aws-native logo
AWS Native v0.55.0, Mar 28 23

aws-native.eks.Cluster

An object representing an Amazon EKS cluster.

Create Cluster Resource

new Cluster(name: string, args: ClusterArgs, opts?: CustomResourceOptions);
@overload
def Cluster(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            encryption_config: Optional[Sequence[ClusterEncryptionConfigArgs]] = None,
            kubernetes_network_config: Optional[ClusterKubernetesNetworkConfigArgs] = None,
            logging: Optional[ClusterLoggingArgs] = None,
            name: Optional[str] = None,
            outpost_config: Optional[ClusterOutpostConfigArgs] = None,
            resources_vpc_config: Optional[ClusterResourcesVpcConfigArgs] = None,
            role_arn: Optional[str] = None,
            tags: Optional[Sequence[ClusterTagArgs]] = None,
            version: Optional[str] = None)
@overload
def Cluster(resource_name: str,
            args: ClusterArgs,
            opts: Optional[ResourceOptions] = None)
func NewCluster(ctx *Context, name string, args ClusterArgs, opts ...ResourceOption) (*Cluster, error)
public Cluster(string name, ClusterArgs args, CustomResourceOptions? opts = null)
public Cluster(String name, ClusterArgs args)
public Cluster(String name, ClusterArgs args, CustomResourceOptions options)
type: aws-native:eks:Cluster
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args ClusterArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ClusterArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ClusterArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ClusterArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args ClusterArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Cluster Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Cluster resource accepts the following input properties:

ResourcesVpcConfig Pulumi.AwsNative.EKS.Inputs.ClusterResourcesVpcConfigArgs
RoleArn string

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

EncryptionConfig List<Pulumi.AwsNative.EKS.Inputs.ClusterEncryptionConfigArgs>
KubernetesNetworkConfig Pulumi.AwsNative.EKS.Inputs.ClusterKubernetesNetworkConfigArgs
Logging Pulumi.AwsNative.EKS.Inputs.ClusterLoggingArgs
Name string

The unique name to give to your cluster.

OutpostConfig Pulumi.AwsNative.EKS.Inputs.ClusterOutpostConfigArgs
Tags List<Pulumi.AwsNative.EKS.Inputs.ClusterTagArgs>

An array of key-value pairs to apply to this resource.

Version string

The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.

ResourcesVpcConfig ClusterResourcesVpcConfigArgs
RoleArn string

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

EncryptionConfig []ClusterEncryptionConfigArgs
KubernetesNetworkConfig ClusterKubernetesNetworkConfigArgs
Logging ClusterLoggingArgs
Name string

The unique name to give to your cluster.

OutpostConfig ClusterOutpostConfigArgs
Tags []ClusterTagArgs

An array of key-value pairs to apply to this resource.

Version string

The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.

resourcesVpcConfig ClusterResourcesVpcConfigArgs
roleArn String

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

encryptionConfig List<ClusterEncryptionConfigArgs>
kubernetesNetworkConfig ClusterKubernetesNetworkConfigArgs
logging ClusterLoggingArgs
name String

The unique name to give to your cluster.

outpostConfig ClusterOutpostConfigArgs
tags List<ClusterTagArgs>

An array of key-value pairs to apply to this resource.

version String

The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.

resourcesVpcConfig ClusterResourcesVpcConfigArgs
roleArn string

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

encryptionConfig ClusterEncryptionConfigArgs[]
kubernetesNetworkConfig ClusterKubernetesNetworkConfigArgs
logging ClusterLoggingArgs
name string

The unique name to give to your cluster.

outpostConfig ClusterOutpostConfigArgs
tags ClusterTagArgs[]

An array of key-value pairs to apply to this resource.

version string

The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.

resources_vpc_config ClusterResourcesVpcConfigArgs
role_arn str

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

encryption_config Sequence[ClusterEncryptionConfigArgs]
kubernetes_network_config ClusterKubernetesNetworkConfigArgs
logging ClusterLoggingArgs
name str

The unique name to give to your cluster.

outpost_config ClusterOutpostConfigArgs
tags Sequence[ClusterTagArgs]

An array of key-value pairs to apply to this resource.

version str

The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.

resourcesVpcConfig Property Map
roleArn String

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

encryptionConfig List<Property Map>
kubernetesNetworkConfig Property Map
logging Property Map
name String

The unique name to give to your cluster.

outpostConfig Property Map
tags List<Property Map>

An array of key-value pairs to apply to this resource.

version String

The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.

Outputs

All input properties are implicitly available as output properties. Additionally, the Cluster resource produces the following output properties:

Arn string

The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.

CertificateAuthorityData string

The certificate-authority-data for your cluster.

ClusterSecurityGroupId string

The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.

EncryptionConfigKeyArn string

Amazon Resource Name (ARN) or alias of the customer master key (CMK).

Endpoint string

The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.

Id string

The provider-assigned unique ID for this managed resource.

OpenIdConnectIssuerUrl string

The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.

Arn string

The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.

CertificateAuthorityData string

The certificate-authority-data for your cluster.

ClusterSecurityGroupId string

The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.

EncryptionConfigKeyArn string

Amazon Resource Name (ARN) or alias of the customer master key (CMK).

Endpoint string

The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.

Id string

The provider-assigned unique ID for this managed resource.

OpenIdConnectIssuerUrl string

The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.

arn String

The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.

certificateAuthorityData String

The certificate-authority-data for your cluster.

clusterSecurityGroupId String

The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.

encryptionConfigKeyArn String

Amazon Resource Name (ARN) or alias of the customer master key (CMK).

endpoint String

The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.

id String

The provider-assigned unique ID for this managed resource.

openIdConnectIssuerUrl String

The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.

arn string

The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.

certificateAuthorityData string

The certificate-authority-data for your cluster.

clusterSecurityGroupId string

The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.

encryptionConfigKeyArn string

Amazon Resource Name (ARN) or alias of the customer master key (CMK).

endpoint string

The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.

id string

The provider-assigned unique ID for this managed resource.

openIdConnectIssuerUrl string

The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.

arn str

The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.

certificate_authority_data str

The certificate-authority-data for your cluster.

cluster_security_group_id str

The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.

encryption_config_key_arn str

Amazon Resource Name (ARN) or alias of the customer master key (CMK).

endpoint str

The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.

id str

The provider-assigned unique ID for this managed resource.

open_id_connect_issuer_url str

The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.

arn String

The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.

certificateAuthorityData String

The certificate-authority-data for your cluster.

clusterSecurityGroupId String

The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.

encryptionConfigKeyArn String

Amazon Resource Name (ARN) or alias of the customer master key (CMK).

endpoint String

The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.

id String

The provider-assigned unique ID for this managed resource.

openIdConnectIssuerUrl String

The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.

Supporting Types

ClusterControlPlanePlacement

GroupName string

Specify the placement group name of the control place machines for your cluster.

GroupName string

Specify the placement group name of the control place machines for your cluster.

groupName String

Specify the placement group name of the control place machines for your cluster.

groupName string

Specify the placement group name of the control place machines for your cluster.

group_name str

Specify the placement group name of the control place machines for your cluster.

groupName String

Specify the placement group name of the control place machines for your cluster.

ClusterEncryptionConfig

Provider Pulumi.AwsNative.EKS.Inputs.ClusterProvider

The encryption provider for the cluster.

Resources List<string>

Specifies the resources to be encrypted. The only supported value is "secrets".

Provider ClusterProvider

The encryption provider for the cluster.

Resources []string

Specifies the resources to be encrypted. The only supported value is "secrets".

provider ClusterProvider

The encryption provider for the cluster.

resources List<String>

Specifies the resources to be encrypted. The only supported value is "secrets".

provider ClusterProvider

The encryption provider for the cluster.

resources string[]

Specifies the resources to be encrypted. The only supported value is "secrets".

provider ClusterProvider

The encryption provider for the cluster.

resources Sequence[str]

Specifies the resources to be encrypted. The only supported value is "secrets".

provider Property Map

The encryption provider for the cluster.

resources List<String>

Specifies the resources to be encrypted. The only supported value is "secrets".

ClusterKubernetesNetworkConfig

IpFamily Pulumi.AwsNative.EKS.ClusterKubernetesNetworkConfigIpFamily

Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on

ServiceIpv4Cidr string

The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC.

ServiceIpv6Cidr string

The CIDR block to assign Kubernetes service IP addresses from.

IpFamily ClusterKubernetesNetworkConfigIpFamily

Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on

ServiceIpv4Cidr string

The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC.

ServiceIpv6Cidr string

The CIDR block to assign Kubernetes service IP addresses from.

ipFamily ClusterKubernetesNetworkConfigIpFamily

Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on

serviceIpv4Cidr String

The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC.

serviceIpv6Cidr String

The CIDR block to assign Kubernetes service IP addresses from.

ipFamily ClusterKubernetesNetworkConfigIpFamily

Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on

serviceIpv4Cidr string

The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC.

serviceIpv6Cidr string

The CIDR block to assign Kubernetes service IP addresses from.

ip_family ClusterKubernetesNetworkConfigIpFamily

Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on

service_ipv4_cidr str

The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC.

service_ipv6_cidr str

The CIDR block to assign Kubernetes service IP addresses from.

ipFamily "ipv4" | "ipv6"

Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on

serviceIpv4Cidr String

The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC.

serviceIpv6Cidr String

The CIDR block to assign Kubernetes service IP addresses from.

ClusterKubernetesNetworkConfigIpFamily

Ipv4
ipv4
Ipv6
ipv6
ClusterKubernetesNetworkConfigIpFamilyIpv4
ipv4
ClusterKubernetesNetworkConfigIpFamilyIpv6
ipv6
Ipv4
ipv4
Ipv6
ipv6
Ipv4
ipv4
Ipv6
ipv6
IPV4
ipv4
IPV6
ipv6
"ipv4"
ipv4
"ipv6"
ipv6

ClusterLogging

ClusterLoggingValue Pulumi.AwsNative.EKS.Inputs.ClusterLoggingEnabledTypes

The cluster control plane logging configuration for your cluster.

ClusterLogging ClusterLoggingEnabledTypes

The cluster control plane logging configuration for your cluster.

clusterLogging ClusterLoggingEnabledTypes

The cluster control plane logging configuration for your cluster.

clusterLogging ClusterLoggingEnabledTypes

The cluster control plane logging configuration for your cluster.

cluster_logging ClusterLoggingEnabledTypes

The cluster control plane logging configuration for your cluster.

clusterLogging Property Map

The cluster control plane logging configuration for your cluster.

ClusterLoggingEnabledTypes

ClusterLoggingTypeConfig

ClusterLoggingTypeConfigType

Api
api
Audit
audit
Authenticator
authenticator
ControllerManager
controllerManager
Scheduler
scheduler
ClusterLoggingTypeConfigTypeApi
api
ClusterLoggingTypeConfigTypeAudit
audit
ClusterLoggingTypeConfigTypeAuthenticator
authenticator
ClusterLoggingTypeConfigTypeControllerManager
controllerManager
ClusterLoggingTypeConfigTypeScheduler
scheduler
Api
api
Audit
audit
Authenticator
authenticator
ControllerManager
controllerManager
Scheduler
scheduler
Api
api
Audit
audit
Authenticator
authenticator
ControllerManager
controllerManager
Scheduler
scheduler
API
api
AUDIT
audit
AUTHENTICATOR
authenticator
CONTROLLER_MANAGER
controllerManager
SCHEDULER
scheduler
"api"
api
"audit"
audit
"authenticator"
authenticator
"controllerManager"
controllerManager
"scheduler"
scheduler

ClusterOutpostConfig

ControlPlaneInstanceType string

Specify the Instance type of the machines that should be used to create your cluster.

OutpostArns List<string>

Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.

ControlPlanePlacement Pulumi.AwsNative.EKS.Inputs.ClusterControlPlanePlacement

Specify the placement group of the control plane machines for your cluster.

ControlPlaneInstanceType string

Specify the Instance type of the machines that should be used to create your cluster.

OutpostArns []string

Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.

ControlPlanePlacement ClusterControlPlanePlacement

Specify the placement group of the control plane machines for your cluster.

controlPlaneInstanceType String

Specify the Instance type of the machines that should be used to create your cluster.

outpostArns List<String>

Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.

controlPlanePlacement ClusterControlPlanePlacement

Specify the placement group of the control plane machines for your cluster.

controlPlaneInstanceType string

Specify the Instance type of the machines that should be used to create your cluster.

outpostArns string[]

Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.

controlPlanePlacement ClusterControlPlanePlacement

Specify the placement group of the control plane machines for your cluster.

control_plane_instance_type str

Specify the Instance type of the machines that should be used to create your cluster.

outpost_arns Sequence[str]

Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.

control_plane_placement ClusterControlPlanePlacement

Specify the placement group of the control plane machines for your cluster.

controlPlaneInstanceType String

Specify the Instance type of the machines that should be used to create your cluster.

outpostArns List<String>

Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.

controlPlanePlacement Property Map

Specify the placement group of the control plane machines for your cluster.

ClusterProvider

KeyArn string

Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.

KeyArn string

Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.

keyArn String

Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.

keyArn string

Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.

key_arn str

Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.

keyArn String

Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.

ClusterResourcesVpcConfig

SubnetIds List<string>

Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.

EndpointPrivateAccess bool

Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.

EndpointPublicAccess bool

Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server.

PublicAccessCidrs List<string>

The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks.

SecurityGroupIds List<string>

Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.

SubnetIds []string

Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.

EndpointPrivateAccess bool

Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.

EndpointPublicAccess bool

Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server.

PublicAccessCidrs []string

The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks.

SecurityGroupIds []string

Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.

subnetIds List<String>

Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.

endpointPrivateAccess Boolean

Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.

endpointPublicAccess Boolean

Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server.

publicAccessCidrs List<String>

The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks.

securityGroupIds List<String>

Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.

subnetIds string[]

Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.

endpointPrivateAccess boolean

Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.

endpointPublicAccess boolean

Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server.

publicAccessCidrs string[]

The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks.

securityGroupIds string[]

Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.

subnet_ids Sequence[str]

Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.

endpoint_private_access bool

Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.

endpoint_public_access bool

Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server.

public_access_cidrs Sequence[str]

The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks.

security_group_ids Sequence[str]

Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.

subnetIds List<String>

Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.

endpointPrivateAccess Boolean

Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.

endpointPublicAccess Boolean

Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server.

publicAccessCidrs List<String>

The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks.

securityGroupIds List<String>

Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.

ClusterTag

Key string

The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.

Value string

The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.

Key string

The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.

Value string

The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.

key String

The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.

value String

The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.

key string

The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.

value string

The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.

key str

The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.

value str

The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.

key String

The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.

value String

The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.

Package Details

Repository
AWS Native pulumi/pulumi-aws-native
License
Apache-2.0