oci.ContainerEngine.Cluster
Explore with Pulumi AI
This resource provides the Cluster resource in Oracle Cloud Infrastructure Container Engine service.
Create a new cluster.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testCluster = new oci.containerengine.Cluster("test_cluster", {
compartmentId: compartmentId,
kubernetesVersion: clusterKubernetesVersion,
name: clusterName,
vcnId: testVcn.id,
clusterPodNetworkOptions: [{
cniType: clusterClusterPodNetworkOptionsCniType,
}],
definedTags: {
"Operations.CostCenter": "42",
},
endpointConfig: {
isPublicIpEnabled: clusterEndpointConfigIsPublicIpEnabled,
nsgIds: clusterEndpointConfigNsgIds,
subnetId: testSubnet.id,
},
freeformTags: {
Department: "Finance",
},
imagePolicyConfig: {
isPolicyEnabled: clusterImagePolicyConfigIsPolicyEnabled,
keyDetails: [{
kmsKeyId: testKey.id,
}],
},
kmsKeyId: testKey.id,
options: {
addOns: {
isKubernetesDashboardEnabled: clusterOptionsAddOnsIsKubernetesDashboardEnabled,
isTillerEnabled: clusterOptionsAddOnsIsTillerEnabled,
},
admissionControllerOptions: {
isPodSecurityPolicyEnabled: clusterOptionsAdmissionControllerOptionsIsPodSecurityPolicyEnabled,
},
kubernetesNetworkConfig: {
podsCidr: clusterOptionsKubernetesNetworkConfigPodsCidr,
servicesCidr: clusterOptionsKubernetesNetworkConfigServicesCidr,
},
openIdConnectTokenAuthenticationConfig: {
isOpenIdConnectAuthEnabled: clusterOptionsOpenIdConnectTokenAuthenticationConfigIsOpenIdConnectAuthEnabled,
caCertificate: clusterOptionsOpenIdConnectTokenAuthenticationConfigCaCertificate,
clientId: testClient.id,
groupsClaim: clusterOptionsOpenIdConnectTokenAuthenticationConfigGroupsClaim,
groupsPrefix: clusterOptionsOpenIdConnectTokenAuthenticationConfigGroupsPrefix,
issuerUrl: clusterOptionsOpenIdConnectTokenAuthenticationConfigIssuerUrl,
requiredClaims: [{
key: clusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimsKey,
value: clusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimsValue,
}],
signingAlgorithms: clusterOptionsOpenIdConnectTokenAuthenticationConfigSigningAlgorithms,
usernameClaim: clusterOptionsOpenIdConnectTokenAuthenticationConfigUsernameClaim,
usernamePrefix: clusterOptionsOpenIdConnectTokenAuthenticationConfigUsernamePrefix,
},
openIdConnectDiscovery: {
isOpenIdConnectDiscoveryEnabled: clusterOptionsOpenIdConnectDiscoveryIsOpenIdConnectDiscoveryEnabled,
},
persistentVolumeConfig: {
definedTags: {
"Operations.CostCenter": "42",
},
freeformTags: {
Department: "Finance",
},
},
serviceLbConfig: {
definedTags: {
"Operations.CostCenter": "42",
},
freeformTags: {
Department: "Finance",
},
},
serviceLbSubnetIds: clusterOptionsServiceLbSubnetIds,
},
type: clusterType,
});
import pulumi
import pulumi_oci as oci
test_cluster = oci.container_engine.Cluster("test_cluster",
compartment_id=compartment_id,
kubernetes_version=cluster_kubernetes_version,
name=cluster_name,
vcn_id=test_vcn["id"],
cluster_pod_network_options=[{
"cni_type": cluster_cluster_pod_network_options_cni_type,
}],
defined_tags={
"Operations.CostCenter": "42",
},
endpoint_config={
"is_public_ip_enabled": cluster_endpoint_config_is_public_ip_enabled,
"nsg_ids": cluster_endpoint_config_nsg_ids,
"subnet_id": test_subnet["id"],
},
freeform_tags={
"Department": "Finance",
},
image_policy_config={
"is_policy_enabled": cluster_image_policy_config_is_policy_enabled,
"key_details": [{
"kms_key_id": test_key["id"],
}],
},
kms_key_id=test_key["id"],
options={
"add_ons": {
"is_kubernetes_dashboard_enabled": cluster_options_add_ons_is_kubernetes_dashboard_enabled,
"is_tiller_enabled": cluster_options_add_ons_is_tiller_enabled,
},
"admission_controller_options": {
"is_pod_security_policy_enabled": cluster_options_admission_controller_options_is_pod_security_policy_enabled,
},
"kubernetes_network_config": {
"pods_cidr": cluster_options_kubernetes_network_config_pods_cidr,
"services_cidr": cluster_options_kubernetes_network_config_services_cidr,
},
"open_id_connect_token_authentication_config": {
"is_open_id_connect_auth_enabled": cluster_options_open_id_connect_token_authentication_config_is_open_id_connect_auth_enabled,
"ca_certificate": cluster_options_open_id_connect_token_authentication_config_ca_certificate,
"client_id": test_client["id"],
"groups_claim": cluster_options_open_id_connect_token_authentication_config_groups_claim,
"groups_prefix": cluster_options_open_id_connect_token_authentication_config_groups_prefix,
"issuer_url": cluster_options_open_id_connect_token_authentication_config_issuer_url,
"required_claims": [{
"key": cluster_options_open_id_connect_token_authentication_config_required_claims_key,
"value": cluster_options_open_id_connect_token_authentication_config_required_claims_value,
}],
"signing_algorithms": cluster_options_open_id_connect_token_authentication_config_signing_algorithms,
"username_claim": cluster_options_open_id_connect_token_authentication_config_username_claim,
"username_prefix": cluster_options_open_id_connect_token_authentication_config_username_prefix,
},
"open_id_connect_discovery": {
"is_open_id_connect_discovery_enabled": cluster_options_open_id_connect_discovery_is_open_id_connect_discovery_enabled,
},
"persistent_volume_config": {
"defined_tags": {
"Operations.CostCenter": "42",
},
"freeform_tags": {
"Department": "Finance",
},
},
"service_lb_config": {
"defined_tags": {
"Operations.CostCenter": "42",
},
"freeform_tags": {
"Department": "Finance",
},
},
"service_lb_subnet_ids": cluster_options_service_lb_subnet_ids,
},
type=cluster_type)
package main
import (
"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/ContainerEngine"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := ContainerEngine.NewCluster(ctx, "test_cluster", &ContainerEngine.ClusterArgs{
CompartmentId: pulumi.Any(compartmentId),
KubernetesVersion: pulumi.Any(clusterKubernetesVersion),
Name: pulumi.Any(clusterName),
VcnId: pulumi.Any(testVcn.Id),
ClusterPodNetworkOptions: containerengine.ClusterClusterPodNetworkOptionArray{
&containerengine.ClusterClusterPodNetworkOptionArgs{
CniType: pulumi.Any(clusterClusterPodNetworkOptionsCniType),
},
},
DefinedTags: pulumi.StringMap{
"Operations.CostCenter": pulumi.String("42"),
},
EndpointConfig: &containerengine.ClusterEndpointConfigArgs{
IsPublicIpEnabled: pulumi.Any(clusterEndpointConfigIsPublicIpEnabled),
NsgIds: pulumi.Any(clusterEndpointConfigNsgIds),
SubnetId: pulumi.Any(testSubnet.Id),
},
FreeformTags: pulumi.StringMap{
"Department": pulumi.String("Finance"),
},
ImagePolicyConfig: &containerengine.ClusterImagePolicyConfigArgs{
IsPolicyEnabled: pulumi.Any(clusterImagePolicyConfigIsPolicyEnabled),
KeyDetails: containerengine.ClusterImagePolicyConfigKeyDetailArray{
&containerengine.ClusterImagePolicyConfigKeyDetailArgs{
KmsKeyId: pulumi.Any(testKey.Id),
},
},
},
KmsKeyId: pulumi.Any(testKey.Id),
Options: &containerengine.ClusterOptionsArgs{
AddOns: &containerengine.ClusterOptionsAddOnsArgs{
IsKubernetesDashboardEnabled: pulumi.Any(clusterOptionsAddOnsIsKubernetesDashboardEnabled),
IsTillerEnabled: pulumi.Any(clusterOptionsAddOnsIsTillerEnabled),
},
AdmissionControllerOptions: &containerengine.ClusterOptionsAdmissionControllerOptionsArgs{
IsPodSecurityPolicyEnabled: pulumi.Any(clusterOptionsAdmissionControllerOptionsIsPodSecurityPolicyEnabled),
},
KubernetesNetworkConfig: &containerengine.ClusterOptionsKubernetesNetworkConfigArgs{
PodsCidr: pulumi.Any(clusterOptionsKubernetesNetworkConfigPodsCidr),
ServicesCidr: pulumi.Any(clusterOptionsKubernetesNetworkConfigServicesCidr),
},
OpenIdConnectTokenAuthenticationConfig: &containerengine.ClusterOptionsOpenIdConnectTokenAuthenticationConfigArgs{
IsOpenIdConnectAuthEnabled: pulumi.Any(clusterOptionsOpenIdConnectTokenAuthenticationConfigIsOpenIdConnectAuthEnabled),
CaCertificate: pulumi.Any(clusterOptionsOpenIdConnectTokenAuthenticationConfigCaCertificate),
ClientId: pulumi.Any(testClient.Id),
GroupsClaim: pulumi.Any(clusterOptionsOpenIdConnectTokenAuthenticationConfigGroupsClaim),
GroupsPrefix: pulumi.Any(clusterOptionsOpenIdConnectTokenAuthenticationConfigGroupsPrefix),
IssuerUrl: pulumi.Any(clusterOptionsOpenIdConnectTokenAuthenticationConfigIssuerUrl),
RequiredClaims: containerengine.ClusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimArray{
&containerengine.ClusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimArgs{
Key: pulumi.Any(clusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimsKey),
Value: pulumi.Any(clusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimsValue),
},
},
SigningAlgorithms: pulumi.Any(clusterOptionsOpenIdConnectTokenAuthenticationConfigSigningAlgorithms),
UsernameClaim: pulumi.Any(clusterOptionsOpenIdConnectTokenAuthenticationConfigUsernameClaim),
UsernamePrefix: pulumi.Any(clusterOptionsOpenIdConnectTokenAuthenticationConfigUsernamePrefix),
},
OpenIdConnectDiscovery: &containerengine.ClusterOptionsOpenIdConnectDiscoveryArgs{
IsOpenIdConnectDiscoveryEnabled: pulumi.Any(clusterOptionsOpenIdConnectDiscoveryIsOpenIdConnectDiscoveryEnabled),
},
PersistentVolumeConfig: &containerengine.ClusterOptionsPersistentVolumeConfigArgs{
DefinedTags: pulumi.StringMap{
"Operations.CostCenter": pulumi.String("42"),
},
FreeformTags: pulumi.StringMap{
"Department": pulumi.String("Finance"),
},
},
ServiceLbConfig: &containerengine.ClusterOptionsServiceLbConfigArgs{
DefinedTags: pulumi.StringMap{
"Operations.CostCenter": pulumi.String("42"),
},
FreeformTags: pulumi.StringMap{
"Department": pulumi.String("Finance"),
},
},
ServiceLbSubnetIds: pulumi.Any(clusterOptionsServiceLbSubnetIds),
},
Type: pulumi.Any(clusterType),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testCluster = new Oci.ContainerEngine.Cluster("test_cluster", new()
{
CompartmentId = compartmentId,
KubernetesVersion = clusterKubernetesVersion,
Name = clusterName,
VcnId = testVcn.Id,
ClusterPodNetworkOptions = new[]
{
new Oci.ContainerEngine.Inputs.ClusterClusterPodNetworkOptionArgs
{
CniType = clusterClusterPodNetworkOptionsCniType,
},
},
DefinedTags =
{
{ "Operations.CostCenter", "42" },
},
EndpointConfig = new Oci.ContainerEngine.Inputs.ClusterEndpointConfigArgs
{
IsPublicIpEnabled = clusterEndpointConfigIsPublicIpEnabled,
NsgIds = clusterEndpointConfigNsgIds,
SubnetId = testSubnet.Id,
},
FreeformTags =
{
{ "Department", "Finance" },
},
ImagePolicyConfig = new Oci.ContainerEngine.Inputs.ClusterImagePolicyConfigArgs
{
IsPolicyEnabled = clusterImagePolicyConfigIsPolicyEnabled,
KeyDetails = new[]
{
new Oci.ContainerEngine.Inputs.ClusterImagePolicyConfigKeyDetailArgs
{
KmsKeyId = testKey.Id,
},
},
},
KmsKeyId = testKey.Id,
Options = new Oci.ContainerEngine.Inputs.ClusterOptionsArgs
{
AddOns = new Oci.ContainerEngine.Inputs.ClusterOptionsAddOnsArgs
{
IsKubernetesDashboardEnabled = clusterOptionsAddOnsIsKubernetesDashboardEnabled,
IsTillerEnabled = clusterOptionsAddOnsIsTillerEnabled,
},
AdmissionControllerOptions = new Oci.ContainerEngine.Inputs.ClusterOptionsAdmissionControllerOptionsArgs
{
IsPodSecurityPolicyEnabled = clusterOptionsAdmissionControllerOptionsIsPodSecurityPolicyEnabled,
},
KubernetesNetworkConfig = new Oci.ContainerEngine.Inputs.ClusterOptionsKubernetesNetworkConfigArgs
{
PodsCidr = clusterOptionsKubernetesNetworkConfigPodsCidr,
ServicesCidr = clusterOptionsKubernetesNetworkConfigServicesCidr,
},
OpenIdConnectTokenAuthenticationConfig = new Oci.ContainerEngine.Inputs.ClusterOptionsOpenIdConnectTokenAuthenticationConfigArgs
{
IsOpenIdConnectAuthEnabled = clusterOptionsOpenIdConnectTokenAuthenticationConfigIsOpenIdConnectAuthEnabled,
CaCertificate = clusterOptionsOpenIdConnectTokenAuthenticationConfigCaCertificate,
ClientId = testClient.Id,
GroupsClaim = clusterOptionsOpenIdConnectTokenAuthenticationConfigGroupsClaim,
GroupsPrefix = clusterOptionsOpenIdConnectTokenAuthenticationConfigGroupsPrefix,
IssuerUrl = clusterOptionsOpenIdConnectTokenAuthenticationConfigIssuerUrl,
RequiredClaims = new[]
{
new Oci.ContainerEngine.Inputs.ClusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimArgs
{
Key = clusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimsKey,
Value = clusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimsValue,
},
},
SigningAlgorithms = clusterOptionsOpenIdConnectTokenAuthenticationConfigSigningAlgorithms,
UsernameClaim = clusterOptionsOpenIdConnectTokenAuthenticationConfigUsernameClaim,
UsernamePrefix = clusterOptionsOpenIdConnectTokenAuthenticationConfigUsernamePrefix,
},
OpenIdConnectDiscovery = new Oci.ContainerEngine.Inputs.ClusterOptionsOpenIdConnectDiscoveryArgs
{
IsOpenIdConnectDiscoveryEnabled = clusterOptionsOpenIdConnectDiscoveryIsOpenIdConnectDiscoveryEnabled,
},
PersistentVolumeConfig = new Oci.ContainerEngine.Inputs.ClusterOptionsPersistentVolumeConfigArgs
{
DefinedTags =
{
{ "Operations.CostCenter", "42" },
},
FreeformTags =
{
{ "Department", "Finance" },
},
},
ServiceLbConfig = new Oci.ContainerEngine.Inputs.ClusterOptionsServiceLbConfigArgs
{
DefinedTags =
{
{ "Operations.CostCenter", "42" },
},
FreeformTags =
{
{ "Department", "Finance" },
},
},
ServiceLbSubnetIds = clusterOptionsServiceLbSubnetIds,
},
Type = clusterType,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.ContainerEngine.Cluster;
import com.pulumi.oci.ContainerEngine.ClusterArgs;
import com.pulumi.oci.ContainerEngine.inputs.ClusterClusterPodNetworkOptionArgs;
import com.pulumi.oci.ContainerEngine.inputs.ClusterEndpointConfigArgs;
import com.pulumi.oci.ContainerEngine.inputs.ClusterImagePolicyConfigArgs;
import com.pulumi.oci.ContainerEngine.inputs.ClusterOptionsArgs;
import com.pulumi.oci.ContainerEngine.inputs.ClusterOptionsAddOnsArgs;
import com.pulumi.oci.ContainerEngine.inputs.ClusterOptionsAdmissionControllerOptionsArgs;
import com.pulumi.oci.ContainerEngine.inputs.ClusterOptionsKubernetesNetworkConfigArgs;
import com.pulumi.oci.ContainerEngine.inputs.ClusterOptionsOpenIdConnectTokenAuthenticationConfigArgs;
import com.pulumi.oci.ContainerEngine.inputs.ClusterOptionsOpenIdConnectDiscoveryArgs;
import com.pulumi.oci.ContainerEngine.inputs.ClusterOptionsPersistentVolumeConfigArgs;
import com.pulumi.oci.ContainerEngine.inputs.ClusterOptionsServiceLbConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testCluster = new Cluster("testCluster", ClusterArgs.builder()
.compartmentId(compartmentId)
.kubernetesVersion(clusterKubernetesVersion)
.name(clusterName)
.vcnId(testVcn.id())
.clusterPodNetworkOptions(ClusterClusterPodNetworkOptionArgs.builder()
.cniType(clusterClusterPodNetworkOptionsCniType)
.build())
.definedTags(Map.of("Operations.CostCenter", "42"))
.endpointConfig(ClusterEndpointConfigArgs.builder()
.isPublicIpEnabled(clusterEndpointConfigIsPublicIpEnabled)
.nsgIds(clusterEndpointConfigNsgIds)
.subnetId(testSubnet.id())
.build())
.freeformTags(Map.of("Department", "Finance"))
.imagePolicyConfig(ClusterImagePolicyConfigArgs.builder()
.isPolicyEnabled(clusterImagePolicyConfigIsPolicyEnabled)
.keyDetails(ClusterImagePolicyConfigKeyDetailArgs.builder()
.kmsKeyId(testKey.id())
.build())
.build())
.kmsKeyId(testKey.id())
.options(ClusterOptionsArgs.builder()
.addOns(ClusterOptionsAddOnsArgs.builder()
.isKubernetesDashboardEnabled(clusterOptionsAddOnsIsKubernetesDashboardEnabled)
.isTillerEnabled(clusterOptionsAddOnsIsTillerEnabled)
.build())
.admissionControllerOptions(ClusterOptionsAdmissionControllerOptionsArgs.builder()
.isPodSecurityPolicyEnabled(clusterOptionsAdmissionControllerOptionsIsPodSecurityPolicyEnabled)
.build())
.kubernetesNetworkConfig(ClusterOptionsKubernetesNetworkConfigArgs.builder()
.podsCidr(clusterOptionsKubernetesNetworkConfigPodsCidr)
.servicesCidr(clusterOptionsKubernetesNetworkConfigServicesCidr)
.build())
.openIdConnectTokenAuthenticationConfig(ClusterOptionsOpenIdConnectTokenAuthenticationConfigArgs.builder()
.isOpenIdConnectAuthEnabled(clusterOptionsOpenIdConnectTokenAuthenticationConfigIsOpenIdConnectAuthEnabled)
.caCertificate(clusterOptionsOpenIdConnectTokenAuthenticationConfigCaCertificate)
.clientId(testClient.id())
.groupsClaim(clusterOptionsOpenIdConnectTokenAuthenticationConfigGroupsClaim)
.groupsPrefix(clusterOptionsOpenIdConnectTokenAuthenticationConfigGroupsPrefix)
.issuerUrl(clusterOptionsOpenIdConnectTokenAuthenticationConfigIssuerUrl)
.requiredClaims(ClusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimArgs.builder()
.key(clusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimsKey)
.value(clusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimsValue)
.build())
.signingAlgorithms(clusterOptionsOpenIdConnectTokenAuthenticationConfigSigningAlgorithms)
.usernameClaim(clusterOptionsOpenIdConnectTokenAuthenticationConfigUsernameClaim)
.usernamePrefix(clusterOptionsOpenIdConnectTokenAuthenticationConfigUsernamePrefix)
.build())
.openIdConnectDiscovery(ClusterOptionsOpenIdConnectDiscoveryArgs.builder()
.isOpenIdConnectDiscoveryEnabled(clusterOptionsOpenIdConnectDiscoveryIsOpenIdConnectDiscoveryEnabled)
.build())
.persistentVolumeConfig(ClusterOptionsPersistentVolumeConfigArgs.builder()
.definedTags(Map.of("Operations.CostCenter", "42"))
.freeformTags(Map.of("Department", "Finance"))
.build())
.serviceLbConfig(ClusterOptionsServiceLbConfigArgs.builder()
.definedTags(Map.of("Operations.CostCenter", "42"))
.freeformTags(Map.of("Department", "Finance"))
.build())
.serviceLbSubnetIds(clusterOptionsServiceLbSubnetIds)
.build())
.type(clusterType)
.build());
}
}
resources:
testCluster:
type: oci:ContainerEngine:Cluster
name: test_cluster
properties:
compartmentId: ${compartmentId}
kubernetesVersion: ${clusterKubernetesVersion}
name: ${clusterName}
vcnId: ${testVcn.id}
clusterPodNetworkOptions:
- cniType: ${clusterClusterPodNetworkOptionsCniType}
definedTags:
Operations.CostCenter: '42'
endpointConfig:
isPublicIpEnabled: ${clusterEndpointConfigIsPublicIpEnabled}
nsgIds: ${clusterEndpointConfigNsgIds}
subnetId: ${testSubnet.id}
freeformTags:
Department: Finance
imagePolicyConfig:
isPolicyEnabled: ${clusterImagePolicyConfigIsPolicyEnabled}
keyDetails:
- kmsKeyId: ${testKey.id}
kmsKeyId: ${testKey.id}
options:
addOns:
isKubernetesDashboardEnabled: ${clusterOptionsAddOnsIsKubernetesDashboardEnabled}
isTillerEnabled: ${clusterOptionsAddOnsIsTillerEnabled}
admissionControllerOptions:
isPodSecurityPolicyEnabled: ${clusterOptionsAdmissionControllerOptionsIsPodSecurityPolicyEnabled}
kubernetesNetworkConfig:
podsCidr: ${clusterOptionsKubernetesNetworkConfigPodsCidr}
servicesCidr: ${clusterOptionsKubernetesNetworkConfigServicesCidr}
openIdConnectTokenAuthenticationConfig:
isOpenIdConnectAuthEnabled: ${clusterOptionsOpenIdConnectTokenAuthenticationConfigIsOpenIdConnectAuthEnabled}
caCertificate: ${clusterOptionsOpenIdConnectTokenAuthenticationConfigCaCertificate}
clientId: ${testClient.id}
groupsClaim: ${clusterOptionsOpenIdConnectTokenAuthenticationConfigGroupsClaim}
groupsPrefix: ${clusterOptionsOpenIdConnectTokenAuthenticationConfigGroupsPrefix}
issuerUrl: ${clusterOptionsOpenIdConnectTokenAuthenticationConfigIssuerUrl}
requiredClaims:
- key: ${clusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimsKey}
value: ${clusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimsValue}
signingAlgorithms: ${clusterOptionsOpenIdConnectTokenAuthenticationConfigSigningAlgorithms}
usernameClaim: ${clusterOptionsOpenIdConnectTokenAuthenticationConfigUsernameClaim}
usernamePrefix: ${clusterOptionsOpenIdConnectTokenAuthenticationConfigUsernamePrefix}
openIdConnectDiscovery:
isOpenIdConnectDiscoveryEnabled: ${clusterOptionsOpenIdConnectDiscoveryIsOpenIdConnectDiscoveryEnabled}
persistentVolumeConfig:
definedTags:
Operations.CostCenter: '42'
freeformTags:
Department: Finance
serviceLbConfig:
definedTags:
Operations.CostCenter: '42'
freeformTags:
Department: Finance
serviceLbSubnetIds: ${clusterOptionsServiceLbSubnetIds}
type: ${clusterType}
Create Cluster Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Cluster(name: string, args: ClusterArgs, opts?: CustomResourceOptions);
@overload
def Cluster(resource_name: str,
args: ClusterArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Cluster(resource_name: str,
opts: Optional[ResourceOptions] = None,
compartment_id: Optional[str] = None,
kubernetes_version: Optional[str] = None,
vcn_id: Optional[str] = None,
cluster_pod_network_options: Optional[Sequence[_containerengine.ClusterClusterPodNetworkOptionArgs]] = None,
defined_tags: Optional[Mapping[str, str]] = None,
endpoint_config: Optional[_containerengine.ClusterEndpointConfigArgs] = None,
freeform_tags: Optional[Mapping[str, str]] = None,
image_policy_config: Optional[_containerengine.ClusterImagePolicyConfigArgs] = None,
kms_key_id: Optional[str] = None,
name: Optional[str] = None,
options: Optional[_containerengine.ClusterOptionsArgs] = None,
type: Optional[str] = None)
func NewCluster(ctx *Context, name string, args ClusterArgs, opts ...ResourceOption) (*Cluster, error)
public Cluster(string name, ClusterArgs args, CustomResourceOptions? opts = null)
public Cluster(String name, ClusterArgs args)
public Cluster(String name, ClusterArgs args, CustomResourceOptions options)
type: oci:ContainerEngine:Cluster
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ClusterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ClusterArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ClusterArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ClusterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ClusterArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var clusterResource = new Oci.ContainerEngine.Cluster("clusterResource", new()
{
CompartmentId = "string",
KubernetesVersion = "string",
VcnId = "string",
ClusterPodNetworkOptions = new[]
{
new Oci.ContainerEngine.Inputs.ClusterClusterPodNetworkOptionArgs
{
CniType = "string",
},
},
DefinedTags =
{
{ "string", "string" },
},
EndpointConfig = new Oci.ContainerEngine.Inputs.ClusterEndpointConfigArgs
{
SubnetId = "string",
IsPublicIpEnabled = false,
NsgIds = new[]
{
"string",
},
},
FreeformTags =
{
{ "string", "string" },
},
ImagePolicyConfig = new Oci.ContainerEngine.Inputs.ClusterImagePolicyConfigArgs
{
IsPolicyEnabled = false,
KeyDetails = new[]
{
new Oci.ContainerEngine.Inputs.ClusterImagePolicyConfigKeyDetailArgs
{
KmsKeyId = "string",
},
},
},
KmsKeyId = "string",
Name = "string",
Options = new Oci.ContainerEngine.Inputs.ClusterOptionsArgs
{
AddOns = new Oci.ContainerEngine.Inputs.ClusterOptionsAddOnsArgs
{
IsKubernetesDashboardEnabled = false,
IsTillerEnabled = false,
},
AdmissionControllerOptions = new Oci.ContainerEngine.Inputs.ClusterOptionsAdmissionControllerOptionsArgs
{
IsPodSecurityPolicyEnabled = false,
},
KubernetesNetworkConfig = new Oci.ContainerEngine.Inputs.ClusterOptionsKubernetesNetworkConfigArgs
{
PodsCidr = "string",
ServicesCidr = "string",
},
OpenIdConnectDiscovery = new Oci.ContainerEngine.Inputs.ClusterOptionsOpenIdConnectDiscoveryArgs
{
IsOpenIdConnectDiscoveryEnabled = false,
},
OpenIdConnectTokenAuthenticationConfig = new Oci.ContainerEngine.Inputs.ClusterOptionsOpenIdConnectTokenAuthenticationConfigArgs
{
IsOpenIdConnectAuthEnabled = false,
CaCertificate = "string",
ClientId = "string",
GroupsClaim = "string",
GroupsPrefix = "string",
IssuerUrl = "string",
RequiredClaims = new[]
{
new Oci.ContainerEngine.Inputs.ClusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimArgs
{
Key = "string",
Value = "string",
},
},
SigningAlgorithms = new[]
{
"string",
},
UsernameClaim = "string",
UsernamePrefix = "string",
},
PersistentVolumeConfig = new Oci.ContainerEngine.Inputs.ClusterOptionsPersistentVolumeConfigArgs
{
DefinedTags =
{
{ "string", "string" },
},
FreeformTags =
{
{ "string", "string" },
},
},
ServiceLbConfig = new Oci.ContainerEngine.Inputs.ClusterOptionsServiceLbConfigArgs
{
DefinedTags =
{
{ "string", "string" },
},
FreeformTags =
{
{ "string", "string" },
},
},
ServiceLbSubnetIds = new[]
{
"string",
},
},
Type = "string",
});
example, err := ContainerEngine.NewCluster(ctx, "clusterResource", &ContainerEngine.ClusterArgs{
CompartmentId: pulumi.String("string"),
KubernetesVersion: pulumi.String("string"),
VcnId: pulumi.String("string"),
ClusterPodNetworkOptions: containerengine.ClusterClusterPodNetworkOptionArray{
&containerengine.ClusterClusterPodNetworkOptionArgs{
CniType: pulumi.String("string"),
},
},
DefinedTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
EndpointConfig: &containerengine.ClusterEndpointConfigArgs{
SubnetId: pulumi.String("string"),
IsPublicIpEnabled: pulumi.Bool(false),
NsgIds: pulumi.StringArray{
pulumi.String("string"),
},
},
FreeformTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
ImagePolicyConfig: &containerengine.ClusterImagePolicyConfigArgs{
IsPolicyEnabled: pulumi.Bool(false),
KeyDetails: containerengine.ClusterImagePolicyConfigKeyDetailArray{
&containerengine.ClusterImagePolicyConfigKeyDetailArgs{
KmsKeyId: pulumi.String("string"),
},
},
},
KmsKeyId: pulumi.String("string"),
Name: pulumi.String("string"),
Options: &containerengine.ClusterOptionsArgs{
AddOns: &containerengine.ClusterOptionsAddOnsArgs{
IsKubernetesDashboardEnabled: pulumi.Bool(false),
IsTillerEnabled: pulumi.Bool(false),
},
AdmissionControllerOptions: &containerengine.ClusterOptionsAdmissionControllerOptionsArgs{
IsPodSecurityPolicyEnabled: pulumi.Bool(false),
},
KubernetesNetworkConfig: &containerengine.ClusterOptionsKubernetesNetworkConfigArgs{
PodsCidr: pulumi.String("string"),
ServicesCidr: pulumi.String("string"),
},
OpenIdConnectDiscovery: &containerengine.ClusterOptionsOpenIdConnectDiscoveryArgs{
IsOpenIdConnectDiscoveryEnabled: pulumi.Bool(false),
},
OpenIdConnectTokenAuthenticationConfig: &containerengine.ClusterOptionsOpenIdConnectTokenAuthenticationConfigArgs{
IsOpenIdConnectAuthEnabled: pulumi.Bool(false),
CaCertificate: pulumi.String("string"),
ClientId: pulumi.String("string"),
GroupsClaim: pulumi.String("string"),
GroupsPrefix: pulumi.String("string"),
IssuerUrl: pulumi.String("string"),
RequiredClaims: containerengine.ClusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimArray{
&containerengine.ClusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimArgs{
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
SigningAlgorithms: pulumi.StringArray{
pulumi.String("string"),
},
UsernameClaim: pulumi.String("string"),
UsernamePrefix: pulumi.String("string"),
},
PersistentVolumeConfig: &containerengine.ClusterOptionsPersistentVolumeConfigArgs{
DefinedTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
FreeformTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
ServiceLbConfig: &containerengine.ClusterOptionsServiceLbConfigArgs{
DefinedTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
FreeformTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
ServiceLbSubnetIds: pulumi.StringArray{
pulumi.String("string"),
},
},
Type: pulumi.String("string"),
})
var clusterResource = new Cluster("clusterResource", ClusterArgs.builder()
.compartmentId("string")
.kubernetesVersion("string")
.vcnId("string")
.clusterPodNetworkOptions(ClusterClusterPodNetworkOptionArgs.builder()
.cniType("string")
.build())
.definedTags(Map.of("string", "string"))
.endpointConfig(ClusterEndpointConfigArgs.builder()
.subnetId("string")
.isPublicIpEnabled(false)
.nsgIds("string")
.build())
.freeformTags(Map.of("string", "string"))
.imagePolicyConfig(ClusterImagePolicyConfigArgs.builder()
.isPolicyEnabled(false)
.keyDetails(ClusterImagePolicyConfigKeyDetailArgs.builder()
.kmsKeyId("string")
.build())
.build())
.kmsKeyId("string")
.name("string")
.options(ClusterOptionsArgs.builder()
.addOns(ClusterOptionsAddOnsArgs.builder()
.isKubernetesDashboardEnabled(false)
.isTillerEnabled(false)
.build())
.admissionControllerOptions(ClusterOptionsAdmissionControllerOptionsArgs.builder()
.isPodSecurityPolicyEnabled(false)
.build())
.kubernetesNetworkConfig(ClusterOptionsKubernetesNetworkConfigArgs.builder()
.podsCidr("string")
.servicesCidr("string")
.build())
.openIdConnectDiscovery(ClusterOptionsOpenIdConnectDiscoveryArgs.builder()
.isOpenIdConnectDiscoveryEnabled(false)
.build())
.openIdConnectTokenAuthenticationConfig(ClusterOptionsOpenIdConnectTokenAuthenticationConfigArgs.builder()
.isOpenIdConnectAuthEnabled(false)
.caCertificate("string")
.clientId("string")
.groupsClaim("string")
.groupsPrefix("string")
.issuerUrl("string")
.requiredClaims(ClusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimArgs.builder()
.key("string")
.value("string")
.build())
.signingAlgorithms("string")
.usernameClaim("string")
.usernamePrefix("string")
.build())
.persistentVolumeConfig(ClusterOptionsPersistentVolumeConfigArgs.builder()
.definedTags(Map.of("string", "string"))
.freeformTags(Map.of("string", "string"))
.build())
.serviceLbConfig(ClusterOptionsServiceLbConfigArgs.builder()
.definedTags(Map.of("string", "string"))
.freeformTags(Map.of("string", "string"))
.build())
.serviceLbSubnetIds("string")
.build())
.type("string")
.build());
cluster_resource = oci.container_engine.Cluster("clusterResource",
compartment_id="string",
kubernetes_version="string",
vcn_id="string",
cluster_pod_network_options=[{
"cni_type": "string",
}],
defined_tags={
"string": "string",
},
endpoint_config={
"subnet_id": "string",
"is_public_ip_enabled": False,
"nsg_ids": ["string"],
},
freeform_tags={
"string": "string",
},
image_policy_config={
"is_policy_enabled": False,
"key_details": [{
"kms_key_id": "string",
}],
},
kms_key_id="string",
name="string",
options={
"add_ons": {
"is_kubernetes_dashboard_enabled": False,
"is_tiller_enabled": False,
},
"admission_controller_options": {
"is_pod_security_policy_enabled": False,
},
"kubernetes_network_config": {
"pods_cidr": "string",
"services_cidr": "string",
},
"open_id_connect_discovery": {
"is_open_id_connect_discovery_enabled": False,
},
"open_id_connect_token_authentication_config": {
"is_open_id_connect_auth_enabled": False,
"ca_certificate": "string",
"client_id": "string",
"groups_claim": "string",
"groups_prefix": "string",
"issuer_url": "string",
"required_claims": [{
"key": "string",
"value": "string",
}],
"signing_algorithms": ["string"],
"username_claim": "string",
"username_prefix": "string",
},
"persistent_volume_config": {
"defined_tags": {
"string": "string",
},
"freeform_tags": {
"string": "string",
},
},
"service_lb_config": {
"defined_tags": {
"string": "string",
},
"freeform_tags": {
"string": "string",
},
},
"service_lb_subnet_ids": ["string"],
},
type="string")
const clusterResource = new oci.containerengine.Cluster("clusterResource", {
compartmentId: "string",
kubernetesVersion: "string",
vcnId: "string",
clusterPodNetworkOptions: [{
cniType: "string",
}],
definedTags: {
string: "string",
},
endpointConfig: {
subnetId: "string",
isPublicIpEnabled: false,
nsgIds: ["string"],
},
freeformTags: {
string: "string",
},
imagePolicyConfig: {
isPolicyEnabled: false,
keyDetails: [{
kmsKeyId: "string",
}],
},
kmsKeyId: "string",
name: "string",
options: {
addOns: {
isKubernetesDashboardEnabled: false,
isTillerEnabled: false,
},
admissionControllerOptions: {
isPodSecurityPolicyEnabled: false,
},
kubernetesNetworkConfig: {
podsCidr: "string",
servicesCidr: "string",
},
openIdConnectDiscovery: {
isOpenIdConnectDiscoveryEnabled: false,
},
openIdConnectTokenAuthenticationConfig: {
isOpenIdConnectAuthEnabled: false,
caCertificate: "string",
clientId: "string",
groupsClaim: "string",
groupsPrefix: "string",
issuerUrl: "string",
requiredClaims: [{
key: "string",
value: "string",
}],
signingAlgorithms: ["string"],
usernameClaim: "string",
usernamePrefix: "string",
},
persistentVolumeConfig: {
definedTags: {
string: "string",
},
freeformTags: {
string: "string",
},
},
serviceLbConfig: {
definedTags: {
string: "string",
},
freeformTags: {
string: "string",
},
},
serviceLbSubnetIds: ["string"],
},
type: "string",
});
type: oci:ContainerEngine:Cluster
properties:
clusterPodNetworkOptions:
- cniType: string
compartmentId: string
definedTags:
string: string
endpointConfig:
isPublicIpEnabled: false
nsgIds:
- string
subnetId: string
freeformTags:
string: string
imagePolicyConfig:
isPolicyEnabled: false
keyDetails:
- kmsKeyId: string
kmsKeyId: string
kubernetesVersion: string
name: string
options:
addOns:
isKubernetesDashboardEnabled: false
isTillerEnabled: false
admissionControllerOptions:
isPodSecurityPolicyEnabled: false
kubernetesNetworkConfig:
podsCidr: string
servicesCidr: string
openIdConnectDiscovery:
isOpenIdConnectDiscoveryEnabled: false
openIdConnectTokenAuthenticationConfig:
caCertificate: string
clientId: string
groupsClaim: string
groupsPrefix: string
isOpenIdConnectAuthEnabled: false
issuerUrl: string
requiredClaims:
- key: string
value: string
signingAlgorithms:
- string
usernameClaim: string
usernamePrefix: string
persistentVolumeConfig:
definedTags:
string: string
freeformTags:
string: string
serviceLbConfig:
definedTags:
string: string
freeformTags:
string: string
serviceLbSubnetIds:
- string
type: string
vcnId: string
Cluster Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Cluster resource accepts the following input properties:
- Compartment
Id string - The OCID of the compartment in which to create the cluster.
- Kubernetes
Version string - (Updatable) The version of Kubernetes to install into the cluster masters.
- Vcn
Id string The OCID of the virtual cloud network (VCN) in which to create the cluster.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Cluster
Pod List<ClusterNetwork Options Cluster Pod Network Option> - Available CNIs and network options for existing and new node pools of the cluster
- Dictionary<string, string>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Endpoint
Config ClusterEndpoint Config - The network configuration for access to the Cluster control plane.
- Dictionary<string, string>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Image
Policy ClusterConfig Image Policy Config - (Updatable) The image verification policy for signature validation. Once a policy is created and enabled with one or more kms keys, the policy will ensure all images deployed has been signed with the key(s) attached to the policy.
- Kms
Key stringId - The OCID of the KMS key to be used as the master encryption key for Kubernetes secret encryption. When used,
kubernetesVersion
must be at leastv1.13.0
. - Name string
- (Updatable) The name of the cluster. Avoid entering confidential information.
- Options
Cluster
Options - (Updatable) Optional attributes for the cluster.
- Type string
- (Updatable) Type of cluster
- Compartment
Id string - The OCID of the compartment in which to create the cluster.
- Kubernetes
Version string - (Updatable) The version of Kubernetes to install into the cluster masters.
- Vcn
Id string The OCID of the virtual cloud network (VCN) in which to create the cluster.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Cluster
Pod []ClusterNetwork Options Cluster Pod Network Option Args - Available CNIs and network options for existing and new node pools of the cluster
- map[string]string
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Endpoint
Config ClusterEndpoint Config Args - The network configuration for access to the Cluster control plane.
- map[string]string
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Image
Policy ClusterConfig Image Policy Config Args - (Updatable) The image verification policy for signature validation. Once a policy is created and enabled with one or more kms keys, the policy will ensure all images deployed has been signed with the key(s) attached to the policy.
- Kms
Key stringId - The OCID of the KMS key to be used as the master encryption key for Kubernetes secret encryption. When used,
kubernetesVersion
must be at leastv1.13.0
. - Name string
- (Updatable) The name of the cluster. Avoid entering confidential information.
- Options
Cluster
Options Args - (Updatable) Optional attributes for the cluster.
- Type string
- (Updatable) Type of cluster
- compartment
Id String - The OCID of the compartment in which to create the cluster.
- kubernetes
Version String - (Updatable) The version of Kubernetes to install into the cluster masters.
- vcn
Id String The OCID of the virtual cloud network (VCN) in which to create the cluster.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- cluster
Pod List<ClusterNetwork Options Cluster Pod Network Option> - Available CNIs and network options for existing and new node pools of the cluster
- Map<String,String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- endpoint
Config ClusterEndpoint Config - The network configuration for access to the Cluster control plane.
- Map<String,String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- image
Policy ClusterConfig Image Policy Config - (Updatable) The image verification policy for signature validation. Once a policy is created and enabled with one or more kms keys, the policy will ensure all images deployed has been signed with the key(s) attached to the policy.
- kms
Key StringId - The OCID of the KMS key to be used as the master encryption key for Kubernetes secret encryption. When used,
kubernetesVersion
must be at leastv1.13.0
. - name String
- (Updatable) The name of the cluster. Avoid entering confidential information.
- options
Cluster
Options - (Updatable) Optional attributes for the cluster.
- type String
- (Updatable) Type of cluster
- compartment
Id string - The OCID of the compartment in which to create the cluster.
- kubernetes
Version string - (Updatable) The version of Kubernetes to install into the cluster masters.
- vcn
Id string The OCID of the virtual cloud network (VCN) in which to create the cluster.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- cluster
Pod ClusterNetwork Options Cluster Pod Network Option[] - Available CNIs and network options for existing and new node pools of the cluster
- {[key: string]: string}
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- endpoint
Config ClusterEndpoint Config - The network configuration for access to the Cluster control plane.
- {[key: string]: string}
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- image
Policy ClusterConfig Image Policy Config - (Updatable) The image verification policy for signature validation. Once a policy is created and enabled with one or more kms keys, the policy will ensure all images deployed has been signed with the key(s) attached to the policy.
- kms
Key stringId - The OCID of the KMS key to be used as the master encryption key for Kubernetes secret encryption. When used,
kubernetesVersion
must be at leastv1.13.0
. - name string
- (Updatable) The name of the cluster. Avoid entering confidential information.
- options
Cluster
Options - (Updatable) Optional attributes for the cluster.
- type string
- (Updatable) Type of cluster
- compartment_
id str - The OCID of the compartment in which to create the cluster.
- kubernetes_
version str - (Updatable) The version of Kubernetes to install into the cluster masters.
- vcn_
id str The OCID of the virtual cloud network (VCN) in which to create the cluster.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- cluster_
pod_ Sequence[containerengine.network_ options Cluster Cluster Pod Network Option Args] - Available CNIs and network options for existing and new node pools of the cluster
- Mapping[str, str]
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- endpoint_
config containerengine.Cluster Endpoint Config Args - The network configuration for access to the Cluster control plane.
- Mapping[str, str]
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- image_
policy_ containerengine.config Cluster Image Policy Config Args - (Updatable) The image verification policy for signature validation. Once a policy is created and enabled with one or more kms keys, the policy will ensure all images deployed has been signed with the key(s) attached to the policy.
- kms_
key_ strid - The OCID of the KMS key to be used as the master encryption key for Kubernetes secret encryption. When used,
kubernetesVersion
must be at leastv1.13.0
. - name str
- (Updatable) The name of the cluster. Avoid entering confidential information.
- options
containerengine.
Cluster Options Args - (Updatable) Optional attributes for the cluster.
- type str
- (Updatable) Type of cluster
- compartment
Id String - The OCID of the compartment in which to create the cluster.
- kubernetes
Version String - (Updatable) The version of Kubernetes to install into the cluster masters.
- vcn
Id String The OCID of the virtual cloud network (VCN) in which to create the cluster.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- cluster
Pod List<Property Map>Network Options - Available CNIs and network options for existing and new node pools of the cluster
- Map<String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- endpoint
Config Property Map - The network configuration for access to the Cluster control plane.
- Map<String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- image
Policy Property MapConfig - (Updatable) The image verification policy for signature validation. Once a policy is created and enabled with one or more kms keys, the policy will ensure all images deployed has been signed with the key(s) attached to the policy.
- kms
Key StringId - The OCID of the KMS key to be used as the master encryption key for Kubernetes secret encryption. When used,
kubernetesVersion
must be at leastv1.13.0
. - name String
- (Updatable) The name of the cluster. Avoid entering confidential information.
- options Property Map
- (Updatable) Optional attributes for the cluster.
- type String
- (Updatable) Type of cluster
Outputs
All input properties are implicitly available as output properties. Additionally, the Cluster resource produces the following output properties:
- Available
Kubernetes List<string>Upgrades - Available Kubernetes versions to which the clusters masters may be upgraded.
- Endpoints
List<Cluster
Endpoint> - Endpoints served up by the cluster masters.
- Id string
- The provider-assigned unique ID for this managed resource.
- Lifecycle
Details string - Details about the state of the cluster masters.
- Metadatas
List<Cluster
Metadata> - Metadata about the cluster.
- Open
Id stringConnect Discovery Endpoint - The cluster-specific OpenID Connect Discovery endpoint
- State string
- The state of the cluster masters.
- Available
Kubernetes []stringUpgrades - Available Kubernetes versions to which the clusters masters may be upgraded.
- Endpoints
[]Cluster
Endpoint - Endpoints served up by the cluster masters.
- Id string
- The provider-assigned unique ID for this managed resource.
- Lifecycle
Details string - Details about the state of the cluster masters.
- Metadatas
[]Cluster
Metadata - Metadata about the cluster.
- Open
Id stringConnect Discovery Endpoint - The cluster-specific OpenID Connect Discovery endpoint
- State string
- The state of the cluster masters.
- available
Kubernetes List<String>Upgrades - Available Kubernetes versions to which the clusters masters may be upgraded.
- endpoints
List<Cluster
Endpoint> - Endpoints served up by the cluster masters.
- id String
- The provider-assigned unique ID for this managed resource.
- lifecycle
Details String - Details about the state of the cluster masters.
- metadatas
List<Cluster
Metadata> - Metadata about the cluster.
- open
Id StringConnect Discovery Endpoint - The cluster-specific OpenID Connect Discovery endpoint
- state String
- The state of the cluster masters.
- available
Kubernetes string[]Upgrades - Available Kubernetes versions to which the clusters masters may be upgraded.
- endpoints
Cluster
Endpoint[] - Endpoints served up by the cluster masters.
- id string
- The provider-assigned unique ID for this managed resource.
- lifecycle
Details string - Details about the state of the cluster masters.
- metadatas
Cluster
Metadata[] - Metadata about the cluster.
- open
Id stringConnect Discovery Endpoint - The cluster-specific OpenID Connect Discovery endpoint
- state string
- The state of the cluster masters.
- available_
kubernetes_ Sequence[str]upgrades - Available Kubernetes versions to which the clusters masters may be upgraded.
- endpoints
Sequence[containerengine.
Cluster Endpoint] - Endpoints served up by the cluster masters.
- id str
- The provider-assigned unique ID for this managed resource.
- lifecycle_
details str - Details about the state of the cluster masters.
- metadatas
Sequence[containerengine.
Cluster Metadata] - Metadata about the cluster.
- open_
id_ strconnect_ discovery_ endpoint - The cluster-specific OpenID Connect Discovery endpoint
- state str
- The state of the cluster masters.
- available
Kubernetes List<String>Upgrades - Available Kubernetes versions to which the clusters masters may be upgraded.
- endpoints List<Property Map>
- Endpoints served up by the cluster masters.
- id String
- The provider-assigned unique ID for this managed resource.
- lifecycle
Details String - Details about the state of the cluster masters.
- metadatas List<Property Map>
- Metadata about the cluster.
- open
Id StringConnect Discovery Endpoint - The cluster-specific OpenID Connect Discovery endpoint
- state String
- The state of the cluster masters.
Look up Existing Cluster Resource
Get an existing Cluster resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ClusterState, opts?: CustomResourceOptions): Cluster
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
available_kubernetes_upgrades: Optional[Sequence[str]] = None,
cluster_pod_network_options: Optional[Sequence[_containerengine.ClusterClusterPodNetworkOptionArgs]] = None,
compartment_id: Optional[str] = None,
defined_tags: Optional[Mapping[str, str]] = None,
endpoint_config: Optional[_containerengine.ClusterEndpointConfigArgs] = None,
endpoints: Optional[Sequence[_containerengine.ClusterEndpointArgs]] = None,
freeform_tags: Optional[Mapping[str, str]] = None,
image_policy_config: Optional[_containerengine.ClusterImagePolicyConfigArgs] = None,
kms_key_id: Optional[str] = None,
kubernetes_version: Optional[str] = None,
lifecycle_details: Optional[str] = None,
metadatas: Optional[Sequence[_containerengine.ClusterMetadataArgs]] = None,
name: Optional[str] = None,
open_id_connect_discovery_endpoint: Optional[str] = None,
options: Optional[_containerengine.ClusterOptionsArgs] = None,
state: Optional[str] = None,
type: Optional[str] = None,
vcn_id: Optional[str] = None) -> Cluster
func GetCluster(ctx *Context, name string, id IDInput, state *ClusterState, opts ...ResourceOption) (*Cluster, error)
public static Cluster Get(string name, Input<string> id, ClusterState? state, CustomResourceOptions? opts = null)
public static Cluster get(String name, Output<String> id, ClusterState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Available
Kubernetes List<string>Upgrades - Available Kubernetes versions to which the clusters masters may be upgraded.
- Cluster
Pod List<ClusterNetwork Options Cluster Pod Network Option> - Available CNIs and network options for existing and new node pools of the cluster
- Compartment
Id string - The OCID of the compartment in which to create the cluster.
- Dictionary<string, string>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Endpoint
Config ClusterEndpoint Config - The network configuration for access to the Cluster control plane.
- Endpoints
List<Cluster
Endpoint> - Endpoints served up by the cluster masters.
- Dictionary<string, string>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Image
Policy ClusterConfig Image Policy Config - (Updatable) The image verification policy for signature validation. Once a policy is created and enabled with one or more kms keys, the policy will ensure all images deployed has been signed with the key(s) attached to the policy.
- Kms
Key stringId - The OCID of the KMS key to be used as the master encryption key for Kubernetes secret encryption. When used,
kubernetesVersion
must be at leastv1.13.0
. - Kubernetes
Version string - (Updatable) The version of Kubernetes to install into the cluster masters.
- Lifecycle
Details string - Details about the state of the cluster masters.
- Metadatas
List<Cluster
Metadata> - Metadata about the cluster.
- Name string
- (Updatable) The name of the cluster. Avoid entering confidential information.
- Open
Id stringConnect Discovery Endpoint - The cluster-specific OpenID Connect Discovery endpoint
- Options
Cluster
Options - (Updatable) Optional attributes for the cluster.
- State string
- The state of the cluster masters.
- Type string
- (Updatable) Type of cluster
- Vcn
Id string The OCID of the virtual cloud network (VCN) in which to create the cluster.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Available
Kubernetes []stringUpgrades - Available Kubernetes versions to which the clusters masters may be upgraded.
- Cluster
Pod []ClusterNetwork Options Cluster Pod Network Option Args - Available CNIs and network options for existing and new node pools of the cluster
- Compartment
Id string - The OCID of the compartment in which to create the cluster.
- map[string]string
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Endpoint
Config ClusterEndpoint Config Args - The network configuration for access to the Cluster control plane.
- Endpoints
[]Cluster
Endpoint Args - Endpoints served up by the cluster masters.
- map[string]string
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Image
Policy ClusterConfig Image Policy Config Args - (Updatable) The image verification policy for signature validation. Once a policy is created and enabled with one or more kms keys, the policy will ensure all images deployed has been signed with the key(s) attached to the policy.
- Kms
Key stringId - The OCID of the KMS key to be used as the master encryption key for Kubernetes secret encryption. When used,
kubernetesVersion
must be at leastv1.13.0
. - Kubernetes
Version string - (Updatable) The version of Kubernetes to install into the cluster masters.
- Lifecycle
Details string - Details about the state of the cluster masters.
- Metadatas
[]Cluster
Metadata Args - Metadata about the cluster.
- Name string
- (Updatable) The name of the cluster. Avoid entering confidential information.
- Open
Id stringConnect Discovery Endpoint - The cluster-specific OpenID Connect Discovery endpoint
- Options
Cluster
Options Args - (Updatable) Optional attributes for the cluster.
- State string
- The state of the cluster masters.
- Type string
- (Updatable) Type of cluster
- Vcn
Id string The OCID of the virtual cloud network (VCN) in which to create the cluster.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- available
Kubernetes List<String>Upgrades - Available Kubernetes versions to which the clusters masters may be upgraded.
- cluster
Pod List<ClusterNetwork Options Cluster Pod Network Option> - Available CNIs and network options for existing and new node pools of the cluster
- compartment
Id String - The OCID of the compartment in which to create the cluster.
- Map<String,String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- endpoint
Config ClusterEndpoint Config - The network configuration for access to the Cluster control plane.
- endpoints
List<Cluster
Endpoint> - Endpoints served up by the cluster masters.
- Map<String,String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- image
Policy ClusterConfig Image Policy Config - (Updatable) The image verification policy for signature validation. Once a policy is created and enabled with one or more kms keys, the policy will ensure all images deployed has been signed with the key(s) attached to the policy.
- kms
Key StringId - The OCID of the KMS key to be used as the master encryption key for Kubernetes secret encryption. When used,
kubernetesVersion
must be at leastv1.13.0
. - kubernetes
Version String - (Updatable) The version of Kubernetes to install into the cluster masters.
- lifecycle
Details String - Details about the state of the cluster masters.
- metadatas
List<Cluster
Metadata> - Metadata about the cluster.
- name String
- (Updatable) The name of the cluster. Avoid entering confidential information.
- open
Id StringConnect Discovery Endpoint - The cluster-specific OpenID Connect Discovery endpoint
- options
Cluster
Options - (Updatable) Optional attributes for the cluster.
- state String
- The state of the cluster masters.
- type String
- (Updatable) Type of cluster
- vcn
Id String The OCID of the virtual cloud network (VCN) in which to create the cluster.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- available
Kubernetes string[]Upgrades - Available Kubernetes versions to which the clusters masters may be upgraded.
- cluster
Pod ClusterNetwork Options Cluster Pod Network Option[] - Available CNIs and network options for existing and new node pools of the cluster
- compartment
Id string - The OCID of the compartment in which to create the cluster.
- {[key: string]: string}
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- endpoint
Config ClusterEndpoint Config - The network configuration for access to the Cluster control plane.
- endpoints
Cluster
Endpoint[] - Endpoints served up by the cluster masters.
- {[key: string]: string}
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- image
Policy ClusterConfig Image Policy Config - (Updatable) The image verification policy for signature validation. Once a policy is created and enabled with one or more kms keys, the policy will ensure all images deployed has been signed with the key(s) attached to the policy.
- kms
Key stringId - The OCID of the KMS key to be used as the master encryption key for Kubernetes secret encryption. When used,
kubernetesVersion
must be at leastv1.13.0
. - kubernetes
Version string - (Updatable) The version of Kubernetes to install into the cluster masters.
- lifecycle
Details string - Details about the state of the cluster masters.
- metadatas
Cluster
Metadata[] - Metadata about the cluster.
- name string
- (Updatable) The name of the cluster. Avoid entering confidential information.
- open
Id stringConnect Discovery Endpoint - The cluster-specific OpenID Connect Discovery endpoint
- options
Cluster
Options - (Updatable) Optional attributes for the cluster.
- state string
- The state of the cluster masters.
- type string
- (Updatable) Type of cluster
- vcn
Id string The OCID of the virtual cloud network (VCN) in which to create the cluster.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- available_
kubernetes_ Sequence[str]upgrades - Available Kubernetes versions to which the clusters masters may be upgraded.
- cluster_
pod_ Sequence[containerengine.network_ options Cluster Cluster Pod Network Option Args] - Available CNIs and network options for existing and new node pools of the cluster
- compartment_
id str - The OCID of the compartment in which to create the cluster.
- Mapping[str, str]
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- endpoint_
config containerengine.Cluster Endpoint Config Args - The network configuration for access to the Cluster control plane.
- endpoints
Sequence[containerengine.
Cluster Endpoint Args] - Endpoints served up by the cluster masters.
- Mapping[str, str]
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- image_
policy_ containerengine.config Cluster Image Policy Config Args - (Updatable) The image verification policy for signature validation. Once a policy is created and enabled with one or more kms keys, the policy will ensure all images deployed has been signed with the key(s) attached to the policy.
- kms_
key_ strid - The OCID of the KMS key to be used as the master encryption key for Kubernetes secret encryption. When used,
kubernetesVersion
must be at leastv1.13.0
. - kubernetes_
version str - (Updatable) The version of Kubernetes to install into the cluster masters.
- lifecycle_
details str - Details about the state of the cluster masters.
- metadatas
Sequence[containerengine.
Cluster Metadata Args] - Metadata about the cluster.
- name str
- (Updatable) The name of the cluster. Avoid entering confidential information.
- open_
id_ strconnect_ discovery_ endpoint - The cluster-specific OpenID Connect Discovery endpoint
- options
containerengine.
Cluster Options Args - (Updatable) Optional attributes for the cluster.
- state str
- The state of the cluster masters.
- type str
- (Updatable) Type of cluster
- vcn_
id str The OCID of the virtual cloud network (VCN) in which to create the cluster.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- available
Kubernetes List<String>Upgrades - Available Kubernetes versions to which the clusters masters may be upgraded.
- cluster
Pod List<Property Map>Network Options - Available CNIs and network options for existing and new node pools of the cluster
- compartment
Id String - The OCID of the compartment in which to create the cluster.
- Map<String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- endpoint
Config Property Map - The network configuration for access to the Cluster control plane.
- endpoints List<Property Map>
- Endpoints served up by the cluster masters.
- Map<String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- image
Policy Property MapConfig - (Updatable) The image verification policy for signature validation. Once a policy is created and enabled with one or more kms keys, the policy will ensure all images deployed has been signed with the key(s) attached to the policy.
- kms
Key StringId - The OCID of the KMS key to be used as the master encryption key for Kubernetes secret encryption. When used,
kubernetesVersion
must be at leastv1.13.0
. - kubernetes
Version String - (Updatable) The version of Kubernetes to install into the cluster masters.
- lifecycle
Details String - Details about the state of the cluster masters.
- metadatas List<Property Map>
- Metadata about the cluster.
- name String
- (Updatable) The name of the cluster. Avoid entering confidential information.
- open
Id StringConnect Discovery Endpoint - The cluster-specific OpenID Connect Discovery endpoint
- options Property Map
- (Updatable) Optional attributes for the cluster.
- state String
- The state of the cluster masters.
- type String
- (Updatable) Type of cluster
- vcn
Id String The OCID of the virtual cloud network (VCN) in which to create the cluster.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
Supporting Types
ClusterClusterPodNetworkOption, ClusterClusterPodNetworkOptionArgs
- Cni
Type string - The CNI used by the node pools of this cluster
- Cni
Type string - The CNI used by the node pools of this cluster
- cni
Type String - The CNI used by the node pools of this cluster
- cni
Type string - The CNI used by the node pools of this cluster
- cni_
type str - The CNI used by the node pools of this cluster
- cni
Type String - The CNI used by the node pools of this cluster
ClusterEndpoint, ClusterEndpointArgs
- Kubernetes string
- The non-native networking Kubernetes API server endpoint.
- Private
Endpoint string - The private native networking Kubernetes API server endpoint.
- Public
Endpoint string - The public native networking Kubernetes API server endpoint, if one was requested.
- Vcn
Hostname stringEndpoint - The FQDN assigned to the Kubernetes API private endpoint. Example: 'https://yourVcnHostnameEndpoint'
- Kubernetes string
- The non-native networking Kubernetes API server endpoint.
- Private
Endpoint string - The private native networking Kubernetes API server endpoint.
- Public
Endpoint string - The public native networking Kubernetes API server endpoint, if one was requested.
- Vcn
Hostname stringEndpoint - The FQDN assigned to the Kubernetes API private endpoint. Example: 'https://yourVcnHostnameEndpoint'
- kubernetes String
- The non-native networking Kubernetes API server endpoint.
- private
Endpoint String - The private native networking Kubernetes API server endpoint.
- public
Endpoint String - The public native networking Kubernetes API server endpoint, if one was requested.
- vcn
Hostname StringEndpoint - The FQDN assigned to the Kubernetes API private endpoint. Example: 'https://yourVcnHostnameEndpoint'
- kubernetes string
- The non-native networking Kubernetes API server endpoint.
- private
Endpoint string - The private native networking Kubernetes API server endpoint.
- public
Endpoint string - The public native networking Kubernetes API server endpoint, if one was requested.
- vcn
Hostname stringEndpoint - The FQDN assigned to the Kubernetes API private endpoint. Example: 'https://yourVcnHostnameEndpoint'
- kubernetes str
- The non-native networking Kubernetes API server endpoint.
- private_
endpoint str - The private native networking Kubernetes API server endpoint.
- public_
endpoint str - The public native networking Kubernetes API server endpoint, if one was requested.
- vcn_
hostname_ strendpoint - The FQDN assigned to the Kubernetes API private endpoint. Example: 'https://yourVcnHostnameEndpoint'
- kubernetes String
- The non-native networking Kubernetes API server endpoint.
- private
Endpoint String - The private native networking Kubernetes API server endpoint.
- public
Endpoint String - The public native networking Kubernetes API server endpoint, if one was requested.
- vcn
Hostname StringEndpoint - The FQDN assigned to the Kubernetes API private endpoint. Example: 'https://yourVcnHostnameEndpoint'
ClusterEndpointConfig, ClusterEndpointConfigArgs
- Subnet
Id string - The OCID of the regional subnet in which to place the Cluster endpoint.
- Is
Public boolIp Enabled - Whether the cluster should be assigned a public IP address. Defaults to false. If set to true on a private subnet, the cluster provisioning will fail.
- Nsg
Ids List<string> - A list of the OCIDs of the network security groups (NSGs) to apply to the cluster endpoint. For more information about NSGs, see NetworkSecurityGroup.
- Subnet
Id string - The OCID of the regional subnet in which to place the Cluster endpoint.
- Is
Public boolIp Enabled - Whether the cluster should be assigned a public IP address. Defaults to false. If set to true on a private subnet, the cluster provisioning will fail.
- Nsg
Ids []string - A list of the OCIDs of the network security groups (NSGs) to apply to the cluster endpoint. For more information about NSGs, see NetworkSecurityGroup.
- subnet
Id String - The OCID of the regional subnet in which to place the Cluster endpoint.
- is
Public BooleanIp Enabled - Whether the cluster should be assigned a public IP address. Defaults to false. If set to true on a private subnet, the cluster provisioning will fail.
- nsg
Ids List<String> - A list of the OCIDs of the network security groups (NSGs) to apply to the cluster endpoint. For more information about NSGs, see NetworkSecurityGroup.
- subnet
Id string - The OCID of the regional subnet in which to place the Cluster endpoint.
- is
Public booleanIp Enabled - Whether the cluster should be assigned a public IP address. Defaults to false. If set to true on a private subnet, the cluster provisioning will fail.
- nsg
Ids string[] - A list of the OCIDs of the network security groups (NSGs) to apply to the cluster endpoint. For more information about NSGs, see NetworkSecurityGroup.
- subnet_
id str - The OCID of the regional subnet in which to place the Cluster endpoint.
- is_
public_ boolip_ enabled - Whether the cluster should be assigned a public IP address. Defaults to false. If set to true on a private subnet, the cluster provisioning will fail.
- nsg_
ids Sequence[str] - A list of the OCIDs of the network security groups (NSGs) to apply to the cluster endpoint. For more information about NSGs, see NetworkSecurityGroup.
- subnet
Id String - The OCID of the regional subnet in which to place the Cluster endpoint.
- is
Public BooleanIp Enabled - Whether the cluster should be assigned a public IP address. Defaults to false. If set to true on a private subnet, the cluster provisioning will fail.
- nsg
Ids List<String> - A list of the OCIDs of the network security groups (NSGs) to apply to the cluster endpoint. For more information about NSGs, see NetworkSecurityGroup.
ClusterImagePolicyConfig, ClusterImagePolicyConfigArgs
- Is
Policy boolEnabled - (Updatable) Whether the image verification policy is enabled. Defaults to false. If set to true, the images will be verified against the policy at runtime.
- Key
Details List<ClusterImage Policy Config Key Detail> - (Updatable) A list of KMS key details.
- Is
Policy boolEnabled - (Updatable) Whether the image verification policy is enabled. Defaults to false. If set to true, the images will be verified against the policy at runtime.
- Key
Details []ClusterImage Policy Config Key Detail - (Updatable) A list of KMS key details.
- is
Policy BooleanEnabled - (Updatable) Whether the image verification policy is enabled. Defaults to false. If set to true, the images will be verified against the policy at runtime.
- key
Details List<ClusterImage Policy Config Key Detail> - (Updatable) A list of KMS key details.
- is
Policy booleanEnabled - (Updatable) Whether the image verification policy is enabled. Defaults to false. If set to true, the images will be verified against the policy at runtime.
- key
Details ClusterImage Policy Config Key Detail[] - (Updatable) A list of KMS key details.
- is_
policy_ boolenabled - (Updatable) Whether the image verification policy is enabled. Defaults to false. If set to true, the images will be verified against the policy at runtime.
- key_
details Sequence[containerengine.Cluster Image Policy Config Key Detail] - (Updatable) A list of KMS key details.
- is
Policy BooleanEnabled - (Updatable) Whether the image verification policy is enabled. Defaults to false. If set to true, the images will be verified against the policy at runtime.
- key
Details List<Property Map> - (Updatable) A list of KMS key details.
ClusterImagePolicyConfigKeyDetail, ClusterImagePolicyConfigKeyDetailArgs
- Kms
Key stringId - (Updatable) The OCIDs of the KMS key that will be used to verify whether the images are signed by an approved source.
- Kms
Key stringId - (Updatable) The OCIDs of the KMS key that will be used to verify whether the images are signed by an approved source.
- kms
Key StringId - (Updatable) The OCIDs of the KMS key that will be used to verify whether the images are signed by an approved source.
- kms
Key stringId - (Updatable) The OCIDs of the KMS key that will be used to verify whether the images are signed by an approved source.
- kms_
key_ strid - (Updatable) The OCIDs of the KMS key that will be used to verify whether the images are signed by an approved source.
- kms
Key StringId - (Updatable) The OCIDs of the KMS key that will be used to verify whether the images are signed by an approved source.
ClusterMetadata, ClusterMetadataArgs
- Created
By stringUser Id - The user who created the cluster.
- Created
By stringWork Request Id - The OCID of the work request which created the cluster.
- Deleted
By stringUser Id - The user who deleted the cluster.
- Deleted
By stringWork Request Id - The OCID of the work request which deleted the cluster.
- Time
Created string - The time the cluster was created.
- Time
Credential stringExpiration - The time until which the cluster credential is valid.
- Time
Deleted string - The time the cluster was deleted.
- Time
Updated string - The time the cluster was updated.
- Updated
By stringUser Id - The user who updated the cluster.
- Updated
By stringWork Request Id - The OCID of the work request which updated the cluster.
- Created
By stringUser Id - The user who created the cluster.
- Created
By stringWork Request Id - The OCID of the work request which created the cluster.
- Deleted
By stringUser Id - The user who deleted the cluster.
- Deleted
By stringWork Request Id - The OCID of the work request which deleted the cluster.
- Time
Created string - The time the cluster was created.
- Time
Credential stringExpiration - The time until which the cluster credential is valid.
- Time
Deleted string - The time the cluster was deleted.
- Time
Updated string - The time the cluster was updated.
- Updated
By stringUser Id - The user who updated the cluster.
- Updated
By stringWork Request Id - The OCID of the work request which updated the cluster.
- created
By StringUser Id - The user who created the cluster.
- created
By StringWork Request Id - The OCID of the work request which created the cluster.
- deleted
By StringUser Id - The user who deleted the cluster.
- deleted
By StringWork Request Id - The OCID of the work request which deleted the cluster.
- time
Created String - The time the cluster was created.
- time
Credential StringExpiration - The time until which the cluster credential is valid.
- time
Deleted String - The time the cluster was deleted.
- time
Updated String - The time the cluster was updated.
- updated
By StringUser Id - The user who updated the cluster.
- updated
By StringWork Request Id - The OCID of the work request which updated the cluster.
- created
By stringUser Id - The user who created the cluster.
- created
By stringWork Request Id - The OCID of the work request which created the cluster.
- deleted
By stringUser Id - The user who deleted the cluster.
- deleted
By stringWork Request Id - The OCID of the work request which deleted the cluster.
- time
Created string - The time the cluster was created.
- time
Credential stringExpiration - The time until which the cluster credential is valid.
- time
Deleted string - The time the cluster was deleted.
- time
Updated string - The time the cluster was updated.
- updated
By stringUser Id - The user who updated the cluster.
- updated
By stringWork Request Id - The OCID of the work request which updated the cluster.
- created_
by_ struser_ id - The user who created the cluster.
- created_
by_ strwork_ request_ id - The OCID of the work request which created the cluster.
- deleted_
by_ struser_ id - The user who deleted the cluster.
- deleted_
by_ strwork_ request_ id - The OCID of the work request which deleted the cluster.
- time_
created str - The time the cluster was created.
- time_
credential_ strexpiration - The time until which the cluster credential is valid.
- time_
deleted str - The time the cluster was deleted.
- time_
updated str - The time the cluster was updated.
- updated_
by_ struser_ id - The user who updated the cluster.
- updated_
by_ strwork_ request_ id - The OCID of the work request which updated the cluster.
- created
By StringUser Id - The user who created the cluster.
- created
By StringWork Request Id - The OCID of the work request which created the cluster.
- deleted
By StringUser Id - The user who deleted the cluster.
- deleted
By StringWork Request Id - The OCID of the work request which deleted the cluster.
- time
Created String - The time the cluster was created.
- time
Credential StringExpiration - The time until which the cluster credential is valid.
- time
Deleted String - The time the cluster was deleted.
- time
Updated String - The time the cluster was updated.
- updated
By StringUser Id - The user who updated the cluster.
- updated
By StringWork Request Id - The OCID of the work request which updated the cluster.
ClusterOptions, ClusterOptionsArgs
- Add
Ons ClusterOptions Add Ons - Configurable cluster add-ons
- Admission
Controller ClusterOptions Options Admission Controller Options - (Updatable) Configurable cluster admission controllers
- Kubernetes
Network ClusterConfig Options Kubernetes Network Config - Network configuration for Kubernetes.
- Open
Id ClusterConnect Discovery Options Open Id Connect Discovery - (Updatable) The property that define the status of the OIDC Discovery feature for a cluster.
- Open
Id ClusterConnect Token Authentication Config Options Open Id Connect Token Authentication Config - (Updatable) The properties that configure OIDC token authentication in kube-apiserver. For more information, see Configuring the API Server.
- Persistent
Volume ClusterConfig Options Persistent Volume Config - (Updatable) Configuration to be applied to block volumes created by Kubernetes Persistent Volume Claims (PVC)
- Service
Lb ClusterConfig Options Service Lb Config - (Updatable) Configuration to be applied to load balancers created by Kubernetes services
- Service
Lb List<string>Subnet Ids - The OCIDs of the subnets used for Kubernetes services load balancers.
- Add
Ons ClusterOptions Add Ons - Configurable cluster add-ons
- Admission
Controller ClusterOptions Options Admission Controller Options - (Updatable) Configurable cluster admission controllers
- Kubernetes
Network ClusterConfig Options Kubernetes Network Config - Network configuration for Kubernetes.
- Open
Id ClusterConnect Discovery Options Open Id Connect Discovery - (Updatable) The property that define the status of the OIDC Discovery feature for a cluster.
- Open
Id ClusterConnect Token Authentication Config Options Open Id Connect Token Authentication Config - (Updatable) The properties that configure OIDC token authentication in kube-apiserver. For more information, see Configuring the API Server.
- Persistent
Volume ClusterConfig Options Persistent Volume Config - (Updatable) Configuration to be applied to block volumes created by Kubernetes Persistent Volume Claims (PVC)
- Service
Lb ClusterConfig Options Service Lb Config - (Updatable) Configuration to be applied to load balancers created by Kubernetes services
- Service
Lb []stringSubnet Ids - The OCIDs of the subnets used for Kubernetes services load balancers.
- add
Ons ClusterOptions Add Ons - Configurable cluster add-ons
- admission
Controller ClusterOptions Options Admission Controller Options - (Updatable) Configurable cluster admission controllers
- kubernetes
Network ClusterConfig Options Kubernetes Network Config - Network configuration for Kubernetes.
- open
Id ClusterConnect Discovery Options Open Id Connect Discovery - (Updatable) The property that define the status of the OIDC Discovery feature for a cluster.
- open
Id ClusterConnect Token Authentication Config Options Open Id Connect Token Authentication Config - (Updatable) The properties that configure OIDC token authentication in kube-apiserver. For more information, see Configuring the API Server.
- persistent
Volume ClusterConfig Options Persistent Volume Config - (Updatable) Configuration to be applied to block volumes created by Kubernetes Persistent Volume Claims (PVC)
- service
Lb ClusterConfig Options Service Lb Config - (Updatable) Configuration to be applied to load balancers created by Kubernetes services
- service
Lb List<String>Subnet Ids - The OCIDs of the subnets used for Kubernetes services load balancers.
- add
Ons ClusterOptions Add Ons - Configurable cluster add-ons
- admission
Controller ClusterOptions Options Admission Controller Options - (Updatable) Configurable cluster admission controllers
- kubernetes
Network ClusterConfig Options Kubernetes Network Config - Network configuration for Kubernetes.
- open
Id ClusterConnect Discovery Options Open Id Connect Discovery - (Updatable) The property that define the status of the OIDC Discovery feature for a cluster.
- open
Id ClusterConnect Token Authentication Config Options Open Id Connect Token Authentication Config - (Updatable) The properties that configure OIDC token authentication in kube-apiserver. For more information, see Configuring the API Server.
- persistent
Volume ClusterConfig Options Persistent Volume Config - (Updatable) Configuration to be applied to block volumes created by Kubernetes Persistent Volume Claims (PVC)
- service
Lb ClusterConfig Options Service Lb Config - (Updatable) Configuration to be applied to load balancers created by Kubernetes services
- service
Lb string[]Subnet Ids - The OCIDs of the subnets used for Kubernetes services load balancers.
- add_
ons containerengine.Cluster Options Add Ons - Configurable cluster add-ons
- admission_
controller_ containerengine.options Cluster Options Admission Controller Options - (Updatable) Configurable cluster admission controllers
- kubernetes_
network_ containerengine.config Cluster Options Kubernetes Network Config - Network configuration for Kubernetes.
- open_
id_ containerengine.connect_ discovery Cluster Options Open Id Connect Discovery - (Updatable) The property that define the status of the OIDC Discovery feature for a cluster.
- open_
id_ containerengine.connect_ token_ authentication_ config Cluster Options Open Id Connect Token Authentication Config - (Updatable) The properties that configure OIDC token authentication in kube-apiserver. For more information, see Configuring the API Server.
- persistent_
volume_ containerengine.config Cluster Options Persistent Volume Config - (Updatable) Configuration to be applied to block volumes created by Kubernetes Persistent Volume Claims (PVC)
- service_
lb_ containerengine.config Cluster Options Service Lb Config - (Updatable) Configuration to be applied to load balancers created by Kubernetes services
- service_
lb_ Sequence[str]subnet_ ids - The OCIDs of the subnets used for Kubernetes services load balancers.
- add
Ons Property Map - Configurable cluster add-ons
- admission
Controller Property MapOptions - (Updatable) Configurable cluster admission controllers
- kubernetes
Network Property MapConfig - Network configuration for Kubernetes.
- open
Id Property MapConnect Discovery - (Updatable) The property that define the status of the OIDC Discovery feature for a cluster.
- open
Id Property MapConnect Token Authentication Config - (Updatable) The properties that configure OIDC token authentication in kube-apiserver. For more information, see Configuring the API Server.
- persistent
Volume Property MapConfig - (Updatable) Configuration to be applied to block volumes created by Kubernetes Persistent Volume Claims (PVC)
- service
Lb Property MapConfig - (Updatable) Configuration to be applied to load balancers created by Kubernetes services
- service
Lb List<String>Subnet Ids - The OCIDs of the subnets used for Kubernetes services load balancers.
ClusterOptionsAddOns, ClusterOptionsAddOnsArgs
- Is
Kubernetes boolDashboard Enabled - Whether or not to enable the Kubernetes Dashboard add-on.
- Is
Tiller boolEnabled - Whether or not to enable the Tiller add-on.
- Is
Kubernetes boolDashboard Enabled - Whether or not to enable the Kubernetes Dashboard add-on.
- Is
Tiller boolEnabled - Whether or not to enable the Tiller add-on.
- is
Kubernetes BooleanDashboard Enabled - Whether or not to enable the Kubernetes Dashboard add-on.
- is
Tiller BooleanEnabled - Whether or not to enable the Tiller add-on.
- is
Kubernetes booleanDashboard Enabled - Whether or not to enable the Kubernetes Dashboard add-on.
- is
Tiller booleanEnabled - Whether or not to enable the Tiller add-on.
- is_
kubernetes_ booldashboard_ enabled - Whether or not to enable the Kubernetes Dashboard add-on.
- is_
tiller_ boolenabled - Whether or not to enable the Tiller add-on.
- is
Kubernetes BooleanDashboard Enabled - Whether or not to enable the Kubernetes Dashboard add-on.
- is
Tiller BooleanEnabled - Whether or not to enable the Tiller add-on.
ClusterOptionsAdmissionControllerOptions, ClusterOptionsAdmissionControllerOptionsArgs
- Is
Pod boolSecurity Policy Enabled - (Updatable) Whether or not to enable the Pod Security Policy admission controller.
- Is
Pod boolSecurity Policy Enabled - (Updatable) Whether or not to enable the Pod Security Policy admission controller.
- is
Pod BooleanSecurity Policy Enabled - (Updatable) Whether or not to enable the Pod Security Policy admission controller.
- is
Pod booleanSecurity Policy Enabled - (Updatable) Whether or not to enable the Pod Security Policy admission controller.
- is_
pod_ boolsecurity_ policy_ enabled - (Updatable) Whether or not to enable the Pod Security Policy admission controller.
- is
Pod BooleanSecurity Policy Enabled - (Updatable) Whether or not to enable the Pod Security Policy admission controller.
ClusterOptionsKubernetesNetworkConfig, ClusterOptionsKubernetesNetworkConfigArgs
- Pods
Cidr string - The CIDR block for Kubernetes pods. Optional, defaults to 10.244.0.0/16.
- Services
Cidr string - The CIDR block for Kubernetes services. Optional, defaults to 10.96.0.0/16.
- Pods
Cidr string - The CIDR block for Kubernetes pods. Optional, defaults to 10.244.0.0/16.
- Services
Cidr string - The CIDR block for Kubernetes services. Optional, defaults to 10.96.0.0/16.
- pods
Cidr String - The CIDR block for Kubernetes pods. Optional, defaults to 10.244.0.0/16.
- services
Cidr String - The CIDR block for Kubernetes services. Optional, defaults to 10.96.0.0/16.
- pods
Cidr string - The CIDR block for Kubernetes pods. Optional, defaults to 10.244.0.0/16.
- services
Cidr string - The CIDR block for Kubernetes services. Optional, defaults to 10.96.0.0/16.
- pods_
cidr str - The CIDR block for Kubernetes pods. Optional, defaults to 10.244.0.0/16.
- services_
cidr str - The CIDR block for Kubernetes services. Optional, defaults to 10.96.0.0/16.
- pods
Cidr String - The CIDR block for Kubernetes pods. Optional, defaults to 10.244.0.0/16.
- services
Cidr String - The CIDR block for Kubernetes services. Optional, defaults to 10.96.0.0/16.
ClusterOptionsOpenIdConnectDiscovery, ClusterOptionsOpenIdConnectDiscoveryArgs
- Is
Open boolId Connect Discovery Enabled - (Updatable) Whether the cluster has OIDC Discovery enabled. Defaults to false. If set to true, the cluster will be assigned a public OIDC Discovery endpoint.
- Is
Open boolId Connect Discovery Enabled - (Updatable) Whether the cluster has OIDC Discovery enabled. Defaults to false. If set to true, the cluster will be assigned a public OIDC Discovery endpoint.
- is
Open BooleanId Connect Discovery Enabled - (Updatable) Whether the cluster has OIDC Discovery enabled. Defaults to false. If set to true, the cluster will be assigned a public OIDC Discovery endpoint.
- is
Open booleanId Connect Discovery Enabled - (Updatable) Whether the cluster has OIDC Discovery enabled. Defaults to false. If set to true, the cluster will be assigned a public OIDC Discovery endpoint.
- is_
open_ boolid_ connect_ discovery_ enabled - (Updatable) Whether the cluster has OIDC Discovery enabled. Defaults to false. If set to true, the cluster will be assigned a public OIDC Discovery endpoint.
- is
Open BooleanId Connect Discovery Enabled - (Updatable) Whether the cluster has OIDC Discovery enabled. Defaults to false. If set to true, the cluster will be assigned a public OIDC Discovery endpoint.
ClusterOptionsOpenIdConnectTokenAuthenticationConfig, ClusterOptionsOpenIdConnectTokenAuthenticationConfigArgs
- Is
Open boolId Connect Auth Enabled - (Updatable) Whether the cluster has OIDC Auth Config enabled. Defaults to false.
- Ca
Certificate string - (Updatable) A Base64 encoded public RSA or ECDSA certificates used to signed your identity provider's web certificate.
- Client
Id string - (Updatable) A client id that all tokens must be issued for.
- Groups
Claim string - (Updatable) JWT claim to use as the user's group. If the claim is present it must be an array of strings.
- Groups
Prefix string - (Updatable) Prefix prepended to group claims to prevent clashes with existing names (such as system:groups).
- Issuer
Url string - (Updatable) URL of the provider that allows the API server to discover public signing keys. Only URLs that use the https:// scheme are accepted. This is typically the provider's discovery URL, changed to have an empty path.
- Required
Claims List<ClusterOptions Open Id Connect Token Authentication Config Required Claim> - (Updatable) A key=value pair that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value. Repeat this flag to specify multiple claims.
- Signing
Algorithms List<string> - (Updatable) The signing algorithms accepted. Default is ["RS256"].
- Username
Claim string - (Updatable) JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
- Username
Prefix string - (Updatable) Prefix prepended to username claims to prevent clashes with existing names (such as system:users). For example, the value oidc: will create usernames like oidc:jane.doe. If this flag isn't provided and --oidc-username-claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of --oidc-issuer-url. The value - can be used to disable all prefixing.
- Is
Open boolId Connect Auth Enabled - (Updatable) Whether the cluster has OIDC Auth Config enabled. Defaults to false.
- Ca
Certificate string - (Updatable) A Base64 encoded public RSA or ECDSA certificates used to signed your identity provider's web certificate.
- Client
Id string - (Updatable) A client id that all tokens must be issued for.
- Groups
Claim string - (Updatable) JWT claim to use as the user's group. If the claim is present it must be an array of strings.
- Groups
Prefix string - (Updatable) Prefix prepended to group claims to prevent clashes with existing names (such as system:groups).
- Issuer
Url string - (Updatable) URL of the provider that allows the API server to discover public signing keys. Only URLs that use the https:// scheme are accepted. This is typically the provider's discovery URL, changed to have an empty path.
- Required
Claims []ClusterOptions Open Id Connect Token Authentication Config Required Claim - (Updatable) A key=value pair that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value. Repeat this flag to specify multiple claims.
- Signing
Algorithms []string - (Updatable) The signing algorithms accepted. Default is ["RS256"].
- Username
Claim string - (Updatable) JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
- Username
Prefix string - (Updatable) Prefix prepended to username claims to prevent clashes with existing names (such as system:users). For example, the value oidc: will create usernames like oidc:jane.doe. If this flag isn't provided and --oidc-username-claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of --oidc-issuer-url. The value - can be used to disable all prefixing.
- is
Open BooleanId Connect Auth Enabled - (Updatable) Whether the cluster has OIDC Auth Config enabled. Defaults to false.
- ca
Certificate String - (Updatable) A Base64 encoded public RSA or ECDSA certificates used to signed your identity provider's web certificate.
- client
Id String - (Updatable) A client id that all tokens must be issued for.
- groups
Claim String - (Updatable) JWT claim to use as the user's group. If the claim is present it must be an array of strings.
- groups
Prefix String - (Updatable) Prefix prepended to group claims to prevent clashes with existing names (such as system:groups).
- issuer
Url String - (Updatable) URL of the provider that allows the API server to discover public signing keys. Only URLs that use the https:// scheme are accepted. This is typically the provider's discovery URL, changed to have an empty path.
- required
Claims List<ClusterOptions Open Id Connect Token Authentication Config Required Claim> - (Updatable) A key=value pair that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value. Repeat this flag to specify multiple claims.
- signing
Algorithms List<String> - (Updatable) The signing algorithms accepted. Default is ["RS256"].
- username
Claim String - (Updatable) JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
- username
Prefix String - (Updatable) Prefix prepended to username claims to prevent clashes with existing names (such as system:users). For example, the value oidc: will create usernames like oidc:jane.doe. If this flag isn't provided and --oidc-username-claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of --oidc-issuer-url. The value - can be used to disable all prefixing.
- is
Open booleanId Connect Auth Enabled - (Updatable) Whether the cluster has OIDC Auth Config enabled. Defaults to false.
- ca
Certificate string - (Updatable) A Base64 encoded public RSA or ECDSA certificates used to signed your identity provider's web certificate.
- client
Id string - (Updatable) A client id that all tokens must be issued for.
- groups
Claim string - (Updatable) JWT claim to use as the user's group. If the claim is present it must be an array of strings.
- groups
Prefix string - (Updatable) Prefix prepended to group claims to prevent clashes with existing names (such as system:groups).
- issuer
Url string - (Updatable) URL of the provider that allows the API server to discover public signing keys. Only URLs that use the https:// scheme are accepted. This is typically the provider's discovery URL, changed to have an empty path.
- required
Claims ClusterOptions Open Id Connect Token Authentication Config Required Claim[] - (Updatable) A key=value pair that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value. Repeat this flag to specify multiple claims.
- signing
Algorithms string[] - (Updatable) The signing algorithms accepted. Default is ["RS256"].
- username
Claim string - (Updatable) JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
- username
Prefix string - (Updatable) Prefix prepended to username claims to prevent clashes with existing names (such as system:users). For example, the value oidc: will create usernames like oidc:jane.doe. If this flag isn't provided and --oidc-username-claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of --oidc-issuer-url. The value - can be used to disable all prefixing.
- is_
open_ boolid_ connect_ auth_ enabled - (Updatable) Whether the cluster has OIDC Auth Config enabled. Defaults to false.
- ca_
certificate str - (Updatable) A Base64 encoded public RSA or ECDSA certificates used to signed your identity provider's web certificate.
- client_
id str - (Updatable) A client id that all tokens must be issued for.
- groups_
claim str - (Updatable) JWT claim to use as the user's group. If the claim is present it must be an array of strings.
- groups_
prefix str - (Updatable) Prefix prepended to group claims to prevent clashes with existing names (such as system:groups).
- issuer_
url str - (Updatable) URL of the provider that allows the API server to discover public signing keys. Only URLs that use the https:// scheme are accepted. This is typically the provider's discovery URL, changed to have an empty path.
- required_
claims Sequence[containerengine.Cluster Options Open Id Connect Token Authentication Config Required Claim] - (Updatable) A key=value pair that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value. Repeat this flag to specify multiple claims.
- signing_
algorithms Sequence[str] - (Updatable) The signing algorithms accepted. Default is ["RS256"].
- username_
claim str - (Updatable) JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
- username_
prefix str - (Updatable) Prefix prepended to username claims to prevent clashes with existing names (such as system:users). For example, the value oidc: will create usernames like oidc:jane.doe. If this flag isn't provided and --oidc-username-claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of --oidc-issuer-url. The value - can be used to disable all prefixing.
- is
Open BooleanId Connect Auth Enabled - (Updatable) Whether the cluster has OIDC Auth Config enabled. Defaults to false.
- ca
Certificate String - (Updatable) A Base64 encoded public RSA or ECDSA certificates used to signed your identity provider's web certificate.
- client
Id String - (Updatable) A client id that all tokens must be issued for.
- groups
Claim String - (Updatable) JWT claim to use as the user's group. If the claim is present it must be an array of strings.
- groups
Prefix String - (Updatable) Prefix prepended to group claims to prevent clashes with existing names (such as system:groups).
- issuer
Url String - (Updatable) URL of the provider that allows the API server to discover public signing keys. Only URLs that use the https:// scheme are accepted. This is typically the provider's discovery URL, changed to have an empty path.
- required
Claims List<Property Map> - (Updatable) A key=value pair that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value. Repeat this flag to specify multiple claims.
- signing
Algorithms List<String> - (Updatable) The signing algorithms accepted. Default is ["RS256"].
- username
Claim String - (Updatable) JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
- username
Prefix String - (Updatable) Prefix prepended to username claims to prevent clashes with existing names (such as system:users). For example, the value oidc: will create usernames like oidc:jane.doe. If this flag isn't provided and --oidc-username-claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of --oidc-issuer-url. The value - can be used to disable all prefixing.
ClusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaim, ClusterOptionsOpenIdConnectTokenAuthenticationConfigRequiredClaimArgs
ClusterOptionsPersistentVolumeConfig, ClusterOptionsPersistentVolumeConfigArgs
- Dictionary<string, string>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Dictionary<string, string>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- map[string]string
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- map[string]string
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Map<String,String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Map<String,String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- {[key: string]: string}
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- {[key: string]: string}
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Mapping[str, str]
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Mapping[str, str]
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Map<String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Map<String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
ClusterOptionsServiceLbConfig, ClusterOptionsServiceLbConfigArgs
- Dictionary<string, string>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Dictionary<string, string>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- map[string]string
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- map[string]string
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Map<String,String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Map<String,String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- {[key: string]: string}
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- {[key: string]: string}
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Mapping[str, str]
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Mapping[str, str]
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Map<String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Map<String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
Import
Clusters can be imported using the id
, e.g.
$ pulumi import oci:ContainerEngine/cluster:Cluster test_cluster "id"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
oci
Terraform Provider.