From 495a4aae55af39f6d9e06cb684d77c1c08cab1cd Mon Sep 17 00:00:00 2001
From: Miguel Harmant <98769216+miguelhar@users.noreply.github.com>
Date: Tue, 3 Dec 2024 18:48:34 -0500
Subject: [PATCH] Define kubernetes_network_config explicitly - 6.0.1 (#308)

---
 .pre-commit-config.yaml            |  2 +-
 modules/eks/main.tf                | 20 +++++++++++++++-----
 modules/nodes/README.md            |  2 +-
 modules/nodes/nodes.tf             |  2 +-
 modules/nodes/variables.tf         | 15 +++++++++++----
 modules/single-node/README.md      |  2 +-
 modules/single-node/single-node.tf |  2 +-
 modules/single-node/variables.tf   | 15 +++++++++++----
 8 files changed, 42 insertions(+), 18 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index bd934b50..c47e6b0a 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -62,7 +62,7 @@ repos:
         args:
           - "--args=--compact"
           - "--args=--quiet"
-          - "--args=--skip-check CKV_CIRCLECIPIPELINES_2,CKV_CIRCLECIPIPELINES_6,CKV2_AWS_11,CKV2_AWS_12,CKV2_AWS_6,CKV_AWS_107,CKV_AWS_109,CKV_AWS_111,CKV_AWS_135,CKV_AWS_144,CKV_AWS_145,CKV_AWS_158,CKV_AWS_18,CKV_AWS_184,CKV_AWS_19,CKV_AWS_21,CKV_AWS_66,CKV_AWS_88,CKV2_GHA_1,CKV_AWS_163,CKV_AWS_39,CKV_AWS_38,CKV2_AWS_61,CKV2_AWS_62,CKV_AWS_136,CKV_AWS_329,CKV_AWS_338,CKV_AWS_339,CKV_AWS_341,CKV_AWS_356,CKV2_AWS_19,CKV2_AWS_5,CKV_AWS_150,CKV_AWS_123,CKV2_AWS_65,CKV2_AWS_67,CKV2_AWS_57,CKV_AWS_149,CKV_AWS_117,CKV_AWS_116,CKV_AWS_173,CKV_AWS_115,CKV_AWS_7,CKV_AWS_124"
+          - "--args=--skip-check CKV_CIRCLECIPIPELINES_2,CKV_CIRCLECIPIPELINES_6,CKV2_AWS_11,CKV2_AWS_12,CKV2_AWS_6,CKV_AWS_107,CKV_AWS_109,CKV_AWS_111,CKV_AWS_135,CKV_AWS_144,CKV_AWS_145,CKV_AWS_158,CKV_AWS_18,CKV_AWS_184,CKV_AWS_19,CKV_AWS_21,CKV_AWS_66,CKV_AWS_88,CKV2_GHA_1,CKV_AWS_163,CKV_AWS_39,CKV_AWS_38,CKV2_AWS_61,CKV2_AWS_62,CKV_AWS_136,CKV_AWS_329,CKV_AWS_338,CKV_AWS_339,CKV_AWS_341,CKV_AWS_356,CKV2_AWS_19,CKV2_AWS_5,CKV_AWS_150,CKV_AWS_123,CKV2_AWS_65,CKV2_AWS_67,CKV2_AWS_57,CKV_AWS_149,CKV_AWS_117,CKV_AWS_116,CKV_AWS_173,CKV_AWS_115,CKV_AWS_7,CKV_AWS_124,CKV_AWS_382"
       - id: terraform_trivy
         args:
           - "--args=--severity=HIGH,CRITICAL"
diff --git a/modules/eks/main.tf b/modules/eks/main.tf
index 5da96506..74c37b82 100644
--- a/modules/eks/main.tf
+++ b/modules/eks/main.tf
@@ -213,14 +213,24 @@ locals {
   } : {})
 
 
+  eks_network_config = aws_eks_cluster.this.kubernetes_network_config[0]
+
   eks_info = {
     cluster = {
       specs = {
-        name                      = aws_eks_cluster.this.name
-        endpoint                  = aws_eks_cluster.this.endpoint
-        certificate_authority     = aws_eks_cluster.this.certificate_authority
-        kubernetes_network_config = aws_eks_cluster.this.kubernetes_network_config
-        account_id                = data.aws_caller_identity.cluster_aws_account.account_id
+        name                  = aws_eks_cluster.this.name
+        endpoint              = aws_eks_cluster.this.endpoint
+        certificate_authority = aws_eks_cluster.this.certificate_authority
+        kubernetes_network_config = {
+          elastic_load_balancing = {
+            enabled = try(local.eks_network_config.elastic_load_balancing[0].enabled, false)
+          }
+          ip_family         = local.eks_network_config.ip_family
+          service_ipv4_cidr = local.eks_network_config.service_ipv4_cidr
+          service_ipv6_cidr = local.eks_network_config.service_ipv6_cidr
+
+        }
+        account_id = data.aws_caller_identity.cluster_aws_account.account_id
       }
       addons            = var.eks.cluster_addons
       vpc_cni           = var.eks.vpc_cni
diff --git a/modules/nodes/README.md b/modules/nodes/README.md
index 33b774c0..495f14e6 100644
--- a/modules/nodes/README.md
+++ b/modules/nodes/README.md
@@ -45,7 +45,7 @@ No modules.
 |------|-------------|------|---------|:--------:|
 | <a name="input_additional_node_groups"></a> [additional\_node\_groups](#input\_additional\_node\_groups) | Additional EKS managed node groups definition. | <pre>map(object({<br>    ami                        = optional(string, null)<br>    bootstrap_extra_args       = optional(string, "")<br>    instance_types             = list(string)<br>    spot                       = optional(bool, false)<br>    min_per_az                 = number<br>    max_per_az                 = number<br>    max_unavailable_percentage = optional(number, 50)<br>    max_unavailable            = optional(number)<br>    desired_per_az             = number<br>    availability_zone_ids      = list(string)<br>    labels                     = map(string)<br>    taints = optional(list(object({<br>      key    = string<br>      value  = optional(string)<br>      effect = string<br>      })), [<br>      {<br>        key    = "ebs.csi.aws.com/agent-not-ready",<br>        value  = "true",<br>        effect = "NO_EXECUTE"<br>      }<br>    ])<br>    tags = optional(map(string), {})<br>    gpu  = optional(bool, null)<br>    volume = object({<br>      size       = string<br>      type       = string<br>      iops       = optional(number)<br>      throughput = optional(number, 500)<br>    })<br>  }))</pre> | `{}` | no |
 | <a name="input_default_node_groups"></a> [default\_node\_groups](#input\_default\_node\_groups) | EKS managed node groups definition. | <pre>object(<br>    {<br>      compute = object(<br>        {<br>          ami                        = optional(string, null)<br>          bootstrap_extra_args       = optional(string, "")<br>          instance_types             = optional(list(string), ["m6i.2xlarge"])<br>          spot                       = optional(bool, false)<br>          min_per_az                 = optional(number, 0)<br>          max_per_az                 = optional(number, 10)<br>          max_unavailable_percentage = optional(number, 50)<br>          max_unavailable            = optional(number, null)<br>          desired_per_az             = optional(number, 0)<br>          availability_zone_ids      = list(string)<br>          labels = optional(map(string), {<br>            "dominodatalab.com/node-pool" = "default"<br>          })<br>          taints = optional(list(object({<br>            key    = string<br>            value  = optional(string)<br>            effect = string<br>            })), [<br>            {<br>              key    = "ebs.csi.aws.com/agent-not-ready",<br>              value  = "true",<br>              effect = "NO_EXECUTE"<br>            }<br>          ])<br>          tags = optional(map(string), {})<br>          gpu  = optional(bool, null)<br>          volume = optional(object({<br>            size       = optional(number, 1000)<br>            type       = optional(string, "gp3")<br>            iops       = optional(number)<br>            throughput = optional(number, 500)<br>            }), {<br>            size       = 1000<br>            type       = "gp3"<br>            iops       = null<br>            throughput = 500<br>            }<br>          )<br>      }),<br>      platform = object(<br>        {<br>          ami                        = optional(string, null)<br>          bootstrap_extra_args       = optional(string, "")<br>          instance_types             = optional(list(string), ["m7i-flex.2xlarge"])<br>          spot                       = optional(bool, false)<br>          min_per_az                 = optional(number, 1)<br>          max_per_az                 = optional(number, 10)<br>          max_unavailable_percentage = optional(number, null)<br>          max_unavailable            = optional(number, 1)<br>          desired_per_az             = optional(number, 1)<br>          availability_zone_ids      = list(string)<br>          labels = optional(map(string), {<br>            "dominodatalab.com/node-pool" = "platform"<br>          })<br>          taints = optional(list(object({<br>            key    = string<br>            value  = optional(string)<br>            effect = string<br>            })), []<br>          )<br>          tags = optional(map(string), {})<br>          gpu  = optional(bool, null)<br>          volume = optional(object({<br>            size       = optional(number, 100)<br>            type       = optional(string, "gp3")<br>            iops       = optional(number)<br>            throughput = optional(number)<br>            }), {<br>            size       = 100<br>            type       = "gp3"<br>            iops       = null<br>            throughput = null<br>            }<br>          )<br>      }),<br>      gpu = object(<br>        {<br>          ami                        = optional(string, null)<br>          bootstrap_extra_args       = optional(string, "")<br>          instance_types             = optional(list(string), ["g5.2xlarge"])<br>          spot                       = optional(bool, false)<br>          min_per_az                 = optional(number, 0)<br>          max_per_az                 = optional(number, 10)<br>          max_unavailable_percentage = optional(number, 50)<br>          max_unavailable            = optional(number, null)<br>          desired_per_az             = optional(number, 0)<br>          availability_zone_ids      = list(string)<br>          labels = optional(map(string), {<br>            "dominodatalab.com/node-pool" = "default-gpu"<br>            "nvidia.com/gpu"              = true<br>          })<br>          taints = optional(list(object({<br>            key    = string<br>            value  = optional(string)<br>            effect = string<br>            })), [{<br>            key    = "nvidia.com/gpu"<br>            value  = "true"<br>            effect = "NO_SCHEDULE"<br>            },<br>            {<br>              key    = "ebs.csi.aws.com/agent-not-ready",<br>              value  = "true",<br>              effect = "NO_EXECUTE"<br>            }<br><br>          ])<br>          tags = optional(map(string), {})<br>          gpu  = optional(bool, null)<br>          volume = optional(object({<br>            size       = optional(number, 1000)<br>            type       = optional(string, "gp3")<br>            iops       = optional(number)<br>            throughput = optional(number, 500)<br>            }), {<br>            size       = 1000<br>            type       = "gp3"<br>            iops       = null<br>            throughput = 500<br>            }<br>          )<br>      })<br>  })</pre> | n/a | yes |
-| <a name="input_eks_info"></a> [eks\_info](#input\_eks\_info) | cluster = {<br>      addons            = List of addons<br>      specs             = Cluster spes. {<br>        name                      = Cluster name.<br>        endpoint                  = Cluster endpont.<br>        kubernetes\_network\_config = Cluster k8s nw config.<br>      }<br>      version           = K8s version.<br>      arn               = EKS Cluster arn.<br>      security\_group\_id = EKS Cluster security group id.<br>      endpoint          = EKS Cluster API endpoint.<br>      roles             = Default IAM Roles associated with the EKS cluster. {<br>        name = string<br>        arn = string<br>      }<br>      custom\_roles      = Custom IAM Roles associated with the EKS cluster. {<br>        rolearn  = string<br>        username = string<br>        groups   = list(string)<br>      }<br>      oidc = {<br>        arn = OIDC provider ARN.<br>        url = OIDC provider url.<br>      }<br>    }<br>    nodes = {<br>      security\_group\_id = EKS Nodes security group id.<br>      roles = IAM Roles associated with the EKS Nodes.{<br>        name = string<br>        arn  = string<br>      }<br>    }<br>    kubeconfig = Kubeconfig details.{<br>      path       = string<br>      extra\_args = string<br>    } | <pre>object({<br>    k8s_pre_setup_sh_file = string<br>    cluster = object({<br>      addons = optional(list(string), ["kube-proxy", "coredns", "vpc-cni"])<br>      vpc_cni = optional(object({<br>        prefix_delegation = optional(bool, false)<br>        annotate_pod_ip   = optional(bool, true)<br>      }))<br>      specs = object({<br>        name                      = string<br>        endpoint                  = string<br>        kubernetes_network_config = list(map(any))<br>        certificate_authority     = list(map(any))<br>      })<br>      version           = string<br>      arn               = string<br>      security_group_id = string<br>      endpoint          = string<br>      roles = list(object({<br>        name = string<br>        arn  = string<br>      }))<br>      custom_roles = list(object({<br>        rolearn  = string<br>        username = string<br>        groups   = list(string)<br>      }))<br>      oidc = object({<br>        arn = string<br>        url = string<br>      })<br>    })<br>    nodes = object({<br>      security_group_id = string<br>      roles = list(object({<br>        name = string<br>        arn  = string<br>      }))<br>    })<br>    kubeconfig = object({<br>      path       = string<br>      extra_args = string<br>    })<br>  })</pre> | n/a | yes |
+| <a name="input_eks_info"></a> [eks\_info](#input\_eks\_info) | cluster = {<br>      addons            = List of addons<br>      specs             = Cluster spes. {<br>        name                      = Cluster name.<br>        endpoint                  = Cluster endpont.<br>        kubernetes\_network\_config = Cluster k8s nw config.<br>      }<br>      version           = K8s version.<br>      arn               = EKS Cluster arn.<br>      security\_group\_id = EKS Cluster security group id.<br>      endpoint          = EKS Cluster API endpoint.<br>      roles             = Default IAM Roles associated with the EKS cluster. {<br>        name = string<br>        arn = string<br>      }<br>      custom\_roles      = Custom IAM Roles associated with the EKS cluster. {<br>        rolearn  = string<br>        username = string<br>        groups   = list(string)<br>      }<br>      oidc = {<br>        arn = OIDC provider ARN.<br>        url = OIDC provider url.<br>      }<br>    }<br>    nodes = {<br>      security\_group\_id = EKS Nodes security group id.<br>      roles = IAM Roles associated with the EKS Nodes.{<br>        name = string<br>        arn  = string<br>      }<br>    }<br>    kubeconfig = Kubeconfig details.{<br>      path       = string<br>      extra\_args = string<br>    } | <pre>object({<br>    k8s_pre_setup_sh_file = string<br>    cluster = object({<br>      addons = optional(list(string), ["kube-proxy", "coredns", "vpc-cni"])<br>      vpc_cni = optional(object({<br>        prefix_delegation = optional(bool, false)<br>        annotate_pod_ip   = optional(bool, true)<br>      }))<br>      specs = object({<br>        name     = string<br>        endpoint = string<br>        kubernetes_network_config = object({<br>          elastic_load_balancing = object({<br>            enabled = bool<br>          })<br>          ip_family         = string<br>          service_ipv4_cidr = string<br>          service_ipv6_cidr = string<br>        })<br>        certificate_authority = list(map(any))<br>      })<br>      version           = string<br>      arn               = string<br>      security_group_id = string<br>      endpoint          = string<br>      roles = list(object({<br>        name = string<br>        arn  = string<br>      }))<br>      custom_roles = list(object({<br>        rolearn  = string<br>        username = string<br>        groups   = list(string)<br>      }))<br>      oidc = object({<br>        arn = string<br>        url = string<br>      })<br>    })<br>    nodes = object({<br>      security_group_id = string<br>      roles = list(object({<br>        name = string<br>        arn  = string<br>      }))<br>    })<br>    kubeconfig = object({<br>      path       = string<br>      extra_args = string<br>    })<br>  })</pre> | n/a | yes |
 | <a name="input_ignore_tags"></a> [ignore\_tags](#input\_ignore\_tags) | Tag keys to be ignored by the aws provider. | `list(string)` | `[]` | no |
 | <a name="input_kms_info"></a> [kms\_info](#input\_kms\_info) | key\_id  = KMS key id.<br>    key\_arn = KMS key arn.<br>    enabled = KMS key is enabled | <pre>object({<br>    key_id  = string<br>    key_arn = string<br>    enabled = bool<br>  })</pre> | n/a | yes |
 | <a name="input_network_info"></a> [network\_info](#input\_network\_info) | id = VPC ID.<br>    subnets = {<br>      public = List of public Subnets.<br>      [{<br>        name = Subnet name.<br>        subnet\_id = Subnet ud<br>        az = Subnet availability\_zone<br>        az\_id = Subnet availability\_zone\_id<br>      }]<br>      private = List of private Subnets.<br>      [{<br>        name = Subnet name.<br>        subnet\_id = Subnet ud<br>        az = Subnet availability\_zone<br>        az\_id = Subnet availability\_zone\_id<br>      }]<br>      pod = List of pod Subnets.<br>      [{<br>        name = Subnet name.<br>        subnet\_id = Subnet ud<br>        az = Subnet availability\_zone<br>        az\_id = Subnet availability\_zone\_id<br>      }]<br>    } | <pre>object({<br>    vpc_id = string<br>    subnets = object({<br>      public = list(object({<br>        name      = string<br>        subnet_id = string<br>        az        = string<br>        az_id     = string<br>      }))<br>      private = optional(list(object({<br>        name      = string<br>        subnet_id = string<br>        az        = string<br>        az_id     = string<br>      })), [])<br>      pod = optional(list(object({<br>        name      = string<br>        subnet_id = string<br>        az        = string<br>        az_id     = string<br>      })), [])<br>    })<br>  })</pre> | n/a | yes |
diff --git a/modules/nodes/nodes.tf b/modules/nodes/nodes.tf
index 97ac8e34..f7c51fb3 100644
--- a/modules/nodes/nodes.tf
+++ b/modules/nodes/nodes.tf
@@ -13,7 +13,7 @@ resource "aws_launch_template" "node_groups" {
       cluster_endpoint    = var.eks_info.cluster.specs.endpoint
       cluster_auth_base64 = var.eks_info.cluster.specs.certificate_authority[0].data
       # Optional
-      cluster_service_ipv4_cidr = var.eks_info.cluster.specs.kubernetes_network_config[0].service_ipv4_cidr != null ? var.eks_info.cluster.specs.kubernetes_network_config[0].service_ipv4_cidr : ""
+      cluster_service_ipv4_cidr = var.eks_info.cluster.specs.kubernetes_network_config.service_ipv4_cidr != null ? var.eks_info.cluster.specs.kubernetes_network_config.service_ipv4_cidr : ""
       bootstrap_extra_args      = each.value.bootstrap_extra_args
       pre_bootstrap_user_data   = ""
       post_bootstrap_user_data  = ""
diff --git a/modules/nodes/variables.tf b/modules/nodes/variables.tf
index 22eed85b..80a14374 100644
--- a/modules/nodes/variables.tf
+++ b/modules/nodes/variables.tf
@@ -109,10 +109,17 @@ variable "eks_info" {
         annotate_pod_ip   = optional(bool, true)
       }))
       specs = object({
-        name                      = string
-        endpoint                  = string
-        kubernetes_network_config = list(map(any))
-        certificate_authority     = list(map(any))
+        name     = string
+        endpoint = string
+        kubernetes_network_config = object({
+          elastic_load_balancing = object({
+            enabled = bool
+          })
+          ip_family         = string
+          service_ipv4_cidr = string
+          service_ipv6_cidr = string
+        })
+        certificate_authority = list(map(any))
       })
       version           = string
       arn               = string
diff --git a/modules/single-node/README.md b/modules/single-node/README.md
index ccb839b6..607b88a2 100644
--- a/modules/single-node/README.md
+++ b/modules/single-node/README.md
@@ -44,7 +44,7 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_eks_info"></a> [eks\_info](#input\_eks\_info) | cluster = {<br>      addons            = List of addons<br>      specs             = Cluster spes. {<br>        name                      = Cluster name.<br>        endpoint                  = Cluster endpont.<br>        kubernetes\_network\_config = Cluster k8s nw config.<br>      }<br>      version           = K8s version.<br>      arn               = EKS Cluster arn.<br>      security\_group\_id = EKS Cluster security group id.<br>      endpoint          = EKS Cluster API endpoint.<br>      roles             = Default IAM Roles associated with the EKS cluster. {<br>        name = string<br>        arn = string<br>      }<br>      custom\_roles      = Custom IAM Roles associated with the EKS cluster. {<br>        rolearn  = string<br>        username = string<br>        groups   = list(string)<br>      }<br>      oidc = {<br>        arn = OIDC provider ARN.<br>        url = OIDC provider url.<br>      }<br>    }<br>    nodes = {<br>      security\_group\_id = EKS Nodes security group id.<br>      roles = IAM Roles associated with the EKS Nodes.{<br>        name = string<br>        arn  = string<br>      }<br>    }<br>    kubeconfig = Kubeconfig details.{<br>      path       = string<br>      extra\_args = string<br>    } | <pre>object({<br>    k8s_pre_setup_sh_file = string<br>    cluster = object({<br>      addons = optional(list(string), ["kube-proxy", "coredns", "vpc-cni"])<br>      vpc_cni = optional(object({<br>        prefix_delegation = optional(bool, false)<br>        annotate_pod_ip   = optional(bool, true)<br>      }))<br>      specs = object({<br>        name                      = string<br>        endpoint                  = string<br>        kubernetes_network_config = list(map(any))<br>        certificate_authority     = list(map(any))<br>      })<br>      version           = string<br>      arn               = string<br>      security_group_id = string<br>      endpoint          = string<br>      roles = list(object({<br>        name = string<br>        arn  = string<br>      }))<br>      custom_roles = list(object({<br>        rolearn  = string<br>        username = string<br>        groups   = list(string)<br>      }))<br>      oidc = object({<br>        arn = string<br>        url = string<br>      })<br>    })<br>    nodes = object({<br>      security_group_id = string<br>      roles = list(object({<br>        name = string<br>        arn  = string<br>      }))<br>    })<br>    kubeconfig = object({<br>      path       = string<br>      extra_args = string<br>    })<br>  })</pre> | n/a | yes |
+| <a name="input_eks_info"></a> [eks\_info](#input\_eks\_info) | cluster = {<br>      addons            = List of addons<br>      specs             = Cluster spes. {<br>        name                      = Cluster name.<br>        endpoint                  = Cluster endpont.<br>        kubernetes\_network\_config = Cluster k8s nw config.<br>      }<br>      version           = K8s version.<br>      arn               = EKS Cluster arn.<br>      security\_group\_id = EKS Cluster security group id.<br>      endpoint          = EKS Cluster API endpoint.<br>      roles             = Default IAM Roles associated with the EKS cluster. {<br>        name = string<br>        arn = string<br>      }<br>      custom\_roles      = Custom IAM Roles associated with the EKS cluster. {<br>        rolearn  = string<br>        username = string<br>        groups   = list(string)<br>      }<br>      oidc = {<br>        arn = OIDC provider ARN.<br>        url = OIDC provider url.<br>      }<br>    }<br>    nodes = {<br>      security\_group\_id = EKS Nodes security group id.<br>      roles = IAM Roles associated with the EKS Nodes.{<br>        name = string<br>        arn  = string<br>      }<br>    }<br>    kubeconfig = Kubeconfig details.{<br>      path       = string<br>      extra\_args = string<br>    } | <pre>object({<br>    k8s_pre_setup_sh_file = string<br>    cluster = object({<br>      addons = optional(list(string), ["kube-proxy", "coredns", "vpc-cni"])<br>      vpc_cni = optional(object({<br>        prefix_delegation = optional(bool, false)<br>        annotate_pod_ip   = optional(bool, true)<br>      }))<br>      specs = object({<br>        name     = string<br>        endpoint = string<br>        kubernetes_network_config = object({<br>          elastic_load_balancing = object({<br>            enabled = bool<br>          })<br>          ip_family         = string<br>          service_ipv4_cidr = string<br>          service_ipv6_cidr = string<br>        })<br>        certificate_authority = list(map(any))<br>      })<br>      version           = string<br>      arn               = string<br>      security_group_id = string<br>      endpoint          = string<br>      roles = list(object({<br>        name = string<br>        arn  = string<br>      }))<br>      custom_roles = list(object({<br>        rolearn  = string<br>        username = string<br>        groups   = list(string)<br>      }))<br>      oidc = object({<br>        arn = string<br>        url = string<br>      })<br>    })<br>    nodes = object({<br>      security_group_id = string<br>      roles = list(object({<br>        name = string<br>        arn  = string<br>      }))<br>    })<br>    kubeconfig = object({<br>      path       = string<br>      extra_args = string<br>    })<br>  })</pre> | n/a | yes |
 | <a name="input_kms_info"></a> [kms\_info](#input\_kms\_info) | key\_id  = KMS key id.<br>    key\_arn = KMS key arn.<br>    enabled = KMS key is enabled | <pre>object({<br>    key_id  = string<br>    key_arn = string<br>    enabled = bool<br>  })</pre> | n/a | yes |
 | <a name="input_network_info"></a> [network\_info](#input\_network\_info) | id = VPC ID.<br>    subnets = {<br>      public = List of public Subnets.<br>      [{<br>        name = Subnet name.<br>        subnet\_id = Subnet ud<br>        az = Subnet availability\_zone<br>        az\_id = Subnet availability\_zone\_id<br>      }]<br>      private = List of private Subnets.<br>      [{<br>        name = Subnet name.<br>        subnet\_id = Subnet ud<br>        az = Subnet availability\_zone<br>        az\_id = Subnet availability\_zone\_id<br>      }]<br>      pod = List of pod Subnets.<br>      [{<br>        name = Subnet name.<br>        subnet\_id = Subnet ud<br>        az = Subnet availability\_zone<br>        az\_id = Subnet availability\_zone\_id<br>      }]<br>    } | <pre>object({<br>    vpc_id = string<br>    subnets = object({<br>      public = list(object({<br>        name      = string<br>        subnet_id = string<br>        az        = string<br>        az_id     = string<br>      }))<br>      private = optional(list(object({<br>        name      = string<br>        subnet_id = string<br>        az        = string<br>        az_id     = string<br>      })), [])<br>      pod = optional(list(object({<br>        name      = string<br>        subnet_id = string<br>        az        = string<br>        az_id     = string<br>      })), [])<br>    })<br>  })</pre> | n/a | yes |
 | <a name="input_region"></a> [region](#input\_region) | AWS region for the deployment | `string` | n/a | yes |
diff --git a/modules/single-node/single-node.tf b/modules/single-node/single-node.tf
index 4ac1cc9b..68116fd4 100644
--- a/modules/single-node/single-node.tf
+++ b/modules/single-node/single-node.tf
@@ -57,7 +57,7 @@ resource "aws_launch_template" "single_node" {
       cluster_endpoint    = var.eks_info.cluster.specs.endpoint
       cluster_auth_base64 = var.eks_info.cluster.specs.certificate_authority[0].data
       # Optional
-      cluster_service_ipv4_cidr = var.eks_info.cluster.specs.kubernetes_network_config[0].service_ipv4_cidr != null ? var.eks_info.cluster.specs.kubernetes_network_config[0].service_ipv4_cidr : ""
+      cluster_service_ipv4_cidr = var.eks_info.cluster.specs.kubernetes_network_config.service_ipv4_cidr != null ? var.eks_info.cluster.specs.kubernetes_network_config.service_ipv4_cidr : ""
       bootstrap_extra_args      = local.bootstrap_extra_args
       pre_bootstrap_user_data   = ""
       post_bootstrap_user_data  = ""
diff --git a/modules/single-node/variables.tf b/modules/single-node/variables.tf
index a41f89bf..5e3e19a2 100644
--- a/modules/single-node/variables.tf
+++ b/modules/single-node/variables.tf
@@ -109,10 +109,17 @@ variable "eks_info" {
         annotate_pod_ip   = optional(bool, true)
       }))
       specs = object({
-        name                      = string
-        endpoint                  = string
-        kubernetes_network_config = list(map(any))
-        certificate_authority     = list(map(any))
+        name     = string
+        endpoint = string
+        kubernetes_network_config = object({
+          elastic_load_balancing = object({
+            enabled = bool
+          })
+          ip_family         = string
+          service_ipv4_cidr = string
+          service_ipv6_cidr = string
+        })
+        certificate_authority = list(map(any))
       })
       version           = string
       arn               = string