# }
diff --git a/kubernetes/cloud/amazon/terraform/modules/k8s/k8s.tf b/kubernetes/cloud/amazon/terraform/modules/k8s/k8s.tf
new file mode 100644
index 0000000..0fd6995
--- /dev/null
+++ b/kubernetes/cloud/amazon/terraform/modules/k8s/k8s.tf
@@ -0,0 +1,85 @@
+
+provider "kubernetes" {
+ load_config_file = "false"
+ host = var.host
+ token = var.token
+ cluster_ca_certificate = var.cluster_ca_certificate
+}
+
+
+resource "kubernetes_deployment" "example" {
+ metadata {
+ name = "terraform-example"
+ labels = {
+ test = "MyExampleApp"
+ }
+ }
+
+ spec {
+ replicas = 3
+
+ selector {
+ match_labels = {
+ test = "MyExampleApp"
+ }
+ }
+
+ template {
+ metadata {
+ labels = {
+ test = "MyExampleApp"
+ }
+ }
+
+ spec {
+ container {
+ image = "nginx:1.7.8"
+ name = "example"
+
+ resources {
+ limits {
+ cpu = "0.5"
+ memory = "512Mi"
+ }
+ requests {
+ cpu = "250m"
+ memory = "50Mi"
+ }
+ }
+
+ liveness_probe {
+ http_get {
+ path = "/nginx_status"
+ port = 80
+
+ http_header {
+ name = "X-Custom-Header"
+ value = "Awesome"
+ }
+ }
+
+ initial_delay_seconds = 3
+ period_seconds = 3
+ }
+ }
+ }
+ }
+ }
+}
+
+resource "kubernetes_service" "example" {
+ metadata {
+ name = "terraform-example"
+ }
+ spec {
+ selector = {
+ test = "MyExampleApp"
+ }
+ port {
+ port = 80
+ target_port = 80
+ }
+
+ type = "LoadBalancer"
+ }
+}
\ No newline at end of file
diff --git a/kubernetes/cloud/amazon/terraform/modules/k8s/variables.tf b/kubernetes/cloud/amazon/terraform/modules/k8s/variables.tf
new file mode 100644
index 0000000..325f5b6
--- /dev/null
+++ b/kubernetes/cloud/amazon/terraform/modules/k8s/variables.tf
@@ -0,0 +1,8 @@
+variable "host" {
+}
+
+variable "token" {
+}
+
+variable "cluster_ca_certificate" {
+}
\ No newline at end of file
diff --git a/kubernetes/cloud/amazon/terraform/modules/network/network.tf b/kubernetes/cloud/amazon/terraform/modules/network/network.tf
new file mode 100644
index 0000000..75bd186
--- /dev/null
+++ b/kubernetes/cloud/amazon/terraform/modules/network/network.tf
@@ -0,0 +1,34 @@
+
+######################################################
+# https://github.com/terraform-aws-modules/terraform-aws-vpc
+######################################################
+data "aws_availability_zones" "available" {}
+
+module "vpc" {
+ source = "terraform-aws-modules/vpc/aws"
+ version = "2.6.0"
+
+ name = "eks-cluster-vpc"
+ cidr = "10.0.0.0/16"
+ azs = data.aws_availability_zones.available.names
+ private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
+ public_subnets = ["10.0.4.0/24", "10.0.5.0/24", "10.0.6.0/24"]
+ enable_nat_gateway = true
+ single_nat_gateway = true
+ enable_dns_hostnames = true
+
+ tags = {
+ "kubernetes.io/cluster/eks-getting-started" = "shared"
+ }
+
+ public_subnet_tags = {
+ "kubernetes.io/cluster/eks-getting-started" = "shared"
+ "kubernetes.io/role/elb" = "1"
+ }
+
+ private_subnet_tags = {
+ "kubernetes.io/cluster/eks-getting-started" = "shared"
+ "kubernetes.io/role/internal-elb" = "1"
+ }
+
+}
\ No newline at end of file
diff --git a/kubernetes/cloud/amazon/terraform/modules/network/outputs.tf b/kubernetes/cloud/amazon/terraform/modules/network/outputs.tf
new file mode 100644
index 0000000..31bef4a
--- /dev/null
+++ b/kubernetes/cloud/amazon/terraform/modules/network/outputs.tf
@@ -0,0 +1,23 @@
+output "vpc_id" {
+ value = module.vpc.vpc_id
+}
+
+output "private_subnets" {
+ value = module.vpc.private_subnets
+}
+
+output "public_subnets" {
+ value = module.vpc.public_subnets
+}
+
+output "security_group_worker_1_id" {
+ value = aws_security_group.node_ssh_group_1.id
+}
+
+output "security_group_worker_2_id" {
+ value = aws_security_group.node_ssh_group_2.id
+}
+
+output "security_group_worker_all_id" {
+ value = aws_security_group.node_ssh_all.id
+}
\ No newline at end of file
diff --git a/kubernetes/cloud/amazon/terraform/modules/network/security.tf b/kubernetes/cloud/amazon/terraform/modules/network/security.tf
new file mode 100644
index 0000000..9ae4a6d
--- /dev/null
+++ b/kubernetes/cloud/amazon/terraform/modules/network/security.tf
@@ -0,0 +1,47 @@
+
+resource "aws_security_group" "node_ssh_all" {
+ name_prefix = "nodes_ssh"
+ vpc_id = module.vpc.vpc_id
+
+ ingress {
+ from_port = 22
+ to_port = 22
+ protocol = "tcp"
+
+ cidr_blocks = [
+ "10.0.0.0/8",
+ "172.16.0.0/12",
+ "192.168.0.0/16",
+ ]
+ }
+}
+
+resource "aws_security_group" "node_ssh_group_1" {
+ name_prefix = "nodes_ssh"
+ vpc_id = module.vpc.vpc_id
+
+ ingress {
+ from_port = 22
+ to_port = 22
+ protocol = "tcp"
+
+ cidr_blocks = [
+ "10.0.0.0/8",
+ ]
+ }
+}
+
+resource "aws_security_group" "node_ssh_group_2" {
+ name_prefix = "nodes_ssh"
+ vpc_id = module.vpc.vpc_id
+
+ ingress {
+ from_port = 22
+ to_port = 22
+ protocol = "tcp"
+
+ cidr_blocks = [
+ "192.168.0.0/16",
+ ]
+ }
+}
\ No newline at end of file
diff --git a/kubernetes/cloud/amazon/terraform/readme.md b/kubernetes/cloud/amazon/terraform/readme.md
new file mode 100644
index 0000000..1d76523
--- /dev/null
+++ b/kubernetes/cloud/amazon/terraform/readme.md
@@ -0,0 +1,85 @@
+# Getting Started with Amazon EKS using Terraform
+
+More resources:
+
+Terraform provider for AWS [here](https://www.terraform.io/docs/providers/aws/index.html)
+
+## Amazon CLI
+
+You can get the Amazon CLI on [Docker-Hub](https://hub.docker.com/r/amazon/aws-cli)
+We'll need the Amazon CLI to gather information so we can build our Terraform file.
+
+```
+# Run Amazon CLI
+docker run -it --rm -v ${PWD}:/work -w /work --entrypoint /bin/sh amazon/aws-cli:2.0.17
+
+# some handy tools :)
+yum install jq gzip nano tar git unzip wget
+
+```
+
+## Login to Amazon
+
+```
+# Access your "My Security Credentials" section in your profile.
+# Create an access key
+
+aws configure
+
+```
+
+# Terraform CLI
+
+```
+# Get Terraform
+
+curl -o /tmp/terraform.zip -LO https://releases.hashicorp.com/terraform/0.12.28/terraform_0.12.28_linux_amd64.zip
+
+unzip /tmp/terraform.zip
+chmod +x terraform && mv terraform /usr/local/bin/
+
+cd kubernetes/cloud/amazon/terraform/
+
+```
+
+# Generate SSH key
+
+```
+ssh-keygen -t rsa -b 4096 -N "VeryStrongSecret123!" -C "your_email@example.com" -q -f ~/.ssh/id_rsa
+SSH_KEY=$(cat ~/.ssh/id_rsa.pub)
+```
+
+## Terraform Amazon Kubernetes Provider
+
+Documentation on all the Kubernetes fields for terraform [here](https://www.terraform.io/docs/providers/aws/r/eks_cluster.html)
+
+```
+terraform init
+
+terraform plan -var access_key=$access_key -var secret_key=$secret_key
+
+terraform apply -var access_key=$access_key -var secret_key=$secret_key
+
+```
+
+# Lets see what we deployed
+
+```
+# grab our EKS config
+aws eks update-kubeconfig --name eks-getting-started --region ap-southeast-2
+
+# Get kubectl
+
+curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
+chmod +x ./kubectl
+mv ./kubectl /usr/local/bin/kubectl
+
+kubectl get svc
+
+```
+
+# Clean up
+
+```
+terraform destroy -var access_key=$access_key -var secret_key=$secret_key
+```
\ No newline at end of file
diff --git a/kubernetes/cloud/amazon/terraform/variables.tf b/kubernetes/cloud/amazon/terraform/variables.tf
new file mode 100644
index 0000000..824a0ea
--- /dev/null
+++ b/kubernetes/cloud/amazon/terraform/variables.tf
@@ -0,0 +1,9 @@
+variable "access_key" {
+}
+
+variable "secret_key" {
+}
+
+variable "region" {
+ default = "ap-southeast-2"
+}
diff --git a/kubernetes/cloud/azure/terraform/readme.md b/kubernetes/cloud/azure/terraform/readme.md
index 3c1c4bf..222919e 100644
--- a/kubernetes/cloud/azure/terraform/readme.md
+++ b/kubernetes/cloud/azure/terraform/readme.md
@@ -58,6 +58,7 @@ az role assignment create --assignee $SERVICE_PRINCIPAL \
For extra reference you can also take a look at the Microsoft Docs: [here](https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/aks/kubernetes-service-principal.md)
+# Terraform CLI
```
# Get Terraform