eks

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-aws repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-aws repo.

class pulumi_aws.eks.AwaitableGetClusterAuthResult(name=None, token=None, id=None)
class pulumi_aws.eks.AwaitableGetClusterResult(arn=None, certificate_authority=None, created_at=None, enabled_cluster_log_types=None, endpoint=None, identities=None, name=None, platform_version=None, role_arn=None, status=None, tags=None, version=None, vpc_config=None, id=None)
class pulumi_aws.eks.Cluster(resource_name, opts=None, enabled_cluster_log_types=None, name=None, role_arn=None, tags=None, version=None, vpc_config=None, __props__=None, __name__=None, __opts__=None)

Manages an EKS Cluster.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • enabled_cluster_log_types (pulumi.Input[list]) – A list of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging

  • name (pulumi.Input[str]) – Name of the cluster.

  • role_arn (pulumi.Input[str]) – The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

  • tags (pulumi.Input[dict]) – Key-value mapping of resource tags.

  • version (pulumi.Input[str]) – Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.

  • vpc_config (pulumi.Input[dict]) – Nested argument for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Configuration detailed below.

The vpc_config object supports the following:

  • endpointPrivateAccess (pulumi.Input[bool]) - Indicates whether or not the Amazon EKS private API server endpoint is enabled. Default is false.

  • endpointPublicAccess (pulumi.Input[bool]) - Indicates whether or not the Amazon EKS public API server endpoint is enabled. Default is true.

  • security_group_ids (pulumi.Input[list]) - List of security group IDs for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane.

  • subnet_ids (pulumi.Input[list]) - List of subnet IDs. Must be in at least two different availability zones. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.

  • vpc_id (pulumi.Input[str]) - The VPC associated with your cluster.

arn = None

The Amazon Resource Name (ARN) of the cluster.

certificate_authority = None

Nested attribute containing certificate-authority-data for your cluster.

  • data (str) - The base64 encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

enabled_cluster_log_types = None

A list of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging

endpoint = None

The endpoint for your Kubernetes API server.

identities = None

Nested attribute containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019.

  • oidcs (list) - Nested attribute containing OpenID Connect identity provider information for the cluster.

    • issuer (str) - Issuer URL for the OpenID Connect identity provider.

name = None

Name of the cluster.

platform_version = None

The platform version for the cluster.

role_arn = None

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

status = None

The status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.

tags = None

Key-value mapping of resource tags.

version = None

Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.

vpc_config = None

Nested argument for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Configuration detailed below.

  • endpointPrivateAccess (bool) - Indicates whether or not the Amazon EKS private API server endpoint is enabled. Default is false.

  • endpointPublicAccess (bool) - Indicates whether or not the Amazon EKS public API server endpoint is enabled. Default is true.

  • security_group_ids (list) - List of security group IDs for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane.

  • subnet_ids (list) - List of subnet IDs. Must be in at least two different availability zones. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.

  • vpc_id (str) - The VPC associated with your cluster.

static get(resource_name, id, opts=None, arn=None, certificate_authority=None, created_at=None, enabled_cluster_log_types=None, endpoint=None, identities=None, name=None, platform_version=None, role_arn=None, status=None, tags=None, version=None, vpc_config=None)

Get an existing Cluster resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • arn (pulumi.Input[str]) – The Amazon Resource Name (ARN) of the cluster.

  • certificate_authority (pulumi.Input[dict]) – Nested attribute containing certificate-authority-data for your cluster.

  • enabled_cluster_log_types (pulumi.Input[list]) –

    A list of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging

  • endpoint (pulumi.Input[str]) – The endpoint for your Kubernetes API server.

  • identities (pulumi.Input[list]) – Nested attribute containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019.

  • name (pulumi.Input[str]) – Name of the cluster.

  • platform_version (pulumi.Input[str]) – The platform version for the cluster.

  • role_arn (pulumi.Input[str]) – The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

  • status (pulumi.Input[str]) – The status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.

  • tags (pulumi.Input[dict]) – Key-value mapping of resource tags.

  • version (pulumi.Input[str]) – Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.

  • vpc_config (pulumi.Input[dict]) –

    Nested argument for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Configuration detailed below.

The certificate_authority object supports the following:

  • data (pulumi.Input[str]) - The base64 encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

The identities object supports the following:

  • oidcs (pulumi.Input[list]) - Nested attribute containing OpenID Connect identity provider information for the cluster.

    • issuer (pulumi.Input[str]) - Issuer URL for the OpenID Connect identity provider.

The vpc_config object supports the following:

  • endpointPrivateAccess (pulumi.Input[bool]) - Indicates whether or not the Amazon EKS private API server endpoint is enabled. Default is false.

  • endpointPublicAccess (pulumi.Input[bool]) - Indicates whether or not the Amazon EKS public API server endpoint is enabled. Default is true.

  • security_group_ids (pulumi.Input[list]) - List of security group IDs for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane.

  • subnet_ids (pulumi.Input[list]) - List of subnet IDs. Must be in at least two different availability zones. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.

  • vpc_id (pulumi.Input[str]) - The VPC associated with your cluster.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_aws.eks.GetClusterAuthResult(name=None, token=None, id=None)

A collection of values returned by getClusterAuth.

token = None

The token to use to authenticate with the cluster.

id = None

id is the provider-assigned unique ID for this managed resource.

class pulumi_aws.eks.GetClusterResult(arn=None, certificate_authority=None, created_at=None, enabled_cluster_log_types=None, endpoint=None, identities=None, name=None, platform_version=None, role_arn=None, status=None, tags=None, version=None, vpc_config=None, id=None)

A collection of values returned by getCluster.

arn = None

The Amazon Resource Name (ARN) of the cluster.

certificate_authority = None

Nested attribute containing certificate-authority-data for your cluster.

created_at = None

The Unix epoch time stamp in seconds for when the cluster was created.

enabled_cluster_log_types = None

The enabled control plane logs.

endpoint = None

The endpoint for your Kubernetes API server.

identities = None

Nested attribute containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. For an example using this information to enable IAM Roles for Service Accounts, see the ``eks.Cluster` resource documentation <https://www.terraform.io/docs/providers/aws/r/eks_cluster.html>`_.

platform_version = None

The platform version for the cluster.

role_arn = None

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

status = None

The status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.

tags = None

Key-value mapping of resource tags.

version = None

The Kubernetes server version for the cluster.

vpc_config = None

Nested attribute containing VPC configuration for the cluster.

id = None

id is the provider-assigned unique ID for this managed resource.

class pulumi_aws.eks.NodeGroup(resource_name, opts=None, ami_type=None, cluster_name=None, disk_size=None, instance_types=None, labels=None, node_group_name=None, node_role_arn=None, release_version=None, remote_access=None, scaling_config=None, subnet_ids=None, tags=None, version=None, __props__=None, __name__=None, __opts__=None)

Manages an EKS Node Group, which can provision and optionally update an Auto Scaling Group of Kubernetes worker nodes compatible with EKS. Additional documentation about this functionality can be found in the EKS User Guide.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • cluster_name (pulumi.Input[str]) – Name of the EKS Cluster.

  • labels (pulumi.Input[dict]) – Key-value mapping of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.

  • node_group_name (pulumi.Input[str]) – Name of the EKS Node Group.

  • node_role_arn (pulumi.Input[str]) – Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.

  • release_version (pulumi.Input[str]) – AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.

  • remote_access (pulumi.Input[dict]) – Configuration block with remote access settings. Detailed below.

  • scaling_config (pulumi.Input[dict]) – Configuration block with scaling settings. Detailed below.

  • subnet_ids (pulumi.Input[list]) – Identifiers of EC2 Subnets to associate with the EKS Node Group. These subnets must have the following resource tag: kubernetes.io/cluster/CLUSTER_NAME (where CLUSTER_NAME is replaced with the name of the EKS Cluster).

  • tags (pulumi.Input[dict]) – Key-value mapping of resource tags.

The remote_access object supports the following:

  • ec2SshKey (pulumi.Input[str]) - EC2 Key Pair name that provides access for SSH communication with the worker nodes in the EKS Node Group. If you specify this configuration, but do not specify source_security_group_ids when you create an EKS Node Group, port 22 on the worker nodes is opened to the Internet (0.0.0.0/0).

  • sourceSecurityGroupIds (pulumi.Input[list]) - Set of EC2 Security Group IDs to allow SSH access (port 22) from on the worker nodes. If you specify ec2_ssh_key, but do not specify this configuration when you create an EKS Node Group, port 22 on the worker nodes is opened to the Internet (0.0.0.0/0).

The scaling_config object supports the following:

  • desiredSize (pulumi.Input[float]) - Desired number of worker nodes.

  • max_size (pulumi.Input[float]) - Maximum number of worker nodes.

  • min_size (pulumi.Input[float]) - Minimum number of worker nodes.

arn = None

Amazon Resource Name (ARN) of the EKS Node Group.

cluster_name = None

Name of the EKS Cluster.

labels = None

Key-value mapping of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.

node_group_name = None

Name of the EKS Node Group.

node_role_arn = None

Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.

release_version = None

AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.

remote_access = None

Configuration block with remote access settings. Detailed below.

  • ec2SshKey (str) - EC2 Key Pair name that provides access for SSH communication with the worker nodes in the EKS Node Group. If you specify this configuration, but do not specify source_security_group_ids when you create an EKS Node Group, port 22 on the worker nodes is opened to the Internet (0.0.0.0/0).

  • sourceSecurityGroupIds (list) - Set of EC2 Security Group IDs to allow SSH access (port 22) from on the worker nodes. If you specify ec2_ssh_key, but do not specify this configuration when you create an EKS Node Group, port 22 on the worker nodes is opened to the Internet (0.0.0.0/0).

resources = None

List of objects containing information about underlying resources.

  • autoscaling_groups (list) - List of objects containing information about AutoScaling Groups.

    • name (str) - Name of the AutoScaling Group.

  • remoteAccessSecurityGroupId (str) - Identifier of the remote access EC2 Security Group.

scaling_config = None

Configuration block with scaling settings. Detailed below.

  • desiredSize (float) - Desired number of worker nodes.

  • max_size (float) - Maximum number of worker nodes.

  • min_size (float) - Minimum number of worker nodes.

status = None

Status of the EKS Node Group.

subnet_ids = None

Identifiers of EC2 Subnets to associate with the EKS Node Group. These subnets must have the following resource tag: kubernetes.io/cluster/CLUSTER_NAME (where CLUSTER_NAME is replaced with the name of the EKS Cluster).

tags = None

Key-value mapping of resource tags.

static get(resource_name, id, opts=None, ami_type=None, arn=None, cluster_name=None, disk_size=None, instance_types=None, labels=None, node_group_name=None, node_role_arn=None, release_version=None, remote_access=None, resources=None, scaling_config=None, status=None, subnet_ids=None, tags=None, version=None)

Get an existing NodeGroup resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • arn (pulumi.Input[str]) – Amazon Resource Name (ARN) of the EKS Node Group.

  • cluster_name (pulumi.Input[str]) – Name of the EKS Cluster.

  • labels (pulumi.Input[dict]) – Key-value mapping of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.

  • node_group_name (pulumi.Input[str]) – Name of the EKS Node Group.

  • node_role_arn (pulumi.Input[str]) – Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.

  • release_version (pulumi.Input[str]) – AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.

  • remote_access (pulumi.Input[dict]) – Configuration block with remote access settings. Detailed below.

  • resources (pulumi.Input[list]) – List of objects containing information about underlying resources.

  • scaling_config (pulumi.Input[dict]) – Configuration block with scaling settings. Detailed below.

  • status (pulumi.Input[str]) – Status of the EKS Node Group.

  • subnet_ids (pulumi.Input[list]) – Identifiers of EC2 Subnets to associate with the EKS Node Group. These subnets must have the following resource tag: kubernetes.io/cluster/CLUSTER_NAME (where CLUSTER_NAME is replaced with the name of the EKS Cluster).

  • tags (pulumi.Input[dict]) – Key-value mapping of resource tags.

The remote_access object supports the following:

  • ec2SshKey (pulumi.Input[str]) - EC2 Key Pair name that provides access for SSH communication with the worker nodes in the EKS Node Group. If you specify this configuration, but do not specify source_security_group_ids when you create an EKS Node Group, port 22 on the worker nodes is opened to the Internet (0.0.0.0/0).

  • sourceSecurityGroupIds (pulumi.Input[list]) - Set of EC2 Security Group IDs to allow SSH access (port 22) from on the worker nodes. If you specify ec2_ssh_key, but do not specify this configuration when you create an EKS Node Group, port 22 on the worker nodes is opened to the Internet (0.0.0.0/0).

The resources object supports the following:

  • autoscaling_groups (pulumi.Input[list]) - List of objects containing information about AutoScaling Groups.

    • name (pulumi.Input[str]) - Name of the AutoScaling Group.

  • remoteAccessSecurityGroupId (pulumi.Input[str]) - Identifier of the remote access EC2 Security Group.

The scaling_config object supports the following:

  • desiredSize (pulumi.Input[float]) - Desired number of worker nodes.

  • max_size (pulumi.Input[float]) - Maximum number of worker nodes.

  • min_size (pulumi.Input[float]) - Minimum number of worker nodes.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

pulumi_aws.eks.get_cluster(name=None, tags=None, opts=None)

Retrieve information about an EKS Cluster.

Parameters

name (str) – The name of the cluster

pulumi_aws.eks.get_cluster_auth(name=None, opts=None)

Get an authentication token to communicate with an EKS cluster.

Uses IAM credentials from the AWS provider to generate a temporary token that is compatible with AWS IAM Authenticator authentication. This can be used to authenticate to an EKS cluster or to a cluster that has the AWS IAM Authenticator server configured.

Parameters

name (str) – The name of the cluster