1. Packages
  2. Alibaba Cloud Provider
  3. API Docs
  4. cs
  5. Kubernetes
Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi

alicloud.cs.Kubernetes

Explore with Pulumi AI

alicloud logo
Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi

    This resource will help you to manage a Kubernetes Cluster in Alibaba Cloud Kubernetes Service, see What is kubernetes.

    NOTE: From August 21, 2024, Container Service for Kubernetes (ACK) discontinues the creation of ACK dedicated clusters, see Product announcement for more details.

    NOTE: Available since v1.9.0.

    NOTE: Kubernetes cluster only supports VPC network and it can access internet while creating kubernetes cluster. A Nat Gateway and configuring a SNAT for it can ensure one VPC network access internet. If there is no nat gateway in the VPC, you can set new_nat_gateway to “true” to create one automatically.

    NOTE: Each kubernetes cluster contains 3 master nodes and those number cannot be changed at now.

    NOTE: Creating kubernetes cluster need to install several packages and it will cost about 15 minutes. Please be patient.

    NOTE: From version 1.9.4, the provider supports to download kube config, client certificate, client key and cluster ca certificate after creating cluster successfully, and you can put them into the specified location, like ‘~/.kube/config’.

    NOTE: From version 1.16.0, the provider supports Multiple Availability Zones Kubernetes Cluster. To create a cluster of this kind, you must specify 3 or 5 items in master_vswitch_ids and master_instance_types.

    NOTE: From version 1.20.0, the provider supports disabling internet load balancer for API Server by setting false to slb_internet_enabled.

    NOTE: If you want to manage Kubernetes, you can use Kubernetes Provider.

    NOTE: You need to activate several other products and confirm Authorization Policy used by Container Service before using this resource. Please refer to the Authorization management and Cluster management sections in the Document Center.

    NOTE: From version 1.75.0, Some parameters have been removed from resource,You can check them below and re-import the cluster if necessary.

    NOTE: From version 1.101.0+, We supported the professional managed clusters(ack-pro), You can create a pro cluster by setting the the value of cluster_spec.

    NOTE: From version 1.177.0+, exclude_autoscaler_nodes,worker_number,worker_vswitch_ids,worker_instance_types,worker_instance_charge_type,worker_period,worker_period_unit,worker_auto_renew,worker_auto_renew_period,worker_disk_category,worker_disk_size,worker_data_disks,node_port_range,cpu_policy,user_data,taints,worker_disk_performance_level,worker_disk_snapshot_policy_id are deprecated. We Suggest you using resource alicloud.cs.NodePool to manage your cluster worker nodes.

    NOTE: From version 1.212.0, exclude_autoscaler_nodes,worker_number,worker_vswitch_ids,worker_instance_types,worker_instance_charge_type,worker_period,worker_period_unit,worker_auto_renew,worker_auto_renew_period,worker_disk_category,worker_disk_size,worker_data_disks,node_port_range,cpu_policy,user_data,taints,worker_disk_performance_level,worker_disk_snapshot_policy_id,kube_config,availability_zone are removed. Please use resource alicloud.cs.NodePool to manage your cluster worker nodes.

    Create Kubernetes Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Kubernetes(name: string, args: KubernetesArgs, opts?: CustomResourceOptions);
    @overload
    def Kubernetes(resource_name: str,
                   args: KubernetesArgs,
                   opts: Optional[ResourceOptions] = None)
    
    @overload
    def Kubernetes(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   master_instance_types: Optional[Sequence[str]] = None,
                   master_vswitch_ids: Optional[Sequence[str]] = None,
                   master_instance_charge_type: Optional[str] = None,
                   deletion_protection: Optional[bool] = None,
                   cluster_ca_cert: Optional[str] = None,
                   cluster_domain: Optional[str] = None,
                   custom_san: Optional[str] = None,
                   delete_options: Optional[Sequence[KubernetesDeleteOptionArgs]] = None,
                   api_audiences: Optional[Sequence[str]] = None,
                   enable_ssh: Optional[bool] = None,
                   image_id: Optional[str] = None,
                   install_cloud_monitor: Optional[bool] = None,
                   is_enterprise_security_group: Optional[bool] = None,
                   name: Optional[str] = None,
                   kms_encrypted_password: Optional[str] = None,
                   kms_encryption_context: Optional[Mapping[str, str]] = None,
                   load_balancer_spec: Optional[str] = None,
                   master_auto_renew: Optional[bool] = None,
                   master_auto_renew_period: Optional[int] = None,
                   master_disk_category: Optional[str] = None,
                   master_disk_performance_level: Optional[str] = None,
                   master_disk_size: Optional[int] = None,
                   master_period_unit: Optional[str] = None,
                   addons: Optional[Sequence[KubernetesAddonArgs]] = None,
                   client_cert: Optional[str] = None,
                   master_period: Optional[int] = None,
                   master_disk_snapshot_policy_id: Optional[str] = None,
                   client_key: Optional[str] = None,
                   key_name: Optional[str] = None,
                   name_prefix: Optional[str] = None,
                   new_nat_gateway: Optional[bool] = None,
                   node_cidr_mask: Optional[int] = None,
                   node_name_mode: Optional[str] = None,
                   os_type: Optional[str] = None,
                   password: Optional[str] = None,
                   platform: Optional[str] = None,
                   pod_cidr: Optional[str] = None,
                   pod_vswitch_ids: Optional[Sequence[str]] = None,
                   proxy_mode: Optional[str] = None,
                   rds_instances: Optional[Sequence[str]] = None,
                   resource_group_id: Optional[str] = None,
                   retain_resources: Optional[Sequence[str]] = None,
                   runtime: Optional[KubernetesRuntimeArgs] = None,
                   security_group_id: Optional[str] = None,
                   service_account_issuer: Optional[str] = None,
                   service_cidr: Optional[str] = None,
                   slb_internet_enabled: Optional[bool] = None,
                   tags: Optional[Mapping[str, str]] = None,
                   timezone: Optional[str] = None,
                   user_ca: Optional[str] = None,
                   version: Optional[str] = None)
    func NewKubernetes(ctx *Context, name string, args KubernetesArgs, opts ...ResourceOption) (*Kubernetes, error)
    public Kubernetes(string name, KubernetesArgs args, CustomResourceOptions? opts = null)
    public Kubernetes(String name, KubernetesArgs args)
    public Kubernetes(String name, KubernetesArgs args, CustomResourceOptions options)
    
    type: alicloud:cs:Kubernetes
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args KubernetesArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args KubernetesArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args KubernetesArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args KubernetesArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args KubernetesArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var kubernetesResource = new AliCloud.CS.Kubernetes("kubernetesResource", new()
    {
        MasterInstanceTypes = new[]
        {
            "string",
        },
        MasterVswitchIds = new[]
        {
            "string",
        },
        MasterInstanceChargeType = "string",
        DeletionProtection = false,
        ClusterCaCert = "string",
        ClusterDomain = "string",
        CustomSan = "string",
        DeleteOptions = new[]
        {
            new AliCloud.CS.Inputs.KubernetesDeleteOptionArgs
            {
                DeleteMode = "string",
                ResourceType = "string",
            },
        },
        ApiAudiences = new[]
        {
            "string",
        },
        EnableSsh = false,
        ImageId = "string",
        InstallCloudMonitor = false,
        IsEnterpriseSecurityGroup = false,
        Name = "string",
        KmsEncryptedPassword = "string",
        KmsEncryptionContext = 
        {
            { "string", "string" },
        },
        MasterAutoRenew = false,
        MasterAutoRenewPeriod = 0,
        MasterDiskCategory = "string",
        MasterDiskPerformanceLevel = "string",
        MasterDiskSize = 0,
        MasterPeriodUnit = "string",
        Addons = new[]
        {
            new AliCloud.CS.Inputs.KubernetesAddonArgs
            {
                Config = "string",
                Disabled = false,
                Name = "string",
                Version = "string",
            },
        },
        ClientCert = "string",
        MasterPeriod = 0,
        MasterDiskSnapshotPolicyId = "string",
        ClientKey = "string",
        KeyName = "string",
        NewNatGateway = false,
        NodeCidrMask = 0,
        NodeNameMode = "string",
        OsType = "string",
        Password = "string",
        Platform = "string",
        PodCidr = "string",
        PodVswitchIds = new[]
        {
            "string",
        },
        ProxyMode = "string",
        RdsInstances = new[]
        {
            "string",
        },
        ResourceGroupId = "string",
        RetainResources = new[]
        {
            "string",
        },
        Runtime = new AliCloud.CS.Inputs.KubernetesRuntimeArgs
        {
            Name = "string",
            Version = "string",
        },
        SecurityGroupId = "string",
        ServiceAccountIssuer = "string",
        ServiceCidr = "string",
        SlbInternetEnabled = false,
        Tags = 
        {
            { "string", "string" },
        },
        Timezone = "string",
        UserCa = "string",
        Version = "string",
    });
    
    example, err := cs.NewKubernetes(ctx, "kubernetesResource", &cs.KubernetesArgs{
    	MasterInstanceTypes: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	MasterVswitchIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	MasterInstanceChargeType: pulumi.String("string"),
    	DeletionProtection:       pulumi.Bool(false),
    	ClusterCaCert:            pulumi.String("string"),
    	ClusterDomain:            pulumi.String("string"),
    	CustomSan:                pulumi.String("string"),
    	DeleteOptions: cs.KubernetesDeleteOptionArray{
    		&cs.KubernetesDeleteOptionArgs{
    			DeleteMode:   pulumi.String("string"),
    			ResourceType: pulumi.String("string"),
    		},
    	},
    	ApiAudiences: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	EnableSsh:                 pulumi.Bool(false),
    	ImageId:                   pulumi.String("string"),
    	InstallCloudMonitor:       pulumi.Bool(false),
    	IsEnterpriseSecurityGroup: pulumi.Bool(false),
    	Name:                      pulumi.String("string"),
    	KmsEncryptedPassword:      pulumi.String("string"),
    	KmsEncryptionContext: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	MasterAutoRenew:            pulumi.Bool(false),
    	MasterAutoRenewPeriod:      pulumi.Int(0),
    	MasterDiskCategory:         pulumi.String("string"),
    	MasterDiskPerformanceLevel: pulumi.String("string"),
    	MasterDiskSize:             pulumi.Int(0),
    	MasterPeriodUnit:           pulumi.String("string"),
    	Addons: cs.KubernetesAddonTypeArray{
    		&cs.KubernetesAddonTypeArgs{
    			Config:   pulumi.String("string"),
    			Disabled: pulumi.Bool(false),
    			Name:     pulumi.String("string"),
    			Version:  pulumi.String("string"),
    		},
    	},
    	ClientCert:                 pulumi.String("string"),
    	MasterPeriod:               pulumi.Int(0),
    	MasterDiskSnapshotPolicyId: pulumi.String("string"),
    	ClientKey:                  pulumi.String("string"),
    	KeyName:                    pulumi.String("string"),
    	NewNatGateway:              pulumi.Bool(false),
    	NodeCidrMask:               pulumi.Int(0),
    	NodeNameMode:               pulumi.String("string"),
    	OsType:                     pulumi.String("string"),
    	Password:                   pulumi.String("string"),
    	Platform:                   pulumi.String("string"),
    	PodCidr:                    pulumi.String("string"),
    	PodVswitchIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ProxyMode: pulumi.String("string"),
    	RdsInstances: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ResourceGroupId: pulumi.String("string"),
    	RetainResources: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Runtime: &cs.KubernetesRuntimeArgs{
    		Name:    pulumi.String("string"),
    		Version: pulumi.String("string"),
    	},
    	SecurityGroupId:      pulumi.String("string"),
    	ServiceAccountIssuer: pulumi.String("string"),
    	ServiceCidr:          pulumi.String("string"),
    	SlbInternetEnabled:   pulumi.Bool(false),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	Timezone: pulumi.String("string"),
    	UserCa:   pulumi.String("string"),
    	Version:  pulumi.String("string"),
    })
    
    var kubernetesResource = new Kubernetes("kubernetesResource", KubernetesArgs.builder()
        .masterInstanceTypes("string")
        .masterVswitchIds("string")
        .masterInstanceChargeType("string")
        .deletionProtection(false)
        .clusterCaCert("string")
        .clusterDomain("string")
        .customSan("string")
        .deleteOptions(KubernetesDeleteOptionArgs.builder()
            .deleteMode("string")
            .resourceType("string")
            .build())
        .apiAudiences("string")
        .enableSsh(false)
        .imageId("string")
        .installCloudMonitor(false)
        .isEnterpriseSecurityGroup(false)
        .name("string")
        .kmsEncryptedPassword("string")
        .kmsEncryptionContext(Map.of("string", "string"))
        .masterAutoRenew(false)
        .masterAutoRenewPeriod(0)
        .masterDiskCategory("string")
        .masterDiskPerformanceLevel("string")
        .masterDiskSize(0)
        .masterPeriodUnit("string")
        .addons(KubernetesAddonArgs.builder()
            .config("string")
            .disabled(false)
            .name("string")
            .version("string")
            .build())
        .clientCert("string")
        .masterPeriod(0)
        .masterDiskSnapshotPolicyId("string")
        .clientKey("string")
        .keyName("string")
        .newNatGateway(false)
        .nodeCidrMask(0)
        .nodeNameMode("string")
        .osType("string")
        .password("string")
        .platform("string")
        .podCidr("string")
        .podVswitchIds("string")
        .proxyMode("string")
        .rdsInstances("string")
        .resourceGroupId("string")
        .retainResources("string")
        .runtime(KubernetesRuntimeArgs.builder()
            .name("string")
            .version("string")
            .build())
        .securityGroupId("string")
        .serviceAccountIssuer("string")
        .serviceCidr("string")
        .slbInternetEnabled(false)
        .tags(Map.of("string", "string"))
        .timezone("string")
        .userCa("string")
        .version("string")
        .build());
    
    kubernetes_resource = alicloud.cs.Kubernetes("kubernetesResource",
        master_instance_types=["string"],
        master_vswitch_ids=["string"],
        master_instance_charge_type="string",
        deletion_protection=False,
        cluster_ca_cert="string",
        cluster_domain="string",
        custom_san="string",
        delete_options=[{
            "delete_mode": "string",
            "resource_type": "string",
        }],
        api_audiences=["string"],
        enable_ssh=False,
        image_id="string",
        install_cloud_monitor=False,
        is_enterprise_security_group=False,
        name="string",
        kms_encrypted_password="string",
        kms_encryption_context={
            "string": "string",
        },
        master_auto_renew=False,
        master_auto_renew_period=0,
        master_disk_category="string",
        master_disk_performance_level="string",
        master_disk_size=0,
        master_period_unit="string",
        addons=[{
            "config": "string",
            "disabled": False,
            "name": "string",
            "version": "string",
        }],
        client_cert="string",
        master_period=0,
        master_disk_snapshot_policy_id="string",
        client_key="string",
        key_name="string",
        new_nat_gateway=False,
        node_cidr_mask=0,
        node_name_mode="string",
        os_type="string",
        password="string",
        platform="string",
        pod_cidr="string",
        pod_vswitch_ids=["string"],
        proxy_mode="string",
        rds_instances=["string"],
        resource_group_id="string",
        retain_resources=["string"],
        runtime={
            "name": "string",
            "version": "string",
        },
        security_group_id="string",
        service_account_issuer="string",
        service_cidr="string",
        slb_internet_enabled=False,
        tags={
            "string": "string",
        },
        timezone="string",
        user_ca="string",
        version="string")
    
    const kubernetesResource = new alicloud.cs.Kubernetes("kubernetesResource", {
        masterInstanceTypes: ["string"],
        masterVswitchIds: ["string"],
        masterInstanceChargeType: "string",
        deletionProtection: false,
        clusterCaCert: "string",
        clusterDomain: "string",
        customSan: "string",
        deleteOptions: [{
            deleteMode: "string",
            resourceType: "string",
        }],
        apiAudiences: ["string"],
        enableSsh: false,
        imageId: "string",
        installCloudMonitor: false,
        isEnterpriseSecurityGroup: false,
        name: "string",
        kmsEncryptedPassword: "string",
        kmsEncryptionContext: {
            string: "string",
        },
        masterAutoRenew: false,
        masterAutoRenewPeriod: 0,
        masterDiskCategory: "string",
        masterDiskPerformanceLevel: "string",
        masterDiskSize: 0,
        masterPeriodUnit: "string",
        addons: [{
            config: "string",
            disabled: false,
            name: "string",
            version: "string",
        }],
        clientCert: "string",
        masterPeriod: 0,
        masterDiskSnapshotPolicyId: "string",
        clientKey: "string",
        keyName: "string",
        newNatGateway: false,
        nodeCidrMask: 0,
        nodeNameMode: "string",
        osType: "string",
        password: "string",
        platform: "string",
        podCidr: "string",
        podVswitchIds: ["string"],
        proxyMode: "string",
        rdsInstances: ["string"],
        resourceGroupId: "string",
        retainResources: ["string"],
        runtime: {
            name: "string",
            version: "string",
        },
        securityGroupId: "string",
        serviceAccountIssuer: "string",
        serviceCidr: "string",
        slbInternetEnabled: false,
        tags: {
            string: "string",
        },
        timezone: "string",
        userCa: "string",
        version: "string",
    });
    
    type: alicloud:cs:Kubernetes
    properties:
        addons:
            - config: string
              disabled: false
              name: string
              version: string
        apiAudiences:
            - string
        clientCert: string
        clientKey: string
        clusterCaCert: string
        clusterDomain: string
        customSan: string
        deleteOptions:
            - deleteMode: string
              resourceType: string
        deletionProtection: false
        enableSsh: false
        imageId: string
        installCloudMonitor: false
        isEnterpriseSecurityGroup: false
        keyName: string
        kmsEncryptedPassword: string
        kmsEncryptionContext:
            string: string
        masterAutoRenew: false
        masterAutoRenewPeriod: 0
        masterDiskCategory: string
        masterDiskPerformanceLevel: string
        masterDiskSize: 0
        masterDiskSnapshotPolicyId: string
        masterInstanceChargeType: string
        masterInstanceTypes:
            - string
        masterPeriod: 0
        masterPeriodUnit: string
        masterVswitchIds:
            - string
        name: string
        newNatGateway: false
        nodeCidrMask: 0
        nodeNameMode: string
        osType: string
        password: string
        platform: string
        podCidr: string
        podVswitchIds:
            - string
        proxyMode: string
        rdsInstances:
            - string
        resourceGroupId: string
        retainResources:
            - string
        runtime:
            name: string
            version: string
        securityGroupId: string
        serviceAccountIssuer: string
        serviceCidr: string
        slbInternetEnabled: false
        tags:
            string: string
        timezone: string
        userCa: string
        version: string
    

    Kubernetes Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Kubernetes resource accepts the following input properties:

    MasterInstanceTypes List<string>
    The instance type of master node. Specify one type for single AZ Cluster, three types for MultiAZ Cluster.
    MasterVswitchIds List<string>
    The vswitches used by master, you can specific 3 or 5 vswitches because of the amount of masters. Detailed below.
    Addons List<Pulumi.AliCloud.CS.Inputs.KubernetesAddon>

    The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

    Network params

    ApiAudiences List<string>
    A list of API audiences for Service Account Token Volume Projection. Set this to ["https://kubernetes.default.svc"] if you want to enable the Token Volume Projection feature requires specifying service_account_issuer as well. From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    ClientCert string
    The path of client certificate, like ~/.kube/client-cert.pem.
    ClientKey string
    The path of client key, like ~/.kube/client-key.pem.
    ClusterCaCert string

    The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

    Removed params

    ClusterDomain string
    Cluster local domain name, Default to cluster.local. A domain name consists of one or more sections separated by a decimal point (.), each of which is up to 63 characters long, and can be lowercase, numerals, and underscores (-), and must be lowercase or numerals at the beginning and end.
    CustomSan string
    Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).
    DeleteOptions List<Pulumi.AliCloud.CS.Inputs.KubernetesDeleteOption>
    Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.
    DeletionProtection bool
    Whether to enable cluster deletion protection.
    EnableSsh bool
    Enable login to the node through SSH. Default to false.
    ImageId string
    Custom Image support. Must based on CentOS7 or AliyunLinux2.
    InstallCloudMonitor bool
    Install cloud monitor agent on ECS. Default to true.
    IsEnterpriseSecurityGroup bool
    Enable to create advanced security group. default: false. See Advanced security group. Only works for Create Operation.
    KeyName string
    The keypair of ssh login cluster node, you have to create it first. You have to specify one of password key_name kms_encrypted_password fields.
    KmsEncryptedPassword string
    An KMS encrypts password used to a cs kubernetes. You have to specify one of password key_name kms_encrypted_password fields.
    KmsEncryptionContext Dictionary<string, string>
    An KMS encryption context used to decrypt kms_encrypted_password before creating or updating a cs kubernetes with kms_encrypted_password. See Encryption Context. It is valid when kms_encrypted_password is set.
    LoadBalancerSpec string
    The cluster api server load balance instance specification, default slb.s1.small. For more information on how to select a LB instance specification, see SLB instance overview. Only works for Create Operation.

    Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

    MasterAutoRenew bool
    Enable master payment auto-renew, defaults to false.
    MasterAutoRenewPeriod int
    Master payment auto-renew period, it can be one of {1, 2, 3, 6, 12}.
    MasterDiskCategory string
    The system disk category of master node. Its valid value are cloud_ssd, cloud_essd and cloud_efficiency. Default to cloud_efficiency.
    MasterDiskPerformanceLevel string
    Master node system disk performance level. When master_disk_category values cloud_essd, the optional values are PL0, PL1, PL2 or PL3, but the specific performance level is related to the disk capacity. For more information, see Enhanced SSDs. Default is PL1.
    MasterDiskSize int
    The system disk size of master node. Its valid value range [20~500] in GB. Default to 20.
    MasterDiskSnapshotPolicyId string

    Master node system disk auto snapshot policy.

    Computed params

    MasterInstanceChargeType string
    Master payment type. or PostPaid or PrePaid, defaults to PostPaid. If value is PrePaid, the files master_period, master_period_unit, master_auto_renew and master_auto_renew_period are required.
    MasterPeriod int
    Master payment period.Its valid value is one of {1, 2, 3, 6, 12, 24, 36, 48, 60}.
    MasterPeriodUnit string
    Master payment period unit, the valid value is Month.
    Name string
    The kubernetes cluster's name. It is unique in one Alicloud account.
    NamePrefix string

    Deprecated: Field 'name_prefix' has been deprecated from provider version 1.75.0.

    NewNatGateway bool
    Whether to create a new nat gateway while creating kubernetes cluster. Default to true. Then openapi in Alibaba Cloud are not all on intranet, So turn this option on is a good choice. Your cluster nodes and applications will have public network access. If there is a NAT gateway in the selected VPC, ACK will use this gateway by default; if there is no NAT gateway in the selected VPC, ACK will create a new NAT gateway for you and automatically configure SNAT rules. Only works for Create Operation.
    NodeCidrMask int
    The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24
    NodeNameMode string
    Each node name consists of a prefix, an IP substring, and a suffix, the input format is customized,<prefix>,IPSubStringLen,<suffix>. For example "customized,aliyun.com-,5,-test", if the node IP address is 192.168.59.176, the prefix is aliyun.com-, IP substring length is 5, and the suffix is -test, the node name will be aliyun.com-59176-test.
    OsType string
    The operating system of the nodes that run pods, its valid value is either Linux or Windows. Default to Linux.
    Password string
    The password of ssh login cluster node. You have to specify one of password key_name kms_encrypted_password fields.
    Platform string
    The architecture of the nodes that run pods, its valid value is either CentOS or AliyunLinux. Default to CentOS.
    PodCidr string
    [Flannel Specific] The CIDR block for the pod network when using Flannel.
    PodVswitchIds List<string>
    [Terway Specific] The vswitches for the pod network when using Terway. It is recommended that pod_vswitch_ids is not belong to worker_vswitch_ids and master_vswitch_ids but must be in same availability zones. Only works for Create Operation.
    ProxyMode string
    Proxy mode is option of kube-proxy. options: iptables | ipvs. default: ipvs.
    RdsInstances List<string>
    RDS instance list, You can choose which RDS instances whitelist to add instances to.
    ResourceGroupId string
    The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
    RetainResources List<string>
    Runtime Pulumi.AliCloud.CS.Inputs.KubernetesRuntime
    The runtime of containers. If you select another container runtime, see How do I select between Docker and Sandboxed-Container. See runtime below.
    SecurityGroupId string
    The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
    ServiceAccountIssuer string
    The issuer of the Service Account token for Service Account Token Volume Projection, corresponds to the iss field in the token payload. Set this to "https://kubernetes.default.svc" to enable the Token Volume Projection feature (requires specifying api_audiences as well). From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    ServiceCidr string
    The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
    SlbInternetEnabled bool

    Whether to create internet load balancer for API Server. Default to true. Only works for Create Operation.

    NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

    Master params

    Tags Dictionary<string, string>
    Default nil, A map of tags assigned to the kubernetes cluster and work nodes.
    Timezone string
    When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
    UserCa string
    The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
    Version string
    Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK.
    MasterInstanceTypes []string
    The instance type of master node. Specify one type for single AZ Cluster, three types for MultiAZ Cluster.
    MasterVswitchIds []string
    The vswitches used by master, you can specific 3 or 5 vswitches because of the amount of masters. Detailed below.
    Addons []KubernetesAddonTypeArgs

    The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

    Network params

    ApiAudiences []string
    A list of API audiences for Service Account Token Volume Projection. Set this to ["https://kubernetes.default.svc"] if you want to enable the Token Volume Projection feature requires specifying service_account_issuer as well. From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    ClientCert string
    The path of client certificate, like ~/.kube/client-cert.pem.
    ClientKey string
    The path of client key, like ~/.kube/client-key.pem.
    ClusterCaCert string

    The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

    Removed params

    ClusterDomain string
    Cluster local domain name, Default to cluster.local. A domain name consists of one or more sections separated by a decimal point (.), each of which is up to 63 characters long, and can be lowercase, numerals, and underscores (-), and must be lowercase or numerals at the beginning and end.
    CustomSan string
    Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).
    DeleteOptions []KubernetesDeleteOptionArgs
    Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.
    DeletionProtection bool
    Whether to enable cluster deletion protection.
    EnableSsh bool
    Enable login to the node through SSH. Default to false.
    ImageId string
    Custom Image support. Must based on CentOS7 or AliyunLinux2.
    InstallCloudMonitor bool
    Install cloud monitor agent on ECS. Default to true.
    IsEnterpriseSecurityGroup bool
    Enable to create advanced security group. default: false. See Advanced security group. Only works for Create Operation.
    KeyName string
    The keypair of ssh login cluster node, you have to create it first. You have to specify one of password key_name kms_encrypted_password fields.
    KmsEncryptedPassword string
    An KMS encrypts password used to a cs kubernetes. You have to specify one of password key_name kms_encrypted_password fields.
    KmsEncryptionContext map[string]string
    An KMS encryption context used to decrypt kms_encrypted_password before creating or updating a cs kubernetes with kms_encrypted_password. See Encryption Context. It is valid when kms_encrypted_password is set.
    LoadBalancerSpec string
    The cluster api server load balance instance specification, default slb.s1.small. For more information on how to select a LB instance specification, see SLB instance overview. Only works for Create Operation.

    Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

    MasterAutoRenew bool
    Enable master payment auto-renew, defaults to false.
    MasterAutoRenewPeriod int
    Master payment auto-renew period, it can be one of {1, 2, 3, 6, 12}.
    MasterDiskCategory string
    The system disk category of master node. Its valid value are cloud_ssd, cloud_essd and cloud_efficiency. Default to cloud_efficiency.
    MasterDiskPerformanceLevel string
    Master node system disk performance level. When master_disk_category values cloud_essd, the optional values are PL0, PL1, PL2 or PL3, but the specific performance level is related to the disk capacity. For more information, see Enhanced SSDs. Default is PL1.
    MasterDiskSize int
    The system disk size of master node. Its valid value range [20~500] in GB. Default to 20.
    MasterDiskSnapshotPolicyId string

    Master node system disk auto snapshot policy.

    Computed params

    MasterInstanceChargeType string
    Master payment type. or PostPaid or PrePaid, defaults to PostPaid. If value is PrePaid, the files master_period, master_period_unit, master_auto_renew and master_auto_renew_period are required.
    MasterPeriod int
    Master payment period.Its valid value is one of {1, 2, 3, 6, 12, 24, 36, 48, 60}.
    MasterPeriodUnit string
    Master payment period unit, the valid value is Month.
    Name string
    The kubernetes cluster's name. It is unique in one Alicloud account.
    NamePrefix string

    Deprecated: Field 'name_prefix' has been deprecated from provider version 1.75.0.

    NewNatGateway bool
    Whether to create a new nat gateway while creating kubernetes cluster. Default to true. Then openapi in Alibaba Cloud are not all on intranet, So turn this option on is a good choice. Your cluster nodes and applications will have public network access. If there is a NAT gateway in the selected VPC, ACK will use this gateway by default; if there is no NAT gateway in the selected VPC, ACK will create a new NAT gateway for you and automatically configure SNAT rules. Only works for Create Operation.
    NodeCidrMask int
    The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24
    NodeNameMode string
    Each node name consists of a prefix, an IP substring, and a suffix, the input format is customized,<prefix>,IPSubStringLen,<suffix>. For example "customized,aliyun.com-,5,-test", if the node IP address is 192.168.59.176, the prefix is aliyun.com-, IP substring length is 5, and the suffix is -test, the node name will be aliyun.com-59176-test.
    OsType string
    The operating system of the nodes that run pods, its valid value is either Linux or Windows. Default to Linux.
    Password string
    The password of ssh login cluster node. You have to specify one of password key_name kms_encrypted_password fields.
    Platform string
    The architecture of the nodes that run pods, its valid value is either CentOS or AliyunLinux. Default to CentOS.
    PodCidr string
    [Flannel Specific] The CIDR block for the pod network when using Flannel.
    PodVswitchIds []string
    [Terway Specific] The vswitches for the pod network when using Terway. It is recommended that pod_vswitch_ids is not belong to worker_vswitch_ids and master_vswitch_ids but must be in same availability zones. Only works for Create Operation.
    ProxyMode string
    Proxy mode is option of kube-proxy. options: iptables | ipvs. default: ipvs.
    RdsInstances []string
    RDS instance list, You can choose which RDS instances whitelist to add instances to.
    ResourceGroupId string
    The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
    RetainResources []string
    Runtime KubernetesRuntimeArgs
    The runtime of containers. If you select another container runtime, see How do I select between Docker and Sandboxed-Container. See runtime below.
    SecurityGroupId string
    The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
    ServiceAccountIssuer string
    The issuer of the Service Account token for Service Account Token Volume Projection, corresponds to the iss field in the token payload. Set this to "https://kubernetes.default.svc" to enable the Token Volume Projection feature (requires specifying api_audiences as well). From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    ServiceCidr string
    The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
    SlbInternetEnabled bool

    Whether to create internet load balancer for API Server. Default to true. Only works for Create Operation.

    NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

    Master params

    Tags map[string]string
    Default nil, A map of tags assigned to the kubernetes cluster and work nodes.
    Timezone string
    When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
    UserCa string
    The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
    Version string
    Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK.
    masterInstanceTypes List<String>
    The instance type of master node. Specify one type for single AZ Cluster, three types for MultiAZ Cluster.
    masterVswitchIds List<String>
    The vswitches used by master, you can specific 3 or 5 vswitches because of the amount of masters. Detailed below.
    addons List<KubernetesAddon>

    The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

    Network params

    apiAudiences List<String>
    A list of API audiences for Service Account Token Volume Projection. Set this to ["https://kubernetes.default.svc"] if you want to enable the Token Volume Projection feature requires specifying service_account_issuer as well. From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    clientCert String
    The path of client certificate, like ~/.kube/client-cert.pem.
    clientKey String
    The path of client key, like ~/.kube/client-key.pem.
    clusterCaCert String

    The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

    Removed params

    clusterDomain String
    Cluster local domain name, Default to cluster.local. A domain name consists of one or more sections separated by a decimal point (.), each of which is up to 63 characters long, and can be lowercase, numerals, and underscores (-), and must be lowercase or numerals at the beginning and end.
    customSan String
    Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).
    deleteOptions List<KubernetesDeleteOption>
    Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.
    deletionProtection Boolean
    Whether to enable cluster deletion protection.
    enableSsh Boolean
    Enable login to the node through SSH. Default to false.
    imageId String
    Custom Image support. Must based on CentOS7 or AliyunLinux2.
    installCloudMonitor Boolean
    Install cloud monitor agent on ECS. Default to true.
    isEnterpriseSecurityGroup Boolean
    Enable to create advanced security group. default: false. See Advanced security group. Only works for Create Operation.
    keyName String
    The keypair of ssh login cluster node, you have to create it first. You have to specify one of password key_name kms_encrypted_password fields.
    kmsEncryptedPassword String
    An KMS encrypts password used to a cs kubernetes. You have to specify one of password key_name kms_encrypted_password fields.
    kmsEncryptionContext Map<String,String>
    An KMS encryption context used to decrypt kms_encrypted_password before creating or updating a cs kubernetes with kms_encrypted_password. See Encryption Context. It is valid when kms_encrypted_password is set.
    loadBalancerSpec String
    The cluster api server load balance instance specification, default slb.s1.small. For more information on how to select a LB instance specification, see SLB instance overview. Only works for Create Operation.

    Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

    masterAutoRenew Boolean
    Enable master payment auto-renew, defaults to false.
    masterAutoRenewPeriod Integer
    Master payment auto-renew period, it can be one of {1, 2, 3, 6, 12}.
    masterDiskCategory String
    The system disk category of master node. Its valid value are cloud_ssd, cloud_essd and cloud_efficiency. Default to cloud_efficiency.
    masterDiskPerformanceLevel String
    Master node system disk performance level. When master_disk_category values cloud_essd, the optional values are PL0, PL1, PL2 or PL3, but the specific performance level is related to the disk capacity. For more information, see Enhanced SSDs. Default is PL1.
    masterDiskSize Integer
    The system disk size of master node. Its valid value range [20~500] in GB. Default to 20.
    masterDiskSnapshotPolicyId String

    Master node system disk auto snapshot policy.

    Computed params

    masterInstanceChargeType String
    Master payment type. or PostPaid or PrePaid, defaults to PostPaid. If value is PrePaid, the files master_period, master_period_unit, master_auto_renew and master_auto_renew_period are required.
    masterPeriod Integer
    Master payment period.Its valid value is one of {1, 2, 3, 6, 12, 24, 36, 48, 60}.
    masterPeriodUnit String
    Master payment period unit, the valid value is Month.
    name String
    The kubernetes cluster's name. It is unique in one Alicloud account.
    namePrefix String

    Deprecated: Field 'name_prefix' has been deprecated from provider version 1.75.0.

    newNatGateway Boolean
    Whether to create a new nat gateway while creating kubernetes cluster. Default to true. Then openapi in Alibaba Cloud are not all on intranet, So turn this option on is a good choice. Your cluster nodes and applications will have public network access. If there is a NAT gateway in the selected VPC, ACK will use this gateway by default; if there is no NAT gateway in the selected VPC, ACK will create a new NAT gateway for you and automatically configure SNAT rules. Only works for Create Operation.
    nodeCidrMask Integer
    The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24
    nodeNameMode String
    Each node name consists of a prefix, an IP substring, and a suffix, the input format is customized,<prefix>,IPSubStringLen,<suffix>. For example "customized,aliyun.com-,5,-test", if the node IP address is 192.168.59.176, the prefix is aliyun.com-, IP substring length is 5, and the suffix is -test, the node name will be aliyun.com-59176-test.
    osType String
    The operating system of the nodes that run pods, its valid value is either Linux or Windows. Default to Linux.
    password String
    The password of ssh login cluster node. You have to specify one of password key_name kms_encrypted_password fields.
    platform String
    The architecture of the nodes that run pods, its valid value is either CentOS or AliyunLinux. Default to CentOS.
    podCidr String
    [Flannel Specific] The CIDR block for the pod network when using Flannel.
    podVswitchIds List<String>
    [Terway Specific] The vswitches for the pod network when using Terway. It is recommended that pod_vswitch_ids is not belong to worker_vswitch_ids and master_vswitch_ids but must be in same availability zones. Only works for Create Operation.
    proxyMode String
    Proxy mode is option of kube-proxy. options: iptables | ipvs. default: ipvs.
    rdsInstances List<String>
    RDS instance list, You can choose which RDS instances whitelist to add instances to.
    resourceGroupId String
    The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
    retainResources List<String>
    runtime KubernetesRuntime
    The runtime of containers. If you select another container runtime, see How do I select between Docker and Sandboxed-Container. See runtime below.
    securityGroupId String
    The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
    serviceAccountIssuer String
    The issuer of the Service Account token for Service Account Token Volume Projection, corresponds to the iss field in the token payload. Set this to "https://kubernetes.default.svc" to enable the Token Volume Projection feature (requires specifying api_audiences as well). From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    serviceCidr String
    The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
    slbInternetEnabled Boolean

    Whether to create internet load balancer for API Server. Default to true. Only works for Create Operation.

    NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

    Master params

    tags Map<String,String>
    Default nil, A map of tags assigned to the kubernetes cluster and work nodes.
    timezone String
    When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
    userCa String
    The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
    version String
    Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK.
    masterInstanceTypes string[]
    The instance type of master node. Specify one type for single AZ Cluster, three types for MultiAZ Cluster.
    masterVswitchIds string[]
    The vswitches used by master, you can specific 3 or 5 vswitches because of the amount of masters. Detailed below.
    addons KubernetesAddon[]

    The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

    Network params

    apiAudiences string[]
    A list of API audiences for Service Account Token Volume Projection. Set this to ["https://kubernetes.default.svc"] if you want to enable the Token Volume Projection feature requires specifying service_account_issuer as well. From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    clientCert string
    The path of client certificate, like ~/.kube/client-cert.pem.
    clientKey string
    The path of client key, like ~/.kube/client-key.pem.
    clusterCaCert string

    The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

    Removed params

    clusterDomain string
    Cluster local domain name, Default to cluster.local. A domain name consists of one or more sections separated by a decimal point (.), each of which is up to 63 characters long, and can be lowercase, numerals, and underscores (-), and must be lowercase or numerals at the beginning and end.
    customSan string
    Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).
    deleteOptions KubernetesDeleteOption[]
    Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.
    deletionProtection boolean
    Whether to enable cluster deletion protection.
    enableSsh boolean
    Enable login to the node through SSH. Default to false.
    imageId string
    Custom Image support. Must based on CentOS7 or AliyunLinux2.
    installCloudMonitor boolean
    Install cloud monitor agent on ECS. Default to true.
    isEnterpriseSecurityGroup boolean
    Enable to create advanced security group. default: false. See Advanced security group. Only works for Create Operation.
    keyName string
    The keypair of ssh login cluster node, you have to create it first. You have to specify one of password key_name kms_encrypted_password fields.
    kmsEncryptedPassword string
    An KMS encrypts password used to a cs kubernetes. You have to specify one of password key_name kms_encrypted_password fields.
    kmsEncryptionContext {[key: string]: string}
    An KMS encryption context used to decrypt kms_encrypted_password before creating or updating a cs kubernetes with kms_encrypted_password. See Encryption Context. It is valid when kms_encrypted_password is set.
    loadBalancerSpec string
    The cluster api server load balance instance specification, default slb.s1.small. For more information on how to select a LB instance specification, see SLB instance overview. Only works for Create Operation.

    Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

    masterAutoRenew boolean
    Enable master payment auto-renew, defaults to false.
    masterAutoRenewPeriod number
    Master payment auto-renew period, it can be one of {1, 2, 3, 6, 12}.
    masterDiskCategory string
    The system disk category of master node. Its valid value are cloud_ssd, cloud_essd and cloud_efficiency. Default to cloud_efficiency.
    masterDiskPerformanceLevel string
    Master node system disk performance level. When master_disk_category values cloud_essd, the optional values are PL0, PL1, PL2 or PL3, but the specific performance level is related to the disk capacity. For more information, see Enhanced SSDs. Default is PL1.
    masterDiskSize number
    The system disk size of master node. Its valid value range [20~500] in GB. Default to 20.
    masterDiskSnapshotPolicyId string

    Master node system disk auto snapshot policy.

    Computed params

    masterInstanceChargeType string
    Master payment type. or PostPaid or PrePaid, defaults to PostPaid. If value is PrePaid, the files master_period, master_period_unit, master_auto_renew and master_auto_renew_period are required.
    masterPeriod number
    Master payment period.Its valid value is one of {1, 2, 3, 6, 12, 24, 36, 48, 60}.
    masterPeriodUnit string
    Master payment period unit, the valid value is Month.
    name string
    The kubernetes cluster's name. It is unique in one Alicloud account.
    namePrefix string

    Deprecated: Field 'name_prefix' has been deprecated from provider version 1.75.0.

    newNatGateway boolean
    Whether to create a new nat gateway while creating kubernetes cluster. Default to true. Then openapi in Alibaba Cloud are not all on intranet, So turn this option on is a good choice. Your cluster nodes and applications will have public network access. If there is a NAT gateway in the selected VPC, ACK will use this gateway by default; if there is no NAT gateway in the selected VPC, ACK will create a new NAT gateway for you and automatically configure SNAT rules. Only works for Create Operation.
    nodeCidrMask number
    The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24
    nodeNameMode string
    Each node name consists of a prefix, an IP substring, and a suffix, the input format is customized,<prefix>,IPSubStringLen,<suffix>. For example "customized,aliyun.com-,5,-test", if the node IP address is 192.168.59.176, the prefix is aliyun.com-, IP substring length is 5, and the suffix is -test, the node name will be aliyun.com-59176-test.
    osType string
    The operating system of the nodes that run pods, its valid value is either Linux or Windows. Default to Linux.
    password string
    The password of ssh login cluster node. You have to specify one of password key_name kms_encrypted_password fields.
    platform string
    The architecture of the nodes that run pods, its valid value is either CentOS or AliyunLinux. Default to CentOS.
    podCidr string
    [Flannel Specific] The CIDR block for the pod network when using Flannel.
    podVswitchIds string[]
    [Terway Specific] The vswitches for the pod network when using Terway. It is recommended that pod_vswitch_ids is not belong to worker_vswitch_ids and master_vswitch_ids but must be in same availability zones. Only works for Create Operation.
    proxyMode string
    Proxy mode is option of kube-proxy. options: iptables | ipvs. default: ipvs.
    rdsInstances string[]
    RDS instance list, You can choose which RDS instances whitelist to add instances to.
    resourceGroupId string
    The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
    retainResources string[]
    runtime KubernetesRuntime
    The runtime of containers. If you select another container runtime, see How do I select between Docker and Sandboxed-Container. See runtime below.
    securityGroupId string
    The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
    serviceAccountIssuer string
    The issuer of the Service Account token for Service Account Token Volume Projection, corresponds to the iss field in the token payload. Set this to "https://kubernetes.default.svc" to enable the Token Volume Projection feature (requires specifying api_audiences as well). From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    serviceCidr string
    The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
    slbInternetEnabled boolean

    Whether to create internet load balancer for API Server. Default to true. Only works for Create Operation.

    NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

    Master params

    tags {[key: string]: string}
    Default nil, A map of tags assigned to the kubernetes cluster and work nodes.
    timezone string
    When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
    userCa string
    The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
    version string
    Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK.
    master_instance_types Sequence[str]
    The instance type of master node. Specify one type for single AZ Cluster, three types for MultiAZ Cluster.
    master_vswitch_ids Sequence[str]
    The vswitches used by master, you can specific 3 or 5 vswitches because of the amount of masters. Detailed below.
    addons Sequence[KubernetesAddonArgs]

    The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

    Network params

    api_audiences Sequence[str]
    A list of API audiences for Service Account Token Volume Projection. Set this to ["https://kubernetes.default.svc"] if you want to enable the Token Volume Projection feature requires specifying service_account_issuer as well. From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    client_cert str
    The path of client certificate, like ~/.kube/client-cert.pem.
    client_key str
    The path of client key, like ~/.kube/client-key.pem.
    cluster_ca_cert str

    The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

    Removed params

    cluster_domain str
    Cluster local domain name, Default to cluster.local. A domain name consists of one or more sections separated by a decimal point (.), each of which is up to 63 characters long, and can be lowercase, numerals, and underscores (-), and must be lowercase or numerals at the beginning and end.
    custom_san str
    Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).
    delete_options Sequence[KubernetesDeleteOptionArgs]
    Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.
    deletion_protection bool
    Whether to enable cluster deletion protection.
    enable_ssh bool
    Enable login to the node through SSH. Default to false.
    image_id str
    Custom Image support. Must based on CentOS7 or AliyunLinux2.
    install_cloud_monitor bool
    Install cloud monitor agent on ECS. Default to true.
    is_enterprise_security_group bool
    Enable to create advanced security group. default: false. See Advanced security group. Only works for Create Operation.
    key_name str
    The keypair of ssh login cluster node, you have to create it first. You have to specify one of password key_name kms_encrypted_password fields.
    kms_encrypted_password str
    An KMS encrypts password used to a cs kubernetes. You have to specify one of password key_name kms_encrypted_password fields.
    kms_encryption_context Mapping[str, str]
    An KMS encryption context used to decrypt kms_encrypted_password before creating or updating a cs kubernetes with kms_encrypted_password. See Encryption Context. It is valid when kms_encrypted_password is set.
    load_balancer_spec str
    The cluster api server load balance instance specification, default slb.s1.small. For more information on how to select a LB instance specification, see SLB instance overview. Only works for Create Operation.

    Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

    master_auto_renew bool
    Enable master payment auto-renew, defaults to false.
    master_auto_renew_period int
    Master payment auto-renew period, it can be one of {1, 2, 3, 6, 12}.
    master_disk_category str
    The system disk category of master node. Its valid value are cloud_ssd, cloud_essd and cloud_efficiency. Default to cloud_efficiency.
    master_disk_performance_level str
    Master node system disk performance level. When master_disk_category values cloud_essd, the optional values are PL0, PL1, PL2 or PL3, but the specific performance level is related to the disk capacity. For more information, see Enhanced SSDs. Default is PL1.
    master_disk_size int
    The system disk size of master node. Its valid value range [20~500] in GB. Default to 20.
    master_disk_snapshot_policy_id str

    Master node system disk auto snapshot policy.

    Computed params

    master_instance_charge_type str
    Master payment type. or PostPaid or PrePaid, defaults to PostPaid. If value is PrePaid, the files master_period, master_period_unit, master_auto_renew and master_auto_renew_period are required.
    master_period int
    Master payment period.Its valid value is one of {1, 2, 3, 6, 12, 24, 36, 48, 60}.
    master_period_unit str
    Master payment period unit, the valid value is Month.
    name str
    The kubernetes cluster's name. It is unique in one Alicloud account.
    name_prefix str

    Deprecated: Field 'name_prefix' has been deprecated from provider version 1.75.0.

    new_nat_gateway bool
    Whether to create a new nat gateway while creating kubernetes cluster. Default to true. Then openapi in Alibaba Cloud are not all on intranet, So turn this option on is a good choice. Your cluster nodes and applications will have public network access. If there is a NAT gateway in the selected VPC, ACK will use this gateway by default; if there is no NAT gateway in the selected VPC, ACK will create a new NAT gateway for you and automatically configure SNAT rules. Only works for Create Operation.
    node_cidr_mask int
    The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24
    node_name_mode str
    Each node name consists of a prefix, an IP substring, and a suffix, the input format is customized,<prefix>,IPSubStringLen,<suffix>. For example "customized,aliyun.com-,5,-test", if the node IP address is 192.168.59.176, the prefix is aliyun.com-, IP substring length is 5, and the suffix is -test, the node name will be aliyun.com-59176-test.
    os_type str
    The operating system of the nodes that run pods, its valid value is either Linux or Windows. Default to Linux.
    password str
    The password of ssh login cluster node. You have to specify one of password key_name kms_encrypted_password fields.
    platform str
    The architecture of the nodes that run pods, its valid value is either CentOS or AliyunLinux. Default to CentOS.
    pod_cidr str
    [Flannel Specific] The CIDR block for the pod network when using Flannel.
    pod_vswitch_ids Sequence[str]
    [Terway Specific] The vswitches for the pod network when using Terway. It is recommended that pod_vswitch_ids is not belong to worker_vswitch_ids and master_vswitch_ids but must be in same availability zones. Only works for Create Operation.
    proxy_mode str
    Proxy mode is option of kube-proxy. options: iptables | ipvs. default: ipvs.
    rds_instances Sequence[str]
    RDS instance list, You can choose which RDS instances whitelist to add instances to.
    resource_group_id str
    The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
    retain_resources Sequence[str]
    runtime KubernetesRuntimeArgs
    The runtime of containers. If you select another container runtime, see How do I select between Docker and Sandboxed-Container. See runtime below.
    security_group_id str
    The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
    service_account_issuer str
    The issuer of the Service Account token for Service Account Token Volume Projection, corresponds to the iss field in the token payload. Set this to "https://kubernetes.default.svc" to enable the Token Volume Projection feature (requires specifying api_audiences as well). From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    service_cidr str
    The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
    slb_internet_enabled bool

    Whether to create internet load balancer for API Server. Default to true. Only works for Create Operation.

    NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

    Master params

    tags Mapping[str, str]
    Default nil, A map of tags assigned to the kubernetes cluster and work nodes.
    timezone str
    When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
    user_ca str
    The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
    version str
    Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK.
    masterInstanceTypes List<String>
    The instance type of master node. Specify one type for single AZ Cluster, three types for MultiAZ Cluster.
    masterVswitchIds List<String>
    The vswitches used by master, you can specific 3 or 5 vswitches because of the amount of masters. Detailed below.
    addons List<Property Map>

    The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

    Network params

    apiAudiences List<String>
    A list of API audiences for Service Account Token Volume Projection. Set this to ["https://kubernetes.default.svc"] if you want to enable the Token Volume Projection feature requires specifying service_account_issuer as well. From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    clientCert String
    The path of client certificate, like ~/.kube/client-cert.pem.
    clientKey String
    The path of client key, like ~/.kube/client-key.pem.
    clusterCaCert String

    The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

    Removed params

    clusterDomain String
    Cluster local domain name, Default to cluster.local. A domain name consists of one or more sections separated by a decimal point (.), each of which is up to 63 characters long, and can be lowercase, numerals, and underscores (-), and must be lowercase or numerals at the beginning and end.
    customSan String
    Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).
    deleteOptions List<Property Map>
    Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.
    deletionProtection Boolean
    Whether to enable cluster deletion protection.
    enableSsh Boolean
    Enable login to the node through SSH. Default to false.
    imageId String
    Custom Image support. Must based on CentOS7 or AliyunLinux2.
    installCloudMonitor Boolean
    Install cloud monitor agent on ECS. Default to true.
    isEnterpriseSecurityGroup Boolean
    Enable to create advanced security group. default: false. See Advanced security group. Only works for Create Operation.
    keyName String
    The keypair of ssh login cluster node, you have to create it first. You have to specify one of password key_name kms_encrypted_password fields.
    kmsEncryptedPassword String
    An KMS encrypts password used to a cs kubernetes. You have to specify one of password key_name kms_encrypted_password fields.
    kmsEncryptionContext Map<String>
    An KMS encryption context used to decrypt kms_encrypted_password before creating or updating a cs kubernetes with kms_encrypted_password. See Encryption Context. It is valid when kms_encrypted_password is set.
    loadBalancerSpec String
    The cluster api server load balance instance specification, default slb.s1.small. For more information on how to select a LB instance specification, see SLB instance overview. Only works for Create Operation.

    Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

    masterAutoRenew Boolean
    Enable master payment auto-renew, defaults to false.
    masterAutoRenewPeriod Number
    Master payment auto-renew period, it can be one of {1, 2, 3, 6, 12}.
    masterDiskCategory String
    The system disk category of master node. Its valid value are cloud_ssd, cloud_essd and cloud_efficiency. Default to cloud_efficiency.
    masterDiskPerformanceLevel String
    Master node system disk performance level. When master_disk_category values cloud_essd, the optional values are PL0, PL1, PL2 or PL3, but the specific performance level is related to the disk capacity. For more information, see Enhanced SSDs. Default is PL1.
    masterDiskSize Number
    The system disk size of master node. Its valid value range [20~500] in GB. Default to 20.
    masterDiskSnapshotPolicyId String

    Master node system disk auto snapshot policy.

    Computed params

    masterInstanceChargeType String
    Master payment type. or PostPaid or PrePaid, defaults to PostPaid. If value is PrePaid, the files master_period, master_period_unit, master_auto_renew and master_auto_renew_period are required.
    masterPeriod Number
    Master payment period.Its valid value is one of {1, 2, 3, 6, 12, 24, 36, 48, 60}.
    masterPeriodUnit String
    Master payment period unit, the valid value is Month.
    name String
    The kubernetes cluster's name. It is unique in one Alicloud account.
    namePrefix String

    Deprecated: Field 'name_prefix' has been deprecated from provider version 1.75.0.

    newNatGateway Boolean
    Whether to create a new nat gateway while creating kubernetes cluster. Default to true. Then openapi in Alibaba Cloud are not all on intranet, So turn this option on is a good choice. Your cluster nodes and applications will have public network access. If there is a NAT gateway in the selected VPC, ACK will use this gateway by default; if there is no NAT gateway in the selected VPC, ACK will create a new NAT gateway for you and automatically configure SNAT rules. Only works for Create Operation.
    nodeCidrMask Number
    The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24
    nodeNameMode String
    Each node name consists of a prefix, an IP substring, and a suffix, the input format is customized,<prefix>,IPSubStringLen,<suffix>. For example "customized,aliyun.com-,5,-test", if the node IP address is 192.168.59.176, the prefix is aliyun.com-, IP substring length is 5, and the suffix is -test, the node name will be aliyun.com-59176-test.
    osType String
    The operating system of the nodes that run pods, its valid value is either Linux or Windows. Default to Linux.
    password String
    The password of ssh login cluster node. You have to specify one of password key_name kms_encrypted_password fields.
    platform String
    The architecture of the nodes that run pods, its valid value is either CentOS or AliyunLinux. Default to CentOS.
    podCidr String
    [Flannel Specific] The CIDR block for the pod network when using Flannel.
    podVswitchIds List<String>
    [Terway Specific] The vswitches for the pod network when using Terway. It is recommended that pod_vswitch_ids is not belong to worker_vswitch_ids and master_vswitch_ids but must be in same availability zones. Only works for Create Operation.
    proxyMode String
    Proxy mode is option of kube-proxy. options: iptables | ipvs. default: ipvs.
    rdsInstances List<String>
    RDS instance list, You can choose which RDS instances whitelist to add instances to.
    resourceGroupId String
    The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
    retainResources List<String>
    runtime Property Map
    The runtime of containers. If you select another container runtime, see How do I select between Docker and Sandboxed-Container. See runtime below.
    securityGroupId String
    The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
    serviceAccountIssuer String
    The issuer of the Service Account token for Service Account Token Volume Projection, corresponds to the iss field in the token payload. Set this to "https://kubernetes.default.svc" to enable the Token Volume Projection feature (requires specifying api_audiences as well). From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    serviceCidr String
    The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
    slbInternetEnabled Boolean

    Whether to create internet load balancer for API Server. Default to true. Only works for Create Operation.

    NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

    Master params

    tags Map<String>
    Default nil, A map of tags assigned to the kubernetes cluster and work nodes.
    timezone String
    When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
    userCa String
    The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
    version String
    Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Kubernetes resource produces the following output properties:

    CertificateAuthority Pulumi.AliCloud.CS.Outputs.KubernetesCertificateAuthority
    (Map, Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
    Connections Pulumi.AliCloud.CS.Outputs.KubernetesConnections
    (Map) Map of kubernetes cluster connection information.
    Id string
    The provider-assigned unique ID for this managed resource.
    MasterNodes List<Pulumi.AliCloud.CS.Outputs.KubernetesMasterNode>
    (Optional) The master nodes. See master_nodes below.
    NatGatewayId string
    The ID of nat gateway used to launch kubernetes cluster.
    SlbId string
    The ID of APIServer load balancer.
    SlbInternet string
    The public ip of load balancer.
    SlbIntranet string
    The ID of private load balancer where the current cluster master node is located.
    VpcId string
    The ID of VPC where the current cluster is located.
    WorkerRamRoleName string
    The RamRole Name attached to worker node.
    CertificateAuthority KubernetesCertificateAuthority
    (Map, Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
    Connections KubernetesConnections
    (Map) Map of kubernetes cluster connection information.
    Id string
    The provider-assigned unique ID for this managed resource.
    MasterNodes []KubernetesMasterNode
    (Optional) The master nodes. See master_nodes below.
    NatGatewayId string
    The ID of nat gateway used to launch kubernetes cluster.
    SlbId string
    The ID of APIServer load balancer.
    SlbInternet string
    The public ip of load balancer.
    SlbIntranet string
    The ID of private load balancer where the current cluster master node is located.
    VpcId string
    The ID of VPC where the current cluster is located.
    WorkerRamRoleName string
    The RamRole Name attached to worker node.
    certificateAuthority KubernetesCertificateAuthority
    (Map, Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
    connections KubernetesConnections
    (Map) Map of kubernetes cluster connection information.
    id String
    The provider-assigned unique ID for this managed resource.
    masterNodes List<KubernetesMasterNode>
    (Optional) The master nodes. See master_nodes below.
    natGatewayId String
    The ID of nat gateway used to launch kubernetes cluster.
    slbId String
    The ID of APIServer load balancer.
    slbInternet String
    The public ip of load balancer.
    slbIntranet String
    The ID of private load balancer where the current cluster master node is located.
    vpcId String
    The ID of VPC where the current cluster is located.
    workerRamRoleName String
    The RamRole Name attached to worker node.
    certificateAuthority KubernetesCertificateAuthority
    (Map, Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
    connections KubernetesConnections
    (Map) Map of kubernetes cluster connection information.
    id string
    The provider-assigned unique ID for this managed resource.
    masterNodes KubernetesMasterNode[]
    (Optional) The master nodes. See master_nodes below.
    natGatewayId string
    The ID of nat gateway used to launch kubernetes cluster.
    slbId string
    The ID of APIServer load balancer.
    slbInternet string
    The public ip of load balancer.
    slbIntranet string
    The ID of private load balancer where the current cluster master node is located.
    vpcId string
    The ID of VPC where the current cluster is located.
    workerRamRoleName string
    The RamRole Name attached to worker node.
    certificate_authority KubernetesCertificateAuthority
    (Map, Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
    connections KubernetesConnections
    (Map) Map of kubernetes cluster connection information.
    id str
    The provider-assigned unique ID for this managed resource.
    master_nodes Sequence[KubernetesMasterNode]
    (Optional) The master nodes. See master_nodes below.
    nat_gateway_id str
    The ID of nat gateway used to launch kubernetes cluster.
    slb_id str
    The ID of APIServer load balancer.
    slb_internet str
    The public ip of load balancer.
    slb_intranet str
    The ID of private load balancer where the current cluster master node is located.
    vpc_id str
    The ID of VPC where the current cluster is located.
    worker_ram_role_name str
    The RamRole Name attached to worker node.
    certificateAuthority Property Map
    (Map, Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
    connections Property Map
    (Map) Map of kubernetes cluster connection information.
    id String
    The provider-assigned unique ID for this managed resource.
    masterNodes List<Property Map>
    (Optional) The master nodes. See master_nodes below.
    natGatewayId String
    The ID of nat gateway used to launch kubernetes cluster.
    slbId String
    The ID of APIServer load balancer.
    slbInternet String
    The public ip of load balancer.
    slbIntranet String
    The ID of private load balancer where the current cluster master node is located.
    vpcId String
    The ID of VPC where the current cluster is located.
    workerRamRoleName String
    The RamRole Name attached to worker node.

    Look up Existing Kubernetes Resource

    Get an existing Kubernetes resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: KubernetesState, opts?: CustomResourceOptions): Kubernetes
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            addons: Optional[Sequence[KubernetesAddonArgs]] = None,
            api_audiences: Optional[Sequence[str]] = None,
            certificate_authority: Optional[KubernetesCertificateAuthorityArgs] = None,
            client_cert: Optional[str] = None,
            client_key: Optional[str] = None,
            cluster_ca_cert: Optional[str] = None,
            cluster_domain: Optional[str] = None,
            connections: Optional[KubernetesConnectionsArgs] = None,
            custom_san: Optional[str] = None,
            delete_options: Optional[Sequence[KubernetesDeleteOptionArgs]] = None,
            deletion_protection: Optional[bool] = None,
            enable_ssh: Optional[bool] = None,
            image_id: Optional[str] = None,
            install_cloud_monitor: Optional[bool] = None,
            is_enterprise_security_group: Optional[bool] = None,
            key_name: Optional[str] = None,
            kms_encrypted_password: Optional[str] = None,
            kms_encryption_context: Optional[Mapping[str, str]] = None,
            load_balancer_spec: Optional[str] = None,
            master_auto_renew: Optional[bool] = None,
            master_auto_renew_period: Optional[int] = None,
            master_disk_category: Optional[str] = None,
            master_disk_performance_level: Optional[str] = None,
            master_disk_size: Optional[int] = None,
            master_disk_snapshot_policy_id: Optional[str] = None,
            master_instance_charge_type: Optional[str] = None,
            master_instance_types: Optional[Sequence[str]] = None,
            master_nodes: Optional[Sequence[KubernetesMasterNodeArgs]] = None,
            master_period: Optional[int] = None,
            master_period_unit: Optional[str] = None,
            master_vswitch_ids: Optional[Sequence[str]] = None,
            name: Optional[str] = None,
            name_prefix: Optional[str] = None,
            nat_gateway_id: Optional[str] = None,
            new_nat_gateway: Optional[bool] = None,
            node_cidr_mask: Optional[int] = None,
            node_name_mode: Optional[str] = None,
            os_type: Optional[str] = None,
            password: Optional[str] = None,
            platform: Optional[str] = None,
            pod_cidr: Optional[str] = None,
            pod_vswitch_ids: Optional[Sequence[str]] = None,
            proxy_mode: Optional[str] = None,
            rds_instances: Optional[Sequence[str]] = None,
            resource_group_id: Optional[str] = None,
            retain_resources: Optional[Sequence[str]] = None,
            runtime: Optional[KubernetesRuntimeArgs] = None,
            security_group_id: Optional[str] = None,
            service_account_issuer: Optional[str] = None,
            service_cidr: Optional[str] = None,
            slb_id: Optional[str] = None,
            slb_internet: Optional[str] = None,
            slb_internet_enabled: Optional[bool] = None,
            slb_intranet: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            timezone: Optional[str] = None,
            user_ca: Optional[str] = None,
            version: Optional[str] = None,
            vpc_id: Optional[str] = None,
            worker_ram_role_name: Optional[str] = None) -> Kubernetes
    func GetKubernetes(ctx *Context, name string, id IDInput, state *KubernetesState, opts ...ResourceOption) (*Kubernetes, error)
    public static Kubernetes Get(string name, Input<string> id, KubernetesState? state, CustomResourceOptions? opts = null)
    public static Kubernetes get(String name, Output<String> id, KubernetesState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Addons List<Pulumi.AliCloud.CS.Inputs.KubernetesAddon>

    The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

    Network params

    ApiAudiences List<string>
    A list of API audiences for Service Account Token Volume Projection. Set this to ["https://kubernetes.default.svc"] if you want to enable the Token Volume Projection feature requires specifying service_account_issuer as well. From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    CertificateAuthority Pulumi.AliCloud.CS.Inputs.KubernetesCertificateAuthority
    (Map, Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
    ClientCert string
    The path of client certificate, like ~/.kube/client-cert.pem.
    ClientKey string
    The path of client key, like ~/.kube/client-key.pem.
    ClusterCaCert string

    The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

    Removed params

    ClusterDomain string
    Cluster local domain name, Default to cluster.local. A domain name consists of one or more sections separated by a decimal point (.), each of which is up to 63 characters long, and can be lowercase, numerals, and underscores (-), and must be lowercase or numerals at the beginning and end.
    Connections Pulumi.AliCloud.CS.Inputs.KubernetesConnections
    (Map) Map of kubernetes cluster connection information.
    CustomSan string
    Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).
    DeleteOptions List<Pulumi.AliCloud.CS.Inputs.KubernetesDeleteOption>
    Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.
    DeletionProtection bool
    Whether to enable cluster deletion protection.
    EnableSsh bool
    Enable login to the node through SSH. Default to false.
    ImageId string
    Custom Image support. Must based on CentOS7 or AliyunLinux2.
    InstallCloudMonitor bool
    Install cloud monitor agent on ECS. Default to true.
    IsEnterpriseSecurityGroup bool
    Enable to create advanced security group. default: false. See Advanced security group. Only works for Create Operation.
    KeyName string
    The keypair of ssh login cluster node, you have to create it first. You have to specify one of password key_name kms_encrypted_password fields.
    KmsEncryptedPassword string
    An KMS encrypts password used to a cs kubernetes. You have to specify one of password key_name kms_encrypted_password fields.
    KmsEncryptionContext Dictionary<string, string>
    An KMS encryption context used to decrypt kms_encrypted_password before creating or updating a cs kubernetes with kms_encrypted_password. See Encryption Context. It is valid when kms_encrypted_password is set.
    LoadBalancerSpec string
    The cluster api server load balance instance specification, default slb.s1.small. For more information on how to select a LB instance specification, see SLB instance overview. Only works for Create Operation.

    Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

    MasterAutoRenew bool
    Enable master payment auto-renew, defaults to false.
    MasterAutoRenewPeriod int
    Master payment auto-renew period, it can be one of {1, 2, 3, 6, 12}.
    MasterDiskCategory string
    The system disk category of master node. Its valid value are cloud_ssd, cloud_essd and cloud_efficiency. Default to cloud_efficiency.
    MasterDiskPerformanceLevel string
    Master node system disk performance level. When master_disk_category values cloud_essd, the optional values are PL0, PL1, PL2 or PL3, but the specific performance level is related to the disk capacity. For more information, see Enhanced SSDs. Default is PL1.
    MasterDiskSize int
    The system disk size of master node. Its valid value range [20~500] in GB. Default to 20.
    MasterDiskSnapshotPolicyId string

    Master node system disk auto snapshot policy.

    Computed params

    MasterInstanceChargeType string
    Master payment type. or PostPaid or PrePaid, defaults to PostPaid. If value is PrePaid, the files master_period, master_period_unit, master_auto_renew and master_auto_renew_period are required.
    MasterInstanceTypes List<string>
    The instance type of master node. Specify one type for single AZ Cluster, three types for MultiAZ Cluster.
    MasterNodes List<Pulumi.AliCloud.CS.Inputs.KubernetesMasterNode>
    (Optional) The master nodes. See master_nodes below.
    MasterPeriod int
    Master payment period.Its valid value is one of {1, 2, 3, 6, 12, 24, 36, 48, 60}.
    MasterPeriodUnit string
    Master payment period unit, the valid value is Month.
    MasterVswitchIds List<string>
    The vswitches used by master, you can specific 3 or 5 vswitches because of the amount of masters. Detailed below.
    Name string
    The kubernetes cluster's name. It is unique in one Alicloud account.
    NamePrefix string

    Deprecated: Field 'name_prefix' has been deprecated from provider version 1.75.0.

    NatGatewayId string
    The ID of nat gateway used to launch kubernetes cluster.
    NewNatGateway bool
    Whether to create a new nat gateway while creating kubernetes cluster. Default to true. Then openapi in Alibaba Cloud are not all on intranet, So turn this option on is a good choice. Your cluster nodes and applications will have public network access. If there is a NAT gateway in the selected VPC, ACK will use this gateway by default; if there is no NAT gateway in the selected VPC, ACK will create a new NAT gateway for you and automatically configure SNAT rules. Only works for Create Operation.
    NodeCidrMask int
    The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24
    NodeNameMode string
    Each node name consists of a prefix, an IP substring, and a suffix, the input format is customized,<prefix>,IPSubStringLen,<suffix>. For example "customized,aliyun.com-,5,-test", if the node IP address is 192.168.59.176, the prefix is aliyun.com-, IP substring length is 5, and the suffix is -test, the node name will be aliyun.com-59176-test.
    OsType string
    The operating system of the nodes that run pods, its valid value is either Linux or Windows. Default to Linux.
    Password string
    The password of ssh login cluster node. You have to specify one of password key_name kms_encrypted_password fields.
    Platform string
    The architecture of the nodes that run pods, its valid value is either CentOS or AliyunLinux. Default to CentOS.
    PodCidr string
    [Flannel Specific] The CIDR block for the pod network when using Flannel.
    PodVswitchIds List<string>
    [Terway Specific] The vswitches for the pod network when using Terway. It is recommended that pod_vswitch_ids is not belong to worker_vswitch_ids and master_vswitch_ids but must be in same availability zones. Only works for Create Operation.
    ProxyMode string
    Proxy mode is option of kube-proxy. options: iptables | ipvs. default: ipvs.
    RdsInstances List<string>
    RDS instance list, You can choose which RDS instances whitelist to add instances to.
    ResourceGroupId string
    The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
    RetainResources List<string>
    Runtime Pulumi.AliCloud.CS.Inputs.KubernetesRuntime
    The runtime of containers. If you select another container runtime, see How do I select between Docker and Sandboxed-Container. See runtime below.
    SecurityGroupId string
    The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
    ServiceAccountIssuer string
    The issuer of the Service Account token for Service Account Token Volume Projection, corresponds to the iss field in the token payload. Set this to "https://kubernetes.default.svc" to enable the Token Volume Projection feature (requires specifying api_audiences as well). From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    ServiceCidr string
    The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
    SlbId string
    The ID of APIServer load balancer.
    SlbInternet string
    The public ip of load balancer.
    SlbInternetEnabled bool

    Whether to create internet load balancer for API Server. Default to true. Only works for Create Operation.

    NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

    Master params

    SlbIntranet string
    The ID of private load balancer where the current cluster master node is located.
    Tags Dictionary<string, string>
    Default nil, A map of tags assigned to the kubernetes cluster and work nodes.
    Timezone string
    When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
    UserCa string
    The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
    Version string
    Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK.
    VpcId string
    The ID of VPC where the current cluster is located.
    WorkerRamRoleName string
    The RamRole Name attached to worker node.
    Addons []KubernetesAddonTypeArgs

    The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

    Network params

    ApiAudiences []string
    A list of API audiences for Service Account Token Volume Projection. Set this to ["https://kubernetes.default.svc"] if you want to enable the Token Volume Projection feature requires specifying service_account_issuer as well. From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    CertificateAuthority KubernetesCertificateAuthorityArgs
    (Map, Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
    ClientCert string
    The path of client certificate, like ~/.kube/client-cert.pem.
    ClientKey string
    The path of client key, like ~/.kube/client-key.pem.
    ClusterCaCert string

    The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

    Removed params

    ClusterDomain string
    Cluster local domain name, Default to cluster.local. A domain name consists of one or more sections separated by a decimal point (.), each of which is up to 63 characters long, and can be lowercase, numerals, and underscores (-), and must be lowercase or numerals at the beginning and end.
    Connections KubernetesConnectionsArgs
    (Map) Map of kubernetes cluster connection information.
    CustomSan string
    Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).
    DeleteOptions []KubernetesDeleteOptionArgs
    Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.
    DeletionProtection bool
    Whether to enable cluster deletion protection.
    EnableSsh bool
    Enable login to the node through SSH. Default to false.
    ImageId string
    Custom Image support. Must based on CentOS7 or AliyunLinux2.
    InstallCloudMonitor bool
    Install cloud monitor agent on ECS. Default to true.
    IsEnterpriseSecurityGroup bool
    Enable to create advanced security group. default: false. See Advanced security group. Only works for Create Operation.
    KeyName string
    The keypair of ssh login cluster node, you have to create it first. You have to specify one of password key_name kms_encrypted_password fields.
    KmsEncryptedPassword string
    An KMS encrypts password used to a cs kubernetes. You have to specify one of password key_name kms_encrypted_password fields.
    KmsEncryptionContext map[string]string
    An KMS encryption context used to decrypt kms_encrypted_password before creating or updating a cs kubernetes with kms_encrypted_password. See Encryption Context. It is valid when kms_encrypted_password is set.
    LoadBalancerSpec string
    The cluster api server load balance instance specification, default slb.s1.small. For more information on how to select a LB instance specification, see SLB instance overview. Only works for Create Operation.

    Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

    MasterAutoRenew bool
    Enable master payment auto-renew, defaults to false.
    MasterAutoRenewPeriod int
    Master payment auto-renew period, it can be one of {1, 2, 3, 6, 12}.
    MasterDiskCategory string
    The system disk category of master node. Its valid value are cloud_ssd, cloud_essd and cloud_efficiency. Default to cloud_efficiency.
    MasterDiskPerformanceLevel string
    Master node system disk performance level. When master_disk_category values cloud_essd, the optional values are PL0, PL1, PL2 or PL3, but the specific performance level is related to the disk capacity. For more information, see Enhanced SSDs. Default is PL1.
    MasterDiskSize int
    The system disk size of master node. Its valid value range [20~500] in GB. Default to 20.
    MasterDiskSnapshotPolicyId string

    Master node system disk auto snapshot policy.

    Computed params

    MasterInstanceChargeType string
    Master payment type. or PostPaid or PrePaid, defaults to PostPaid. If value is PrePaid, the files master_period, master_period_unit, master_auto_renew and master_auto_renew_period are required.
    MasterInstanceTypes []string
    The instance type of master node. Specify one type for single AZ Cluster, three types for MultiAZ Cluster.
    MasterNodes []KubernetesMasterNodeArgs
    (Optional) The master nodes. See master_nodes below.
    MasterPeriod int
    Master payment period.Its valid value is one of {1, 2, 3, 6, 12, 24, 36, 48, 60}.
    MasterPeriodUnit string
    Master payment period unit, the valid value is Month.
    MasterVswitchIds []string
    The vswitches used by master, you can specific 3 or 5 vswitches because of the amount of masters. Detailed below.
    Name string
    The kubernetes cluster's name. It is unique in one Alicloud account.
    NamePrefix string

    Deprecated: Field 'name_prefix' has been deprecated from provider version 1.75.0.

    NatGatewayId string
    The ID of nat gateway used to launch kubernetes cluster.
    NewNatGateway bool
    Whether to create a new nat gateway while creating kubernetes cluster. Default to true. Then openapi in Alibaba Cloud are not all on intranet, So turn this option on is a good choice. Your cluster nodes and applications will have public network access. If there is a NAT gateway in the selected VPC, ACK will use this gateway by default; if there is no NAT gateway in the selected VPC, ACK will create a new NAT gateway for you and automatically configure SNAT rules. Only works for Create Operation.
    NodeCidrMask int
    The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24
    NodeNameMode string
    Each node name consists of a prefix, an IP substring, and a suffix, the input format is customized,<prefix>,IPSubStringLen,<suffix>. For example "customized,aliyun.com-,5,-test", if the node IP address is 192.168.59.176, the prefix is aliyun.com-, IP substring length is 5, and the suffix is -test, the node name will be aliyun.com-59176-test.
    OsType string
    The operating system of the nodes that run pods, its valid value is either Linux or Windows. Default to Linux.
    Password string
    The password of ssh login cluster node. You have to specify one of password key_name kms_encrypted_password fields.
    Platform string
    The architecture of the nodes that run pods, its valid value is either CentOS or AliyunLinux. Default to CentOS.
    PodCidr string
    [Flannel Specific] The CIDR block for the pod network when using Flannel.
    PodVswitchIds []string
    [Terway Specific] The vswitches for the pod network when using Terway. It is recommended that pod_vswitch_ids is not belong to worker_vswitch_ids and master_vswitch_ids but must be in same availability zones. Only works for Create Operation.
    ProxyMode string
    Proxy mode is option of kube-proxy. options: iptables | ipvs. default: ipvs.
    RdsInstances []string
    RDS instance list, You can choose which RDS instances whitelist to add instances to.
    ResourceGroupId string
    The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
    RetainResources []string
    Runtime KubernetesRuntimeArgs
    The runtime of containers. If you select another container runtime, see How do I select between Docker and Sandboxed-Container. See runtime below.
    SecurityGroupId string
    The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
    ServiceAccountIssuer string
    The issuer of the Service Account token for Service Account Token Volume Projection, corresponds to the iss field in the token payload. Set this to "https://kubernetes.default.svc" to enable the Token Volume Projection feature (requires specifying api_audiences as well). From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    ServiceCidr string
    The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
    SlbId string
    The ID of APIServer load balancer.
    SlbInternet string
    The public ip of load balancer.
    SlbInternetEnabled bool

    Whether to create internet load balancer for API Server. Default to true. Only works for Create Operation.

    NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

    Master params

    SlbIntranet string
    The ID of private load balancer where the current cluster master node is located.
    Tags map[string]string
    Default nil, A map of tags assigned to the kubernetes cluster and work nodes.
    Timezone string
    When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
    UserCa string
    The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
    Version string
    Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK.
    VpcId string
    The ID of VPC where the current cluster is located.
    WorkerRamRoleName string
    The RamRole Name attached to worker node.
    addons List<KubernetesAddon>

    The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

    Network params

    apiAudiences List<String>
    A list of API audiences for Service Account Token Volume Projection. Set this to ["https://kubernetes.default.svc"] if you want to enable the Token Volume Projection feature requires specifying service_account_issuer as well. From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    certificateAuthority KubernetesCertificateAuthority
    (Map, Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
    clientCert String
    The path of client certificate, like ~/.kube/client-cert.pem.
    clientKey String
    The path of client key, like ~/.kube/client-key.pem.
    clusterCaCert String

    The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

    Removed params

    clusterDomain String
    Cluster local domain name, Default to cluster.local. A domain name consists of one or more sections separated by a decimal point (.), each of which is up to 63 characters long, and can be lowercase, numerals, and underscores (-), and must be lowercase or numerals at the beginning and end.
    connections KubernetesConnections
    (Map) Map of kubernetes cluster connection information.
    customSan String
    Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).
    deleteOptions List<KubernetesDeleteOption>
    Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.
    deletionProtection Boolean
    Whether to enable cluster deletion protection.
    enableSsh Boolean
    Enable login to the node through SSH. Default to false.
    imageId String
    Custom Image support. Must based on CentOS7 or AliyunLinux2.
    installCloudMonitor Boolean
    Install cloud monitor agent on ECS. Default to true.
    isEnterpriseSecurityGroup Boolean
    Enable to create advanced security group. default: false. See Advanced security group. Only works for Create Operation.
    keyName String
    The keypair of ssh login cluster node, you have to create it first. You have to specify one of password key_name kms_encrypted_password fields.
    kmsEncryptedPassword String
    An KMS encrypts password used to a cs kubernetes. You have to specify one of password key_name kms_encrypted_password fields.
    kmsEncryptionContext Map<String,String>
    An KMS encryption context used to decrypt kms_encrypted_password before creating or updating a cs kubernetes with kms_encrypted_password. See Encryption Context. It is valid when kms_encrypted_password is set.
    loadBalancerSpec String
    The cluster api server load balance instance specification, default slb.s1.small. For more information on how to select a LB instance specification, see SLB instance overview. Only works for Create Operation.

    Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

    masterAutoRenew Boolean
    Enable master payment auto-renew, defaults to false.
    masterAutoRenewPeriod Integer
    Master payment auto-renew period, it can be one of {1, 2, 3, 6, 12}.
    masterDiskCategory String
    The system disk category of master node. Its valid value are cloud_ssd, cloud_essd and cloud_efficiency. Default to cloud_efficiency.
    masterDiskPerformanceLevel String
    Master node system disk performance level. When master_disk_category values cloud_essd, the optional values are PL0, PL1, PL2 or PL3, but the specific performance level is related to the disk capacity. For more information, see Enhanced SSDs. Default is PL1.
    masterDiskSize Integer
    The system disk size of master node. Its valid value range [20~500] in GB. Default to 20.
    masterDiskSnapshotPolicyId String

    Master node system disk auto snapshot policy.

    Computed params

    masterInstanceChargeType String
    Master payment type. or PostPaid or PrePaid, defaults to PostPaid. If value is PrePaid, the files master_period, master_period_unit, master_auto_renew and master_auto_renew_period are required.
    masterInstanceTypes List<String>
    The instance type of master node. Specify one type for single AZ Cluster, three types for MultiAZ Cluster.
    masterNodes List<KubernetesMasterNode>
    (Optional) The master nodes. See master_nodes below.
    masterPeriod Integer
    Master payment period.Its valid value is one of {1, 2, 3, 6, 12, 24, 36, 48, 60}.
    masterPeriodUnit String
    Master payment period unit, the valid value is Month.
    masterVswitchIds List<String>
    The vswitches used by master, you can specific 3 or 5 vswitches because of the amount of masters. Detailed below.
    name String
    The kubernetes cluster's name. It is unique in one Alicloud account.
    namePrefix String

    Deprecated: Field 'name_prefix' has been deprecated from provider version 1.75.0.

    natGatewayId String
    The ID of nat gateway used to launch kubernetes cluster.
    newNatGateway Boolean
    Whether to create a new nat gateway while creating kubernetes cluster. Default to true. Then openapi in Alibaba Cloud are not all on intranet, So turn this option on is a good choice. Your cluster nodes and applications will have public network access. If there is a NAT gateway in the selected VPC, ACK will use this gateway by default; if there is no NAT gateway in the selected VPC, ACK will create a new NAT gateway for you and automatically configure SNAT rules. Only works for Create Operation.
    nodeCidrMask Integer
    The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24
    nodeNameMode String
    Each node name consists of a prefix, an IP substring, and a suffix, the input format is customized,<prefix>,IPSubStringLen,<suffix>. For example "customized,aliyun.com-,5,-test", if the node IP address is 192.168.59.176, the prefix is aliyun.com-, IP substring length is 5, and the suffix is -test, the node name will be aliyun.com-59176-test.
    osType String
    The operating system of the nodes that run pods, its valid value is either Linux or Windows. Default to Linux.
    password String
    The password of ssh login cluster node. You have to specify one of password key_name kms_encrypted_password fields.
    platform String
    The architecture of the nodes that run pods, its valid value is either CentOS or AliyunLinux. Default to CentOS.
    podCidr String
    [Flannel Specific] The CIDR block for the pod network when using Flannel.
    podVswitchIds List<String>
    [Terway Specific] The vswitches for the pod network when using Terway. It is recommended that pod_vswitch_ids is not belong to worker_vswitch_ids and master_vswitch_ids but must be in same availability zones. Only works for Create Operation.
    proxyMode String
    Proxy mode is option of kube-proxy. options: iptables | ipvs. default: ipvs.
    rdsInstances List<String>
    RDS instance list, You can choose which RDS instances whitelist to add instances to.
    resourceGroupId String
    The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
    retainResources List<String>
    runtime KubernetesRuntime
    The runtime of containers. If you select another container runtime, see How do I select between Docker and Sandboxed-Container. See runtime below.
    securityGroupId String
    The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
    serviceAccountIssuer String
    The issuer of the Service Account token for Service Account Token Volume Projection, corresponds to the iss field in the token payload. Set this to "https://kubernetes.default.svc" to enable the Token Volume Projection feature (requires specifying api_audiences as well). From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    serviceCidr String
    The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
    slbId String
    The ID of APIServer load balancer.
    slbInternet String
    The public ip of load balancer.
    slbInternetEnabled Boolean

    Whether to create internet load balancer for API Server. Default to true. Only works for Create Operation.

    NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

    Master params

    slbIntranet String
    The ID of private load balancer where the current cluster master node is located.
    tags Map<String,String>
    Default nil, A map of tags assigned to the kubernetes cluster and work nodes.
    timezone String
    When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
    userCa String
    The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
    version String
    Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK.
    vpcId String
    The ID of VPC where the current cluster is located.
    workerRamRoleName String
    The RamRole Name attached to worker node.
    addons KubernetesAddon[]

    The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

    Network params

    apiAudiences string[]
    A list of API audiences for Service Account Token Volume Projection. Set this to ["https://kubernetes.default.svc"] if you want to enable the Token Volume Projection feature requires specifying service_account_issuer as well. From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    certificateAuthority KubernetesCertificateAuthority
    (Map, Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
    clientCert string
    The path of client certificate, like ~/.kube/client-cert.pem.
    clientKey string
    The path of client key, like ~/.kube/client-key.pem.
    clusterCaCert string

    The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

    Removed params

    clusterDomain string
    Cluster local domain name, Default to cluster.local. A domain name consists of one or more sections separated by a decimal point (.), each of which is up to 63 characters long, and can be lowercase, numerals, and underscores (-), and must be lowercase or numerals at the beginning and end.
    connections KubernetesConnections
    (Map) Map of kubernetes cluster connection information.
    customSan string
    Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).
    deleteOptions KubernetesDeleteOption[]
    Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.
    deletionProtection boolean
    Whether to enable cluster deletion protection.
    enableSsh boolean
    Enable login to the node through SSH. Default to false.
    imageId string
    Custom Image support. Must based on CentOS7 or AliyunLinux2.
    installCloudMonitor boolean
    Install cloud monitor agent on ECS. Default to true.
    isEnterpriseSecurityGroup boolean
    Enable to create advanced security group. default: false. See Advanced security group. Only works for Create Operation.
    keyName string
    The keypair of ssh login cluster node, you have to create it first. You have to specify one of password key_name kms_encrypted_password fields.
    kmsEncryptedPassword string
    An KMS encrypts password used to a cs kubernetes. You have to specify one of password key_name kms_encrypted_password fields.
    kmsEncryptionContext {[key: string]: string}
    An KMS encryption context used to decrypt kms_encrypted_password before creating or updating a cs kubernetes with kms_encrypted_password. See Encryption Context. It is valid when kms_encrypted_password is set.
    loadBalancerSpec string
    The cluster api server load balance instance specification, default slb.s1.small. For more information on how to select a LB instance specification, see SLB instance overview. Only works for Create Operation.

    Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

    masterAutoRenew boolean
    Enable master payment auto-renew, defaults to false.
    masterAutoRenewPeriod number
    Master payment auto-renew period, it can be one of {1, 2, 3, 6, 12}.
    masterDiskCategory string
    The system disk category of master node. Its valid value are cloud_ssd, cloud_essd and cloud_efficiency. Default to cloud_efficiency.
    masterDiskPerformanceLevel string
    Master node system disk performance level. When master_disk_category values cloud_essd, the optional values are PL0, PL1, PL2 or PL3, but the specific performance level is related to the disk capacity. For more information, see Enhanced SSDs. Default is PL1.
    masterDiskSize number
    The system disk size of master node. Its valid value range [20~500] in GB. Default to 20.
    masterDiskSnapshotPolicyId string

    Master node system disk auto snapshot policy.

    Computed params

    masterInstanceChargeType string
    Master payment type. or PostPaid or PrePaid, defaults to PostPaid. If value is PrePaid, the files master_period, master_period_unit, master_auto_renew and master_auto_renew_period are required.
    masterInstanceTypes string[]
    The instance type of master node. Specify one type for single AZ Cluster, three types for MultiAZ Cluster.
    masterNodes KubernetesMasterNode[]
    (Optional) The master nodes. See master_nodes below.
    masterPeriod number
    Master payment period.Its valid value is one of {1, 2, 3, 6, 12, 24, 36, 48, 60}.
    masterPeriodUnit string
    Master payment period unit, the valid value is Month.
    masterVswitchIds string[]
    The vswitches used by master, you can specific 3 or 5 vswitches because of the amount of masters. Detailed below.
    name string
    The kubernetes cluster's name. It is unique in one Alicloud account.
    namePrefix string

    Deprecated: Field 'name_prefix' has been deprecated from provider version 1.75.0.

    natGatewayId string
    The ID of nat gateway used to launch kubernetes cluster.
    newNatGateway boolean
    Whether to create a new nat gateway while creating kubernetes cluster. Default to true. Then openapi in Alibaba Cloud are not all on intranet, So turn this option on is a good choice. Your cluster nodes and applications will have public network access. If there is a NAT gateway in the selected VPC, ACK will use this gateway by default; if there is no NAT gateway in the selected VPC, ACK will create a new NAT gateway for you and automatically configure SNAT rules. Only works for Create Operation.
    nodeCidrMask number
    The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24
    nodeNameMode string
    Each node name consists of a prefix, an IP substring, and a suffix, the input format is customized,<prefix>,IPSubStringLen,<suffix>. For example "customized,aliyun.com-,5,-test", if the node IP address is 192.168.59.176, the prefix is aliyun.com-, IP substring length is 5, and the suffix is -test, the node name will be aliyun.com-59176-test.
    osType string
    The operating system of the nodes that run pods, its valid value is either Linux or Windows. Default to Linux.
    password string
    The password of ssh login cluster node. You have to specify one of password key_name kms_encrypted_password fields.
    platform string
    The architecture of the nodes that run pods, its valid value is either CentOS or AliyunLinux. Default to CentOS.
    podCidr string
    [Flannel Specific] The CIDR block for the pod network when using Flannel.
    podVswitchIds string[]
    [Terway Specific] The vswitches for the pod network when using Terway. It is recommended that pod_vswitch_ids is not belong to worker_vswitch_ids and master_vswitch_ids but must be in same availability zones. Only works for Create Operation.
    proxyMode string
    Proxy mode is option of kube-proxy. options: iptables | ipvs. default: ipvs.
    rdsInstances string[]
    RDS instance list, You can choose which RDS instances whitelist to add instances to.
    resourceGroupId string
    The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
    retainResources string[]
    runtime KubernetesRuntime
    The runtime of containers. If you select another container runtime, see How do I select between Docker and Sandboxed-Container. See runtime below.
    securityGroupId string
    The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
    serviceAccountIssuer string
    The issuer of the Service Account token for Service Account Token Volume Projection, corresponds to the iss field in the token payload. Set this to "https://kubernetes.default.svc" to enable the Token Volume Projection feature (requires specifying api_audiences as well). From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    serviceCidr string
    The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
    slbId string
    The ID of APIServer load balancer.
    slbInternet string
    The public ip of load balancer.
    slbInternetEnabled boolean

    Whether to create internet load balancer for API Server. Default to true. Only works for Create Operation.

    NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

    Master params

    slbIntranet string
    The ID of private load balancer where the current cluster master node is located.
    tags {[key: string]: string}
    Default nil, A map of tags assigned to the kubernetes cluster and work nodes.
    timezone string
    When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
    userCa string
    The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
    version string
    Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK.
    vpcId string
    The ID of VPC where the current cluster is located.
    workerRamRoleName string
    The RamRole Name attached to worker node.
    addons Sequence[KubernetesAddonArgs]

    The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

    Network params

    api_audiences Sequence[str]
    A list of API audiences for Service Account Token Volume Projection. Set this to ["https://kubernetes.default.svc"] if you want to enable the Token Volume Projection feature requires specifying service_account_issuer as well. From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    certificate_authority KubernetesCertificateAuthorityArgs
    (Map, Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
    client_cert str
    The path of client certificate, like ~/.kube/client-cert.pem.
    client_key str
    The path of client key, like ~/.kube/client-key.pem.
    cluster_ca_cert str

    The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

    Removed params

    cluster_domain str
    Cluster local domain name, Default to cluster.local. A domain name consists of one or more sections separated by a decimal point (.), each of which is up to 63 characters long, and can be lowercase, numerals, and underscores (-), and must be lowercase or numerals at the beginning and end.
    connections KubernetesConnectionsArgs
    (Map) Map of kubernetes cluster connection information.
    custom_san str
    Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).
    delete_options Sequence[KubernetesDeleteOptionArgs]
    Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.
    deletion_protection bool
    Whether to enable cluster deletion protection.
    enable_ssh bool
    Enable login to the node through SSH. Default to false.
    image_id str
    Custom Image support. Must based on CentOS7 or AliyunLinux2.
    install_cloud_monitor bool
    Install cloud monitor agent on ECS. Default to true.
    is_enterprise_security_group bool
    Enable to create advanced security group. default: false. See Advanced security group. Only works for Create Operation.
    key_name str
    The keypair of ssh login cluster node, you have to create it first. You have to specify one of password key_name kms_encrypted_password fields.
    kms_encrypted_password str
    An KMS encrypts password used to a cs kubernetes. You have to specify one of password key_name kms_encrypted_password fields.
    kms_encryption_context Mapping[str, str]
    An KMS encryption context used to decrypt kms_encrypted_password before creating or updating a cs kubernetes with kms_encrypted_password. See Encryption Context. It is valid when kms_encrypted_password is set.
    load_balancer_spec str
    The cluster api server load balance instance specification, default slb.s1.small. For more information on how to select a LB instance specification, see SLB instance overview. Only works for Create Operation.

    Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

    master_auto_renew bool
    Enable master payment auto-renew, defaults to false.
    master_auto_renew_period int
    Master payment auto-renew period, it can be one of {1, 2, 3, 6, 12}.
    master_disk_category str
    The system disk category of master node. Its valid value are cloud_ssd, cloud_essd and cloud_efficiency. Default to cloud_efficiency.
    master_disk_performance_level str
    Master node system disk performance level. When master_disk_category values cloud_essd, the optional values are PL0, PL1, PL2 or PL3, but the specific performance level is related to the disk capacity. For more information, see Enhanced SSDs. Default is PL1.
    master_disk_size int
    The system disk size of master node. Its valid value range [20~500] in GB. Default to 20.
    master_disk_snapshot_policy_id str

    Master node system disk auto snapshot policy.

    Computed params

    master_instance_charge_type str
    Master payment type. or PostPaid or PrePaid, defaults to PostPaid. If value is PrePaid, the files master_period, master_period_unit, master_auto_renew and master_auto_renew_period are required.
    master_instance_types Sequence[str]
    The instance type of master node. Specify one type for single AZ Cluster, three types for MultiAZ Cluster.
    master_nodes Sequence[KubernetesMasterNodeArgs]
    (Optional) The master nodes. See master_nodes below.
    master_period int
    Master payment period.Its valid value is one of {1, 2, 3, 6, 12, 24, 36, 48, 60}.
    master_period_unit str
    Master payment period unit, the valid value is Month.
    master_vswitch_ids Sequence[str]
    The vswitches used by master, you can specific 3 or 5 vswitches because of the amount of masters. Detailed below.
    name str
    The kubernetes cluster's name. It is unique in one Alicloud account.
    name_prefix str

    Deprecated: Field 'name_prefix' has been deprecated from provider version 1.75.0.

    nat_gateway_id str
    The ID of nat gateway used to launch kubernetes cluster.
    new_nat_gateway bool
    Whether to create a new nat gateway while creating kubernetes cluster. Default to true. Then openapi in Alibaba Cloud are not all on intranet, So turn this option on is a good choice. Your cluster nodes and applications will have public network access. If there is a NAT gateway in the selected VPC, ACK will use this gateway by default; if there is no NAT gateway in the selected VPC, ACK will create a new NAT gateway for you and automatically configure SNAT rules. Only works for Create Operation.
    node_cidr_mask int
    The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24
    node_name_mode str
    Each node name consists of a prefix, an IP substring, and a suffix, the input format is customized,<prefix>,IPSubStringLen,<suffix>. For example "customized,aliyun.com-,5,-test", if the node IP address is 192.168.59.176, the prefix is aliyun.com-, IP substring length is 5, and the suffix is -test, the node name will be aliyun.com-59176-test.
    os_type str
    The operating system of the nodes that run pods, its valid value is either Linux or Windows. Default to Linux.
    password str
    The password of ssh login cluster node. You have to specify one of password key_name kms_encrypted_password fields.
    platform str
    The architecture of the nodes that run pods, its valid value is either CentOS or AliyunLinux. Default to CentOS.
    pod_cidr str
    [Flannel Specific] The CIDR block for the pod network when using Flannel.
    pod_vswitch_ids Sequence[str]
    [Terway Specific] The vswitches for the pod network when using Terway. It is recommended that pod_vswitch_ids is not belong to worker_vswitch_ids and master_vswitch_ids but must be in same availability zones. Only works for Create Operation.
    proxy_mode str
    Proxy mode is option of kube-proxy. options: iptables | ipvs. default: ipvs.
    rds_instances Sequence[str]
    RDS instance list, You can choose which RDS instances whitelist to add instances to.
    resource_group_id str
    The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
    retain_resources Sequence[str]
    runtime KubernetesRuntimeArgs
    The runtime of containers. If you select another container runtime, see How do I select between Docker and Sandboxed-Container. See runtime below.
    security_group_id str
    The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
    service_account_issuer str
    The issuer of the Service Account token for Service Account Token Volume Projection, corresponds to the iss field in the token payload. Set this to "https://kubernetes.default.svc" to enable the Token Volume Projection feature (requires specifying api_audiences as well). From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    service_cidr str
    The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
    slb_id str
    The ID of APIServer load balancer.
    slb_internet str
    The public ip of load balancer.
    slb_internet_enabled bool

    Whether to create internet load balancer for API Server. Default to true. Only works for Create Operation.

    NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

    Master params

    slb_intranet str
    The ID of private load balancer where the current cluster master node is located.
    tags Mapping[str, str]
    Default nil, A map of tags assigned to the kubernetes cluster and work nodes.
    timezone str
    When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
    user_ca str
    The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
    version str
    Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK.
    vpc_id str
    The ID of VPC where the current cluster is located.
    worker_ram_role_name str
    The RamRole Name attached to worker node.
    addons List<Property Map>

    The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

    Network params

    apiAudiences List<String>
    A list of API audiences for Service Account Token Volume Projection. Set this to ["https://kubernetes.default.svc"] if you want to enable the Token Volume Projection feature requires specifying service_account_issuer as well. From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    certificateAuthority Property Map
    (Map, Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
    clientCert String
    The path of client certificate, like ~/.kube/client-cert.pem.
    clientKey String
    The path of client key, like ~/.kube/client-key.pem.
    clusterCaCert String

    The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

    Removed params

    clusterDomain String
    Cluster local domain name, Default to cluster.local. A domain name consists of one or more sections separated by a decimal point (.), each of which is up to 63 characters long, and can be lowercase, numerals, and underscores (-), and must be lowercase or numerals at the beginning and end.
    connections Property Map
    (Map) Map of kubernetes cluster connection information.
    customSan String
    Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).
    deleteOptions List<Property Map>
    Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.
    deletionProtection Boolean
    Whether to enable cluster deletion protection.
    enableSsh Boolean
    Enable login to the node through SSH. Default to false.
    imageId String
    Custom Image support. Must based on CentOS7 or AliyunLinux2.
    installCloudMonitor Boolean
    Install cloud monitor agent on ECS. Default to true.
    isEnterpriseSecurityGroup Boolean
    Enable to create advanced security group. default: false. See Advanced security group. Only works for Create Operation.
    keyName String
    The keypair of ssh login cluster node, you have to create it first. You have to specify one of password key_name kms_encrypted_password fields.
    kmsEncryptedPassword String
    An KMS encrypts password used to a cs kubernetes. You have to specify one of password key_name kms_encrypted_password fields.
    kmsEncryptionContext Map<String>
    An KMS encryption context used to decrypt kms_encrypted_password before creating or updating a cs kubernetes with kms_encrypted_password. See Encryption Context. It is valid when kms_encrypted_password is set.
    loadBalancerSpec String
    The cluster api server load balance instance specification, default slb.s1.small. For more information on how to select a LB instance specification, see SLB instance overview. Only works for Create Operation.

    Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

    masterAutoRenew Boolean
    Enable master payment auto-renew, defaults to false.
    masterAutoRenewPeriod Number
    Master payment auto-renew period, it can be one of {1, 2, 3, 6, 12}.
    masterDiskCategory String
    The system disk category of master node. Its valid value are cloud_ssd, cloud_essd and cloud_efficiency. Default to cloud_efficiency.
    masterDiskPerformanceLevel String
    Master node system disk performance level. When master_disk_category values cloud_essd, the optional values are PL0, PL1, PL2 or PL3, but the specific performance level is related to the disk capacity. For more information, see Enhanced SSDs. Default is PL1.
    masterDiskSize Number
    The system disk size of master node. Its valid value range [20~500] in GB. Default to 20.
    masterDiskSnapshotPolicyId String

    Master node system disk auto snapshot policy.

    Computed params

    masterInstanceChargeType String
    Master payment type. or PostPaid or PrePaid, defaults to PostPaid. If value is PrePaid, the files master_period, master_period_unit, master_auto_renew and master_auto_renew_period are required.
    masterInstanceTypes List<String>
    The instance type of master node. Specify one type for single AZ Cluster, three types for MultiAZ Cluster.
    masterNodes List<Property Map>
    (Optional) The master nodes. See master_nodes below.
    masterPeriod Number
    Master payment period.Its valid value is one of {1, 2, 3, 6, 12, 24, 36, 48, 60}.
    masterPeriodUnit String
    Master payment period unit, the valid value is Month.
    masterVswitchIds List<String>
    The vswitches used by master, you can specific 3 or 5 vswitches because of the amount of masters. Detailed below.
    name String
    The kubernetes cluster's name. It is unique in one Alicloud account.
    namePrefix String

    Deprecated: Field 'name_prefix' has been deprecated from provider version 1.75.0.

    natGatewayId String
    The ID of nat gateway used to launch kubernetes cluster.
    newNatGateway Boolean
    Whether to create a new nat gateway while creating kubernetes cluster. Default to true. Then openapi in Alibaba Cloud are not all on intranet, So turn this option on is a good choice. Your cluster nodes and applications will have public network access. If there is a NAT gateway in the selected VPC, ACK will use this gateway by default; if there is no NAT gateway in the selected VPC, ACK will create a new NAT gateway for you and automatically configure SNAT rules. Only works for Create Operation.
    nodeCidrMask Number
    The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24
    nodeNameMode String
    Each node name consists of a prefix, an IP substring, and a suffix, the input format is customized,<prefix>,IPSubStringLen,<suffix>. For example "customized,aliyun.com-,5,-test", if the node IP address is 192.168.59.176, the prefix is aliyun.com-, IP substring length is 5, and the suffix is -test, the node name will be aliyun.com-59176-test.
    osType String
    The operating system of the nodes that run pods, its valid value is either Linux or Windows. Default to Linux.
    password String
    The password of ssh login cluster node. You have to specify one of password key_name kms_encrypted_password fields.
    platform String
    The architecture of the nodes that run pods, its valid value is either CentOS or AliyunLinux. Default to CentOS.
    podCidr String
    [Flannel Specific] The CIDR block for the pod network when using Flannel.
    podVswitchIds List<String>
    [Terway Specific] The vswitches for the pod network when using Terway. It is recommended that pod_vswitch_ids is not belong to worker_vswitch_ids and master_vswitch_ids but must be in same availability zones. Only works for Create Operation.
    proxyMode String
    Proxy mode is option of kube-proxy. options: iptables | ipvs. default: ipvs.
    rdsInstances List<String>
    RDS instance list, You can choose which RDS instances whitelist to add instances to.
    resourceGroupId String
    The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
    retainResources List<String>
    runtime Property Map
    The runtime of containers. If you select another container runtime, see How do I select between Docker and Sandboxed-Container. See runtime below.
    securityGroupId String
    The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
    serviceAccountIssuer String
    The issuer of the Service Account token for Service Account Token Volume Projection, corresponds to the iss field in the token payload. Set this to "https://kubernetes.default.svc" to enable the Token Volume Projection feature (requires specifying api_audiences as well). From cluster version 1.22+, Service Account Token Volume Projection will be enabled by default.
    serviceCidr String
    The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
    slbId String
    The ID of APIServer load balancer.
    slbInternet String
    The public ip of load balancer.
    slbInternetEnabled Boolean

    Whether to create internet load balancer for API Server. Default to true. Only works for Create Operation.

    NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

    Master params

    slbIntranet String
    The ID of private load balancer where the current cluster master node is located.
    tags Map<String>
    Default nil, A map of tags assigned to the kubernetes cluster and work nodes.
    timezone String
    When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
    userCa String
    The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
    version String
    Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK.
    vpcId String
    The ID of VPC where the current cluster is located.
    workerRamRoleName String
    The RamRole Name attached to worker node.

    Supporting Types

    KubernetesAddon, KubernetesAddonArgs

    Config string
    The ACK add-on configurations. For more config information, see cs_kubernetes_addon_metadata.
    Disabled bool

    Disables the automatic installation of a component. Default is false.

    The following example is the definition of addons block, The type of this field is list:

    # install nginx ingress, conflict with SLB ingress
    addons {
    name = "nginx-ingress-controller"
    # use internet
    config = "{\"IngressSlbNetworkType\":\"internet",\"IngressSlbSpec\":\"slb.s2.small\"}"
    # if use intranet, detail below.
    # config = "{\"IngressSlbNetworkType\":\"intranet",\"IngressSlbSpec\":\"slb.s2.small\"}"
    }
    
    Name string
    Name of the ACK add-on. The name must match one of the names returned by DescribeAddons.
    Version string
    The version of the component.
    Config string
    The ACK add-on configurations. For more config information, see cs_kubernetes_addon_metadata.
    Disabled bool

    Disables the automatic installation of a component. Default is false.

    The following example is the definition of addons block, The type of this field is list:

    # install nginx ingress, conflict with SLB ingress
    addons {
    name = "nginx-ingress-controller"
    # use internet
    config = "{\"IngressSlbNetworkType\":\"internet",\"IngressSlbSpec\":\"slb.s2.small\"}"
    # if use intranet, detail below.
    # config = "{\"IngressSlbNetworkType\":\"intranet",\"IngressSlbSpec\":\"slb.s2.small\"}"
    }
    
    Name string
    Name of the ACK add-on. The name must match one of the names returned by DescribeAddons.
    Version string
    The version of the component.
    config String
    The ACK add-on configurations. For more config information, see cs_kubernetes_addon_metadata.
    disabled Boolean

    Disables the automatic installation of a component. Default is false.

    The following example is the definition of addons block, The type of this field is list:

    # install nginx ingress, conflict with SLB ingress
    addons {
    name = "nginx-ingress-controller"
    # use internet
    config = "{\"IngressSlbNetworkType\":\"internet",\"IngressSlbSpec\":\"slb.s2.small\"}"
    # if use intranet, detail below.
    # config = "{\"IngressSlbNetworkType\":\"intranet",\"IngressSlbSpec\":\"slb.s2.small\"}"
    }
    
    name String
    Name of the ACK add-on. The name must match one of the names returned by DescribeAddons.
    version String
    The version of the component.
    config string
    The ACK add-on configurations. For more config information, see cs_kubernetes_addon_metadata.
    disabled boolean

    Disables the automatic installation of a component. Default is false.

    The following example is the definition of addons block, The type of this field is list:

    # install nginx ingress, conflict with SLB ingress
    addons {
    name = "nginx-ingress-controller"
    # use internet
    config = "{\"IngressSlbNetworkType\":\"internet",\"IngressSlbSpec\":\"slb.s2.small\"}"
    # if use intranet, detail below.
    # config = "{\"IngressSlbNetworkType\":\"intranet",\"IngressSlbSpec\":\"slb.s2.small\"}"
    }
    
    name string
    Name of the ACK add-on. The name must match one of the names returned by DescribeAddons.
    version string
    The version of the component.
    config str
    The ACK add-on configurations. For more config information, see cs_kubernetes_addon_metadata.
    disabled bool

    Disables the automatic installation of a component. Default is false.

    The following example is the definition of addons block, The type of this field is list:

    # install nginx ingress, conflict with SLB ingress
    addons {
    name = "nginx-ingress-controller"
    # use internet
    config = "{\"IngressSlbNetworkType\":\"internet",\"IngressSlbSpec\":\"slb.s2.small\"}"
    # if use intranet, detail below.
    # config = "{\"IngressSlbNetworkType\":\"intranet",\"IngressSlbSpec\":\"slb.s2.small\"}"
    }
    
    name str
    Name of the ACK add-on. The name must match one of the names returned by DescribeAddons.
    version str
    The version of the component.
    config String
    The ACK add-on configurations. For more config information, see cs_kubernetes_addon_metadata.
    disabled Boolean

    Disables the automatic installation of a component. Default is false.

    The following example is the definition of addons block, The type of this field is list:

    # install nginx ingress, conflict with SLB ingress
    addons {
    name = "nginx-ingress-controller"
    # use internet
    config = "{\"IngressSlbNetworkType\":\"internet",\"IngressSlbSpec\":\"slb.s2.small\"}"
    # if use intranet, detail below.
    # config = "{\"IngressSlbNetworkType\":\"intranet",\"IngressSlbSpec\":\"slb.s2.small\"}"
    }
    
    name String
    Name of the ACK add-on. The name must match one of the names returned by DescribeAddons.
    version String
    The version of the component.

    KubernetesCertificateAuthority, KubernetesCertificateAuthorityArgs

    ClientCert string
    The path of client certificate, like ~/.kube/client-cert.pem.
    ClientKey string
    The path of client key, like ~/.kube/client-key.pem.
    ClusterCert string
    The base64 encoded cluster certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.
    ClientCert string
    The path of client certificate, like ~/.kube/client-cert.pem.
    ClientKey string
    The path of client key, like ~/.kube/client-key.pem.
    ClusterCert string
    The base64 encoded cluster certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.
    clientCert String
    The path of client certificate, like ~/.kube/client-cert.pem.
    clientKey String
    The path of client key, like ~/.kube/client-key.pem.
    clusterCert String
    The base64 encoded cluster certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.
    clientCert string
    The path of client certificate, like ~/.kube/client-cert.pem.
    clientKey string
    The path of client key, like ~/.kube/client-key.pem.
    clusterCert string
    The base64 encoded cluster certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.
    client_cert str
    The path of client certificate, like ~/.kube/client-cert.pem.
    client_key str
    The path of client key, like ~/.kube/client-key.pem.
    cluster_cert str
    The base64 encoded cluster certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.
    clientCert String
    The path of client certificate, like ~/.kube/client-cert.pem.
    clientKey String
    The path of client key, like ~/.kube/client-key.pem.
    clusterCert String
    The base64 encoded cluster certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

    KubernetesConnections, KubernetesConnectionsArgs

    ApiServerInternet string
    API Server Internet endpoint.
    ApiServerIntranet string
    API Server Intranet endpoint.
    MasterPublicIp string
    Master node SSH IP address.
    ServiceDomain string
    Service Access Domain.
    ApiServerInternet string
    API Server Internet endpoint.
    ApiServerIntranet string
    API Server Intranet endpoint.
    MasterPublicIp string
    Master node SSH IP address.
    ServiceDomain string
    Service Access Domain.
    apiServerInternet String
    API Server Internet endpoint.
    apiServerIntranet String
    API Server Intranet endpoint.
    masterPublicIp String
    Master node SSH IP address.
    serviceDomain String
    Service Access Domain.
    apiServerInternet string
    API Server Internet endpoint.
    apiServerIntranet string
    API Server Intranet endpoint.
    masterPublicIp string
    Master node SSH IP address.
    serviceDomain string
    Service Access Domain.
    api_server_internet str
    API Server Internet endpoint.
    api_server_intranet str
    API Server Intranet endpoint.
    master_public_ip str
    Master node SSH IP address.
    service_domain str
    Service Access Domain.
    apiServerInternet String
    API Server Internet endpoint.
    apiServerIntranet String
    API Server Intranet endpoint.
    masterPublicIp String
    Master node SSH IP address.
    serviceDomain String
    Service Access Domain.

    KubernetesDeleteOption, KubernetesDeleteOptionArgs

    DeleteMode string
    The deletion mode of the cluster. Different resources may have different default behavior, see resource_type for details. Valid values:
    ResourceType string
    The type of resources that are created by cluster. Valid values:

    • SLB: SLB resources created by the Nginx Ingress Service, default behavior is to delete, option to retain is available.
    • ALB: ALB resources created by the ALB Ingress Controller, default behavior is to retain, option to delete is available.
    • SLS_Data: SLS Project used by the cluster logging feature, default behavior is to retain, option to delete is available.
    • SLS_ControlPlane: SLS Project used for the managed cluster control plane logs, default behavior is to retain, option to delete is available.
    ...
    // Specify delete_options as below when deleting cluster
    // delete SLB resources created by the Nginx Ingress Service
    delete_options {
    delete_mode = "delete"
    resource_type = "SLB"
    }
    // delete ALB resources created by the ALB Ingress Controller
    delete_options {
    delete_mode = "delete"
    resource_type = "ALB"
    }
    // delete SLS Project used by the cluster logging feature
    delete_options {
    delete_mode = "delete"
    resource_type = "SLS_Data"
    }
    // delete SLS Project used for the managed cluster control plane logs
    delete_options {
    delete_mode = "delete"
    resource_type = "SLS_ControlPlane"
    }
    
    DeleteMode string
    The deletion mode of the cluster. Different resources may have different default behavior, see resource_type for details. Valid values:
    ResourceType string
    The type of resources that are created by cluster. Valid values:

    • SLB: SLB resources created by the Nginx Ingress Service, default behavior is to delete, option to retain is available.
    • ALB: ALB resources created by the ALB Ingress Controller, default behavior is to retain, option to delete is available.
    • SLS_Data: SLS Project used by the cluster logging feature, default behavior is to retain, option to delete is available.
    • SLS_ControlPlane: SLS Project used for the managed cluster control plane logs, default behavior is to retain, option to delete is available.
    ...
    // Specify delete_options as below when deleting cluster
    // delete SLB resources created by the Nginx Ingress Service
    delete_options {
    delete_mode = "delete"
    resource_type = "SLB"
    }
    // delete ALB resources created by the ALB Ingress Controller
    delete_options {
    delete_mode = "delete"
    resource_type = "ALB"
    }
    // delete SLS Project used by the cluster logging feature
    delete_options {
    delete_mode = "delete"
    resource_type = "SLS_Data"
    }
    // delete SLS Project used for the managed cluster control plane logs
    delete_options {
    delete_mode = "delete"
    resource_type = "SLS_ControlPlane"
    }
    
    deleteMode String
    The deletion mode of the cluster. Different resources may have different default behavior, see resource_type for details. Valid values:
    resourceType String
    The type of resources that are created by cluster. Valid values:

    • SLB: SLB resources created by the Nginx Ingress Service, default behavior is to delete, option to retain is available.
    • ALB: ALB resources created by the ALB Ingress Controller, default behavior is to retain, option to delete is available.
    • SLS_Data: SLS Project used by the cluster logging feature, default behavior is to retain, option to delete is available.
    • SLS_ControlPlane: SLS Project used for the managed cluster control plane logs, default behavior is to retain, option to delete is available.
    ...
    // Specify delete_options as below when deleting cluster
    // delete SLB resources created by the Nginx Ingress Service
    delete_options {
    delete_mode = "delete"
    resource_type = "SLB"
    }
    // delete ALB resources created by the ALB Ingress Controller
    delete_options {
    delete_mode = "delete"
    resource_type = "ALB"
    }
    // delete SLS Project used by the cluster logging feature
    delete_options {
    delete_mode = "delete"
    resource_type = "SLS_Data"
    }
    // delete SLS Project used for the managed cluster control plane logs
    delete_options {
    delete_mode = "delete"
    resource_type = "SLS_ControlPlane"
    }
    
    deleteMode string
    The deletion mode of the cluster. Different resources may have different default behavior, see resource_type for details. Valid values:
    resourceType string
    The type of resources that are created by cluster. Valid values:

    • SLB: SLB resources created by the Nginx Ingress Service, default behavior is to delete, option to retain is available.
    • ALB: ALB resources created by the ALB Ingress Controller, default behavior is to retain, option to delete is available.
    • SLS_Data: SLS Project used by the cluster logging feature, default behavior is to retain, option to delete is available.
    • SLS_ControlPlane: SLS Project used for the managed cluster control plane logs, default behavior is to retain, option to delete is available.
    ...
    // Specify delete_options as below when deleting cluster
    // delete SLB resources created by the Nginx Ingress Service
    delete_options {
    delete_mode = "delete"
    resource_type = "SLB"
    }
    // delete ALB resources created by the ALB Ingress Controller
    delete_options {
    delete_mode = "delete"
    resource_type = "ALB"
    }
    // delete SLS Project used by the cluster logging feature
    delete_options {
    delete_mode = "delete"
    resource_type = "SLS_Data"
    }
    // delete SLS Project used for the managed cluster control plane logs
    delete_options {
    delete_mode = "delete"
    resource_type = "SLS_ControlPlane"
    }
    
    delete_mode str
    The deletion mode of the cluster. Different resources may have different default behavior, see resource_type for details. Valid values:
    resource_type str
    The type of resources that are created by cluster. Valid values:

    • SLB: SLB resources created by the Nginx Ingress Service, default behavior is to delete, option to retain is available.
    • ALB: ALB resources created by the ALB Ingress Controller, default behavior is to retain, option to delete is available.
    • SLS_Data: SLS Project used by the cluster logging feature, default behavior is to retain, option to delete is available.
    • SLS_ControlPlane: SLS Project used for the managed cluster control plane logs, default behavior is to retain, option to delete is available.
    ...
    // Specify delete_options as below when deleting cluster
    // delete SLB resources created by the Nginx Ingress Service
    delete_options {
    delete_mode = "delete"
    resource_type = "SLB"
    }
    // delete ALB resources created by the ALB Ingress Controller
    delete_options {
    delete_mode = "delete"
    resource_type = "ALB"
    }
    // delete SLS Project used by the cluster logging feature
    delete_options {
    delete_mode = "delete"
    resource_type = "SLS_Data"
    }
    // delete SLS Project used for the managed cluster control plane logs
    delete_options {
    delete_mode = "delete"
    resource_type = "SLS_ControlPlane"
    }
    
    deleteMode String
    The deletion mode of the cluster. Different resources may have different default behavior, see resource_type for details. Valid values:
    resourceType String
    The type of resources that are created by cluster. Valid values:

    • SLB: SLB resources created by the Nginx Ingress Service, default behavior is to delete, option to retain is available.
    • ALB: ALB resources created by the ALB Ingress Controller, default behavior is to retain, option to delete is available.
    • SLS_Data: SLS Project used by the cluster logging feature, default behavior is to retain, option to delete is available.
    • SLS_ControlPlane: SLS Project used for the managed cluster control plane logs, default behavior is to retain, option to delete is available.
    ...
    // Specify delete_options as below when deleting cluster
    // delete SLB resources created by the Nginx Ingress Service
    delete_options {
    delete_mode = "delete"
    resource_type = "SLB"
    }
    // delete ALB resources created by the ALB Ingress Controller
    delete_options {
    delete_mode = "delete"
    resource_type = "ALB"
    }
    // delete SLS Project used by the cluster logging feature
    delete_options {
    delete_mode = "delete"
    resource_type = "SLS_Data"
    }
    // delete SLS Project used for the managed cluster control plane logs
    delete_options {
    delete_mode = "delete"
    resource_type = "SLS_ControlPlane"
    }
    

    KubernetesMasterNode, KubernetesMasterNodeArgs

    Id string
    ID of the node.
    Name string
    The kubernetes cluster's name. It is unique in one Alicloud account.
    PrivateIp string
    The private IP address of node.
    Id string
    ID of the node.
    Name string
    The kubernetes cluster's name. It is unique in one Alicloud account.
    PrivateIp string
    The private IP address of node.
    id String
    ID of the node.
    name String
    The kubernetes cluster's name. It is unique in one Alicloud account.
    privateIp String
    The private IP address of node.
    id string
    ID of the node.
    name string
    The kubernetes cluster's name. It is unique in one Alicloud account.
    privateIp string
    The private IP address of node.
    id str
    ID of the node.
    name str
    The kubernetes cluster's name. It is unique in one Alicloud account.
    private_ip str
    The private IP address of node.
    id String
    ID of the node.
    name String
    The kubernetes cluster's name. It is unique in one Alicloud account.
    privateIp String
    The private IP address of node.

    KubernetesRuntime, KubernetesRuntimeArgs

    Name string
    The name of the runtime. Supported runtimes can be queried by data source alicloud_cs_kubernetes_version.
    Version string

    The version of the runtime.

    The following example is the definition of runtime block:

    runtime = {
    name = "containerd"
    version = "1.6.28"
    }
    
    Name string
    The name of the runtime. Supported runtimes can be queried by data source alicloud_cs_kubernetes_version.
    Version string

    The version of the runtime.

    The following example is the definition of runtime block:

    runtime = {
    name = "containerd"
    version = "1.6.28"
    }
    
    name String
    The name of the runtime. Supported runtimes can be queried by data source alicloud_cs_kubernetes_version.
    version String

    The version of the runtime.

    The following example is the definition of runtime block:

    runtime = {
    name = "containerd"
    version = "1.6.28"
    }
    
    name string
    The name of the runtime. Supported runtimes can be queried by data source alicloud_cs_kubernetes_version.
    version string

    The version of the runtime.

    The following example is the definition of runtime block:

    runtime = {
    name = "containerd"
    version = "1.6.28"
    }
    
    name str
    The name of the runtime. Supported runtimes can be queried by data source alicloud_cs_kubernetes_version.
    version str

    The version of the runtime.

    The following example is the definition of runtime block:

    runtime = {
    name = "containerd"
    version = "1.6.28"
    }
    
    name String
    The name of the runtime. Supported runtimes can be queried by data source alicloud_cs_kubernetes_version.
    version String

    The version of the runtime.

    The following example is the definition of runtime block:

    runtime = {
    name = "containerd"
    version = "1.6.28"
    }
    

    Import

    Kubernetes cluster can be imported using the id, e.g. Then complete the main.tf accords to the result of pulumi preview.

    $ pulumi import alicloud:cs/kubernetes:Kubernetes main cluster-id
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Alibaba Cloud pulumi/pulumi-alicloud
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the alicloud Terraform Provider.
    alicloud logo
    Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi