1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. eks
  5. Cluster

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi

aws-native.eks.Cluster

Explore with Pulumi AI

aws-native logo

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi

    An object representing an Amazon EKS cluster.

    Create Cluster Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Cluster(name: string, args: ClusterArgs, opts?: CustomResourceOptions);
    @overload
    def Cluster(resource_name: str,
                args: ClusterArgs,
                opts: Optional[ResourceOptions] = None)
    
    @overload
    def Cluster(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                resources_vpc_config: Optional[ClusterResourcesVpcConfigArgs] = None,
                role_arn: Optional[str] = None,
                outpost_config: Optional[ClusterOutpostConfigArgs] = None,
                kubernetes_network_config: Optional[ClusterKubernetesNetworkConfigArgs] = None,
                logging: Optional[LoggingArgs] = None,
                name: Optional[str] = None,
                access_config: Optional[ClusterAccessConfigArgs] = None,
                encryption_config: Optional[Sequence[ClusterEncryptionConfigArgs]] = None,
                bootstrap_self_managed_addons: Optional[bool] = None,
                tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
                upgrade_policy: Optional[ClusterUpgradePolicyArgs] = None,
                version: Optional[str] = None,
                zonal_shift_config: Optional[ClusterZonalShiftConfigArgs] = None)
    func NewCluster(ctx *Context, name string, args ClusterArgs, opts ...ResourceOption) (*Cluster, error)
    public Cluster(string name, ClusterArgs args, CustomResourceOptions? opts = null)
    public Cluster(String name, ClusterArgs args)
    public Cluster(String name, ClusterArgs args, CustomResourceOptions options)
    
    type: aws-native:eks:Cluster
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args ClusterArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ClusterArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ClusterArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ClusterArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ClusterArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Cluster Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Cluster resource accepts the following input properties:

    ResourcesVpcConfig Pulumi.AwsNative.Eks.Inputs.ClusterResourcesVpcConfig
    The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.
    RoleArn string
    The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
    AccessConfig Pulumi.AwsNative.Eks.Inputs.ClusterAccessConfig
    The access configuration for the cluster.
    BootstrapSelfManagedAddons bool
    Set this value to false to avoid creating the default networking add-ons when the cluster is created.
    EncryptionConfig List<Pulumi.AwsNative.Eks.Inputs.ClusterEncryptionConfig>
    The encryption configuration for the cluster.
    KubernetesNetworkConfig Pulumi.AwsNative.Eks.Inputs.ClusterKubernetesNetworkConfig
    The Kubernetes network configuration for the cluster.
    Logging Pulumi.AwsNative.Eks.Inputs.Logging
    The logging configuration for your cluster.
    Name string
    The unique name to give to your cluster.
    OutpostConfig Pulumi.AwsNative.Eks.Inputs.ClusterOutpostConfig
    An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.
    Tags List<Pulumi.AwsNative.Inputs.Tag>
    An array of key-value pairs to apply to this resource.
    UpgradePolicy Pulumi.AwsNative.Eks.Inputs.ClusterUpgradePolicy

    This value indicates if extended support is enabled or disabled for the cluster.

    Learn more about EKS Extended Support in the EKS User Guide.

    Version string
    The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.
    ZonalShiftConfig Pulumi.AwsNative.Eks.Inputs.ClusterZonalShiftConfig
    The configuration for zonal shift for the cluster.
    ResourcesVpcConfig ClusterResourcesVpcConfigArgs
    The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.
    RoleArn string
    The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
    AccessConfig ClusterAccessConfigArgs
    The access configuration for the cluster.
    BootstrapSelfManagedAddons bool
    Set this value to false to avoid creating the default networking add-ons when the cluster is created.
    EncryptionConfig []ClusterEncryptionConfigArgs
    The encryption configuration for the cluster.
    KubernetesNetworkConfig ClusterKubernetesNetworkConfigArgs
    The Kubernetes network configuration for the cluster.
    Logging LoggingArgs
    The logging configuration for your cluster.
    Name string
    The unique name to give to your cluster.
    OutpostConfig ClusterOutpostConfigArgs
    An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.
    Tags TagArgs
    An array of key-value pairs to apply to this resource.
    UpgradePolicy ClusterUpgradePolicyArgs

    This value indicates if extended support is enabled or disabled for the cluster.

    Learn more about EKS Extended Support in the EKS User Guide.

    Version string
    The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.
    ZonalShiftConfig ClusterZonalShiftConfigArgs
    The configuration for zonal shift for the cluster.
    resourcesVpcConfig ClusterResourcesVpcConfig
    The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.
    roleArn String
    The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
    accessConfig ClusterAccessConfig
    The access configuration for the cluster.
    bootstrapSelfManagedAddons Boolean
    Set this value to false to avoid creating the default networking add-ons when the cluster is created.
    encryptionConfig List<ClusterEncryptionConfig>
    The encryption configuration for the cluster.
    kubernetesNetworkConfig ClusterKubernetesNetworkConfig
    The Kubernetes network configuration for the cluster.
    logging Logging
    The logging configuration for your cluster.
    name String
    The unique name to give to your cluster.
    outpostConfig ClusterOutpostConfig
    An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.
    tags List<Tag>
    An array of key-value pairs to apply to this resource.
    upgradePolicy ClusterUpgradePolicy

    This value indicates if extended support is enabled or disabled for the cluster.

    Learn more about EKS Extended Support in the EKS User Guide.

    version String
    The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.
    zonalShiftConfig ClusterZonalShiftConfig
    The configuration for zonal shift for the cluster.
    resourcesVpcConfig ClusterResourcesVpcConfig
    The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.
    roleArn string
    The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
    accessConfig ClusterAccessConfig
    The access configuration for the cluster.
    bootstrapSelfManagedAddons boolean
    Set this value to false to avoid creating the default networking add-ons when the cluster is created.
    encryptionConfig ClusterEncryptionConfig[]
    The encryption configuration for the cluster.
    kubernetesNetworkConfig ClusterKubernetesNetworkConfig
    The Kubernetes network configuration for the cluster.
    logging Logging
    The logging configuration for your cluster.
    name string
    The unique name to give to your cluster.
    outpostConfig ClusterOutpostConfig
    An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.
    tags Tag[]
    An array of key-value pairs to apply to this resource.
    upgradePolicy ClusterUpgradePolicy

    This value indicates if extended support is enabled or disabled for the cluster.

    Learn more about EKS Extended Support in the EKS User Guide.

    version string
    The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.
    zonalShiftConfig ClusterZonalShiftConfig
    The configuration for zonal shift for the cluster.
    resources_vpc_config ClusterResourcesVpcConfigArgs
    The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.
    role_arn str
    The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
    access_config ClusterAccessConfigArgs
    The access configuration for the cluster.
    bootstrap_self_managed_addons bool
    Set this value to false to avoid creating the default networking add-ons when the cluster is created.
    encryption_config Sequence[ClusterEncryptionConfigArgs]
    The encryption configuration for the cluster.
    kubernetes_network_config ClusterKubernetesNetworkConfigArgs
    The Kubernetes network configuration for the cluster.
    logging LoggingArgs
    The logging configuration for your cluster.
    name str
    The unique name to give to your cluster.
    outpost_config ClusterOutpostConfigArgs
    An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.
    tags Sequence[TagArgs]
    An array of key-value pairs to apply to this resource.
    upgrade_policy ClusterUpgradePolicyArgs

    This value indicates if extended support is enabled or disabled for the cluster.

    Learn more about EKS Extended Support in the EKS User Guide.

    version str
    The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.
    zonal_shift_config ClusterZonalShiftConfigArgs
    The configuration for zonal shift for the cluster.
    resourcesVpcConfig Property Map
    The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.
    roleArn String
    The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
    accessConfig Property Map
    The access configuration for the cluster.
    bootstrapSelfManagedAddons Boolean
    Set this value to false to avoid creating the default networking add-ons when the cluster is created.
    encryptionConfig List<Property Map>
    The encryption configuration for the cluster.
    kubernetesNetworkConfig Property Map
    The Kubernetes network configuration for the cluster.
    logging Property Map
    The logging configuration for your cluster.
    name String
    The unique name to give to your cluster.
    outpostConfig Property Map
    An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.
    tags List<Property Map>
    An array of key-value pairs to apply to this resource.
    upgradePolicy Property Map

    This value indicates if extended support is enabled or disabled for the cluster.

    Learn more about EKS Extended Support in the EKS User Guide.

    version String
    The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.
    zonalShiftConfig Property Map
    The configuration for zonal shift for the cluster.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Cluster resource produces the following output properties:

    Arn string
    The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.
    AwsId string
    The unique ID given to your cluster.
    CertificateAuthorityData string
    The certificate-authority-data for your cluster.
    ClusterSecurityGroupId string
    The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.
    EncryptionConfigKeyArn string
    Amazon Resource Name (ARN) or alias of the customer master key (CMK).
    Endpoint string
    The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.
    Id string
    The provider-assigned unique ID for this managed resource.
    OpenIdConnectIssuerUrl string
    The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.
    Arn string
    The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.
    AwsId string
    The unique ID given to your cluster.
    CertificateAuthorityData string
    The certificate-authority-data for your cluster.
    ClusterSecurityGroupId string
    The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.
    EncryptionConfigKeyArn string
    Amazon Resource Name (ARN) or alias of the customer master key (CMK).
    Endpoint string
    The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.
    Id string
    The provider-assigned unique ID for this managed resource.
    OpenIdConnectIssuerUrl string
    The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.
    arn String
    The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.
    awsId String
    The unique ID given to your cluster.
    certificateAuthorityData String
    The certificate-authority-data for your cluster.
    clusterSecurityGroupId String
    The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.
    encryptionConfigKeyArn String
    Amazon Resource Name (ARN) or alias of the customer master key (CMK).
    endpoint String
    The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.
    id String
    The provider-assigned unique ID for this managed resource.
    openIdConnectIssuerUrl String
    The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.
    arn string
    The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.
    awsId string
    The unique ID given to your cluster.
    certificateAuthorityData string
    The certificate-authority-data for your cluster.
    clusterSecurityGroupId string
    The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.
    encryptionConfigKeyArn string
    Amazon Resource Name (ARN) or alias of the customer master key (CMK).
    endpoint string
    The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.
    id string
    The provider-assigned unique ID for this managed resource.
    openIdConnectIssuerUrl string
    The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.
    arn str
    The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.
    aws_id str
    The unique ID given to your cluster.
    certificate_authority_data str
    The certificate-authority-data for your cluster.
    cluster_security_group_id str
    The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.
    encryption_config_key_arn str
    Amazon Resource Name (ARN) or alias of the customer master key (CMK).
    endpoint str
    The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.
    id str
    The provider-assigned unique ID for this managed resource.
    open_id_connect_issuer_url str
    The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.
    arn String
    The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.
    awsId String
    The unique ID given to your cluster.
    certificateAuthorityData String
    The certificate-authority-data for your cluster.
    clusterSecurityGroupId String
    The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.
    encryptionConfigKeyArn String
    Amazon Resource Name (ARN) or alias of the customer master key (CMK).
    endpoint String
    The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.
    id String
    The provider-assigned unique ID for this managed resource.
    openIdConnectIssuerUrl String
    The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.

    Supporting Types

    ClusterAccessConfig, ClusterAccessConfigArgs

    AuthenticationMode Pulumi.AwsNative.Eks.ClusterAccessConfigAuthenticationMode
    Specify the authentication mode that should be used to create your cluster.
    BootstrapClusterCreatorAdminPermissions bool
    Set this value to false to avoid creating a default cluster admin Access Entry using the IAM principal used to create the cluster.
    AuthenticationMode ClusterAccessConfigAuthenticationMode
    Specify the authentication mode that should be used to create your cluster.
    BootstrapClusterCreatorAdminPermissions bool
    Set this value to false to avoid creating a default cluster admin Access Entry using the IAM principal used to create the cluster.
    authenticationMode ClusterAccessConfigAuthenticationMode
    Specify the authentication mode that should be used to create your cluster.
    bootstrapClusterCreatorAdminPermissions Boolean
    Set this value to false to avoid creating a default cluster admin Access Entry using the IAM principal used to create the cluster.
    authenticationMode ClusterAccessConfigAuthenticationMode
    Specify the authentication mode that should be used to create your cluster.
    bootstrapClusterCreatorAdminPermissions boolean
    Set this value to false to avoid creating a default cluster admin Access Entry using the IAM principal used to create the cluster.
    authentication_mode ClusterAccessConfigAuthenticationMode
    Specify the authentication mode that should be used to create your cluster.
    bootstrap_cluster_creator_admin_permissions bool
    Set this value to false to avoid creating a default cluster admin Access Entry using the IAM principal used to create the cluster.
    authenticationMode "CONFIG_MAP" | "API_AND_CONFIG_MAP" | "API"
    Specify the authentication mode that should be used to create your cluster.
    bootstrapClusterCreatorAdminPermissions Boolean
    Set this value to false to avoid creating a default cluster admin Access Entry using the IAM principal used to create the cluster.

    ClusterAccessConfigAuthenticationMode, ClusterAccessConfigAuthenticationModeArgs

    ConfigMap
    CONFIG_MAP
    ApiAndConfigMap
    API_AND_CONFIG_MAP
    Api
    API
    ClusterAccessConfigAuthenticationModeConfigMap
    CONFIG_MAP
    ClusterAccessConfigAuthenticationModeApiAndConfigMap
    API_AND_CONFIG_MAP
    ClusterAccessConfigAuthenticationModeApi
    API
    ConfigMap
    CONFIG_MAP
    ApiAndConfigMap
    API_AND_CONFIG_MAP
    Api
    API
    ConfigMap
    CONFIG_MAP
    ApiAndConfigMap
    API_AND_CONFIG_MAP
    Api
    API
    CONFIG_MAP
    CONFIG_MAP
    API_AND_CONFIG_MAP
    API_AND_CONFIG_MAP
    API
    API
    "CONFIG_MAP"
    CONFIG_MAP
    "API_AND_CONFIG_MAP"
    API_AND_CONFIG_MAP
    "API"
    API

    ClusterControlPlanePlacement, ClusterControlPlanePlacementArgs

    GroupName string
    Specify the placement group name of the control place machines for your cluster.
    GroupName string
    Specify the placement group name of the control place machines for your cluster.
    groupName String
    Specify the placement group name of the control place machines for your cluster.
    groupName string
    Specify the placement group name of the control place machines for your cluster.
    group_name str
    Specify the placement group name of the control place machines for your cluster.
    groupName String
    Specify the placement group name of the control place machines for your cluster.

    ClusterEncryptionConfig, ClusterEncryptionConfigArgs

    Provider Pulumi.AwsNative.Eks.Inputs.ClusterProvider
    The encryption provider for the cluster.
    Resources List<string>
    Specifies the resources to be encrypted. The only supported value is "secrets".
    Provider ClusterProvider
    The encryption provider for the cluster.
    Resources []string
    Specifies the resources to be encrypted. The only supported value is "secrets".
    provider ClusterProvider
    The encryption provider for the cluster.
    resources List<String>
    Specifies the resources to be encrypted. The only supported value is "secrets".
    provider ClusterProvider
    The encryption provider for the cluster.
    resources string[]
    Specifies the resources to be encrypted. The only supported value is "secrets".
    provider ClusterProvider
    The encryption provider for the cluster.
    resources Sequence[str]
    Specifies the resources to be encrypted. The only supported value is "secrets".
    provider Property Map
    The encryption provider for the cluster.
    resources List<String>
    Specifies the resources to be encrypted. The only supported value is "secrets".

    ClusterKubernetesNetworkConfig, ClusterKubernetesNetworkConfigArgs

    IpFamily Pulumi.AwsNative.Eks.ClusterKubernetesNetworkConfigIpFamily
    Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on
    ServiceIpv4Cidr string
    The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC.
    ServiceIpv6Cidr string
    The CIDR block to assign Kubernetes service IP addresses from.
    IpFamily ClusterKubernetesNetworkConfigIpFamily
    Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on
    ServiceIpv4Cidr string
    The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC.
    ServiceIpv6Cidr string
    The CIDR block to assign Kubernetes service IP addresses from.
    ipFamily ClusterKubernetesNetworkConfigIpFamily
    Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on
    serviceIpv4Cidr String
    The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC.
    serviceIpv6Cidr String
    The CIDR block to assign Kubernetes service IP addresses from.
    ipFamily ClusterKubernetesNetworkConfigIpFamily
    Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on
    serviceIpv4Cidr string
    The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC.
    serviceIpv6Cidr string
    The CIDR block to assign Kubernetes service IP addresses from.
    ip_family ClusterKubernetesNetworkConfigIpFamily
    Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on
    service_ipv4_cidr str
    The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC.
    service_ipv6_cidr str
    The CIDR block to assign Kubernetes service IP addresses from.
    ipFamily "ipv4" | "ipv6"
    Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on
    serviceIpv4Cidr String
    The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC.
    serviceIpv6Cidr String
    The CIDR block to assign Kubernetes service IP addresses from.

    ClusterKubernetesNetworkConfigIpFamily, ClusterKubernetesNetworkConfigIpFamilyArgs

    Ipv4
    ipv4
    Ipv6
    ipv6
    ClusterKubernetesNetworkConfigIpFamilyIpv4
    ipv4
    ClusterKubernetesNetworkConfigIpFamilyIpv6
    ipv6
    Ipv4
    ipv4
    Ipv6
    ipv6
    Ipv4
    ipv4
    Ipv6
    ipv6
    IPV4
    ipv4
    IPV6
    ipv6
    "ipv4"
    ipv4
    "ipv6"
    ipv6

    ClusterLoggingEnabledTypes, ClusterLoggingEnabledTypesArgs

    EnabledTypes List<Pulumi.AwsNative.Eks.Inputs.ClusterLoggingTypeConfig>

    The enabled control plane logs for your cluster. All log types are disabled if the array is empty.

    When updating a resource, you must include this EnabledTypes property if the previous CloudFormation template of the resource had it.

    EnabledTypes []ClusterLoggingTypeConfig

    The enabled control plane logs for your cluster. All log types are disabled if the array is empty.

    When updating a resource, you must include this EnabledTypes property if the previous CloudFormation template of the resource had it.

    enabledTypes List<ClusterLoggingTypeConfig>

    The enabled control plane logs for your cluster. All log types are disabled if the array is empty.

    When updating a resource, you must include this EnabledTypes property if the previous CloudFormation template of the resource had it.

    enabledTypes ClusterLoggingTypeConfig[]

    The enabled control plane logs for your cluster. All log types are disabled if the array is empty.

    When updating a resource, you must include this EnabledTypes property if the previous CloudFormation template of the resource had it.

    enabled_types Sequence[ClusterLoggingTypeConfig]

    The enabled control plane logs for your cluster. All log types are disabled if the array is empty.

    When updating a resource, you must include this EnabledTypes property if the previous CloudFormation template of the resource had it.

    enabledTypes List<Property Map>

    The enabled control plane logs for your cluster. All log types are disabled if the array is empty.

    When updating a resource, you must include this EnabledTypes property if the previous CloudFormation template of the resource had it.

    ClusterLoggingTypeConfig, ClusterLoggingTypeConfigArgs

    ClusterLoggingTypeConfigType, ClusterLoggingTypeConfigTypeArgs

    Api
    api
    Audit
    audit
    Authenticator
    authenticator
    ControllerManager
    controllerManager
    Scheduler
    scheduler
    ClusterLoggingTypeConfigTypeApi
    api
    ClusterLoggingTypeConfigTypeAudit
    audit
    ClusterLoggingTypeConfigTypeAuthenticator
    authenticator
    ClusterLoggingTypeConfigTypeControllerManager
    controllerManager
    ClusterLoggingTypeConfigTypeScheduler
    scheduler
    Api
    api
    Audit
    audit
    Authenticator
    authenticator
    ControllerManager
    controllerManager
    Scheduler
    scheduler
    Api
    api
    Audit
    audit
    Authenticator
    authenticator
    ControllerManager
    controllerManager
    Scheduler
    scheduler
    API
    api
    AUDIT
    audit
    AUTHENTICATOR
    authenticator
    CONTROLLER_MANAGER
    controllerManager
    SCHEDULER
    scheduler
    "api"
    api
    "audit"
    audit
    "authenticator"
    authenticator
    "controllerManager"
    controllerManager
    "scheduler"
    scheduler

    ClusterOutpostConfig, ClusterOutpostConfigArgs

    ControlPlaneInstanceType string
    Specify the Instance type of the machines that should be used to create your cluster.
    OutpostArns List<string>
    Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.
    ControlPlanePlacement Pulumi.AwsNative.Eks.Inputs.ClusterControlPlanePlacement
    Specify the placement group of the control plane machines for your cluster.
    ControlPlaneInstanceType string
    Specify the Instance type of the machines that should be used to create your cluster.
    OutpostArns []string
    Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.
    ControlPlanePlacement ClusterControlPlanePlacement
    Specify the placement group of the control plane machines for your cluster.
    controlPlaneInstanceType String
    Specify the Instance type of the machines that should be used to create your cluster.
    outpostArns List<String>
    Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.
    controlPlanePlacement ClusterControlPlanePlacement
    Specify the placement group of the control plane machines for your cluster.
    controlPlaneInstanceType string
    Specify the Instance type of the machines that should be used to create your cluster.
    outpostArns string[]
    Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.
    controlPlanePlacement ClusterControlPlanePlacement
    Specify the placement group of the control plane machines for your cluster.
    control_plane_instance_type str
    Specify the Instance type of the machines that should be used to create your cluster.
    outpost_arns Sequence[str]
    Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.
    control_plane_placement ClusterControlPlanePlacement
    Specify the placement group of the control plane machines for your cluster.
    controlPlaneInstanceType String
    Specify the Instance type of the machines that should be used to create your cluster.
    outpostArns List<String>
    Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.
    controlPlanePlacement Property Map
    Specify the placement group of the control plane machines for your cluster.

    ClusterProvider, ClusterProviderArgs

    KeyArn string
    Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.
    KeyArn string
    Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.
    keyArn String
    Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.
    keyArn string
    Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.
    key_arn str
    Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.
    keyArn String
    Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.

    ClusterResourcesVpcConfig, ClusterResourcesVpcConfigArgs

    SubnetIds List<string>
    Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.
    EndpointPrivateAccess bool
    Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.
    EndpointPublicAccess bool
    Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server.
    PublicAccessCidrs List<string>
    The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks.
    SecurityGroupIds List<string>
    Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.
    SubnetIds []string
    Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.
    EndpointPrivateAccess bool
    Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.
    EndpointPublicAccess bool
    Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server.
    PublicAccessCidrs []string
    The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks.
    SecurityGroupIds []string
    Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.
    subnetIds List<String>
    Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.
    endpointPrivateAccess Boolean
    Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.
    endpointPublicAccess Boolean
    Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server.
    publicAccessCidrs List<String>
    The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks.
    securityGroupIds List<String>
    Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.
    subnetIds string[]
    Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.
    endpointPrivateAccess boolean
    Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.
    endpointPublicAccess boolean
    Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server.
    publicAccessCidrs string[]
    The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks.
    securityGroupIds string[]
    Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.
    subnet_ids Sequence[str]
    Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.
    endpoint_private_access bool
    Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.
    endpoint_public_access bool
    Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server.
    public_access_cidrs Sequence[str]
    The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks.
    security_group_ids Sequence[str]
    Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.
    subnetIds List<String>
    Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.
    endpointPrivateAccess Boolean
    Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.
    endpointPublicAccess Boolean
    Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server.
    publicAccessCidrs List<String>
    The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks.
    securityGroupIds List<String>
    Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.

    ClusterUpgradePolicy, ClusterUpgradePolicyArgs

    SupportType Pulumi.AwsNative.Eks.ClusterUpgradePolicySupportType
    Specify the support type for your cluster.
    SupportType ClusterUpgradePolicySupportType
    Specify the support type for your cluster.
    supportType ClusterUpgradePolicySupportType
    Specify the support type for your cluster.
    supportType ClusterUpgradePolicySupportType
    Specify the support type for your cluster.
    support_type ClusterUpgradePolicySupportType
    Specify the support type for your cluster.
    supportType "STANDARD" | "EXTENDED"
    Specify the support type for your cluster.

    ClusterUpgradePolicySupportType, ClusterUpgradePolicySupportTypeArgs

    Standard
    STANDARD
    Extended
    EXTENDED
    ClusterUpgradePolicySupportTypeStandard
    STANDARD
    ClusterUpgradePolicySupportTypeExtended
    EXTENDED
    Standard
    STANDARD
    Extended
    EXTENDED
    Standard
    STANDARD
    Extended
    EXTENDED
    STANDARD
    STANDARD
    EXTENDED
    EXTENDED
    "STANDARD"
    STANDARD
    "EXTENDED"
    EXTENDED

    ClusterZonalShiftConfig, ClusterZonalShiftConfigArgs

    Enabled bool
    Set this value to true to enable zonal shift for the cluster.
    Enabled bool
    Set this value to true to enable zonal shift for the cluster.
    enabled Boolean
    Set this value to true to enable zonal shift for the cluster.
    enabled boolean
    Set this value to true to enable zonal shift for the cluster.
    enabled bool
    Set this value to true to enable zonal shift for the cluster.
    enabled Boolean
    Set this value to true to enable zonal shift for the cluster.

    Logging, LoggingArgs

    ClusterLoggingValue Pulumi.AwsNative.Eks.Inputs.ClusterLoggingEnabledTypes
    The cluster control plane logging configuration for your cluster.
    ClusterLogging ClusterLoggingEnabledTypes
    The cluster control plane logging configuration for your cluster.
    clusterLogging ClusterLoggingEnabledTypes
    The cluster control plane logging configuration for your cluster.
    clusterLogging ClusterLoggingEnabledTypes
    The cluster control plane logging configuration for your cluster.
    cluster_logging ClusterLoggingEnabledTypes
    The cluster control plane logging configuration for your cluster.
    clusterLogging Property Map
    The cluster control plane logging configuration for your cluster.

    Tag, TagArgs

    Key string
    The key name of the tag
    Value string
    The value of the tag
    Key string
    The key name of the tag
    Value string
    The value of the tag
    key String
    The key name of the tag
    value String
    The value of the tag
    key string
    The key name of the tag
    value string
    The value of the tag
    key str
    The key name of the tag
    value str
    The value of the tag
    key String
    The key name of the tag
    value String
    The value of the tag

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    We recommend new projects start with resources from the AWS provider.

    AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi