Alibaba Cloud v3.66.0, Nov 15 24

Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi

alicloud.cs.ManagedKubernetes

Explore with Pulumi AI

Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi

NOTE: Kubernetes cluster only supports VPC network and it can access internet while creating kubernetes cluster. A Nat Gateway and configuring a SNAT for it can ensure one VPC network access internet. If there is no nat gateway in the VPC, you can set new_nat_gateway to “true” to create one automatically.

NOTE: Creating kubernetes cluster need to install several packages and it will cost about 15 minutes. Please be patient.

NOTE: From version 1.9.4, the provider supports to download kube config, client certificate, client key and cluster ca certificate after creating cluster successfully, and you can put them into the specified location, like ‘~/.kube/config’.

NOTE: From version 1.20.0, the provider supports disabling internet load balancer for API Server by setting false to slb_internet_enabled.

NOTE: If you want to manage Kubernetes, you can use Kubernetes Provider.

NOTE: You need to activate several other products and confirm Authorization Policy used by Container Service before using this resource. Please refer to the Authorization management and Cluster management sections in the Document Center.

NOTE: From version 1.72.0, Some parameters have been removed from resource,You can check them below and re-import the cluster if necessary.

NOTE: From version 1.120.0, Support for cluster migration from Standard cluster to professional.

NOTE: From version 1.177.0, runtime,enable_ssh,rds_instances,exclude_autoscaler_nodes,worker_number,worker_instance_types,password,key_name,kms_encrypted_password,kms_encryption_context,worker_instance_charge_type,worker_period,worker_period_unit,worker_auto_renew,worker_auto_renew_period,worker_disk_category,worker_disk_size,worker_data_disks,node_name_mode,node_port_range,os_type,platform,image_id,cpu_policy,user_data,taints,worker_disk_performance_level,worker_disk_snapshot_policy_id,install_cloud_monitor are deprecated. We Suggest you using resource alicloud.cs.NodePool to manage your cluster worker nodes.

NOTE: From version 1.212.0, runtime,enable_ssh,rds_instances,exclude_autoscaler_nodes,worker_number,worker_instance_types,password,key_name,kms_encrypted_password,kms_encryption_context,worker_instance_charge_type,worker_period,worker_period_unit,worker_auto_renew,worker_auto_renew_period,worker_disk_category,worker_disk_size,worker_data_disks,node_name_mode,node_port_range,os_type,platform,image_id,cpu_policy,user_data,taints,worker_disk_performance_level,worker_disk_snapshot_policy_id,install_cloud_monitor,kube_config,availability_zone are removed. Please use resource alicloud.cs.NodePool to manage your cluster worker nodes.

Create ManagedKubernetes Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new ManagedKubernetes(name: string, args: ManagedKubernetesArgs, opts?: CustomResourceOptions);

@overload
def ManagedKubernetes(resource_name: str,
                      args: ManagedKubernetesArgs,
                      opts: Optional[ResourceOptions] = None)

@overload
def ManagedKubernetes(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      worker_vswitch_ids: Optional[Sequence[str]] = None,
                      name: Optional[str] = None,
                      cluster_ca_cert: Optional[str] = None,
                      maintenance_window: Optional[ManagedKubernetesMaintenanceWindowArgs] = None,
                      addons: Optional[Sequence[ManagedKubernetesAddonArgs]] = None,
                      cluster_domain: Optional[str] = None,
                      cluster_spec: Optional[str] = None,
                      control_plane_log_components: Optional[Sequence[str]] = None,
                      control_plane_log_project: Optional[str] = None,
                      control_plane_log_ttl: Optional[str] = None,
                      custom_san: Optional[str] = None,
                      delete_options: Optional[Sequence[ManagedKubernetesDeleteOptionArgs]] = None,
                      deletion_protection: Optional[bool] = None,
                      enable_rrsa: Optional[bool] = None,
                      encryption_provider_key: Optional[str] = None,
                      is_enterprise_security_group: Optional[bool] = None,
                      load_balancer_spec: Optional[str] = None,
                      client_key: Optional[str] = None,
                      name_prefix: Optional[str] = None,
                      client_cert: Optional[str] = None,
                      new_nat_gateway: Optional[bool] = None,
                      node_cidr_mask: Optional[int] = None,
                      operation_policy: Optional[ManagedKubernetesOperationPolicyArgs] = None,
                      pod_cidr: Optional[str] = None,
                      pod_vswitch_ids: Optional[Sequence[str]] = None,
                      proxy_mode: Optional[str] = None,
                      resource_group_id: Optional[str] = None,
                      retain_resources: Optional[Sequence[str]] = None,
                      security_group_id: Optional[str] = None,
                      service_account_issuer: Optional[str] = None,
                      service_cidr: Optional[str] = None,
                      slb_internet_enabled: Optional[bool] = None,
                      tags: Optional[Mapping[str, str]] = None,
                      timezone: Optional[str] = None,
                      user_ca: Optional[str] = None,
                      version: Optional[str] = None,
                      api_audiences: Optional[Sequence[str]] = None)

func NewManagedKubernetes(ctx *Context, name string, args ManagedKubernetesArgs, opts ...ResourceOption) (*ManagedKubernetes, error)

public ManagedKubernetes(string name, ManagedKubernetesArgs args, CustomResourceOptions? opts = null)

public ManagedKubernetes(String name, ManagedKubernetesArgs args)
public ManagedKubernetes(String name, ManagedKubernetesArgs args, CustomResourceOptions options)

type: alicloud:cs:ManagedKubernetes
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ManagedKubernetesArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ManagedKubernetesArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ManagedKubernetesArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ManagedKubernetesArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ManagedKubernetesArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var managedKubernetesResource = new AliCloud.CS.ManagedKubernetes("managedKubernetesResource", new()
{
    WorkerVswitchIds = new[]
    {
        "string",
    },
    Name = "string",
    ClusterCaCert = "string",
    MaintenanceWindow = new AliCloud.CS.Inputs.ManagedKubernetesMaintenanceWindowArgs
    {
        Duration = "string",
        Enable = false,
        MaintenanceTime = "string",
        WeeklyPeriod = "string",
    },
    Addons = new[]
    {
        new AliCloud.CS.Inputs.ManagedKubernetesAddonArgs
        {
            Config = "string",
            Disabled = false,
            Name = "string",
            Version = "string",
        },
    },
    ClusterDomain = "string",
    ClusterSpec = "string",
    ControlPlaneLogComponents = new[]
    {
        "string",
    },
    ControlPlaneLogProject = "string",
    ControlPlaneLogTtl = "string",
    CustomSan = "string",
    DeleteOptions = new[]
    {
        new AliCloud.CS.Inputs.ManagedKubernetesDeleteOptionArgs
        {
            DeleteMode = "string",
            ResourceType = "string",
        },
    },
    DeletionProtection = false,
    EnableRrsa = false,
    EncryptionProviderKey = "string",
    IsEnterpriseSecurityGroup = false,
    ClientKey = "string",
    NamePrefix = "string",
    ClientCert = "string",
    NewNatGateway = false,
    NodeCidrMask = 0,
    OperationPolicy = new AliCloud.CS.Inputs.ManagedKubernetesOperationPolicyArgs
    {
        ClusterAutoUpgrade = new AliCloud.CS.Inputs.ManagedKubernetesOperationPolicyClusterAutoUpgradeArgs
        {
            Channel = "string",
            Enabled = false,
        },
    },
    PodCidr = "string",
    PodVswitchIds = new[]
    {
        "string",
    },
    ProxyMode = "string",
    ResourceGroupId = "string",
    RetainResources = new[]
    {
        "string",
    },
    SecurityGroupId = "string",
    ServiceAccountIssuer = "string",
    ServiceCidr = "string",
    SlbInternetEnabled = false,
    Tags = 
    {
        { "string", "string" },
    },
    Timezone = "string",
    UserCa = "string",
    Version = "string",
    ApiAudiences = new[]
    {
        "string",
    },
});

example, err := cs.NewManagedKubernetes(ctx, "managedKubernetesResource", &cs.ManagedKubernetesArgs{
	WorkerVswitchIds: pulumi.StringArray{
		pulumi.String("string"),
	},
	Name:          pulumi.String("string"),
	ClusterCaCert: pulumi.String("string"),
	MaintenanceWindow: &cs.ManagedKubernetesMaintenanceWindowArgs{
		Duration:        pulumi.String("string"),
		Enable:          pulumi.Bool(false),
		MaintenanceTime: pulumi.String("string"),
		WeeklyPeriod:    pulumi.String("string"),
	},
	Addons: cs.ManagedKubernetesAddonArray{
		&cs.ManagedKubernetesAddonArgs{
			Config:   pulumi.String("string"),
			Disabled: pulumi.Bool(false),
			Name:     pulumi.String("string"),
			Version:  pulumi.String("string"),
		},
	},
	ClusterDomain: pulumi.String("string"),
	ClusterSpec:   pulumi.String("string"),
	ControlPlaneLogComponents: pulumi.StringArray{
		pulumi.String("string"),
	},
	ControlPlaneLogProject: pulumi.String("string"),
	ControlPlaneLogTtl:     pulumi.String("string"),
	CustomSan:              pulumi.String("string"),
	DeleteOptions: cs.ManagedKubernetesDeleteOptionArray{
		&cs.ManagedKubernetesDeleteOptionArgs{
			DeleteMode:   pulumi.String("string"),
			ResourceType: pulumi.String("string"),
		},
	},
	DeletionProtection:        pulumi.Bool(false),
	EnableRrsa:                pulumi.Bool(false),
	EncryptionProviderKey:     pulumi.String("string"),
	IsEnterpriseSecurityGroup: pulumi.Bool(false),
	ClientKey:                 pulumi.String("string"),
	NamePrefix:                pulumi.String("string"),
	ClientCert:                pulumi.String("string"),
	NewNatGateway:             pulumi.Bool(false),
	NodeCidrMask:              pulumi.Int(0),
	OperationPolicy: &cs.ManagedKubernetesOperationPolicyArgs{
		ClusterAutoUpgrade: &cs.ManagedKubernetesOperationPolicyClusterAutoUpgradeArgs{
			Channel: pulumi.String("string"),
			Enabled: pulumi.Bool(false),
		},
	},
	PodCidr: pulumi.String("string"),
	PodVswitchIds: pulumi.StringArray{
		pulumi.String("string"),
	},
	ProxyMode:       pulumi.String("string"),
	ResourceGroupId: pulumi.String("string"),
	RetainResources: pulumi.StringArray{
		pulumi.String("string"),
	},
	SecurityGroupId:      pulumi.String("string"),
	ServiceAccountIssuer: pulumi.String("string"),
	ServiceCidr:          pulumi.String("string"),
	SlbInternetEnabled:   pulumi.Bool(false),
	Tags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	Timezone: pulumi.String("string"),
	UserCa:   pulumi.String("string"),
	Version:  pulumi.String("string"),
	ApiAudiences: pulumi.StringArray{
		pulumi.String("string"),
	},
})

var managedKubernetesResource = new ManagedKubernetes("managedKubernetesResource", ManagedKubernetesArgs.builder()
    .workerVswitchIds("string")
    .name("string")
    .clusterCaCert("string")
    .maintenanceWindow(ManagedKubernetesMaintenanceWindowArgs.builder()
        .duration("string")
        .enable(false)
        .maintenanceTime("string")
        .weeklyPeriod("string")
        .build())
    .addons(ManagedKubernetesAddonArgs.builder()
        .config("string")
        .disabled(false)
        .name("string")
        .version("string")
        .build())
    .clusterDomain("string")
    .clusterSpec("string")
    .controlPlaneLogComponents("string")
    .controlPlaneLogProject("string")
    .controlPlaneLogTtl("string")
    .customSan("string")
    .deleteOptions(ManagedKubernetesDeleteOptionArgs.builder()
        .deleteMode("string")
        .resourceType("string")
        .build())
    .deletionProtection(false)
    .enableRrsa(false)
    .encryptionProviderKey("string")
    .isEnterpriseSecurityGroup(false)
    .clientKey("string")
    .namePrefix("string")
    .clientCert("string")
    .newNatGateway(false)
    .nodeCidrMask(0)
    .operationPolicy(ManagedKubernetesOperationPolicyArgs.builder()
        .clusterAutoUpgrade(ManagedKubernetesOperationPolicyClusterAutoUpgradeArgs.builder()
            .channel("string")
            .enabled(false)
            .build())
        .build())
    .podCidr("string")
    .podVswitchIds("string")
    .proxyMode("string")
    .resourceGroupId("string")
    .retainResources("string")
    .securityGroupId("string")
    .serviceAccountIssuer("string")
    .serviceCidr("string")
    .slbInternetEnabled(false)
    .tags(Map.of("string", "string"))
    .timezone("string")
    .userCa("string")
    .version("string")
    .apiAudiences("string")
    .build());

managed_kubernetes_resource = alicloud.cs.ManagedKubernetes("managedKubernetesResource",
    worker_vswitch_ids=["string"],
    name="string",
    cluster_ca_cert="string",
    maintenance_window={
        "duration": "string",
        "enable": False,
        "maintenance_time": "string",
        "weekly_period": "string",
    },
    addons=[{
        "config": "string",
        "disabled": False,
        "name": "string",
        "version": "string",
    }],
    cluster_domain="string",
    cluster_spec="string",
    control_plane_log_components=["string"],
    control_plane_log_project="string",
    control_plane_log_ttl="string",
    custom_san="string",
    delete_options=[{
        "delete_mode": "string",
        "resource_type": "string",
    }],
    deletion_protection=False,
    enable_rrsa=False,
    encryption_provider_key="string",
    is_enterprise_security_group=False,
    client_key="string",
    name_prefix="string",
    client_cert="string",
    new_nat_gateway=False,
    node_cidr_mask=0,
    operation_policy={
        "cluster_auto_upgrade": {
            "channel": "string",
            "enabled": False,
        },
    },
    pod_cidr="string",
    pod_vswitch_ids=["string"],
    proxy_mode="string",
    resource_group_id="string",
    retain_resources=["string"],
    security_group_id="string",
    service_account_issuer="string",
    service_cidr="string",
    slb_internet_enabled=False,
    tags={
        "string": "string",
    },
    timezone="string",
    user_ca="string",
    version="string",
    api_audiences=["string"])

const managedKubernetesResource = new alicloud.cs.ManagedKubernetes("managedKubernetesResource", {
    workerVswitchIds: ["string"],
    name: "string",
    clusterCaCert: "string",
    maintenanceWindow: {
        duration: "string",
        enable: false,
        maintenanceTime: "string",
        weeklyPeriod: "string",
    },
    addons: [{
        config: "string",
        disabled: false,
        name: "string",
        version: "string",
    }],
    clusterDomain: "string",
    clusterSpec: "string",
    controlPlaneLogComponents: ["string"],
    controlPlaneLogProject: "string",
    controlPlaneLogTtl: "string",
    customSan: "string",
    deleteOptions: [{
        deleteMode: "string",
        resourceType: "string",
    }],
    deletionProtection: false,
    enableRrsa: false,
    encryptionProviderKey: "string",
    isEnterpriseSecurityGroup: false,
    clientKey: "string",
    namePrefix: "string",
    clientCert: "string",
    newNatGateway: false,
    nodeCidrMask: 0,
    operationPolicy: {
        clusterAutoUpgrade: {
            channel: "string",
            enabled: false,
        },
    },
    podCidr: "string",
    podVswitchIds: ["string"],
    proxyMode: "string",
    resourceGroupId: "string",
    retainResources: ["string"],
    securityGroupId: "string",
    serviceAccountIssuer: "string",
    serviceCidr: "string",
    slbInternetEnabled: false,
    tags: {
        string: "string",
    },
    timezone: "string",
    userCa: "string",
    version: "string",
    apiAudiences: ["string"],
});

type: alicloud:cs:ManagedKubernetes
properties:
    addons:
        - config: string
          disabled: false
          name: string
          version: string
    apiAudiences:
        - string
    clientCert: string
    clientKey: string
    clusterCaCert: string
    clusterDomain: string
    clusterSpec: string
    controlPlaneLogComponents:
        - string
    controlPlaneLogProject: string
    controlPlaneLogTtl: string
    customSan: string
    deleteOptions:
        - deleteMode: string
          resourceType: string
    deletionProtection: false
    enableRrsa: false
    encryptionProviderKey: string
    isEnterpriseSecurityGroup: false
    maintenanceWindow:
        duration: string
        enable: false
        maintenanceTime: string
        weeklyPeriod: string
    name: string
    namePrefix: string
    newNatGateway: false
    nodeCidrMask: 0
    operationPolicy:
        clusterAutoUpgrade:
            channel: string
            enabled: false
    podCidr: string
    podVswitchIds:
        - string
    proxyMode: string
    resourceGroupId: string
    retainResources:
        - string
    securityGroupId: string
    serviceAccountIssuer: string
    serviceCidr: string
    slbInternetEnabled: false
    tags:
        string: string
    timezone: string
    userCa: string
    version: string
    workerVswitchIds:
        - string

ManagedKubernetes Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ManagedKubernetes resource accepts the following input properties:

WorkerVswitchIds List<string>

The vswitches used by control plane. See worker_vswitch_ids below.

Addons List<Pulumi.AliCloud.CS.Inputs.ManagedKubernetesAddon>

The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

Network params

ApiAudiences List<string>

A list of API audiences for Service Account Token Volume Projection. Set this to ["https://kubernetes.default.svc"] if you want to enable the Token Volume Projection feature (requires specifying service_account_issuer as well. From cluster version 1.22, Service Account Token Volume Projection will be enabled by default.

ClientCert string

The path of client certificate, like ~/.kube/client-cert.pem.

ClientKey string

The path of client key, like ~/.kube/client-key.pem.

ClusterCaCert string

The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

Removed params

ClusterDomain string

Cluster local domain name, Default to cluster.local. A domain name consists of one or more sections separated by a decimal point (.), each of which is up to 63 characters long, and can be lowercase, numerals, and underscores (-), and must be lowercase or numerals at the beginning and end.

ClusterSpec string

The cluster specifications of kubernetes cluster,which can be empty. Valid values:

ack.standard : Standard managed clusters.
ack.pro.small : Professional managed clusters.

ControlPlaneLogComponents List<string>

List of target components for which logs need to be collected. Supports apiserver, kcm, scheduler, ccm and controlplane-events.

ControlPlaneLogProject string

Control plane log project. If this field is not set, a log service project named k8s-log-{ClusterID} will be automatically created.

ControlPlaneLogTtl string

Control plane log retention duration (unit: day). Default 30. If control plane logs are to be collected, control_plane_log_ttl and control_plane_log_components must be specified.

CustomSan string

Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).

NOTE: Make sure you have specified all certificate SANs before updating. Updating this field will lead APIServer to restart.

DeleteOptions List<Pulumi.AliCloud.CS.Inputs.ManagedKubernetesDeleteOption>

Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.

DeletionProtection bool

Whether to enable cluster deletion protection.

EnableRrsa bool

Whether to enable cluster to support RRSA for kubernetes version 1.22.3+. Default to false. Once the RRSA function is turned on, it is not allowed to turn off. If your cluster has enabled this function, please manually modify your tf file and add the rrsa configuration to the file, learn more RAM Roles for Service Accounts.

EncryptionProviderKey string

The disk encryption key.

IsEnterpriseSecurityGroup bool

Enable to create advanced security group. default: false. Only works for Create Operation. See Advanced security group.

LoadBalancerSpec string

The cluster api server load balance instance specification, default slb.s1.small. For more information on how to select a LB instance specification, see SLB instance overview. Only works for Create Operation.

Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

MaintenanceWindow Pulumi.AliCloud.CS.Inputs.ManagedKubernetesMaintenanceWindow

The cluster maintenance window，effective only in the professional managed cluster. Managed node pool will use it. See maintenance_window below.

Name string

The kubernetes cluster's name. It is unique in one Alicloud account.

NamePrefix string

NewNatGateway bool

Whether to create a new nat gateway while creating kubernetes cluster. Default to true. Then openapi in Alibaba Cloud are not all on intranet, So turn this option on is a good choice. Only works for Create Operation.

NodeCidrMask int

The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24

OperationPolicy Pulumi.AliCloud.CS.Inputs.ManagedKubernetesOperationPolicy

The cluster automatic operation policy. See operation_policy below.

PodCidr string

[Flannel Specific] The CIDR block for the pod network when using Flannel.

PodVswitchIds List<string>

[Terway Specific] The vswitches for the pod network when using Terway. It is recommended that pod_vswitch_ids is not belong to worker_vswitch_ids but must be in same availability zones. Only works for Create Operation.

ProxyMode string

Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.

ResourceGroupId string

The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.

RetainResources List<string>

SecurityGroupId string

The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.

ServiceAccountIssuer string

The issuer of the Service Account token for Service Account Token Volume Projection, corresponds to the iss field in the token payload. Set this to "https://kubernetes.default.svc" to enable the Token Volume Projection feature (requires specifying api_audiences as well). From cluster version 1.22, Service Account Token Volume Projection will be enabled by default.

ServiceCidr string

The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.

SlbInternetEnabled bool

Whether to create internet load balancer for API Server. Default to true.

NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

Computed params

Tags Dictionary<string, string>

Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See tags below.

Timezone string

When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.

UserCa string

The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.

Version string

Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK. Do not specify if cluster auto upgrade is enabled, see cluster_auto_upgrade for more information.

WorkerVswitchIds []string

The vswitches used by control plane. See worker_vswitch_ids below.

Addons []ManagedKubernetesAddonArgs

The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

Network params

ApiAudiences []string

ClientCert string

The path of client certificate, like ~/.kube/client-cert.pem.

ClientKey string

The path of client key, like ~/.kube/client-key.pem.

ClusterCaCert string

The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

Removed params

ClusterDomain string

ClusterSpec string

The cluster specifications of kubernetes cluster,which can be empty. Valid values:

ack.standard : Standard managed clusters.
ack.pro.small : Professional managed clusters.

ControlPlaneLogComponents []string

List of target components for which logs need to be collected. Supports apiserver, kcm, scheduler, ccm and controlplane-events.

ControlPlaneLogProject string

Control plane log project. If this field is not set, a log service project named k8s-log-{ClusterID} will be automatically created.

ControlPlaneLogTtl string

Control plane log retention duration (unit: day). Default 30. If control plane logs are to be collected, control_plane_log_ttl and control_plane_log_components must be specified.

CustomSan string

Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).

NOTE: Make sure you have specified all certificate SANs before updating. Updating this field will lead APIServer to restart.

DeleteOptions []ManagedKubernetesDeleteOptionArgs

Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.

DeletionProtection bool

Whether to enable cluster deletion protection.

EnableRrsa bool

EncryptionProviderKey string

The disk encryption key.

IsEnterpriseSecurityGroup bool

Enable to create advanced security group. default: false. Only works for Create Operation. See Advanced security group.

LoadBalancerSpec string

Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

MaintenanceWindow ManagedKubernetesMaintenanceWindowArgs

The cluster maintenance window，effective only in the professional managed cluster. Managed node pool will use it. See maintenance_window below.

Name string

The kubernetes cluster's name. It is unique in one Alicloud account.

NamePrefix string

NewNatGateway bool

NodeCidrMask int

The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24

OperationPolicy ManagedKubernetesOperationPolicyArgs

The cluster automatic operation policy. See operation_policy below.

PodCidr string

[Flannel Specific] The CIDR block for the pod network when using Flannel.

PodVswitchIds []string

ProxyMode string

Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.

ResourceGroupId string

The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.

RetainResources []string

SecurityGroupId string

The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.

ServiceAccountIssuer string

ServiceCidr string

The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.

SlbInternetEnabled bool

Whether to create internet load balancer for API Server. Default to true.

NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

Computed params

Tags map[string]string

Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See tags below.

Timezone string

UserCa string

The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.

Version string

workerVswitchIds List<String>

The vswitches used by control plane. See worker_vswitch_ids below.

addons List<ManagedKubernetesAddon>

The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

Network params

apiAudiences List<String>

clientCert String

The path of client certificate, like ~/.kube/client-cert.pem.

clientKey String

The path of client key, like ~/.kube/client-key.pem.

clusterCaCert String

The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

Removed params

clusterDomain String

clusterSpec String

The cluster specifications of kubernetes cluster,which can be empty. Valid values:

ack.standard : Standard managed clusters.
ack.pro.small : Professional managed clusters.

controlPlaneLogComponents List<String>

List of target components for which logs need to be collected. Supports apiserver, kcm, scheduler, ccm and controlplane-events.

controlPlaneLogProject String

Control plane log project. If this field is not set, a log service project named k8s-log-{ClusterID} will be automatically created.

controlPlaneLogTtl String

Control plane log retention duration (unit: day). Default 30. If control plane logs are to be collected, control_plane_log_ttl and control_plane_log_components must be specified.

customSan String

Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).

NOTE: Make sure you have specified all certificate SANs before updating. Updating this field will lead APIServer to restart.

deleteOptions List<ManagedKubernetesDeleteOption>

Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.

deletionProtection Boolean

Whether to enable cluster deletion protection.

enableRrsa Boolean

encryptionProviderKey String

The disk encryption key.

isEnterpriseSecurityGroup Boolean

Enable to create advanced security group. default: false. Only works for Create Operation. See Advanced security group.

loadBalancerSpec String

Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

maintenanceWindow ManagedKubernetesMaintenanceWindow

The cluster maintenance window，effective only in the professional managed cluster. Managed node pool will use it. See maintenance_window below.

name String

The kubernetes cluster's name. It is unique in one Alicloud account.

namePrefix String

newNatGateway Boolean

nodeCidrMask Integer

The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24

operationPolicy ManagedKubernetesOperationPolicy

The cluster automatic operation policy. See operation_policy below.

podCidr String

[Flannel Specific] The CIDR block for the pod network when using Flannel.

podVswitchIds List<String>

proxyMode String

Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.

resourceGroupId String

The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.

retainResources List<String>

securityGroupId String

The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.

serviceAccountIssuer String

serviceCidr String

The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.

slbInternetEnabled Boolean

Whether to create internet load balancer for API Server. Default to true.

NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

Computed params

tags Map<String,String>

Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See tags below.

timezone String

userCa String

The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.

version String

workerVswitchIds string[]

The vswitches used by control plane. See worker_vswitch_ids below.

addons ManagedKubernetesAddon[]

The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

Network params

apiAudiences string[]

clientCert string

The path of client certificate, like ~/.kube/client-cert.pem.

clientKey string

The path of client key, like ~/.kube/client-key.pem.

clusterCaCert string

The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

Removed params

clusterDomain string

clusterSpec string

The cluster specifications of kubernetes cluster,which can be empty. Valid values:

ack.standard : Standard managed clusters.
ack.pro.small : Professional managed clusters.

controlPlaneLogComponents string[]

List of target components for which logs need to be collected. Supports apiserver, kcm, scheduler, ccm and controlplane-events.

controlPlaneLogProject string

Control plane log project. If this field is not set, a log service project named k8s-log-{ClusterID} will be automatically created.

controlPlaneLogTtl string

Control plane log retention duration (unit: day). Default 30. If control plane logs are to be collected, control_plane_log_ttl and control_plane_log_components must be specified.

customSan string

Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).

NOTE: Make sure you have specified all certificate SANs before updating. Updating this field will lead APIServer to restart.

deleteOptions ManagedKubernetesDeleteOption[]

Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.

deletionProtection boolean

Whether to enable cluster deletion protection.

enableRrsa boolean

encryptionProviderKey string

The disk encryption key.

isEnterpriseSecurityGroup boolean

Enable to create advanced security group. default: false. Only works for Create Operation. See Advanced security group.

loadBalancerSpec string

Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

maintenanceWindow ManagedKubernetesMaintenanceWindow

The cluster maintenance window，effective only in the professional managed cluster. Managed node pool will use it. See maintenance_window below.

name string

The kubernetes cluster's name. It is unique in one Alicloud account.

namePrefix string

newNatGateway boolean

nodeCidrMask number

The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24

operationPolicy ManagedKubernetesOperationPolicy

The cluster automatic operation policy. See operation_policy below.

podCidr string

[Flannel Specific] The CIDR block for the pod network when using Flannel.

podVswitchIds string[]

proxyMode string

Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.

resourceGroupId string

The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.

retainResources string[]

securityGroupId string

The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.

serviceAccountIssuer string

serviceCidr string

The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.

slbInternetEnabled boolean

Whether to create internet load balancer for API Server. Default to true.

NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

Computed params

tags {[key: string]: string}

Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See tags below.

timezone string

userCa string

The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.

version string

worker_vswitch_ids Sequence[str]

The vswitches used by control plane. See worker_vswitch_ids below.

addons Sequence[ManagedKubernetesAddonArgs]

The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

Network params

api_audiences Sequence[str]

client_cert str

The path of client certificate, like ~/.kube/client-cert.pem.

client_key str

The path of client key, like ~/.kube/client-key.pem.

cluster_ca_cert str

The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

Removed params

cluster_domain str

cluster_spec str

The cluster specifications of kubernetes cluster,which can be empty. Valid values:

ack.standard : Standard managed clusters.
ack.pro.small : Professional managed clusters.

control_plane_log_components Sequence[str]

List of target components for which logs need to be collected. Supports apiserver, kcm, scheduler, ccm and controlplane-events.

control_plane_log_project str

Control plane log project. If this field is not set, a log service project named k8s-log-{ClusterID} will be automatically created.

control_plane_log_ttl str

Control plane log retention duration (unit: day). Default 30. If control plane logs are to be collected, control_plane_log_ttl and control_plane_log_components must be specified.

custom_san str

Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).

NOTE: Make sure you have specified all certificate SANs before updating. Updating this field will lead APIServer to restart.

delete_options Sequence[ManagedKubernetesDeleteOptionArgs]

Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.

deletion_protection bool

Whether to enable cluster deletion protection.

enable_rrsa bool

encryption_provider_key str

The disk encryption key.

is_enterprise_security_group bool

Enable to create advanced security group. default: false. Only works for Create Operation. See Advanced security group.

load_balancer_spec str

Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

maintenance_window ManagedKubernetesMaintenanceWindowArgs

The cluster maintenance window，effective only in the professional managed cluster. Managed node pool will use it. See maintenance_window below.

name str

The kubernetes cluster's name. It is unique in one Alicloud account.

name_prefix str

new_nat_gateway bool

node_cidr_mask int

The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24

operation_policy ManagedKubernetesOperationPolicyArgs

The cluster automatic operation policy. See operation_policy below.

pod_cidr str

[Flannel Specific] The CIDR block for the pod network when using Flannel.

pod_vswitch_ids Sequence[str]

proxy_mode str

Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.

resource_group_id str

The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.

retain_resources Sequence[str]

security_group_id str

The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.

service_account_issuer str

service_cidr str

The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.

slb_internet_enabled bool

Whether to create internet load balancer for API Server. Default to true.

NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

Computed params

tags Mapping[str, str]

Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See tags below.

timezone str

user_ca str

The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.

version str

workerVswitchIds List<String>

The vswitches used by control plane. See worker_vswitch_ids below.

addons List<Property Map>

The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

Network params

apiAudiences List<String>

clientCert String

The path of client certificate, like ~/.kube/client-cert.pem.

clientKey String

The path of client key, like ~/.kube/client-key.pem.

clusterCaCert String

The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

Removed params

clusterDomain String

clusterSpec String

The cluster specifications of kubernetes cluster,which can be empty. Valid values:

ack.standard : Standard managed clusters.
ack.pro.small : Professional managed clusters.

controlPlaneLogComponents List<String>

List of target components for which logs need to be collected. Supports apiserver, kcm, scheduler, ccm and controlplane-events.

controlPlaneLogProject String

Control plane log project. If this field is not set, a log service project named k8s-log-{ClusterID} will be automatically created.

controlPlaneLogTtl String

Control plane log retention duration (unit: day). Default 30. If control plane logs are to be collected, control_plane_log_ttl and control_plane_log_components must be specified.

customSan String

Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).

NOTE: Make sure you have specified all certificate SANs before updating. Updating this field will lead APIServer to restart.

deleteOptions List<Property Map>

Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.

deletionProtection Boolean

Whether to enable cluster deletion protection.

enableRrsa Boolean

encryptionProviderKey String

The disk encryption key.

isEnterpriseSecurityGroup Boolean

Enable to create advanced security group. default: false. Only works for Create Operation. See Advanced security group.

loadBalancerSpec String

Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

maintenanceWindow Property Map

The cluster maintenance window，effective only in the professional managed cluster. Managed node pool will use it. See maintenance_window below.

name String

The kubernetes cluster's name. It is unique in one Alicloud account.

namePrefix String

newNatGateway Boolean

nodeCidrMask Number

The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24

operationPolicy Property Map

The cluster automatic operation policy. See operation_policy below.

podCidr String

[Flannel Specific] The CIDR block for the pod network when using Flannel.

podVswitchIds List<String>

proxyMode String

Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.

resourceGroupId String

The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.

retainResources List<String>

securityGroupId String

The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.

serviceAccountIssuer String

serviceCidr String

The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.

slbInternetEnabled Boolean

Whether to create internet load balancer for API Server. Default to true.

NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

Computed params

tags Map<String>

Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See tags below.

timezone String

userCa String

The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.

version String

Outputs

All input properties are implicitly available as output properties. Additionally, the ManagedKubernetes resource produces the following output properties:

CertificateAuthority Pulumi.AliCloud.CS.Outputs.ManagedKubernetesCertificateAuthority: (Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
Connections Pulumi.AliCloud.CS.Outputs.ManagedKubernetesConnections: Map of kubernetes cluster connection information.
Id string: The provider-assigned unique ID for this managed resource.
NatGatewayId string: The ID of nat gateway used to launch kubernetes cluster.
RrsaMetadata Pulumi.AliCloud.CS.Outputs.ManagedKubernetesRrsaMetadata: (Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.
SlbId string: The ID of APIServer load balancer.
SlbInternet string: The public ip of load balancer.
SlbIntranet string: The ID of private load balancer where the current cluster master node is located.
VpcId string: The ID of VPC where the current cluster is located.
WorkerRamRoleName string: The RamRole Name attached to worker node.

CertificateAuthority ManagedKubernetesCertificateAuthority: (Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
Connections ManagedKubernetesConnections: Map of kubernetes cluster connection information.
Id string: The provider-assigned unique ID for this managed resource.
NatGatewayId string: The ID of nat gateway used to launch kubernetes cluster.
RrsaMetadata ManagedKubernetesRrsaMetadata: (Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.
SlbId string: The ID of APIServer load balancer.
SlbInternet string: The public ip of load balancer.
SlbIntranet string: The ID of private load balancer where the current cluster master node is located.
VpcId string: The ID of VPC where the current cluster is located.
WorkerRamRoleName string: The RamRole Name attached to worker node.

certificateAuthority ManagedKubernetesCertificateAuthority: (Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
connections ManagedKubernetesConnections: Map of kubernetes cluster connection information.
id String: The provider-assigned unique ID for this managed resource.
natGatewayId String: The ID of nat gateway used to launch kubernetes cluster.
rrsaMetadata ManagedKubernetesRrsaMetadata: (Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.
slbId String: The ID of APIServer load balancer.
slbInternet String: The public ip of load balancer.
slbIntranet String: The ID of private load balancer where the current cluster master node is located.
vpcId String: The ID of VPC where the current cluster is located.
workerRamRoleName String: The RamRole Name attached to worker node.

certificateAuthority ManagedKubernetesCertificateAuthority: (Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
connections ManagedKubernetesConnections: Map of kubernetes cluster connection information.
id string: The provider-assigned unique ID for this managed resource.
natGatewayId string: The ID of nat gateway used to launch kubernetes cluster.
rrsaMetadata ManagedKubernetesRrsaMetadata: (Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.
slbId string: The ID of APIServer load balancer.
slbInternet string: The public ip of load balancer.
slbIntranet string: The ID of private load balancer where the current cluster master node is located.
vpcId string: The ID of VPC where the current cluster is located.
workerRamRoleName string: The RamRole Name attached to worker node.

certificate_authority ManagedKubernetesCertificateAuthority: (Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
connections ManagedKubernetesConnections: Map of kubernetes cluster connection information.
id str: The provider-assigned unique ID for this managed resource.
nat_gateway_id str: The ID of nat gateway used to launch kubernetes cluster.
rrsa_metadata ManagedKubernetesRrsaMetadata: (Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.
slb_id str: The ID of APIServer load balancer.
slb_internet str: The public ip of load balancer.
slb_intranet str: The ID of private load balancer where the current cluster master node is located.
vpc_id str: The ID of VPC where the current cluster is located.
worker_ram_role_name str: The RamRole Name attached to worker node.

certificateAuthority Property Map: (Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.
connections Property Map: Map of kubernetes cluster connection information.
id String: The provider-assigned unique ID for this managed resource.
natGatewayId String: The ID of nat gateway used to launch kubernetes cluster.
rrsaMetadata Property Map: (Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.
slbId String: The ID of APIServer load balancer.
slbInternet String: The public ip of load balancer.
slbIntranet String: The ID of private load balancer where the current cluster master node is located.
vpcId String: The ID of VPC where the current cluster is located.
workerRamRoleName String: The RamRole Name attached to worker node.

Look up Existing ManagedKubernetes Resource

Get an existing ManagedKubernetes resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ManagedKubernetesState, opts?: CustomResourceOptions): ManagedKubernetes

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        addons: Optional[Sequence[ManagedKubernetesAddonArgs]] = None,
        api_audiences: Optional[Sequence[str]] = None,
        certificate_authority: Optional[ManagedKubernetesCertificateAuthorityArgs] = None,
        client_cert: Optional[str] = None,
        client_key: Optional[str] = None,
        cluster_ca_cert: Optional[str] = None,
        cluster_domain: Optional[str] = None,
        cluster_spec: Optional[str] = None,
        connections: Optional[ManagedKubernetesConnectionsArgs] = None,
        control_plane_log_components: Optional[Sequence[str]] = None,
        control_plane_log_project: Optional[str] = None,
        control_plane_log_ttl: Optional[str] = None,
        custom_san: Optional[str] = None,
        delete_options: Optional[Sequence[ManagedKubernetesDeleteOptionArgs]] = None,
        deletion_protection: Optional[bool] = None,
        enable_rrsa: Optional[bool] = None,
        encryption_provider_key: Optional[str] = None,
        is_enterprise_security_group: Optional[bool] = None,
        load_balancer_spec: Optional[str] = None,
        maintenance_window: Optional[ManagedKubernetesMaintenanceWindowArgs] = None,
        name: Optional[str] = None,
        name_prefix: Optional[str] = None,
        nat_gateway_id: Optional[str] = None,
        new_nat_gateway: Optional[bool] = None,
        node_cidr_mask: Optional[int] = None,
        operation_policy: Optional[ManagedKubernetesOperationPolicyArgs] = None,
        pod_cidr: Optional[str] = None,
        pod_vswitch_ids: Optional[Sequence[str]] = None,
        proxy_mode: Optional[str] = None,
        resource_group_id: Optional[str] = None,
        retain_resources: Optional[Sequence[str]] = None,
        rrsa_metadata: Optional[ManagedKubernetesRrsaMetadataArgs] = None,
        security_group_id: Optional[str] = None,
        service_account_issuer: Optional[str] = None,
        service_cidr: Optional[str] = None,
        slb_id: Optional[str] = None,
        slb_internet: Optional[str] = None,
        slb_internet_enabled: Optional[bool] = None,
        slb_intranet: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None,
        timezone: Optional[str] = None,
        user_ca: Optional[str] = None,
        version: Optional[str] = None,
        vpc_id: Optional[str] = None,
        worker_ram_role_name: Optional[str] = None,
        worker_vswitch_ids: Optional[Sequence[str]] = None) -> ManagedKubernetes

func GetManagedKubernetes(ctx *Context, name string, id IDInput, state *ManagedKubernetesState, opts ...ResourceOption) (*ManagedKubernetes, error)

public static ManagedKubernetes Get(string name, Input<string> id, ManagedKubernetesState? state, CustomResourceOptions? opts = null)

public static ManagedKubernetes get(String name, Output<String> id, ManagedKubernetesState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Addons List<Pulumi.AliCloud.CS.Inputs.ManagedKubernetesAddon>

The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

Network params

ApiAudiences List<string>

CertificateAuthority Pulumi.AliCloud.CS.Inputs.ManagedKubernetesCertificateAuthority

(Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.

ClientCert string

The path of client certificate, like ~/.kube/client-cert.pem.

ClientKey string

The path of client key, like ~/.kube/client-key.pem.

ClusterCaCert string

The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

Removed params

ClusterDomain string

ClusterSpec string

The cluster specifications of kubernetes cluster,which can be empty. Valid values:

ack.standard : Standard managed clusters.
ack.pro.small : Professional managed clusters.

Connections Pulumi.AliCloud.CS.Inputs.ManagedKubernetesConnections

Map of kubernetes cluster connection information.

ControlPlaneLogComponents List<string>

List of target components for which logs need to be collected. Supports apiserver, kcm, scheduler, ccm and controlplane-events.

ControlPlaneLogProject string

Control plane log project. If this field is not set, a log service project named k8s-log-{ClusterID} will be automatically created.

ControlPlaneLogTtl string

Control plane log retention duration (unit: day). Default 30. If control plane logs are to be collected, control_plane_log_ttl and control_plane_log_components must be specified.

CustomSan string

Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).

NOTE: Make sure you have specified all certificate SANs before updating. Updating this field will lead APIServer to restart.

DeleteOptions List<Pulumi.AliCloud.CS.Inputs.ManagedKubernetesDeleteOption>

Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.

DeletionProtection bool

Whether to enable cluster deletion protection.

EnableRrsa bool

EncryptionProviderKey string

The disk encryption key.

IsEnterpriseSecurityGroup bool

Enable to create advanced security group. default: false. Only works for Create Operation. See Advanced security group.

LoadBalancerSpec string

Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

MaintenanceWindow Pulumi.AliCloud.CS.Inputs.ManagedKubernetesMaintenanceWindow

The cluster maintenance window，effective only in the professional managed cluster. Managed node pool will use it. See maintenance_window below.

Name string

The kubernetes cluster's name. It is unique in one Alicloud account.

NamePrefix string

NatGatewayId string

The ID of nat gateway used to launch kubernetes cluster.

NewNatGateway bool

NodeCidrMask int

The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24

OperationPolicy Pulumi.AliCloud.CS.Inputs.ManagedKubernetesOperationPolicy

The cluster automatic operation policy. See operation_policy below.

PodCidr string

[Flannel Specific] The CIDR block for the pod network when using Flannel.

PodVswitchIds List<string>

ProxyMode string

Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.

ResourceGroupId string

The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.

RetainResources List<string>

RrsaMetadata Pulumi.AliCloud.CS.Inputs.ManagedKubernetesRrsaMetadata

(Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.

SecurityGroupId string

The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.

ServiceAccountIssuer string

ServiceCidr string

The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.

SlbId string

The ID of APIServer load balancer.

SlbInternet string

The public ip of load balancer.

SlbInternetEnabled bool

Whether to create internet load balancer for API Server. Default to true.

NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

Computed params

SlbIntranet string

The ID of private load balancer where the current cluster master node is located.

Tags Dictionary<string, string>

Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See tags below.

Timezone string

UserCa string

The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.

Version string

VpcId string

The ID of VPC where the current cluster is located.

WorkerRamRoleName string

The RamRole Name attached to worker node.

WorkerVswitchIds List<string>

The vswitches used by control plane. See worker_vswitch_ids below.

Addons []ManagedKubernetesAddonArgs

The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

Network params

ApiAudiences []string

CertificateAuthority ManagedKubernetesCertificateAuthorityArgs

(Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.

ClientCert string

The path of client certificate, like ~/.kube/client-cert.pem.

ClientKey string

The path of client key, like ~/.kube/client-key.pem.

ClusterCaCert string

The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

Removed params

ClusterDomain string

ClusterSpec string

The cluster specifications of kubernetes cluster,which can be empty. Valid values:

ack.standard : Standard managed clusters.
ack.pro.small : Professional managed clusters.

Connections ManagedKubernetesConnectionsArgs

Map of kubernetes cluster connection information.

ControlPlaneLogComponents []string

List of target components for which logs need to be collected. Supports apiserver, kcm, scheduler, ccm and controlplane-events.

ControlPlaneLogProject string

Control plane log project. If this field is not set, a log service project named k8s-log-{ClusterID} will be automatically created.

ControlPlaneLogTtl string

Control plane log retention duration (unit: day). Default 30. If control plane logs are to be collected, control_plane_log_ttl and control_plane_log_components must be specified.

CustomSan string

Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).

NOTE: Make sure you have specified all certificate SANs before updating. Updating this field will lead APIServer to restart.

DeleteOptions []ManagedKubernetesDeleteOptionArgs

Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.

DeletionProtection bool

Whether to enable cluster deletion protection.

EnableRrsa bool

EncryptionProviderKey string

The disk encryption key.

IsEnterpriseSecurityGroup bool

Enable to create advanced security group. default: false. Only works for Create Operation. See Advanced security group.

LoadBalancerSpec string

Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

MaintenanceWindow ManagedKubernetesMaintenanceWindowArgs

The cluster maintenance window，effective only in the professional managed cluster. Managed node pool will use it. See maintenance_window below.

Name string

The kubernetes cluster's name. It is unique in one Alicloud account.

NamePrefix string

NatGatewayId string

The ID of nat gateway used to launch kubernetes cluster.

NewNatGateway bool

NodeCidrMask int

The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24

OperationPolicy ManagedKubernetesOperationPolicyArgs

The cluster automatic operation policy. See operation_policy below.

PodCidr string

[Flannel Specific] The CIDR block for the pod network when using Flannel.

PodVswitchIds []string

ProxyMode string

Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.

ResourceGroupId string

The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.

RetainResources []string

RrsaMetadata ManagedKubernetesRrsaMetadataArgs

(Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.

SecurityGroupId string

The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.

ServiceAccountIssuer string

ServiceCidr string

The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.

SlbId string

The ID of APIServer load balancer.

SlbInternet string

The public ip of load balancer.

SlbInternetEnabled bool

Whether to create internet load balancer for API Server. Default to true.

NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

Computed params

SlbIntranet string

The ID of private load balancer where the current cluster master node is located.

Tags map[string]string

Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See tags below.

Timezone string

UserCa string

The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.

Version string

VpcId string

The ID of VPC where the current cluster is located.

WorkerRamRoleName string

The RamRole Name attached to worker node.

WorkerVswitchIds []string

The vswitches used by control plane. See worker_vswitch_ids below.

addons List<ManagedKubernetesAddon>

The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

Network params

apiAudiences List<String>

certificateAuthority ManagedKubernetesCertificateAuthority

(Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.

clientCert String

The path of client certificate, like ~/.kube/client-cert.pem.

clientKey String

The path of client key, like ~/.kube/client-key.pem.

clusterCaCert String

The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

Removed params

clusterDomain String

clusterSpec String

The cluster specifications of kubernetes cluster,which can be empty. Valid values:

ack.standard : Standard managed clusters.
ack.pro.small : Professional managed clusters.

connections ManagedKubernetesConnections

Map of kubernetes cluster connection information.

controlPlaneLogComponents List<String>

List of target components for which logs need to be collected. Supports apiserver, kcm, scheduler, ccm and controlplane-events.

controlPlaneLogProject String

Control plane log project. If this field is not set, a log service project named k8s-log-{ClusterID} will be automatically created.

controlPlaneLogTtl String

Control plane log retention duration (unit: day). Default 30. If control plane logs are to be collected, control_plane_log_ttl and control_plane_log_components must be specified.

customSan String

Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).

NOTE: Make sure you have specified all certificate SANs before updating. Updating this field will lead APIServer to restart.

deleteOptions List<ManagedKubernetesDeleteOption>

Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.

deletionProtection Boolean

Whether to enable cluster deletion protection.

enableRrsa Boolean

encryptionProviderKey String

The disk encryption key.

isEnterpriseSecurityGroup Boolean

Enable to create advanced security group. default: false. Only works for Create Operation. See Advanced security group.

loadBalancerSpec String

Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

maintenanceWindow ManagedKubernetesMaintenanceWindow

The cluster maintenance window，effective only in the professional managed cluster. Managed node pool will use it. See maintenance_window below.

name String

The kubernetes cluster's name. It is unique in one Alicloud account.

namePrefix String

natGatewayId String

The ID of nat gateway used to launch kubernetes cluster.

newNatGateway Boolean

nodeCidrMask Integer

The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24

operationPolicy ManagedKubernetesOperationPolicy

The cluster automatic operation policy. See operation_policy below.

podCidr String

[Flannel Specific] The CIDR block for the pod network when using Flannel.

podVswitchIds List<String>

proxyMode String

Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.

resourceGroupId String

The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.

retainResources List<String>

rrsaMetadata ManagedKubernetesRrsaMetadata

(Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.

securityGroupId String

The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.

serviceAccountIssuer String

serviceCidr String

The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.

slbId String

The ID of APIServer load balancer.

slbInternet String

The public ip of load balancer.

slbInternetEnabled Boolean

Whether to create internet load balancer for API Server. Default to true.

NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

Computed params

slbIntranet String

The ID of private load balancer where the current cluster master node is located.

tags Map<String,String>

Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See tags below.

timezone String

userCa String

The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.

version String

vpcId String

The ID of VPC where the current cluster is located.

workerRamRoleName String

The RamRole Name attached to worker node.

workerVswitchIds List<String>

The vswitches used by control plane. See worker_vswitch_ids below.

addons ManagedKubernetesAddon[]

The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

Network params

apiAudiences string[]

certificateAuthority ManagedKubernetesCertificateAuthority

(Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.

clientCert string

The path of client certificate, like ~/.kube/client-cert.pem.

clientKey string

The path of client key, like ~/.kube/client-key.pem.

clusterCaCert string

The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

Removed params

clusterDomain string

clusterSpec string

The cluster specifications of kubernetes cluster,which can be empty. Valid values:

ack.standard : Standard managed clusters.
ack.pro.small : Professional managed clusters.

connections ManagedKubernetesConnections

Map of kubernetes cluster connection information.

controlPlaneLogComponents string[]

List of target components for which logs need to be collected. Supports apiserver, kcm, scheduler, ccm and controlplane-events.

controlPlaneLogProject string

Control plane log project. If this field is not set, a log service project named k8s-log-{ClusterID} will be automatically created.

controlPlaneLogTtl string

Control plane log retention duration (unit: day). Default 30. If control plane logs are to be collected, control_plane_log_ttl and control_plane_log_components must be specified.

customSan string

Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).

NOTE: Make sure you have specified all certificate SANs before updating. Updating this field will lead APIServer to restart.

deleteOptions ManagedKubernetesDeleteOption[]

Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.

deletionProtection boolean

Whether to enable cluster deletion protection.

enableRrsa boolean

encryptionProviderKey string

The disk encryption key.

isEnterpriseSecurityGroup boolean

Enable to create advanced security group. default: false. Only works for Create Operation. See Advanced security group.

loadBalancerSpec string

Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

maintenanceWindow ManagedKubernetesMaintenanceWindow

The cluster maintenance window，effective only in the professional managed cluster. Managed node pool will use it. See maintenance_window below.

name string

The kubernetes cluster's name. It is unique in one Alicloud account.

namePrefix string

natGatewayId string

The ID of nat gateway used to launch kubernetes cluster.

newNatGateway boolean

nodeCidrMask number

The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24

operationPolicy ManagedKubernetesOperationPolicy

The cluster automatic operation policy. See operation_policy below.

podCidr string

[Flannel Specific] The CIDR block for the pod network when using Flannel.

podVswitchIds string[]

proxyMode string

Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.

resourceGroupId string

The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.

retainResources string[]

rrsaMetadata ManagedKubernetesRrsaMetadata

(Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.

securityGroupId string

The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.

serviceAccountIssuer string

serviceCidr string

The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.

slbId string

The ID of APIServer load balancer.

slbInternet string

The public ip of load balancer.

slbInternetEnabled boolean

Whether to create internet load balancer for API Server. Default to true.

NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

Computed params

slbIntranet string

The ID of private load balancer where the current cluster master node is located.

tags {[key: string]: string}

Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See tags below.

timezone string

userCa string

The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.

version string

vpcId string

The ID of VPC where the current cluster is located.

workerRamRoleName string

The RamRole Name attached to worker node.

workerVswitchIds string[]

The vswitches used by control plane. See worker_vswitch_ids below.

addons Sequence[ManagedKubernetesAddonArgs]

The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

Network params

api_audiences Sequence[str]

certificate_authority ManagedKubernetesCertificateAuthorityArgs

(Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.

client_cert str

The path of client certificate, like ~/.kube/client-cert.pem.

client_key str

The path of client key, like ~/.kube/client-key.pem.

cluster_ca_cert str

The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

Removed params

cluster_domain str

cluster_spec str

The cluster specifications of kubernetes cluster,which can be empty. Valid values:

ack.standard : Standard managed clusters.
ack.pro.small : Professional managed clusters.

connections ManagedKubernetesConnectionsArgs

Map of kubernetes cluster connection information.

control_plane_log_components Sequence[str]

List of target components for which logs need to be collected. Supports apiserver, kcm, scheduler, ccm and controlplane-events.

control_plane_log_project str

Control plane log project. If this field is not set, a log service project named k8s-log-{ClusterID} will be automatically created.

control_plane_log_ttl str

Control plane log retention duration (unit: day). Default 30. If control plane logs are to be collected, control_plane_log_ttl and control_plane_log_components must be specified.

custom_san str

Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).

NOTE: Make sure you have specified all certificate SANs before updating. Updating this field will lead APIServer to restart.

delete_options Sequence[ManagedKubernetesDeleteOptionArgs]

Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.

deletion_protection bool

Whether to enable cluster deletion protection.

enable_rrsa bool

encryption_provider_key str

The disk encryption key.

is_enterprise_security_group bool

Enable to create advanced security group. default: false. Only works for Create Operation. See Advanced security group.

load_balancer_spec str

Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

maintenance_window ManagedKubernetesMaintenanceWindowArgs

The cluster maintenance window，effective only in the professional managed cluster. Managed node pool will use it. See maintenance_window below.

name str

The kubernetes cluster's name. It is unique in one Alicloud account.

name_prefix str

nat_gateway_id str

The ID of nat gateway used to launch kubernetes cluster.

new_nat_gateway bool

node_cidr_mask int

The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24

operation_policy ManagedKubernetesOperationPolicyArgs

The cluster automatic operation policy. See operation_policy below.

pod_cidr str

[Flannel Specific] The CIDR block for the pod network when using Flannel.

pod_vswitch_ids Sequence[str]

proxy_mode str

Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.

resource_group_id str

The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.

retain_resources Sequence[str]

rrsa_metadata ManagedKubernetesRrsaMetadataArgs

(Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.

security_group_id str

The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.

service_account_issuer str

service_cidr str

The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.

slb_id str

The ID of APIServer load balancer.

slb_internet str

The public ip of load balancer.

slb_internet_enabled bool

Whether to create internet load balancer for API Server. Default to true.

NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

Computed params

slb_intranet str

The ID of private load balancer where the current cluster master node is located.

tags Mapping[str, str]

Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See tags below.

timezone str

user_ca str

The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.

version str

vpc_id str

The ID of VPC where the current cluster is located.

worker_ram_role_name str

The RamRole Name attached to worker node.

worker_vswitch_ids Sequence[str]

The vswitches used by control plane. See worker_vswitch_ids below.

addons List<Property Map>

The addon you want to install in cluster. See addons below. Only works for Create Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.

Network params

apiAudiences List<String>

certificateAuthority Property Map

(Available since v1.105.0) Nested attribute containing certificate authority data for your cluster.

clientCert String

The path of client certificate, like ~/.kube/client-cert.pem.

clientKey String

The path of client key, like ~/.kube/client-key.pem.

clusterCaCert String

The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem

Removed params

clusterDomain String

clusterSpec String

The cluster specifications of kubernetes cluster,which can be empty. Valid values:

ack.standard : Standard managed clusters.
ack.pro.small : Professional managed clusters.

connections Property Map

Map of kubernetes cluster connection information.

controlPlaneLogComponents List<String>

List of target components for which logs need to be collected. Supports apiserver, kcm, scheduler, ccm and controlplane-events.

controlPlaneLogProject String

Control plane log project. If this field is not set, a log service project named k8s-log-{ClusterID} will be automatically created.

controlPlaneLogTtl String

Control plane log retention duration (unit: day). Default 30. If control plane logs are to be collected, control_plane_log_ttl and control_plane_log_components must be specified.

customSan String

Customize the certificate SAN, multiple IP or domain names are separated by English commas (,).

NOTE: Make sure you have specified all certificate SANs before updating. Updating this field will lead APIServer to restart.

deleteOptions List<Property Map>

Delete options, only work for deleting resource. Make sure you have run pulumi up to make the configuration applied. See delete_options below.

deletionProtection Boolean

Whether to enable cluster deletion protection.

enableRrsa Boolean

encryptionProviderKey String

The disk encryption key.

isEnterpriseSecurityGroup Boolean

Enable to create advanced security group. default: false. Only works for Create Operation. See Advanced security group.

loadBalancerSpec String

Deprecated: Field 'load_balancer_spec' has been deprecated from provider version 1.232.0. The load balancer has been changed to PayByCLCU so that the spec is no need anymore.

maintenanceWindow Property Map

The cluster maintenance window，effective only in the professional managed cluster. Managed node pool will use it. See maintenance_window below.

name String

The kubernetes cluster's name. It is unique in one Alicloud account.

namePrefix String

natGatewayId String

The ID of nat gateway used to launch kubernetes cluster.

newNatGateway Boolean

nodeCidrMask Number

The node cidr block to specific how many pods can run on single node. 24-28 is allowed. 24 means 2^(32-24)-1=255 and the node can run at most 255 pods. default: 24

operationPolicy Property Map

The cluster automatic operation policy. See operation_policy below.

podCidr String

[Flannel Specific] The CIDR block for the pod network when using Flannel.

podVswitchIds List<String>

proxyMode String

Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.

resourceGroupId String

The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.

retainResources List<String>

rrsaMetadata Property Map

(Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.

securityGroupId String

The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.

serviceAccountIssuer String

serviceCidr String

The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.

slbId String

The ID of APIServer load balancer.

slbInternet String

The public ip of load balancer.

slbInternetEnabled Boolean

Whether to create internet load balancer for API Server. Default to true.

NOTE: If you want to use Terway as CNI network plugin, You need to specify the pod_vswitch_ids field and addons with terway-eniip. If you want to use Flannel as CNI network plugin, You need to specify the pod_cidr field and addons with flannel.

Computed params

slbIntranet String

The ID of private load balancer where the current cluster master node is located.

tags Map<String>

Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See tags below.

timezone String

userCa String

The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.

version String

vpcId String

The ID of VPC where the current cluster is located.

workerRamRoleName String

The RamRole Name attached to worker node.

workerVswitchIds List<String>

The vswitches used by control plane. See worker_vswitch_ids below.

Supporting Types

ManagedKubernetesAddon, ManagedKubernetesAddonArgs

Config string

If this parameter is left empty, no configurations are required. For more config information, see cs_kubernetes_addon_metadata.

Disabled bool

It specifies whether to disable automatic installation.

It is a new field since 1.75.0. You can specific network plugin, log component,ingress component and so on.

You can get more information about addons on ACK web console. When you create a ACK cluster. You can get openapi-spec before creating the cluster on submission page.

logtail-ds - You can specify IngressDashboardEnabled and sls_project_name in config. If you switch on IngressDashboardEnabled and sls_project_name,then logtail-ds would use sls_project_name as default log store.

nginx-ingress-controller - You can specific IngressSlbNetworkType in config. Options: internet|intranet.

The main.tf:

Name string

This parameter specifies the name of the component.

Version string

It specifies the version of the component.

Config string

If this parameter is left empty, no configurations are required. For more config information, see cs_kubernetes_addon_metadata.

Disabled bool

It specifies whether to disable automatic installation.

It is a new field since 1.75.0. You can specific network plugin, log component,ingress component and so on.

You can get more information about addons on ACK web console. When you create a ACK cluster. You can get openapi-spec before creating the cluster on submission page.

nginx-ingress-controller - You can specific IngressSlbNetworkType in config. Options: internet|intranet.

The main.tf:

Name string

This parameter specifies the name of the component.

Version string

It specifies the version of the component.

config String

If this parameter is left empty, no configurations are required. For more config information, see cs_kubernetes_addon_metadata.

disabled Boolean

It specifies whether to disable automatic installation.

It is a new field since 1.75.0. You can specific network plugin, log component,ingress component and so on.

You can get more information about addons on ACK web console. When you create a ACK cluster. You can get openapi-spec before creating the cluster on submission page.

nginx-ingress-controller - You can specific IngressSlbNetworkType in config. Options: internet|intranet.

The main.tf:

name String

This parameter specifies the name of the component.

version String

It specifies the version of the component.

config string

If this parameter is left empty, no configurations are required. For more config information, see cs_kubernetes_addon_metadata.

disabled boolean

It specifies whether to disable automatic installation.

It is a new field since 1.75.0. You can specific network plugin, log component,ingress component and so on.

You can get more information about addons on ACK web console. When you create a ACK cluster. You can get openapi-spec before creating the cluster on submission page.

nginx-ingress-controller - You can specific IngressSlbNetworkType in config. Options: internet|intranet.

The main.tf:

name string

This parameter specifies the name of the component.

version string

It specifies the version of the component.

config str

If this parameter is left empty, no configurations are required. For more config information, see cs_kubernetes_addon_metadata.

disabled bool

It specifies whether to disable automatic installation.

It is a new field since 1.75.0. You can specific network plugin, log component,ingress component and so on.

You can get more information about addons on ACK web console. When you create a ACK cluster. You can get openapi-spec before creating the cluster on submission page.

nginx-ingress-controller - You can specific IngressSlbNetworkType in config. Options: internet|intranet.

The main.tf:

name str

This parameter specifies the name of the component.

version str

It specifies the version of the component.

config String

If this parameter is left empty, no configurations are required. For more config information, see cs_kubernetes_addon_metadata.

disabled Boolean

It specifies whether to disable automatic installation.

It is a new field since 1.75.0. You can specific network plugin, log component,ingress component and so on.

You can get more information about addons on ACK web console. When you create a ACK cluster. You can get openapi-spec before creating the cluster on submission page.

nginx-ingress-controller - You can specific IngressSlbNetworkType in config. Options: internet|intranet.

The main.tf:

name String

This parameter specifies the name of the component.

version String

It specifies the version of the component.

ManagedKubernetesCertificateAuthority, ManagedKubernetesCertificateAuthorityArgs

ClientCert string: The path of client certificate, like ~/.kube/client-cert.pem.
ClientKey string: The path of client key, like ~/.kube/client-key.pem.
ClusterCert string: The base64 encoded cluster certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

ClientCert string: The path of client certificate, like ~/.kube/client-cert.pem.
ClientKey string: The path of client key, like ~/.kube/client-key.pem.
ClusterCert string: The base64 encoded cluster certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

clientCert String: The path of client certificate, like ~/.kube/client-cert.pem.
clientKey String: The path of client key, like ~/.kube/client-key.pem.
clusterCert String: The base64 encoded cluster certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

clientCert string: The path of client certificate, like ~/.kube/client-cert.pem.
clientKey string: The path of client key, like ~/.kube/client-key.pem.
clusterCert string: The base64 encoded cluster certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

client_cert str: The path of client certificate, like ~/.kube/client-cert.pem.
client_key str: The path of client key, like ~/.kube/client-key.pem.
cluster_cert str: The base64 encoded cluster certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

clientCert String: The path of client certificate, like ~/.kube/client-cert.pem.
clientKey String: The path of client key, like ~/.kube/client-key.pem.
clusterCert String: The base64 encoded cluster certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

ManagedKubernetesConnections, ManagedKubernetesConnectionsArgs

ApiServerInternet string: API Server Internet endpoint.
ApiServerIntranet string: API Server Intranet endpoint.
MasterPublicIp string: Master node SSH IP address.
ServiceDomain string: Service Access Domain.

ApiServerInternet string: API Server Internet endpoint.
ApiServerIntranet string: API Server Intranet endpoint.
MasterPublicIp string: Master node SSH IP address.
ServiceDomain string: Service Access Domain.

apiServerInternet String: API Server Internet endpoint.
apiServerIntranet String: API Server Intranet endpoint.
masterPublicIp String: Master node SSH IP address.
serviceDomain String: Service Access Domain.

apiServerInternet string: API Server Internet endpoint.
apiServerIntranet string: API Server Intranet endpoint.
masterPublicIp string: Master node SSH IP address.
serviceDomain string: Service Access Domain.

api_server_internet str: API Server Internet endpoint.
api_server_intranet str: API Server Intranet endpoint.
master_public_ip str: Master node SSH IP address.
service_domain str: Service Access Domain.

apiServerInternet String: API Server Internet endpoint.
apiServerIntranet String: API Server Intranet endpoint.
masterPublicIp String: Master node SSH IP address.
serviceDomain String: Service Access Domain.

ManagedKubernetesDeleteOption, ManagedKubernetesDeleteOptionArgs

DeleteMode string

The deletion mode of the cluster. Different resources may have different default behavior, see resource_type for details. Valid values:

ResourceType string

The type of resources that are created by cluster. Valid values:

SLB: SLB resources created by the Nginx Ingress Service, default behavior is to delete, option to retain is available.
ALB: ALB resources created by the ALB Ingress Controller, default behavior is to retain, option to delete is available.
SLS_Data: SLS Project used by the cluster logging feature, default behavior is to retain, option to delete is available.
SLS_ControlPlane: SLS Project used for the managed cluster control plane logs, default behavior is to retain, option to delete is available.

...
// Specify delete_options as below when deleting cluster
// delete SLB resources created by the Nginx Ingress Service
delete_options {
delete_mode = "delete"
resource_type = "SLB"
}
// delete ALB resources created by the ALB Ingress Controller
delete_options {
delete_mode = "delete"
resource_type = "ALB"
}
// delete SLS Project used by the cluster logging feature
delete_options {
delete_mode = "delete"
resource_type = "SLS_Data"
}
// delete SLS Project used for the managed cluster control plane logs
delete_options {
delete_mode = "delete"
resource_type = "SLS_ControlPlane"
}

DeleteMode string

The deletion mode of the cluster. Different resources may have different default behavior, see resource_type for details. Valid values:

ResourceType string

The type of resources that are created by cluster. Valid values:

SLB: SLB resources created by the Nginx Ingress Service, default behavior is to delete, option to retain is available.
ALB: ALB resources created by the ALB Ingress Controller, default behavior is to retain, option to delete is available.
SLS_Data: SLS Project used by the cluster logging feature, default behavior is to retain, option to delete is available.
SLS_ControlPlane: SLS Project used for the managed cluster control plane logs, default behavior is to retain, option to delete is available.

...
// Specify delete_options as below when deleting cluster
// delete SLB resources created by the Nginx Ingress Service
delete_options {
delete_mode = "delete"
resource_type = "SLB"
}
// delete ALB resources created by the ALB Ingress Controller
delete_options {
delete_mode = "delete"
resource_type = "ALB"
}
// delete SLS Project used by the cluster logging feature
delete_options {
delete_mode = "delete"
resource_type = "SLS_Data"
}
// delete SLS Project used for the managed cluster control plane logs
delete_options {
delete_mode = "delete"
resource_type = "SLS_ControlPlane"
}

deleteMode String

The deletion mode of the cluster. Different resources may have different default behavior, see resource_type for details. Valid values:

resourceType String

The type of resources that are created by cluster. Valid values:

SLB: SLB resources created by the Nginx Ingress Service, default behavior is to delete, option to retain is available.
ALB: ALB resources created by the ALB Ingress Controller, default behavior is to retain, option to delete is available.
SLS_Data: SLS Project used by the cluster logging feature, default behavior is to retain, option to delete is available.
SLS_ControlPlane: SLS Project used for the managed cluster control plane logs, default behavior is to retain, option to delete is available.

...
// Specify delete_options as below when deleting cluster
// delete SLB resources created by the Nginx Ingress Service
delete_options {
delete_mode = "delete"
resource_type = "SLB"
}
// delete ALB resources created by the ALB Ingress Controller
delete_options {
delete_mode = "delete"
resource_type = "ALB"
}
// delete SLS Project used by the cluster logging feature
delete_options {
delete_mode = "delete"
resource_type = "SLS_Data"
}
// delete SLS Project used for the managed cluster control plane logs
delete_options {
delete_mode = "delete"
resource_type = "SLS_ControlPlane"
}

deleteMode string

The deletion mode of the cluster. Different resources may have different default behavior, see resource_type for details. Valid values:

resourceType string

The type of resources that are created by cluster. Valid values:

SLB: SLB resources created by the Nginx Ingress Service, default behavior is to delete, option to retain is available.
ALB: ALB resources created by the ALB Ingress Controller, default behavior is to retain, option to delete is available.
SLS_Data: SLS Project used by the cluster logging feature, default behavior is to retain, option to delete is available.
SLS_ControlPlane: SLS Project used for the managed cluster control plane logs, default behavior is to retain, option to delete is available.

...
// Specify delete_options as below when deleting cluster
// delete SLB resources created by the Nginx Ingress Service
delete_options {
delete_mode = "delete"
resource_type = "SLB"
}
// delete ALB resources created by the ALB Ingress Controller
delete_options {
delete_mode = "delete"
resource_type = "ALB"
}
// delete SLS Project used by the cluster logging feature
delete_options {
delete_mode = "delete"
resource_type = "SLS_Data"
}
// delete SLS Project used for the managed cluster control plane logs
delete_options {
delete_mode = "delete"
resource_type = "SLS_ControlPlane"
}

delete_mode str

The deletion mode of the cluster. Different resources may have different default behavior, see resource_type for details. Valid values:

resource_type str

The type of resources that are created by cluster. Valid values:

SLB: SLB resources created by the Nginx Ingress Service, default behavior is to delete, option to retain is available.
ALB: ALB resources created by the ALB Ingress Controller, default behavior is to retain, option to delete is available.
SLS_Data: SLS Project used by the cluster logging feature, default behavior is to retain, option to delete is available.
SLS_ControlPlane: SLS Project used for the managed cluster control plane logs, default behavior is to retain, option to delete is available.

...
// Specify delete_options as below when deleting cluster
// delete SLB resources created by the Nginx Ingress Service
delete_options {
delete_mode = "delete"
resource_type = "SLB"
}
// delete ALB resources created by the ALB Ingress Controller
delete_options {
delete_mode = "delete"
resource_type = "ALB"
}
// delete SLS Project used by the cluster logging feature
delete_options {
delete_mode = "delete"
resource_type = "SLS_Data"
}
// delete SLS Project used for the managed cluster control plane logs
delete_options {
delete_mode = "delete"
resource_type = "SLS_ControlPlane"
}

deleteMode String

The deletion mode of the cluster. Different resources may have different default behavior, see resource_type for details. Valid values:

resourceType String

The type of resources that are created by cluster. Valid values:

SLB: SLB resources created by the Nginx Ingress Service, default behavior is to delete, option to retain is available.
ALB: ALB resources created by the ALB Ingress Controller, default behavior is to retain, option to delete is available.
SLS_Data: SLS Project used by the cluster logging feature, default behavior is to retain, option to delete is available.
SLS_ControlPlane: SLS Project used for the managed cluster control plane logs, default behavior is to retain, option to delete is available.

...
// Specify delete_options as below when deleting cluster
// delete SLB resources created by the Nginx Ingress Service
delete_options {
delete_mode = "delete"
resource_type = "SLB"
}
// delete ALB resources created by the ALB Ingress Controller
delete_options {
delete_mode = "delete"
resource_type = "ALB"
}
// delete SLS Project used by the cluster logging feature
delete_options {
delete_mode = "delete"
resource_type = "SLS_Data"
}
// delete SLS Project used for the managed cluster control plane logs
delete_options {
delete_mode = "delete"
resource_type = "SLS_ControlPlane"
}

ManagedKubernetesMaintenanceWindow, ManagedKubernetesMaintenanceWindowArgs

Duration string

The maintenance time, values range from 1 to 24,unit is hour. For example: "3h".

Enable bool

Whether to open the maintenance window. The following parameters take effect only enable = true.

MaintenanceTime string

Initial maintenance time, RFC3339 format. For example: "2024-10-15T12:31:00.000+08:00".

WeeklyPeriod string

Maintenance cycle, you can set the values from Monday to Sunday, separated by commas when the values are multiple. The default is Thursday.

for example:

maintenance_window {
enable            = true
maintenance_time  = "2024-10-15T12:31:00.000+08:00"
duration          = "3h"
weekly_period     = "Monday,Friday"
}

Duration string

The maintenance time, values range from 1 to 24,unit is hour. For example: "3h".

Enable bool

Whether to open the maintenance window. The following parameters take effect only enable = true.

MaintenanceTime string

Initial maintenance time, RFC3339 format. For example: "2024-10-15T12:31:00.000+08:00".

WeeklyPeriod string

Maintenance cycle, you can set the values from Monday to Sunday, separated by commas when the values are multiple. The default is Thursday.

for example:

maintenance_window {
enable            = true
maintenance_time  = "2024-10-15T12:31:00.000+08:00"
duration          = "3h"
weekly_period     = "Monday,Friday"
}

duration String

The maintenance time, values range from 1 to 24,unit is hour. For example: "3h".

enable Boolean

Whether to open the maintenance window. The following parameters take effect only enable = true.

maintenanceTime String

Initial maintenance time, RFC3339 format. For example: "2024-10-15T12:31:00.000+08:00".

weeklyPeriod String

Maintenance cycle, you can set the values from Monday to Sunday, separated by commas when the values are multiple. The default is Thursday.

for example:

maintenance_window {
enable            = true
maintenance_time  = "2024-10-15T12:31:00.000+08:00"
duration          = "3h"
weekly_period     = "Monday,Friday"
}

duration string

The maintenance time, values range from 1 to 24,unit is hour. For example: "3h".

enable boolean

Whether to open the maintenance window. The following parameters take effect only enable = true.

maintenanceTime string

Initial maintenance time, RFC3339 format. For example: "2024-10-15T12:31:00.000+08:00".

weeklyPeriod string

Maintenance cycle, you can set the values from Monday to Sunday, separated by commas when the values are multiple. The default is Thursday.

for example:

maintenance_window {
enable            = true
maintenance_time  = "2024-10-15T12:31:00.000+08:00"
duration          = "3h"
weekly_period     = "Monday,Friday"
}

duration str

The maintenance time, values range from 1 to 24,unit is hour. For example: "3h".

enable bool

Whether to open the maintenance window. The following parameters take effect only enable = true.

maintenance_time str

Initial maintenance time, RFC3339 format. For example: "2024-10-15T12:31:00.000+08:00".

weekly_period str

Maintenance cycle, you can set the values from Monday to Sunday, separated by commas when the values are multiple. The default is Thursday.

for example:

maintenance_window {
enable            = true
maintenance_time  = "2024-10-15T12:31:00.000+08:00"
duration          = "3h"
weekly_period     = "Monday,Friday"
}

duration String

The maintenance time, values range from 1 to 24,unit is hour. For example: "3h".

enable Boolean

Whether to open the maintenance window. The following parameters take effect only enable = true.

maintenanceTime String

Initial maintenance time, RFC3339 format. For example: "2024-10-15T12:31:00.000+08:00".

weeklyPeriod String

Maintenance cycle, you can set the values from Monday to Sunday, separated by commas when the values are multiple. The default is Thursday.

for example:

maintenance_window {
enable            = true
maintenance_time  = "2024-10-15T12:31:00.000+08:00"
duration          = "3h"
weekly_period     = "Monday,Friday"
}

ManagedKubernetesOperationPolicy, ManagedKubernetesOperationPolicyArgs

ClusterAutoUpgrade Pulumi.AliCloud.CS.Inputs.ManagedKubernetesOperationPolicyClusterAutoUpgrade: Automatic cluster upgrade policy. See cluster_auto_upgrade below.

ClusterAutoUpgrade ManagedKubernetesOperationPolicyClusterAutoUpgrade: Automatic cluster upgrade policy. See cluster_auto_upgrade below.

clusterAutoUpgrade ManagedKubernetesOperationPolicyClusterAutoUpgrade: Automatic cluster upgrade policy. See cluster_auto_upgrade below.

clusterAutoUpgrade ManagedKubernetesOperationPolicyClusterAutoUpgrade: Automatic cluster upgrade policy. See cluster_auto_upgrade below.

cluster_auto_upgrade ManagedKubernetesOperationPolicyClusterAutoUpgrade: Automatic cluster upgrade policy. See cluster_auto_upgrade below.

clusterAutoUpgrade Property Map: Automatic cluster upgrade policy. See cluster_auto_upgrade below.

ManagedKubernetesOperationPolicyClusterAutoUpgrade, ManagedKubernetesOperationPolicyClusterAutoUpgradeArgs

Channel string

The automatic cluster upgrade channel. Valid values: patch, stable, rapid.

for example:

operation_policy {
cluster_auto_upgrade {
enabled = true
channel = "stable"
}
}

Enabled bool

Whether the RRSA feature has been enabled.

Channel string

The automatic cluster upgrade channel. Valid values: patch, stable, rapid.

for example:

operation_policy {
cluster_auto_upgrade {
enabled = true
channel = "stable"
}
}

Enabled bool

Whether the RRSA feature has been enabled.

channel String

The automatic cluster upgrade channel. Valid values: patch, stable, rapid.

for example:

operation_policy {
cluster_auto_upgrade {
enabled = true
channel = "stable"
}
}

enabled Boolean

Whether the RRSA feature has been enabled.

channel string

The automatic cluster upgrade channel. Valid values: patch, stable, rapid.

for example:

operation_policy {
cluster_auto_upgrade {
enabled = true
channel = "stable"
}
}

enabled boolean

Whether the RRSA feature has been enabled.

channel str

The automatic cluster upgrade channel. Valid values: patch, stable, rapid.

for example:

operation_policy {
cluster_auto_upgrade {
enabled = true
channel = "stable"
}
}

enabled bool

Whether the RRSA feature has been enabled.

channel String

The automatic cluster upgrade channel. Valid values: patch, stable, rapid.

for example:

operation_policy {
cluster_auto_upgrade {
enabled = true
channel = "stable"
}
}

enabled Boolean

Whether the RRSA feature has been enabled.

ManagedKubernetesRrsaMetadata, ManagedKubernetesRrsaMetadataArgs

Enabled bool: Whether the RRSA feature has been enabled.
RamOidcProviderArn string: The arn of OIDC provider that was registered in RAM.
RamOidcProviderName string: The name of OIDC Provider that was registered in RAM.
RrsaOidcIssuerUrl string: The issuer URL of RRSA OIDC Token.

Enabled bool: Whether the RRSA feature has been enabled.
RamOidcProviderArn string: The arn of OIDC provider that was registered in RAM.
RamOidcProviderName string: The name of OIDC Provider that was registered in RAM.
RrsaOidcIssuerUrl string: The issuer URL of RRSA OIDC Token.

enabled Boolean: Whether the RRSA feature has been enabled.
ramOidcProviderArn String: The arn of OIDC provider that was registered in RAM.
ramOidcProviderName String: The name of OIDC Provider that was registered in RAM.
rrsaOidcIssuerUrl String: The issuer URL of RRSA OIDC Token.

enabled boolean: Whether the RRSA feature has been enabled.
ramOidcProviderArn string: The arn of OIDC provider that was registered in RAM.
ramOidcProviderName string: The name of OIDC Provider that was registered in RAM.
rrsaOidcIssuerUrl string: The issuer URL of RRSA OIDC Token.

enabled bool: Whether the RRSA feature has been enabled.
ram_oidc_provider_arn str: The arn of OIDC provider that was registered in RAM.
ram_oidc_provider_name str: The name of OIDC Provider that was registered in RAM.
rrsa_oidc_issuer_url str: The issuer URL of RRSA OIDC Token.

enabled Boolean: Whether the RRSA feature has been enabled.
ramOidcProviderArn String: The arn of OIDC provider that was registered in RAM.
ramOidcProviderName String: The name of OIDC Provider that was registered in RAM.
rrsaOidcIssuerUrl String: The issuer URL of RRSA OIDC Token.

Import

Kubernetes managed cluster can be imported using the id, e.g. Then complete the main.tf accords to the result of pulumi preview.

$ pulumi import alicloud:cs/managedKubernetes:ManagedKubernetes main cluster_id

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Alibaba Cloud pulumi/pulumi-alicloud
License: Apache-2.0
Notes: This Pulumi package is based on the alicloud Terraform Provider.

Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi

pulumi/pulumi-alicloud

alicloud.cs.ManagedKubernetes

On this page

On this page

Create ManagedKubernetes Resource

Constructor syntax

Parameters

Constructor example

ManagedKubernetes Resource Properties

Inputs

Outputs

Look up Existing ManagedKubernetes Resource

Supporting Types

ManagedKubernetesAddon, ManagedKubernetesAddonArgs

ManagedKubernetesCertificateAuthority, ManagedKubernetesCertificateAuthorityArgs

ManagedKubernetesConnections, ManagedKubernetesConnectionsArgs

ManagedKubernetesDeleteOption, ManagedKubernetesDeleteOptionArgs

ManagedKubernetesMaintenanceWindow, ManagedKubernetesMaintenanceWindowArgs

ManagedKubernetesOperationPolicy, ManagedKubernetesOperationPolicyArgs

ManagedKubernetesOperationPolicyClusterAutoUpgrade, ManagedKubernetesOperationPolicyClusterAutoUpgradeArgs

ManagedKubernetesRrsaMetadata, ManagedKubernetesRrsaMetadataArgs

Import

Package Details

On this page

On this page