Module eks

@pulumi/aws > eks

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-aws repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-aws repo.

class Cluster

extends CustomResource

Manages an EKS Cluster.

Example Usage

Basic Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.eks.Cluster("example", {
    roleArn: aws_iam_role_example.arn,
    vpcConfig: {
        subnetIds: [
            aws_subnet_example1.id,
            aws_subnet_example2.id,
        ],
    },
});

export const endpoint = example.endpoint;
export const kubeconfigCertificateAuthorityData = example.certificateAuthority.data;

Enabling Control Plane Logging

EKS Control Plane Logging can be enabled via the enabledClusterLogTypes argument. To manage the CloudWatch Log Group retention period, the aws.cloudwatch.LogGroup resource can be used.

The below configuration uses dependsOn to prevent ordering issues with EKS automatically creating the log group first and a variable for naming consistency. Other ordering and naming methodologies may be more appropriate for your environment.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const config = new pulumi.Config();
const clusterName = config.get("clusterName") || "example";

const exampleLogGroup = new aws.cloudwatch.LogGroup("example", {
    retentionInDays: 7,
});
const exampleCluster = new aws.eks.Cluster("example", {
    enabledClusterLogTypes: [
        "api",
        "audit",
    ],
}, {dependsOn: [exampleLogGroup]});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/eks_cluster.html.markdown.

constructor

new Cluster(name: string, args: ClusterArgs, opts?: pulumi.CustomResourceOptions)

Create a Cluster resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ClusterState, opts?: pulumi.CustomResourceOptions): Cluster

Get an existing Cluster resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Cluster. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn

public arn: pulumi.Output<string>;

The Amazon Resource Name (ARN) of the cluster.

property certificateAuthority

public certificateAuthority: pulumi.Output<{
    data: string;
}>;

Nested attribute containing certificate-authority-data for your cluster.

property createdAt

public createdAt: pulumi.Output<string>;

property enabledClusterLogTypes

public enabledClusterLogTypes: pulumi.Output<string[] | undefined>;

A list of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging

property endpoint

public endpoint: pulumi.Output<string>;

The endpoint for your Kubernetes API server.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the cluster.

property platformVersion

public platformVersion: pulumi.Output<string>;

The platform version for the cluster.

property roleArn

public roleArn: pulumi.Output<string>;

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

property status

public status: pulumi.Output<string>;

The status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property version

public version: pulumi.Output<string>;

Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.

property vpcConfig

public vpcConfig: pulumi.Output<{
    endpointPrivateAccess: undefined | false | true;
    endpointPublicAccess: undefined | false | true;
    securityGroupIds: string[];
    subnetIds: string[];
    vpcId: string;
}>;

Nested argument for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Configuration detailed below.

function getCluster

getCluster(args: GetClusterArgs, opts?: pulumi.InvokeOptions): Promise<GetClusterResult> & GetClusterResult

Retrieve information about an EKS Cluster.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = pulumi.output(aws.eks.getCluster({
    name: "example",
}));

export const endpoint = example.endpoint;
export const kubeconfigCertificateAuthorityData = example.certificateAuthority.data;

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/d/eks_cluster.html.markdown.

function getClusterAuth

getClusterAuth(args: GetClusterAuthArgs, opts?: pulumi.InvokeOptions): Promise<GetClusterAuthResult> & GetClusterAuthResult

Get an authentication token to communicate with an EKS cluster.

Uses IAM credentials from the AWS provider to generate a temporary token that is compatible with AWS IAM Authenticator authentication. This can be used to authenticate to an EKS cluster or to a cluster that has the AWS IAM Authenticator server configured.

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/d/eks_cluster_auth.html.markdown.

interface ClusterArgs

The set of arguments for constructing a Cluster resource.

property enabledClusterLogTypes

enabledClusterLogTypes?: pulumi.Input<pulumi.Input<string>[]>;

A list of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging

property name

name?: pulumi.Input<string>;

Name of the cluster.

property roleArn

roleArn: pulumi.Input<string>;

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

property version

version?: pulumi.Input<string>;

Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.

property vpcConfig

vpcConfig: pulumi.Input<{
    endpointPrivateAccess: pulumi.Input<boolean>;
    endpointPublicAccess: pulumi.Input<boolean>;
    securityGroupIds: pulumi.Input<pulumi.Input<string>[]>;
    subnetIds: pulumi.Input<pulumi.Input<string>[]>;
    vpcId: pulumi.Input<string>;
}>;

Nested argument for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Configuration detailed below.

interface ClusterState

Input properties used for looking up and filtering Cluster resources.

property arn

arn?: pulumi.Input<string>;

The Amazon Resource Name (ARN) of the cluster.

property certificateAuthority

certificateAuthority?: pulumi.Input<{
    data: pulumi.Input<string>;
}>;

Nested attribute containing certificate-authority-data for your cluster.

property createdAt

createdAt?: pulumi.Input<string>;

property enabledClusterLogTypes

enabledClusterLogTypes?: pulumi.Input<pulumi.Input<string>[]>;

A list of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging

property endpoint

endpoint?: pulumi.Input<string>;

The endpoint for your Kubernetes API server.

property name

name?: pulumi.Input<string>;

Name of the cluster.

property platformVersion

platformVersion?: pulumi.Input<string>;

The platform version for the cluster.

property roleArn

roleArn?: pulumi.Input<string>;

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

property status

status?: pulumi.Input<string>;

The status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.

property version

version?: pulumi.Input<string>;

Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.

property vpcConfig

vpcConfig?: pulumi.Input<{
    endpointPrivateAccess: pulumi.Input<boolean>;
    endpointPublicAccess: pulumi.Input<boolean>;
    securityGroupIds: pulumi.Input<pulumi.Input<string>[]>;
    subnetIds: pulumi.Input<pulumi.Input<string>[]>;
    vpcId: pulumi.Input<string>;
}>;

Nested argument for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Configuration detailed below.

interface GetClusterArgs

A collection of arguments for invoking getCluster.

property name

name: string;

The name of the cluster

interface GetClusterAuthArgs

A collection of arguments for invoking getClusterAuth.

property name

name: string;

The name of the cluster

interface GetClusterAuthResult

A collection of values returned by getClusterAuth.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property name

name: string;

property token

token: string;

The token to use to authenticate with the cluster.

interface GetClusterResult

A collection of values returned by getCluster.

property arn

arn: string;

The Amazon Resource Name (ARN) of the cluster.

property certificateAuthority

certificateAuthority: {
    data: string;
};

Nested attribute containing certificate-authority-data for your cluster.

property createdAt

createdAt: string;

The Unix epoch time stamp in seconds for when the cluster was created.

property enabledClusterLogTypes

enabledClusterLogTypes: string[];

The enabled control plane logs.

property endpoint

endpoint: string;

The endpoint for your Kubernetes API server.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property name

name: string;

property platformVersion

platformVersion: string;

The platform version for the cluster.

property roleArn

roleArn: string;

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

property status

status: string;

The status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.

property version

version: string;

The Kubernetes server version for the cluster.

property vpcConfig

vpcConfig: {
    endpointPrivateAccess: boolean;
    endpointPublicAccess: boolean;
    securityGroupIds: string[];
    subnetIds: string[];
    vpcId: string;
};

Nested attribute containing VPC configuration for the cluster.