docs: update readme

README.md

@@ -1,13 +1,13 @@
 # terraform-aws-eks-basic
 
-A basic Terraform module for creating and managing Amazon EKS (Elastic Kubernetes Service) clusters. This module supports multiple compute modes: EC2, Fargate, and AutoMode, with EC2 as the primary focus.
+A basic Terraform module for creating and managing Amazon EKS (Elastic Kubernetes Service) clusters. Currently supports EC2 and Fargate; AutoMode is scaffolded only (no AutoMode-specific resources yet).
 
 ## Features
 
-- **Multi-Compute Support**: Supports EC2, Fargate, and AutoMode compute types
+- **Multi-Compute Support**: Supports EC2 and Fargate; AutoMode is scaffolded
 - **EC2 Managed Node Groups**: Full support for EC2 managed node groups with auto-scaling
-- **Fargate Profiles**: Structure ready for Fargate profile configuration
-- **AutoMode**: Structure ready for EKS AutoMode configuration
+- **Fargate Profiles**: Supported via `fargate_profiles` and Fargate IAM role creation
+- **AutoMode**: Placeholder wiring only; no AutoMode-specific resources yet
 - **IRSA Support**: OIDC provider setup for IAM Roles for Service Accounts
 - **EKS Capabilities**: Managed ACK, KRO, and ArgoCD capabilities (optional, default: disabled)
   - **ACK**: AWS Controllers for Kubernetes - create AWS resources via Kubernetes manifests
@@ -18,7 +18,7 @@ A basic Terraform module for creating and managing Amazon EKS (Elastic Kubernete
   - AWS Load Balancer Controller (optional, default: disabled)
 - **Comprehensive Testing**: Includes Terraform test suite
 
-## Requirements
+## Prerequisites
 
 | Name | Version |
 | ---- | ------- |
@@ -34,7 +34,7 @@ A basic Terraform module for creating and managing Amazon EKS (Elastic Kubernete
 
 ```hcl
 module "eks" {
-  source = "path/to/terraform-aws-eks-basic"
+  source = "tfstack/eks-basic/aws"
 
   cluster_name    = "my-eks-cluster"
   cluster_version = "1.28"
@@ -62,7 +62,7 @@ module "eks" {
 
 ```hcl
 module "eks" {
-  source = "path/to/terraform-aws-eks-basic"
+  source = "tfstack/eks-basic/aws"
 
   cluster_name    = "my-eks-cluster"
   cluster_version = "1.28"
@@ -85,7 +85,7 @@ module "eks" {
 
 ```hcl
 module "eks" {
-  source = "path/to/terraform-aws-eks-basic"
+  source = "tfstack/eks-basic/aws"
 
   cluster_name    = "my-eks-cluster"
   cluster_version = "1.28"
@@ -109,7 +109,7 @@ module "eks" {
 
 ```hcl
 module "eks" {
-  source = "path/to/terraform-aws-eks-basic"
+  source = "tfstack/eks-basic/aws"
 
   cluster_name    = "my-eks-cluster"
   cluster_version = "1.28"
@@ -141,7 +141,7 @@ module "eks" {
 
 ```hcl
 module "eks" {
-  source = "path/to/terraform-aws-eks-basic"
+  source = "tfstack/eks-basic/aws"
 
   cluster_name    = "my-eks-cluster"
   cluster_version = "1.28"

examples/basic/README.md

@@ -52,15 +52,16 @@ This example automatically creates a VPC with:
 
 ### Optional Variables
 
-- `cluster_name`: Name of the EKS cluster (default: `example-eks-cluster`)
-- `cluster_version`: Kubernetes version (default: `1.28`)
+- `cluster_version`: Kubernetes version (default: `1.34`)
 - `node_instance_types`: EC2 instance types for nodes (default: `["t3.medium"]`)
 - `node_desired_size`: Desired number of nodes (default: `2`)
 - `node_min_size`: Minimum number of nodes (default: `1`)
 - `node_max_size`: Maximum number of nodes (default: `3`)
 - `node_disk_size`: Disk size in GiB (default: `20`)
 - `enable_ebs_csi_driver`: Enable EBS CSI Driver addon (default: `false`)
 - `enable_aws_lb_controller`: Enable AWS Load Balancer Controller (default: `false`)
+- `aws_auth_map_users`: IAM users to add to aws-auth (default: `[]`)
+- `aws_auth_map_roles`: IAM roles to add to aws-auth (default: `[]`)
 
 ## Outputs
 

examples/ebs-web-app/README.md

@@ -56,7 +56,17 @@ cluster_name = "ebs-web-app"
 ```bash
 terraform init
 terraform plan
-terraform apply
+```
+
+Because this example uses the Kubernetes provider (which needs a live cluster),
+apply it in two stages:
+
+```bash
+# 1) Create the EKS cluster first
+terraform apply -target=module.eks -auto-approve
+
+# 2) Apply the rest (EBS CSI Driver, PVC, deployment, service)
+terraform apply -auto-approve
 ```
 
 Wait for the cluster and EBS CSI Driver to be fully provisioned (this may take 10-15 minutes).

examples/eks-capabilities/README.md

@@ -4,10 +4,10 @@ This example demonstrates how to use EKS Capabilities (ACK, KRO, and ArgoCD) for
 
 ## What This Example Creates
 
-1. **EKS Cluster** with all three capabilities enabled:
+1. **EKS Cluster** with capabilities enabled:
    - **ACK** (AWS Controllers for Kubernetes) - Create AWS resources via Kubernetes manifests
    - **KRO** (Kube Resource Orchestrator) - Platform engineering abstractions
-   - **ArgoCD** - GitOps capability for continuous deployment
+   - **ArgoCD** - GitOps capability for continuous deployment (disabled by default in this example)
 
 2. **KRO Resource Graph Definition (RGD)** - Platform team abstraction template
 3. **KRO Resource Group Instance** - Developer-facing application deployment
@@ -16,7 +16,7 @@ This example demonstrates how to use EKS Capabilities (ACK, KRO, and ArgoCD) for
 
 ## Features Demonstrated
 
-- ✅ EKS Capabilities enablement (ACK, KRO, ArgoCD)
+- ✅ EKS Capabilities enablement (ACK, KRO, optional ArgoCD)
 - ✅ Platform engineering with KRO Resource Graph Definitions
 - ✅ Creating AWS resources (DynamoDB, S3, IAM) via ACK as part of the WebAppStack
 - ✅ Creating additional ACK example resources via standalone manifests
@@ -61,7 +61,7 @@ terraform apply -auto-approve
 
 Wait for the cluster and capabilities to be fully provisioned (this may take 10-15 minutes).
 
-**Note:** The module automatically creates IAM roles for each capability (ACK, KRO, ArgoCD) with the appropriate managed policies. If you prefer to use existing roles, you can provide them via the `*_capability_role_arn` variables.
+**Note:** The module automatically creates IAM roles for enabled capabilities (ACK, KRO, and ArgoCD if you enable it) with the appropriate managed policies. If you prefer to use existing roles, you can provide them via the `*_capability_role_arn` variables.
 
 ### Step 3: Configure kubectl
 
@@ -156,7 +156,9 @@ kubectl get policy.iam.services.k8s.aws eks-capabilities-app-policy
 kubectl get podidentityassociation eks-capabilities-app
 
 # Optional S3 bucket (only if bucket.enabled=true)
-kubectl get bucket eks-capabilities-bucket
+kubectl get bucket eks-capabilities-app-bucket
+
+# Keep this name distinct from the ACK example bucket (eks-capabilities-bucket)
 
 ```
 
@@ -197,7 +199,6 @@ The WebAppStack uses ACK-backed resources under the hood:
 - DynamoDB table for app state
 - Optional S3 bucket when enabled
 - IAM role/policy for Pod Identity
-- DynamoDB table for app state
 
 ## Verifying the Deployment
 
@@ -249,7 +250,7 @@ kubectl get ingress eks-capabilities-app-ingress -o jsonpath='{.status.loadBalan
 
 ## ArgoCD Capability
 
-The ArgoCD capability is enabled but requires additional configuration for full GitOps setup. The capability provides:
+The ArgoCD capability is disabled by default in this example. If you enable it, it provides:
 
 - Managed ArgoCD installation
 - GitOps workflow support

examples/eks-capabilities/kubernetes/dev-team/eks-capabilities-app-instance.yaml

@@ -16,5 +16,5 @@ spec:
       alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]'
   bucket:
     enabled: false
-    name: eks-capabilities-bucket
+    name: eks-capabilities-app-bucket
     region: ap-southeast-2