1. Packages
  2. AWS
  3. API Docs
  4. eks
  5. Cluster
AWS v6.64.0 published on Friday, Dec 6, 2024 by Pulumi

aws.eks.Cluster

Explore with Pulumi AI

aws logo
AWS v6.64.0 published on Friday, Dec 6, 2024 by Pulumi

    Manages an EKS Cluster.

    Example Usage

    EKS Cluster

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const cluster = new aws.iam.Role("cluster", {
        name: "eks-cluster-example",
        assumeRolePolicy: JSON.stringify({
            Version: "2012-10-17",
            Statement: [{
                Action: [
                    "sts:AssumeRole",
                    "sts:TagSession",
                ],
                Effect: "Allow",
                Principal: {
                    Service: "eks.amazonaws.com",
                },
            }],
        }),
    });
    const clusterAmazonEKSClusterPolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSClusterPolicy", {
        policyArn: "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy",
        role: cluster.name,
    });
    const example = new aws.eks.Cluster("example", {
        name: "example",
        accessConfig: {
            authenticationMode: "API",
        },
        roleArn: exampleAwsIamRole.arn,
        version: "1.31",
        vpcConfig: {
            subnetIds: [
                az1.id,
                az2.id,
                az3.id,
            ],
        },
    }, {
        dependsOn: [clusterAmazonEKSClusterPolicy],
    });
    
    import pulumi
    import json
    import pulumi_aws as aws
    
    cluster = aws.iam.Role("cluster",
        name="eks-cluster-example",
        assume_role_policy=json.dumps({
            "Version": "2012-10-17",
            "Statement": [{
                "Action": [
                    "sts:AssumeRole",
                    "sts:TagSession",
                ],
                "Effect": "Allow",
                "Principal": {
                    "Service": "eks.amazonaws.com",
                },
            }],
        }))
    cluster_amazon_eks_cluster_policy = aws.iam.RolePolicyAttachment("cluster_AmazonEKSClusterPolicy",
        policy_arn="arn:aws:iam::aws:policy/AmazonEKSClusterPolicy",
        role=cluster.name)
    example = aws.eks.Cluster("example",
        name="example",
        access_config={
            "authentication_mode": "API",
        },
        role_arn=example_aws_iam_role["arn"],
        version="1.31",
        vpc_config={
            "subnet_ids": [
                az1["id"],
                az2["id"],
                az3["id"],
            ],
        },
        opts = pulumi.ResourceOptions(depends_on=[cluster_amazon_eks_cluster_policy]))
    
    package main
    
    import (
    	"encoding/json"
    
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		tmpJSON0, err := json.Marshal(map[string]interface{}{
    			"Version": "2012-10-17",
    			"Statement": []map[string]interface{}{
    				map[string]interface{}{
    					"Action": []string{
    						"sts:AssumeRole",
    						"sts:TagSession",
    					},
    					"Effect": "Allow",
    					"Principal": map[string]interface{}{
    						"Service": "eks.amazonaws.com",
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		json0 := string(tmpJSON0)
    		cluster, err := iam.NewRole(ctx, "cluster", &iam.RoleArgs{
    			Name:             pulumi.String("eks-cluster-example"),
    			AssumeRolePolicy: pulumi.String(json0),
    		})
    		if err != nil {
    			return err
    		}
    		clusterAmazonEKSClusterPolicy, err := iam.NewRolePolicyAttachment(ctx, "cluster_AmazonEKSClusterPolicy", &iam.RolePolicyAttachmentArgs{
    			PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"),
    			Role:      cluster.Name,
    		})
    		if err != nil {
    			return err
    		}
    		_, err = eks.NewCluster(ctx, "example", &eks.ClusterArgs{
    			Name: pulumi.String("example"),
    			AccessConfig: &eks.ClusterAccessConfigArgs{
    				AuthenticationMode: pulumi.String("API"),
    			},
    			RoleArn: pulumi.Any(exampleAwsIamRole.Arn),
    			Version: pulumi.String("1.31"),
    			VpcConfig: &eks.ClusterVpcConfigArgs{
    				SubnetIds: pulumi.StringArray{
    					az1.Id,
    					az2.Id,
    					az3.Id,
    				},
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			clusterAmazonEKSClusterPolicy,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using System.Text.Json;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var cluster = new Aws.Iam.Role("cluster", new()
        {
            Name = "eks-cluster-example",
            AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?>
            {
                ["Version"] = "2012-10-17",
                ["Statement"] = new[]
                {
                    new Dictionary<string, object?>
                    {
                        ["Action"] = new[]
                        {
                            "sts:AssumeRole",
                            "sts:TagSession",
                        },
                        ["Effect"] = "Allow",
                        ["Principal"] = new Dictionary<string, object?>
                        {
                            ["Service"] = "eks.amazonaws.com",
                        },
                    },
                },
            }),
        });
    
        var clusterAmazonEKSClusterPolicy = new Aws.Iam.RolePolicyAttachment("cluster_AmazonEKSClusterPolicy", new()
        {
            PolicyArn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy",
            Role = cluster.Name,
        });
    
        var example = new Aws.Eks.Cluster("example", new()
        {
            Name = "example",
            AccessConfig = new Aws.Eks.Inputs.ClusterAccessConfigArgs
            {
                AuthenticationMode = "API",
            },
            RoleArn = exampleAwsIamRole.Arn,
            Version = "1.31",
            VpcConfig = new Aws.Eks.Inputs.ClusterVpcConfigArgs
            {
                SubnetIds = new[]
                {
                    az1.Id,
                    az2.Id,
                    az3.Id,
                },
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                clusterAmazonEKSClusterPolicy,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.iam.Role;
    import com.pulumi.aws.iam.RoleArgs;
    import com.pulumi.aws.iam.RolePolicyAttachment;
    import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
    import com.pulumi.aws.eks.Cluster;
    import com.pulumi.aws.eks.ClusterArgs;
    import com.pulumi.aws.eks.inputs.ClusterAccessConfigArgs;
    import com.pulumi.aws.eks.inputs.ClusterVpcConfigArgs;
    import static com.pulumi.codegen.internal.Serialization.*;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var cluster = new Role("cluster", RoleArgs.builder()
                .name("eks-cluster-example")
                .assumeRolePolicy(serializeJson(
                    jsonObject(
                        jsonProperty("Version", "2012-10-17"),
                        jsonProperty("Statement", jsonArray(jsonObject(
                            jsonProperty("Action", jsonArray(
                                "sts:AssumeRole", 
                                "sts:TagSession"
                            )),
                            jsonProperty("Effect", "Allow"),
                            jsonProperty("Principal", jsonObject(
                                jsonProperty("Service", "eks.amazonaws.com")
                            ))
                        )))
                    )))
                .build());
    
            var clusterAmazonEKSClusterPolicy = new RolePolicyAttachment("clusterAmazonEKSClusterPolicy", RolePolicyAttachmentArgs.builder()
                .policyArn("arn:aws:iam::aws:policy/AmazonEKSClusterPolicy")
                .role(cluster.name())
                .build());
    
            var example = new Cluster("example", ClusterArgs.builder()
                .name("example")
                .accessConfig(ClusterAccessConfigArgs.builder()
                    .authenticationMode("API")
                    .build())
                .roleArn(exampleAwsIamRole.arn())
                .version("1.31")
                .vpcConfig(ClusterVpcConfigArgs.builder()
                    .subnetIds(                
                        az1.id(),
                        az2.id(),
                        az3.id())
                    .build())
                .build(), CustomResourceOptions.builder()
                    .dependsOn(clusterAmazonEKSClusterPolicy)
                    .build());
    
        }
    }
    
    resources:
      example:
        type: aws:eks:Cluster
        properties:
          name: example
          accessConfig:
            authenticationMode: API
          roleArn: ${exampleAwsIamRole.arn}
          version: '1.31'
          vpcConfig:
            subnetIds:
              - ${az1.id}
              - ${az2.id}
              - ${az3.id}
        options:
          dependson:
            - ${clusterAmazonEKSClusterPolicy}
      cluster:
        type: aws:iam:Role
        properties:
          name: eks-cluster-example
          assumeRolePolicy:
            fn::toJSON:
              Version: 2012-10-17
              Statement:
                - Action:
                    - sts:AssumeRole
                    - sts:TagSession
                  Effect: Allow
                  Principal:
                    Service: eks.amazonaws.com
      clusterAmazonEKSClusterPolicy:
        type: aws:iam:RolePolicyAttachment
        name: cluster_AmazonEKSClusterPolicy
        properties:
          policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy
          role: ${cluster.name}
    

    EKS Cluster with EKS Auto Mode

    NOTE: When using EKS Auto Mode compute_config.enabled, kubernetes_network_config.elastic_load_balancing.enabled, and storage_config.block_storage.enabled must *ALL be set to true. Likewise for disabling EKS Auto Mode, all three arguments must be set to false.

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const node = new aws.iam.Role("node", {
        name: "eks-auto-node-example",
        assumeRolePolicy: JSON.stringify({
            Version: "2012-10-17",
            Statement: [{
                Action: ["sts:AssumeRole"],
                Effect: "Allow",
                Principal: {
                    Service: "ec2.amazonaws.com",
                },
            }],
        }),
    });
    const cluster = new aws.iam.Role("cluster", {
        name: "eks-cluster-example",
        assumeRolePolicy: JSON.stringify({
            Version: "2012-10-17",
            Statement: [{
                Action: [
                    "sts:AssumeRole",
                    "sts:TagSession",
                ],
                Effect: "Allow",
                Principal: {
                    Service: "eks.amazonaws.com",
                },
            }],
        }),
    });
    const clusterAmazonEKSClusterPolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSClusterPolicy", {
        policyArn: "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy",
        role: cluster.name,
    });
    const clusterAmazonEKSComputePolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSComputePolicy", {
        policyArn: "arn:aws:iam::aws:policy/AmazonEKSComputePolicy",
        role: cluster.name,
    });
    const clusterAmazonEKSBlockStoragePolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSBlockStoragePolicy", {
        policyArn: "arn:aws:iam::aws:policy/AmazonEKSBlockStoragePolicy",
        role: cluster.name,
    });
    const clusterAmazonEKSLoadBalancingPolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSLoadBalancingPolicy", {
        policyArn: "arn:aws:iam::aws:policy/AmazonEKSLoadBalancingPolicy",
        role: cluster.name,
    });
    const clusterAmazonEKSNetworkingPolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSNetworkingPolicy", {
        policyArn: "arn:aws:iam::aws:policy/AmazonEKSNetworkingPolicy",
        role: cluster.name,
    });
    const example = new aws.eks.Cluster("example", {
        name: "example",
        accessConfig: {
            authenticationMode: "API",
        },
        roleArn: cluster.arn,
        version: "1.31",
        computeConfig: {
            enabled: true,
            nodePools: ["general-purpose"],
            nodeRoleArn: node.arn,
        },
        kubernetesNetworkConfig: {
            elasticLoadBalancing: {
                enabled: true,
            },
        },
        storageConfig: {
            blockStorage: {
                enabled: true,
            },
        },
        vpcConfig: {
            endpointPrivateAccess: true,
            endpointPublicAccess: true,
            subnetIds: [
                az1.id,
                az2.id,
                az3.id,
            ],
        },
    }, {
        dependsOn: [
            clusterAmazonEKSClusterPolicy,
            clusterAmazonEKSComputePolicy,
            clusterAmazonEKSBlockStoragePolicy,
            clusterAmazonEKSLoadBalancingPolicy,
            clusterAmazonEKSNetworkingPolicy,
        ],
    });
    const nodeAmazonEKSWorkerNodeMinimalPolicy = new aws.iam.RolePolicyAttachment("node_AmazonEKSWorkerNodeMinimalPolicy", {
        policyArn: "arn:aws:iam::aws:policy/AmazonEKSWorkerNodeMinimalPolicy",
        role: node.name,
    });
    const nodeAmazonEC2ContainerRegistryPullOnly = new aws.iam.RolePolicyAttachment("node_AmazonEC2ContainerRegistryPullOnly", {
        policyArn: "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPullOnly",
        role: node.name,
    });
    
    import pulumi
    import json
    import pulumi_aws as aws
    
    node = aws.iam.Role("node",
        name="eks-auto-node-example",
        assume_role_policy=json.dumps({
            "Version": "2012-10-17",
            "Statement": [{
                "Action": ["sts:AssumeRole"],
                "Effect": "Allow",
                "Principal": {
                    "Service": "ec2.amazonaws.com",
                },
            }],
        }))
    cluster = aws.iam.Role("cluster",
        name="eks-cluster-example",
        assume_role_policy=json.dumps({
            "Version": "2012-10-17",
            "Statement": [{
                "Action": [
                    "sts:AssumeRole",
                    "sts:TagSession",
                ],
                "Effect": "Allow",
                "Principal": {
                    "Service": "eks.amazonaws.com",
                },
            }],
        }))
    cluster_amazon_eks_cluster_policy = aws.iam.RolePolicyAttachment("cluster_AmazonEKSClusterPolicy",
        policy_arn="arn:aws:iam::aws:policy/AmazonEKSClusterPolicy",
        role=cluster.name)
    cluster_amazon_eks_compute_policy = aws.iam.RolePolicyAttachment("cluster_AmazonEKSComputePolicy",
        policy_arn="arn:aws:iam::aws:policy/AmazonEKSComputePolicy",
        role=cluster.name)
    cluster_amazon_eks_block_storage_policy = aws.iam.RolePolicyAttachment("cluster_AmazonEKSBlockStoragePolicy",
        policy_arn="arn:aws:iam::aws:policy/AmazonEKSBlockStoragePolicy",
        role=cluster.name)
    cluster_amazon_eks_load_balancing_policy = aws.iam.RolePolicyAttachment("cluster_AmazonEKSLoadBalancingPolicy",
        policy_arn="arn:aws:iam::aws:policy/AmazonEKSLoadBalancingPolicy",
        role=cluster.name)
    cluster_amazon_eks_networking_policy = aws.iam.RolePolicyAttachment("cluster_AmazonEKSNetworkingPolicy",
        policy_arn="arn:aws:iam::aws:policy/AmazonEKSNetworkingPolicy",
        role=cluster.name)
    example = aws.eks.Cluster("example",
        name="example",
        access_config={
            "authentication_mode": "API",
        },
        role_arn=cluster.arn,
        version="1.31",
        compute_config={
            "enabled": True,
            "node_pools": ["general-purpose"],
            "node_role_arn": node.arn,
        },
        kubernetes_network_config={
            "elastic_load_balancing": {
                "enabled": True,
            },
        },
        storage_config={
            "block_storage": {
                "enabled": True,
            },
        },
        vpc_config={
            "endpoint_private_access": True,
            "endpoint_public_access": True,
            "subnet_ids": [
                az1["id"],
                az2["id"],
                az3["id"],
            ],
        },
        opts = pulumi.ResourceOptions(depends_on=[
                cluster_amazon_eks_cluster_policy,
                cluster_amazon_eks_compute_policy,
                cluster_amazon_eks_block_storage_policy,
                cluster_amazon_eks_load_balancing_policy,
                cluster_amazon_eks_networking_policy,
            ]))
    node_amazon_eks_worker_node_minimal_policy = aws.iam.RolePolicyAttachment("node_AmazonEKSWorkerNodeMinimalPolicy",
        policy_arn="arn:aws:iam::aws:policy/AmazonEKSWorkerNodeMinimalPolicy",
        role=node.name)
    node_amazon_ec2_container_registry_pull_only = aws.iam.RolePolicyAttachment("node_AmazonEC2ContainerRegistryPullOnly",
        policy_arn="arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPullOnly",
        role=node.name)
    
    package main
    
    import (
    	"encoding/json"
    
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		tmpJSON0, err := json.Marshal(map[string]interface{}{
    			"Version": "2012-10-17",
    			"Statement": []map[string]interface{}{
    				map[string]interface{}{
    					"Action": []string{
    						"sts:AssumeRole",
    					},
    					"Effect": "Allow",
    					"Principal": map[string]interface{}{
    						"Service": "ec2.amazonaws.com",
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		json0 := string(tmpJSON0)
    		node, err := iam.NewRole(ctx, "node", &iam.RoleArgs{
    			Name:             pulumi.String("eks-auto-node-example"),
    			AssumeRolePolicy: pulumi.String(json0),
    		})
    		if err != nil {
    			return err
    		}
    		tmpJSON1, err := json.Marshal(map[string]interface{}{
    			"Version": "2012-10-17",
    			"Statement": []map[string]interface{}{
    				map[string]interface{}{
    					"Action": []string{
    						"sts:AssumeRole",
    						"sts:TagSession",
    					},
    					"Effect": "Allow",
    					"Principal": map[string]interface{}{
    						"Service": "eks.amazonaws.com",
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		json1 := string(tmpJSON1)
    		cluster, err := iam.NewRole(ctx, "cluster", &iam.RoleArgs{
    			Name:             pulumi.String("eks-cluster-example"),
    			AssumeRolePolicy: pulumi.String(json1),
    		})
    		if err != nil {
    			return err
    		}
    		clusterAmazonEKSClusterPolicy, err := iam.NewRolePolicyAttachment(ctx, "cluster_AmazonEKSClusterPolicy", &iam.RolePolicyAttachmentArgs{
    			PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"),
    			Role:      cluster.Name,
    		})
    		if err != nil {
    			return err
    		}
    		clusterAmazonEKSComputePolicy, err := iam.NewRolePolicyAttachment(ctx, "cluster_AmazonEKSComputePolicy", &iam.RolePolicyAttachmentArgs{
    			PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKSComputePolicy"),
    			Role:      cluster.Name,
    		})
    		if err != nil {
    			return err
    		}
    		clusterAmazonEKSBlockStoragePolicy, err := iam.NewRolePolicyAttachment(ctx, "cluster_AmazonEKSBlockStoragePolicy", &iam.RolePolicyAttachmentArgs{
    			PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKSBlockStoragePolicy"),
    			Role:      cluster.Name,
    		})
    		if err != nil {
    			return err
    		}
    		clusterAmazonEKSLoadBalancingPolicy, err := iam.NewRolePolicyAttachment(ctx, "cluster_AmazonEKSLoadBalancingPolicy", &iam.RolePolicyAttachmentArgs{
    			PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKSLoadBalancingPolicy"),
    			Role:      cluster.Name,
    		})
    		if err != nil {
    			return err
    		}
    		clusterAmazonEKSNetworkingPolicy, err := iam.NewRolePolicyAttachment(ctx, "cluster_AmazonEKSNetworkingPolicy", &iam.RolePolicyAttachmentArgs{
    			PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKSNetworkingPolicy"),
    			Role:      cluster.Name,
    		})
    		if err != nil {
    			return err
    		}
    		_, err = eks.NewCluster(ctx, "example", &eks.ClusterArgs{
    			Name: pulumi.String("example"),
    			AccessConfig: &eks.ClusterAccessConfigArgs{
    				AuthenticationMode: pulumi.String("API"),
    			},
    			RoleArn: cluster.Arn,
    			Version: pulumi.String("1.31"),
    			ComputeConfig: &eks.ClusterComputeConfigArgs{
    				Enabled: pulumi.Bool(true),
    				NodePools: pulumi.StringArray{
    					pulumi.String("general-purpose"),
    				},
    				NodeRoleArn: node.Arn,
    			},
    			KubernetesNetworkConfig: &eks.ClusterKubernetesNetworkConfigArgs{
    				ElasticLoadBalancing: &eks.ClusterKubernetesNetworkConfigElasticLoadBalancingArgs{
    					Enabled: pulumi.Bool(true),
    				},
    			},
    			StorageConfig: &eks.ClusterStorageConfigArgs{
    				BlockStorage: &eks.ClusterStorageConfigBlockStorageArgs{
    					Enabled: pulumi.Bool(true),
    				},
    			},
    			VpcConfig: &eks.ClusterVpcConfigArgs{
    				EndpointPrivateAccess: pulumi.Bool(true),
    				EndpointPublicAccess:  pulumi.Bool(true),
    				SubnetIds: pulumi.StringArray{
    					az1.Id,
    					az2.Id,
    					az3.Id,
    				},
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			clusterAmazonEKSClusterPolicy,
    			clusterAmazonEKSComputePolicy,
    			clusterAmazonEKSBlockStoragePolicy,
    			clusterAmazonEKSLoadBalancingPolicy,
    			clusterAmazonEKSNetworkingPolicy,
    		}))
    		if err != nil {
    			return err
    		}
    		_, err = iam.NewRolePolicyAttachment(ctx, "node_AmazonEKSWorkerNodeMinimalPolicy", &iam.RolePolicyAttachmentArgs{
    			PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKSWorkerNodeMinimalPolicy"),
    			Role:      node.Name,
    		})
    		if err != nil {
    			return err
    		}
    		_, err = iam.NewRolePolicyAttachment(ctx, "node_AmazonEC2ContainerRegistryPullOnly", &iam.RolePolicyAttachmentArgs{
    			PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPullOnly"),
    			Role:      node.Name,
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using System.Text.Json;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var node = new Aws.Iam.Role("node", new()
        {
            Name = "eks-auto-node-example",
            AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?>
            {
                ["Version"] = "2012-10-17",
                ["Statement"] = new[]
                {
                    new Dictionary<string, object?>
                    {
                        ["Action"] = new[]
                        {
                            "sts:AssumeRole",
                        },
                        ["Effect"] = "Allow",
                        ["Principal"] = new Dictionary<string, object?>
                        {
                            ["Service"] = "ec2.amazonaws.com",
                        },
                    },
                },
            }),
        });
    
        var cluster = new Aws.Iam.Role("cluster", new()
        {
            Name = "eks-cluster-example",
            AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?>
            {
                ["Version"] = "2012-10-17",
                ["Statement"] = new[]
                {
                    new Dictionary<string, object?>
                    {
                        ["Action"] = new[]
                        {
                            "sts:AssumeRole",
                            "sts:TagSession",
                        },
                        ["Effect"] = "Allow",
                        ["Principal"] = new Dictionary<string, object?>
                        {
                            ["Service"] = "eks.amazonaws.com",
                        },
                    },
                },
            }),
        });
    
        var clusterAmazonEKSClusterPolicy = new Aws.Iam.RolePolicyAttachment("cluster_AmazonEKSClusterPolicy", new()
        {
            PolicyArn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy",
            Role = cluster.Name,
        });
    
        var clusterAmazonEKSComputePolicy = new Aws.Iam.RolePolicyAttachment("cluster_AmazonEKSComputePolicy", new()
        {
            PolicyArn = "arn:aws:iam::aws:policy/AmazonEKSComputePolicy",
            Role = cluster.Name,
        });
    
        var clusterAmazonEKSBlockStoragePolicy = new Aws.Iam.RolePolicyAttachment("cluster_AmazonEKSBlockStoragePolicy", new()
        {
            PolicyArn = "arn:aws:iam::aws:policy/AmazonEKSBlockStoragePolicy",
            Role = cluster.Name,
        });
    
        var clusterAmazonEKSLoadBalancingPolicy = new Aws.Iam.RolePolicyAttachment("cluster_AmazonEKSLoadBalancingPolicy", new()
        {
            PolicyArn = "arn:aws:iam::aws:policy/AmazonEKSLoadBalancingPolicy",
            Role = cluster.Name,
        });
    
        var clusterAmazonEKSNetworkingPolicy = new Aws.Iam.RolePolicyAttachment("cluster_AmazonEKSNetworkingPolicy", new()
        {
            PolicyArn = "arn:aws:iam::aws:policy/AmazonEKSNetworkingPolicy",
            Role = cluster.Name,
        });
    
        var example = new Aws.Eks.Cluster("example", new()
        {
            Name = "example",
            AccessConfig = new Aws.Eks.Inputs.ClusterAccessConfigArgs
            {
                AuthenticationMode = "API",
            },
            RoleArn = cluster.Arn,
            Version = "1.31",
            ComputeConfig = new Aws.Eks.Inputs.ClusterComputeConfigArgs
            {
                Enabled = true,
                NodePools = new[]
                {
                    "general-purpose",
                },
                NodeRoleArn = node.Arn,
            },
            KubernetesNetworkConfig = new Aws.Eks.Inputs.ClusterKubernetesNetworkConfigArgs
            {
                ElasticLoadBalancing = new Aws.Eks.Inputs.ClusterKubernetesNetworkConfigElasticLoadBalancingArgs
                {
                    Enabled = true,
                },
            },
            StorageConfig = new Aws.Eks.Inputs.ClusterStorageConfigArgs
            {
                BlockStorage = new Aws.Eks.Inputs.ClusterStorageConfigBlockStorageArgs
                {
                    Enabled = true,
                },
            },
            VpcConfig = new Aws.Eks.Inputs.ClusterVpcConfigArgs
            {
                EndpointPrivateAccess = true,
                EndpointPublicAccess = true,
                SubnetIds = new[]
                {
                    az1.Id,
                    az2.Id,
                    az3.Id,
                },
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                clusterAmazonEKSClusterPolicy,
                clusterAmazonEKSComputePolicy,
                clusterAmazonEKSBlockStoragePolicy,
                clusterAmazonEKSLoadBalancingPolicy,
                clusterAmazonEKSNetworkingPolicy,
            },
        });
    
        var nodeAmazonEKSWorkerNodeMinimalPolicy = new Aws.Iam.RolePolicyAttachment("node_AmazonEKSWorkerNodeMinimalPolicy", new()
        {
            PolicyArn = "arn:aws:iam::aws:policy/AmazonEKSWorkerNodeMinimalPolicy",
            Role = node.Name,
        });
    
        var nodeAmazonEC2ContainerRegistryPullOnly = new Aws.Iam.RolePolicyAttachment("node_AmazonEC2ContainerRegistryPullOnly", new()
        {
            PolicyArn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPullOnly",
            Role = node.Name,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.iam.Role;
    import com.pulumi.aws.iam.RoleArgs;
    import com.pulumi.aws.iam.RolePolicyAttachment;
    import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
    import com.pulumi.aws.eks.Cluster;
    import com.pulumi.aws.eks.ClusterArgs;
    import com.pulumi.aws.eks.inputs.ClusterAccessConfigArgs;
    import com.pulumi.aws.eks.inputs.ClusterComputeConfigArgs;
    import com.pulumi.aws.eks.inputs.ClusterKubernetesNetworkConfigArgs;
    import com.pulumi.aws.eks.inputs.ClusterKubernetesNetworkConfigElasticLoadBalancingArgs;
    import com.pulumi.aws.eks.inputs.ClusterStorageConfigArgs;
    import com.pulumi.aws.eks.inputs.ClusterStorageConfigBlockStorageArgs;
    import com.pulumi.aws.eks.inputs.ClusterVpcConfigArgs;
    import static com.pulumi.codegen.internal.Serialization.*;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var node = new Role("node", RoleArgs.builder()
                .name("eks-auto-node-example")
                .assumeRolePolicy(serializeJson(
                    jsonObject(
                        jsonProperty("Version", "2012-10-17"),
                        jsonProperty("Statement", jsonArray(jsonObject(
                            jsonProperty("Action", jsonArray("sts:AssumeRole")),
                            jsonProperty("Effect", "Allow"),
                            jsonProperty("Principal", jsonObject(
                                jsonProperty("Service", "ec2.amazonaws.com")
                            ))
                        )))
                    )))
                .build());
    
            var cluster = new Role("cluster", RoleArgs.builder()
                .name("eks-cluster-example")
                .assumeRolePolicy(serializeJson(
                    jsonObject(
                        jsonProperty("Version", "2012-10-17"),
                        jsonProperty("Statement", jsonArray(jsonObject(
                            jsonProperty("Action", jsonArray(
                                "sts:AssumeRole", 
                                "sts:TagSession"
                            )),
                            jsonProperty("Effect", "Allow"),
                            jsonProperty("Principal", jsonObject(
                                jsonProperty("Service", "eks.amazonaws.com")
                            ))
                        )))
                    )))
                .build());
    
            var clusterAmazonEKSClusterPolicy = new RolePolicyAttachment("clusterAmazonEKSClusterPolicy", RolePolicyAttachmentArgs.builder()
                .policyArn("arn:aws:iam::aws:policy/AmazonEKSClusterPolicy")
                .role(cluster.name())
                .build());
    
            var clusterAmazonEKSComputePolicy = new RolePolicyAttachment("clusterAmazonEKSComputePolicy", RolePolicyAttachmentArgs.builder()
                .policyArn("arn:aws:iam::aws:policy/AmazonEKSComputePolicy")
                .role(cluster.name())
                .build());
    
            var clusterAmazonEKSBlockStoragePolicy = new RolePolicyAttachment("clusterAmazonEKSBlockStoragePolicy", RolePolicyAttachmentArgs.builder()
                .policyArn("arn:aws:iam::aws:policy/AmazonEKSBlockStoragePolicy")
                .role(cluster.name())
                .build());
    
            var clusterAmazonEKSLoadBalancingPolicy = new RolePolicyAttachment("clusterAmazonEKSLoadBalancingPolicy", RolePolicyAttachmentArgs.builder()
                .policyArn("arn:aws:iam::aws:policy/AmazonEKSLoadBalancingPolicy")
                .role(cluster.name())
                .build());
    
            var clusterAmazonEKSNetworkingPolicy = new RolePolicyAttachment("clusterAmazonEKSNetworkingPolicy", RolePolicyAttachmentArgs.builder()
                .policyArn("arn:aws:iam::aws:policy/AmazonEKSNetworkingPolicy")
                .role(cluster.name())
                .build());
    
            var example = new Cluster("example", ClusterArgs.builder()
                .name("example")
                .accessConfig(ClusterAccessConfigArgs.builder()
                    .authenticationMode("API")
                    .build())
                .roleArn(cluster.arn())
                .version("1.31")
                .computeConfig(ClusterComputeConfigArgs.builder()
                    .enabled(true)
                    .nodePools("general-purpose")
                    .nodeRoleArn(node.arn())
                    .build())
                .kubernetesNetworkConfig(ClusterKubernetesNetworkConfigArgs.builder()
                    .elasticLoadBalancing(ClusterKubernetesNetworkConfigElasticLoadBalancingArgs.builder()
                        .enabled(true)
                        .build())
                    .build())
                .storageConfig(ClusterStorageConfigArgs.builder()
                    .blockStorage(ClusterStorageConfigBlockStorageArgs.builder()
                        .enabled(true)
                        .build())
                    .build())
                .vpcConfig(ClusterVpcConfigArgs.builder()
                    .endpointPrivateAccess(true)
                    .endpointPublicAccess(true)
                    .subnetIds(                
                        az1.id(),
                        az2.id(),
                        az3.id())
                    .build())
                .build(), CustomResourceOptions.builder()
                    .dependsOn(                
                        clusterAmazonEKSClusterPolicy,
                        clusterAmazonEKSComputePolicy,
                        clusterAmazonEKSBlockStoragePolicy,
                        clusterAmazonEKSLoadBalancingPolicy,
                        clusterAmazonEKSNetworkingPolicy)
                    .build());
    
            var nodeAmazonEKSWorkerNodeMinimalPolicy = new RolePolicyAttachment("nodeAmazonEKSWorkerNodeMinimalPolicy", RolePolicyAttachmentArgs.builder()
                .policyArn("arn:aws:iam::aws:policy/AmazonEKSWorkerNodeMinimalPolicy")
                .role(node.name())
                .build());
    
            var nodeAmazonEC2ContainerRegistryPullOnly = new RolePolicyAttachment("nodeAmazonEC2ContainerRegistryPullOnly", RolePolicyAttachmentArgs.builder()
                .policyArn("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPullOnly")
                .role(node.name())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:eks:Cluster
        properties:
          name: example
          accessConfig:
            authenticationMode: API
          roleArn: ${cluster.arn}
          version: '1.31'
          computeConfig:
            enabled: true
            nodePools:
              - general-purpose
            nodeRoleArn: ${node.arn}
          kubernetesNetworkConfig:
            elasticLoadBalancing:
              enabled: true
          storageConfig:
            blockStorage:
              enabled: true
          vpcConfig:
            endpointPrivateAccess: true
            endpointPublicAccess: true
            subnetIds:
              - ${az1.id}
              - ${az2.id}
              - ${az3.id}
        options:
          dependson:
            - ${clusterAmazonEKSClusterPolicy}
            - ${clusterAmazonEKSComputePolicy}
            - ${clusterAmazonEKSBlockStoragePolicy}
            - ${clusterAmazonEKSLoadBalancingPolicy}
            - ${clusterAmazonEKSNetworkingPolicy}
      node:
        type: aws:iam:Role
        properties:
          name: eks-auto-node-example
          assumeRolePolicy:
            fn::toJSON:
              Version: 2012-10-17
              Statement:
                - Action:
                    - sts:AssumeRole
                  Effect: Allow
                  Principal:
                    Service: ec2.amazonaws.com
      nodeAmazonEKSWorkerNodeMinimalPolicy:
        type: aws:iam:RolePolicyAttachment
        name: node_AmazonEKSWorkerNodeMinimalPolicy
        properties:
          policyArn: arn:aws:iam::aws:policy/AmazonEKSWorkerNodeMinimalPolicy
          role: ${node.name}
      nodeAmazonEC2ContainerRegistryPullOnly:
        type: aws:iam:RolePolicyAttachment
        name: node_AmazonEC2ContainerRegistryPullOnly
        properties:
          policyArn: arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPullOnly
          role: ${node.name}
      cluster:
        type: aws:iam:Role
        properties:
          name: eks-cluster-example
          assumeRolePolicy:
            fn::toJSON:
              Version: 2012-10-17
              Statement:
                - Action:
                    - sts:AssumeRole
                    - sts:TagSession
                  Effect: Allow
                  Principal:
                    Service: eks.amazonaws.com
      clusterAmazonEKSClusterPolicy:
        type: aws:iam:RolePolicyAttachment
        name: cluster_AmazonEKSClusterPolicy
        properties:
          policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy
          role: ${cluster.name}
      clusterAmazonEKSComputePolicy:
        type: aws:iam:RolePolicyAttachment
        name: cluster_AmazonEKSComputePolicy
        properties:
          policyArn: arn:aws:iam::aws:policy/AmazonEKSComputePolicy
          role: ${cluster.name}
      clusterAmazonEKSBlockStoragePolicy:
        type: aws:iam:RolePolicyAttachment
        name: cluster_AmazonEKSBlockStoragePolicy
        properties:
          policyArn: arn:aws:iam::aws:policy/AmazonEKSBlockStoragePolicy
          role: ${cluster.name}
      clusterAmazonEKSLoadBalancingPolicy:
        type: aws:iam:RolePolicyAttachment
        name: cluster_AmazonEKSLoadBalancingPolicy
        properties:
          policyArn: arn:aws:iam::aws:policy/AmazonEKSLoadBalancingPolicy
          role: ${cluster.name}
      clusterAmazonEKSNetworkingPolicy:
        type: aws:iam:RolePolicyAttachment
        name: cluster_AmazonEKSNetworkingPolicy
        properties:
          policyArn: arn:aws:iam::aws:policy/AmazonEKSNetworkingPolicy
          role: ${cluster.name}
    

    EKS Cluster with EKS Hybrid Nodes

    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    resources:
      example:
        type: aws:eks:Cluster
        properties:
          name: example
          accessConfig:
            authenticationMode: API
          roleArn: ${cluster.arn}
          version: '1.31'
          clusterRemoteNetworkConfig:
            remoteNodeNetworks:
              cidrs:
                - 172.16.0.0/18
            remotePodNetworks:
              cidrs:
                - 172.16.64.0/18
          vpcConfig:
            endpointPrivateAccess: true
            endpointPublicAccess: true
            subnetIds:
              - ${az1.id}
              - ${az2.id}
              - ${az3.id}
        options:
          dependson:
            - ${clusterAmazonEKSClusterPolicy}
      cluster:
        type: aws:iam:Role
        properties:
          name: eks-cluster-example
          assumeRolePolicy:
            fn::toJSON:
              Version: 2012-10-17
              Statement:
                - Action:
                    - sts:AssumeRole
                    - sts:TagSession
                  Effect: Allow
                  Principal:
                    Service: eks.amazonaws.com
      clusterAmazonEKSClusterPolicy:
        type: aws:iam:RolePolicyAttachment
        name: cluster_AmazonEKSClusterPolicy
        properties:
          policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy
          role: ${cluster.name}
    

    Local EKS Cluster on AWS Outpost

    Creating a local Amazon EKS cluster on an AWS Outpost

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = aws.outposts.getOutpost({
        name: "example",
    });
    const cluster = new aws.iam.Role("cluster", {
        name: "eks-cluster-example",
        assumeRolePolicy: JSON.stringify({
            Version: "2012-10-17",
            Statement: [{
                Action: [
                    "sts:AssumeRole",
                    "sts:TagSession",
                ],
                Effect: "Allow",
                Principal: {
                    Service: [
                        "eks.amazonaws.com",
                        "ec2.amazonaws.com",
                    ],
                },
            }],
        }),
    });
    const clusterAmazonEKSLocalOutpostClusterPolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSLocalOutpostClusterPolicy", {
        policyArn: "arn:aws:iam::aws:policy/AmazonEKSLocalOutpostClusterPolicy",
        role: cluster.name,
    });
    const exampleCluster = new aws.eks.Cluster("example", {
        name: "example",
        accessConfig: {
            authenticationMode: "CONFIG_MAP",
        },
        roleArn: exampleAwsIamRole.arn,
        version: "1.31",
        vpcConfig: {
            endpointPrivateAccess: true,
            endpointPublicAccess: false,
            subnetIds: [
                az1.id,
                az2.id,
                az3.id,
            ],
        },
        outpostConfig: {
            controlPlaneInstanceType: "m5.large",
            outpostArns: [example.then(example => example.arn)],
        },
    }, {
        dependsOn: [clusterAmazonEKSLocalOutpostClusterPolicy],
    });
    
    import pulumi
    import json
    import pulumi_aws as aws
    
    example = aws.outposts.get_outpost(name="example")
    cluster = aws.iam.Role("cluster",
        name="eks-cluster-example",
        assume_role_policy=json.dumps({
            "Version": "2012-10-17",
            "Statement": [{
                "Action": [
                    "sts:AssumeRole",
                    "sts:TagSession",
                ],
                "Effect": "Allow",
                "Principal": {
                    "Service": [
                        "eks.amazonaws.com",
                        "ec2.amazonaws.com",
                    ],
                },
            }],
        }))
    cluster_amazon_eks_local_outpost_cluster_policy = aws.iam.RolePolicyAttachment("cluster_AmazonEKSLocalOutpostClusterPolicy",
        policy_arn="arn:aws:iam::aws:policy/AmazonEKSLocalOutpostClusterPolicy",
        role=cluster.name)
    example_cluster = aws.eks.Cluster("example",
        name="example",
        access_config={
            "authentication_mode": "CONFIG_MAP",
        },
        role_arn=example_aws_iam_role["arn"],
        version="1.31",
        vpc_config={
            "endpoint_private_access": True,
            "endpoint_public_access": False,
            "subnet_ids": [
                az1["id"],
                az2["id"],
                az3["id"],
            ],
        },
        outpost_config={
            "control_plane_instance_type": "m5.large",
            "outpost_arns": [example.arn],
        },
        opts = pulumi.ResourceOptions(depends_on=[cluster_amazon_eks_local_outpost_cluster_policy]))
    
    package main
    
    import (
    	"encoding/json"
    
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/outposts"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := outposts.GetOutpost(ctx, &outposts.GetOutpostArgs{
    			Name: pulumi.StringRef("example"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		tmpJSON0, err := json.Marshal(map[string]interface{}{
    			"Version": "2012-10-17",
    			"Statement": []map[string]interface{}{
    				map[string]interface{}{
    					"Action": []string{
    						"sts:AssumeRole",
    						"sts:TagSession",
    					},
    					"Effect": "Allow",
    					"Principal": map[string]interface{}{
    						"Service": []string{
    							"eks.amazonaws.com",
    							"ec2.amazonaws.com",
    						},
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		json0 := string(tmpJSON0)
    		cluster, err := iam.NewRole(ctx, "cluster", &iam.RoleArgs{
    			Name:             pulumi.String("eks-cluster-example"),
    			AssumeRolePolicy: pulumi.String(json0),
    		})
    		if err != nil {
    			return err
    		}
    		clusterAmazonEKSLocalOutpostClusterPolicy, err := iam.NewRolePolicyAttachment(ctx, "cluster_AmazonEKSLocalOutpostClusterPolicy", &iam.RolePolicyAttachmentArgs{
    			PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKSLocalOutpostClusterPolicy"),
    			Role:      cluster.Name,
    		})
    		if err != nil {
    			return err
    		}
    		_, err = eks.NewCluster(ctx, "example", &eks.ClusterArgs{
    			Name: pulumi.String("example"),
    			AccessConfig: &eks.ClusterAccessConfigArgs{
    				AuthenticationMode: pulumi.String("CONFIG_MAP"),
    			},
    			RoleArn: pulumi.Any(exampleAwsIamRole.Arn),
    			Version: pulumi.String("1.31"),
    			VpcConfig: &eks.ClusterVpcConfigArgs{
    				EndpointPrivateAccess: pulumi.Bool(true),
    				EndpointPublicAccess:  pulumi.Bool(false),
    				SubnetIds: pulumi.StringArray{
    					az1.Id,
    					az2.Id,
    					az3.Id,
    				},
    			},
    			OutpostConfig: &eks.ClusterOutpostConfigArgs{
    				ControlPlaneInstanceType: pulumi.String("m5.large"),
    				OutpostArns: pulumi.StringArray{
    					pulumi.String(example.Arn),
    				},
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			clusterAmazonEKSLocalOutpostClusterPolicy,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using System.Text.Json;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = Aws.Outposts.GetOutpost.Invoke(new()
        {
            Name = "example",
        });
    
        var cluster = new Aws.Iam.Role("cluster", new()
        {
            Name = "eks-cluster-example",
            AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?>
            {
                ["Version"] = "2012-10-17",
                ["Statement"] = new[]
                {
                    new Dictionary<string, object?>
                    {
                        ["Action"] = new[]
                        {
                            "sts:AssumeRole",
                            "sts:TagSession",
                        },
                        ["Effect"] = "Allow",
                        ["Principal"] = new Dictionary<string, object?>
                        {
                            ["Service"] = new[]
                            {
                                "eks.amazonaws.com",
                                "ec2.amazonaws.com",
                            },
                        },
                    },
                },
            }),
        });
    
        var clusterAmazonEKSLocalOutpostClusterPolicy = new Aws.Iam.RolePolicyAttachment("cluster_AmazonEKSLocalOutpostClusterPolicy", new()
        {
            PolicyArn = "arn:aws:iam::aws:policy/AmazonEKSLocalOutpostClusterPolicy",
            Role = cluster.Name,
        });
    
        var exampleCluster = new Aws.Eks.Cluster("example", new()
        {
            Name = "example",
            AccessConfig = new Aws.Eks.Inputs.ClusterAccessConfigArgs
            {
                AuthenticationMode = "CONFIG_MAP",
            },
            RoleArn = exampleAwsIamRole.Arn,
            Version = "1.31",
            VpcConfig = new Aws.Eks.Inputs.ClusterVpcConfigArgs
            {
                EndpointPrivateAccess = true,
                EndpointPublicAccess = false,
                SubnetIds = new[]
                {
                    az1.Id,
                    az2.Id,
                    az3.Id,
                },
            },
            OutpostConfig = new Aws.Eks.Inputs.ClusterOutpostConfigArgs
            {
                ControlPlaneInstanceType = "m5.large",
                OutpostArns = new[]
                {
                    example.Apply(getOutpostResult => getOutpostResult.Arn),
                },
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                clusterAmazonEKSLocalOutpostClusterPolicy,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.outposts.OutpostsFunctions;
    import com.pulumi.aws.outposts.inputs.GetOutpostArgs;
    import com.pulumi.aws.iam.Role;
    import com.pulumi.aws.iam.RoleArgs;
    import com.pulumi.aws.iam.RolePolicyAttachment;
    import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
    import com.pulumi.aws.eks.Cluster;
    import com.pulumi.aws.eks.ClusterArgs;
    import com.pulumi.aws.eks.inputs.ClusterAccessConfigArgs;
    import com.pulumi.aws.eks.inputs.ClusterVpcConfigArgs;
    import com.pulumi.aws.eks.inputs.ClusterOutpostConfigArgs;
    import static com.pulumi.codegen.internal.Serialization.*;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var example = OutpostsFunctions.getOutpost(GetOutpostArgs.builder()
                .name("example")
                .build());
    
            var cluster = new Role("cluster", RoleArgs.builder()
                .name("eks-cluster-example")
                .assumeRolePolicy(serializeJson(
                    jsonObject(
                        jsonProperty("Version", "2012-10-17"),
                        jsonProperty("Statement", jsonArray(jsonObject(
                            jsonProperty("Action", jsonArray(
                                "sts:AssumeRole", 
                                "sts:TagSession"
                            )),
                            jsonProperty("Effect", "Allow"),
                            jsonProperty("Principal", jsonObject(
                                jsonProperty("Service", jsonArray(
                                    "eks.amazonaws.com", 
                                    "ec2.amazonaws.com"
                                ))
                            ))
                        )))
                    )))
                .build());
    
            var clusterAmazonEKSLocalOutpostClusterPolicy = new RolePolicyAttachment("clusterAmazonEKSLocalOutpostClusterPolicy", RolePolicyAttachmentArgs.builder()
                .policyArn("arn:aws:iam::aws:policy/AmazonEKSLocalOutpostClusterPolicy")
                .role(cluster.name())
                .build());
    
            var exampleCluster = new Cluster("exampleCluster", ClusterArgs.builder()
                .name("example")
                .accessConfig(ClusterAccessConfigArgs.builder()
                    .authenticationMode("CONFIG_MAP")
                    .build())
                .roleArn(exampleAwsIamRole.arn())
                .version("1.31")
                .vpcConfig(ClusterVpcConfigArgs.builder()
                    .endpointPrivateAccess(true)
                    .endpointPublicAccess(false)
                    .subnetIds(                
                        az1.id(),
                        az2.id(),
                        az3.id())
                    .build())
                .outpostConfig(ClusterOutpostConfigArgs.builder()
                    .controlPlaneInstanceType("m5.large")
                    .outpostArns(example.applyValue(getOutpostResult -> getOutpostResult.arn()))
                    .build())
                .build(), CustomResourceOptions.builder()
                    .dependsOn(clusterAmazonEKSLocalOutpostClusterPolicy)
                    .build());
    
        }
    }
    
    resources:
      exampleCluster:
        type: aws:eks:Cluster
        name: example
        properties:
          name: example
          accessConfig:
            authenticationMode: CONFIG_MAP
          roleArn: ${exampleAwsIamRole.arn}
          version: '1.31'
          vpcConfig:
            endpointPrivateAccess: true
            endpointPublicAccess: false
            subnetIds:
              - ${az1.id}
              - ${az2.id}
              - ${az3.id}
          outpostConfig:
            controlPlaneInstanceType: m5.large
            outpostArns:
              - ${example.arn}
        options:
          dependson:
            - ${clusterAmazonEKSLocalOutpostClusterPolicy}
      cluster:
        type: aws:iam:Role
        properties:
          name: eks-cluster-example
          assumeRolePolicy:
            fn::toJSON:
              Version: 2012-10-17
              Statement:
                - Action:
                    - sts:AssumeRole
                    - sts:TagSession
                  Effect: Allow
                  Principal:
                    Service:
                      - eks.amazonaws.com
                      - ec2.amazonaws.com
      clusterAmazonEKSLocalOutpostClusterPolicy:
        type: aws:iam:RolePolicyAttachment
        name: cluster_AmazonEKSLocalOutpostClusterPolicy
        properties:
          policyArn: arn:aws:iam::aws:policy/AmazonEKSLocalOutpostClusterPolicy
          role: ${cluster.name}
    variables:
      example:
        fn::invoke:
          Function: aws:outposts:getOutpost
          Arguments:
            name: example
    

    Create Cluster Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Cluster(name: string, args: ClusterArgs, opts?: CustomResourceOptions);
    @overload
    def Cluster(resource_name: str,
                args: ClusterArgs,
                opts: Optional[ResourceOptions] = None)
    
    @overload
    def Cluster(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                role_arn: Optional[str] = None,
                vpc_config: Optional[ClusterVpcConfigArgs] = None,
                outpost_config: Optional[ClusterOutpostConfigArgs] = None,
                remote_network_config: Optional[ClusterRemoteNetworkConfigArgs] = None,
                enabled_cluster_log_types: Optional[Sequence[str]] = None,
                encryption_config: Optional[ClusterEncryptionConfigArgs] = None,
                kubernetes_network_config: Optional[ClusterKubernetesNetworkConfigArgs] = None,
                name: Optional[str] = None,
                access_config: Optional[ClusterAccessConfigArgs] = None,
                default_addons_to_removes: Optional[Sequence[str]] = None,
                compute_config: Optional[ClusterComputeConfigArgs] = None,
                storage_config: Optional[ClusterStorageConfigArgs] = None,
                tags: Optional[Mapping[str, str]] = None,
                upgrade_policy: Optional[ClusterUpgradePolicyArgs] = None,
                version: Optional[str] = None,
                bootstrap_self_managed_addons: Optional[bool] = None,
                zonal_shift_config: Optional[ClusterZonalShiftConfigArgs] = None)
    func NewCluster(ctx *Context, name string, args ClusterArgs, opts ...ResourceOption) (*Cluster, error)
    public Cluster(string name, ClusterArgs args, CustomResourceOptions? opts = null)
    public Cluster(String name, ClusterArgs args)
    public Cluster(String name, ClusterArgs args, CustomResourceOptions options)
    
    type: aws:eks:Cluster
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args ClusterArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ClusterArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ClusterArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ClusterArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ClusterArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var exampleclusterResourceResourceFromEkscluster = new Aws.Eks.Cluster("exampleclusterResourceResourceFromEkscluster", new()
    {
        RoleArn = "string",
        VpcConfig = new Aws.Eks.Inputs.ClusterVpcConfigArgs
        {
            SubnetIds = new[]
            {
                "string",
            },
            ClusterSecurityGroupId = "string",
            EndpointPrivateAccess = false,
            EndpointPublicAccess = false,
            PublicAccessCidrs = new[]
            {
                "string",
            },
            SecurityGroupIds = new[]
            {
                "string",
            },
            VpcId = "string",
        },
        OutpostConfig = new Aws.Eks.Inputs.ClusterOutpostConfigArgs
        {
            ControlPlaneInstanceType = "string",
            OutpostArns = new[]
            {
                "string",
            },
            ControlPlanePlacement = new Aws.Eks.Inputs.ClusterOutpostConfigControlPlanePlacementArgs
            {
                GroupName = "string",
            },
        },
        RemoteNetworkConfig = new Aws.Eks.Inputs.ClusterRemoteNetworkConfigArgs
        {
            RemoteNodeNetworks = new Aws.Eks.Inputs.ClusterRemoteNetworkConfigRemoteNodeNetworksArgs
            {
                Cidrs = new[]
                {
                    "string",
                },
            },
            RemotePodNetworks = new Aws.Eks.Inputs.ClusterRemoteNetworkConfigRemotePodNetworksArgs
            {
                Cidrs = new[]
                {
                    "string",
                },
            },
        },
        EnabledClusterLogTypes = new[]
        {
            "string",
        },
        EncryptionConfig = new Aws.Eks.Inputs.ClusterEncryptionConfigArgs
        {
            Provider = new Aws.Eks.Inputs.ClusterEncryptionConfigProviderArgs
            {
                KeyArn = "string",
            },
            Resources = new[]
            {
                "string",
            },
        },
        KubernetesNetworkConfig = new Aws.Eks.Inputs.ClusterKubernetesNetworkConfigArgs
        {
            ElasticLoadBalancing = new Aws.Eks.Inputs.ClusterKubernetesNetworkConfigElasticLoadBalancingArgs
            {
                Enabled = false,
            },
            IpFamily = "string",
            ServiceIpv4Cidr = "string",
            ServiceIpv6Cidr = "string",
        },
        Name = "string",
        AccessConfig = new Aws.Eks.Inputs.ClusterAccessConfigArgs
        {
            AuthenticationMode = "string",
            BootstrapClusterCreatorAdminPermissions = false,
        },
        DefaultAddonsToRemoves = new[]
        {
            "string",
        },
        ComputeConfig = new Aws.Eks.Inputs.ClusterComputeConfigArgs
        {
            Enabled = false,
            NodePools = new[]
            {
                "string",
            },
            NodeRoleArn = "string",
        },
        StorageConfig = new Aws.Eks.Inputs.ClusterStorageConfigArgs
        {
            BlockStorage = new Aws.Eks.Inputs.ClusterStorageConfigBlockStorageArgs
            {
                Enabled = false,
            },
        },
        Tags = 
        {
            { "string", "string" },
        },
        UpgradePolicy = new Aws.Eks.Inputs.ClusterUpgradePolicyArgs
        {
            SupportType = "string",
        },
        Version = "string",
        BootstrapSelfManagedAddons = false,
        ZonalShiftConfig = new Aws.Eks.Inputs.ClusterZonalShiftConfigArgs
        {
            Enabled = false,
        },
    });
    
    example, err := eks.NewCluster(ctx, "exampleclusterResourceResourceFromEkscluster", &eks.ClusterArgs{
    	RoleArn: pulumi.String("string"),
    	VpcConfig: &eks.ClusterVpcConfigArgs{
    		SubnetIds: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		ClusterSecurityGroupId: pulumi.String("string"),
    		EndpointPrivateAccess:  pulumi.Bool(false),
    		EndpointPublicAccess:   pulumi.Bool(false),
    		PublicAccessCidrs: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		SecurityGroupIds: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		VpcId: pulumi.String("string"),
    	},
    	OutpostConfig: &eks.ClusterOutpostConfigArgs{
    		ControlPlaneInstanceType: pulumi.String("string"),
    		OutpostArns: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		ControlPlanePlacement: &eks.ClusterOutpostConfigControlPlanePlacementArgs{
    			GroupName: pulumi.String("string"),
    		},
    	},
    	RemoteNetworkConfig: &eks.ClusterRemoteNetworkConfigArgs{
    		RemoteNodeNetworks: &eks.ClusterRemoteNetworkConfigRemoteNodeNetworksArgs{
    			Cidrs: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    		RemotePodNetworks: &eks.ClusterRemoteNetworkConfigRemotePodNetworksArgs{
    			Cidrs: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    	},
    	EnabledClusterLogTypes: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	EncryptionConfig: &eks.ClusterEncryptionConfigArgs{
    		Provider: &eks.ClusterEncryptionConfigProviderArgs{
    			KeyArn: pulumi.String("string"),
    		},
    		Resources: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    	},
    	KubernetesNetworkConfig: &eks.ClusterKubernetesNetworkConfigArgs{
    		ElasticLoadBalancing: &eks.ClusterKubernetesNetworkConfigElasticLoadBalancingArgs{
    			Enabled: pulumi.Bool(false),
    		},
    		IpFamily:        pulumi.String("string"),
    		ServiceIpv4Cidr: pulumi.String("string"),
    		ServiceIpv6Cidr: pulumi.String("string"),
    	},
    	Name: pulumi.String("string"),
    	AccessConfig: &eks.ClusterAccessConfigArgs{
    		AuthenticationMode:                      pulumi.String("string"),
    		BootstrapClusterCreatorAdminPermissions: pulumi.Bool(false),
    	},
    	DefaultAddonsToRemoves: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ComputeConfig: &eks.ClusterComputeConfigArgs{
    		Enabled: pulumi.Bool(false),
    		NodePools: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		NodeRoleArn: pulumi.String("string"),
    	},
    	StorageConfig: &eks.ClusterStorageConfigArgs{
    		BlockStorage: &eks.ClusterStorageConfigBlockStorageArgs{
    			Enabled: pulumi.Bool(false),
    		},
    	},
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	UpgradePolicy: &eks.ClusterUpgradePolicyArgs{
    		SupportType: pulumi.String("string"),
    	},
    	Version:                    pulumi.String("string"),
    	BootstrapSelfManagedAddons: pulumi.Bool(false),
    	ZonalShiftConfig: &eks.ClusterZonalShiftConfigArgs{
    		Enabled: pulumi.Bool(false),
    	},
    })
    
    var exampleclusterResourceResourceFromEkscluster = new Cluster("exampleclusterResourceResourceFromEkscluster", ClusterArgs.builder()
        .roleArn("string")
        .vpcConfig(ClusterVpcConfigArgs.builder()
            .subnetIds("string")
            .clusterSecurityGroupId("string")
            .endpointPrivateAccess(false)
            .endpointPublicAccess(false)
            .publicAccessCidrs("string")
            .securityGroupIds("string")
            .vpcId("string")
            .build())
        .outpostConfig(ClusterOutpostConfigArgs.builder()
            .controlPlaneInstanceType("string")
            .outpostArns("string")
            .controlPlanePlacement(ClusterOutpostConfigControlPlanePlacementArgs.builder()
                .groupName("string")
                .build())
            .build())
        .remoteNetworkConfig(ClusterRemoteNetworkConfigArgs.builder()
            .remoteNodeNetworks(ClusterRemoteNetworkConfigRemoteNodeNetworksArgs.builder()
                .cidrs("string")
                .build())
            .remotePodNetworks(ClusterRemoteNetworkConfigRemotePodNetworksArgs.builder()
                .cidrs("string")
                .build())
            .build())
        .enabledClusterLogTypes("string")
        .encryptionConfig(ClusterEncryptionConfigArgs.builder()
            .provider(ClusterEncryptionConfigProviderArgs.builder()
                .keyArn("string")
                .build())
            .resources("string")
            .build())
        .kubernetesNetworkConfig(ClusterKubernetesNetworkConfigArgs.builder()
            .elasticLoadBalancing(ClusterKubernetesNetworkConfigElasticLoadBalancingArgs.builder()
                .enabled(false)
                .build())
            .ipFamily("string")
            .serviceIpv4Cidr("string")
            .serviceIpv6Cidr("string")
            .build())
        .name("string")
        .accessConfig(ClusterAccessConfigArgs.builder()
            .authenticationMode("string")
            .bootstrapClusterCreatorAdminPermissions(false)
            .build())
        .defaultAddonsToRemoves("string")
        .computeConfig(ClusterComputeConfigArgs.builder()
            .enabled(false)
            .nodePools("string")
            .nodeRoleArn("string")
            .build())
        .storageConfig(ClusterStorageConfigArgs.builder()
            .blockStorage(ClusterStorageConfigBlockStorageArgs.builder()
                .enabled(false)
                .build())
            .build())
        .tags(Map.of("string", "string"))
        .upgradePolicy(ClusterUpgradePolicyArgs.builder()
            .supportType("string")
            .build())
        .version("string")
        .bootstrapSelfManagedAddons(false)
        .zonalShiftConfig(ClusterZonalShiftConfigArgs.builder()
            .enabled(false)
            .build())
        .build());
    
    examplecluster_resource_resource_from_ekscluster = aws.eks.Cluster("exampleclusterResourceResourceFromEkscluster",
        role_arn="string",
        vpc_config={
            "subnet_ids": ["string"],
            "cluster_security_group_id": "string",
            "endpoint_private_access": False,
            "endpoint_public_access": False,
            "public_access_cidrs": ["string"],
            "security_group_ids": ["string"],
            "vpc_id": "string",
        },
        outpost_config={
            "control_plane_instance_type": "string",
            "outpost_arns": ["string"],
            "control_plane_placement": {
                "group_name": "string",
            },
        },
        remote_network_config={
            "remote_node_networks": {
                "cidrs": ["string"],
            },
            "remote_pod_networks": {
                "cidrs": ["string"],
            },
        },
        enabled_cluster_log_types=["string"],
        encryption_config={
            "provider": {
                "key_arn": "string",
            },
            "resources": ["string"],
        },
        kubernetes_network_config={
            "elastic_load_balancing": {
                "enabled": False,
            },
            "ip_family": "string",
            "service_ipv4_cidr": "string",
            "service_ipv6_cidr": "string",
        },
        name="string",
        access_config={
            "authentication_mode": "string",
            "bootstrap_cluster_creator_admin_permissions": False,
        },
        default_addons_to_removes=["string"],
        compute_config={
            "enabled": False,
            "node_pools": ["string"],
            "node_role_arn": "string",
        },
        storage_config={
            "block_storage": {
                "enabled": False,
            },
        },
        tags={
            "string": "string",
        },
        upgrade_policy={
            "support_type": "string",
        },
        version="string",
        bootstrap_self_managed_addons=False,
        zonal_shift_config={
            "enabled": False,
        })
    
    const exampleclusterResourceResourceFromEkscluster = new aws.eks.Cluster("exampleclusterResourceResourceFromEkscluster", {
        roleArn: "string",
        vpcConfig: {
            subnetIds: ["string"],
            clusterSecurityGroupId: "string",
            endpointPrivateAccess: false,
            endpointPublicAccess: false,
            publicAccessCidrs: ["string"],
            securityGroupIds: ["string"],
            vpcId: "string",
        },
        outpostConfig: {
            controlPlaneInstanceType: "string",
            outpostArns: ["string"],
            controlPlanePlacement: {
                groupName: "string",
            },
        },
        remoteNetworkConfig: {
            remoteNodeNetworks: {
                cidrs: ["string"],
            },
            remotePodNetworks: {
                cidrs: ["string"],
            },
        },
        enabledClusterLogTypes: ["string"],
        encryptionConfig: {
            provider: {
                keyArn: "string",
            },
            resources: ["string"],
        },
        kubernetesNetworkConfig: {
            elasticLoadBalancing: {
                enabled: false,
            },
            ipFamily: "string",
            serviceIpv4Cidr: "string",
            serviceIpv6Cidr: "string",
        },
        name: "string",
        accessConfig: {
            authenticationMode: "string",
            bootstrapClusterCreatorAdminPermissions: false,
        },
        defaultAddonsToRemoves: ["string"],
        computeConfig: {
            enabled: false,
            nodePools: ["string"],
            nodeRoleArn: "string",
        },
        storageConfig: {
            blockStorage: {
                enabled: false,
            },
        },
        tags: {
            string: "string",
        },
        upgradePolicy: {
            supportType: "string",
        },
        version: "string",
        bootstrapSelfManagedAddons: false,
        zonalShiftConfig: {
            enabled: false,
        },
    });
    
    type: aws:eks:Cluster
    properties:
        accessConfig:
            authenticationMode: string
            bootstrapClusterCreatorAdminPermissions: false
        bootstrapSelfManagedAddons: false
        computeConfig:
            enabled: false
            nodePools:
                - string
            nodeRoleArn: string
        defaultAddonsToRemoves:
            - string
        enabledClusterLogTypes:
            - string
        encryptionConfig:
            provider:
                keyArn: string
            resources:
                - string
        kubernetesNetworkConfig:
            elasticLoadBalancing:
                enabled: false
            ipFamily: string
            serviceIpv4Cidr: string
            serviceIpv6Cidr: string
        name: string
        outpostConfig:
            controlPlaneInstanceType: string
            controlPlanePlacement:
                groupName: string
            outpostArns:
                - string
        remoteNetworkConfig:
            remoteNodeNetworks:
                cidrs:
                    - string
            remotePodNetworks:
                cidrs:
                    - string
        roleArn: string
        storageConfig:
            blockStorage:
                enabled: false
        tags:
            string: string
        upgradePolicy:
            supportType: string
        version: string
        vpcConfig:
            clusterSecurityGroupId: string
            endpointPrivateAccess: false
            endpointPublicAccess: false
            publicAccessCidrs:
                - string
            securityGroupIds:
                - string
            subnetIds:
                - string
            vpcId: string
        zonalShiftConfig:
            enabled: false
    

    Cluster Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Cluster resource accepts the following input properties:

    RoleArn string
    ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws.iam.RolePolicy resource or aws.iam.RolePolicyAttachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
    VpcConfig ClusterVpcConfig

    Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.

    The following arguments are optional:

    AccessConfig ClusterAccessConfig
    Configuration block for the access config associated with your cluster, see Amazon EKS Access Entries.
    BootstrapSelfManagedAddons bool
    Install default unmanaged add-ons, such as aws-cni, kube-proxy, and CoreDNS during cluster creation. If false, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to true.
    ComputeConfig ClusterComputeConfig
    Configuration block with compute configuration for EKS Auto Mode. Detailed below.
    DefaultAddonsToRemoves List<string>
    EnabledClusterLogTypes List<string>
    List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.
    EncryptionConfig ClusterEncryptionConfig
    Configuration block with encryption configuration for the cluster. Detailed below.
    KubernetesNetworkConfig ClusterKubernetesNetworkConfig
    Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.
    Name string
    Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (^[0-9A-Za-z][A-Za-z0-9\-_]*$).
    OutpostConfig ClusterOutpostConfig
    Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
    RemoteNetworkConfig ClusterRemoteNetworkConfig
    Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
    StorageConfig ClusterStorageConfig
    Configuration block with storage configuration for EKS Auto Mode. Detailed below.
    Tags Dictionary<string, string>
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    UpgradePolicy ClusterUpgradePolicy
    Configuration block for the support policy to use for the cluster. See upgrade_policy for details.
    Version string
    Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
    ZonalShiftConfig ClusterZonalShiftConfig
    Configuration block with zonal shift configuration for the cluster. Detailed below.
    RoleArn string
    ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws.iam.RolePolicy resource or aws.iam.RolePolicyAttachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
    VpcConfig ClusterVpcConfigArgs

    Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.

    The following arguments are optional:

    AccessConfig ClusterAccessConfigArgs
    Configuration block for the access config associated with your cluster, see Amazon EKS Access Entries.
    BootstrapSelfManagedAddons bool
    Install default unmanaged add-ons, such as aws-cni, kube-proxy, and CoreDNS during cluster creation. If false, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to true.
    ComputeConfig ClusterComputeConfigArgs
    Configuration block with compute configuration for EKS Auto Mode. Detailed below.
    DefaultAddonsToRemoves []string
    EnabledClusterLogTypes []string
    List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.
    EncryptionConfig ClusterEncryptionConfigArgs
    Configuration block with encryption configuration for the cluster. Detailed below.
    KubernetesNetworkConfig ClusterKubernetesNetworkConfigArgs
    Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.
    Name string
    Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (^[0-9A-Za-z][A-Za-z0-9\-_]*$).
    OutpostConfig ClusterOutpostConfigArgs
    Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
    RemoteNetworkConfig ClusterRemoteNetworkConfigArgs
    Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
    StorageConfig ClusterStorageConfigArgs
    Configuration block with storage configuration for EKS Auto Mode. Detailed below.
    Tags map[string]string
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    UpgradePolicy ClusterUpgradePolicyArgs
    Configuration block for the support policy to use for the cluster. See upgrade_policy for details.
    Version string
    Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
    ZonalShiftConfig ClusterZonalShiftConfigArgs
    Configuration block with zonal shift configuration for the cluster. Detailed below.
    roleArn String
    ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws.iam.RolePolicy resource or aws.iam.RolePolicyAttachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
    vpcConfig ClusterVpcConfig

    Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.

    The following arguments are optional:

    accessConfig ClusterAccessConfig
    Configuration block for the access config associated with your cluster, see Amazon EKS Access Entries.
    bootstrapSelfManagedAddons Boolean
    Install default unmanaged add-ons, such as aws-cni, kube-proxy, and CoreDNS during cluster creation. If false, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to true.
    computeConfig ClusterComputeConfig
    Configuration block with compute configuration for EKS Auto Mode. Detailed below.
    defaultAddonsToRemoves List<String>
    enabledClusterLogTypes List<String>
    List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.
    encryptionConfig ClusterEncryptionConfig
    Configuration block with encryption configuration for the cluster. Detailed below.
    kubernetesNetworkConfig ClusterKubernetesNetworkConfig
    Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.
    name String
    Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (^[0-9A-Za-z][A-Za-z0-9\-_]*$).
    outpostConfig ClusterOutpostConfig
    Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
    remoteNetworkConfig ClusterRemoteNetworkConfig
    Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
    storageConfig ClusterStorageConfig
    Configuration block with storage configuration for EKS Auto Mode. Detailed below.
    tags Map<String,String>
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    upgradePolicy ClusterUpgradePolicy
    Configuration block for the support policy to use for the cluster. See upgrade_policy for details.
    version String
    Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
    zonalShiftConfig ClusterZonalShiftConfig
    Configuration block with zonal shift configuration for the cluster. Detailed below.
    roleArn string
    ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws.iam.RolePolicy resource or aws.iam.RolePolicyAttachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
    vpcConfig ClusterVpcConfig

    Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.

    The following arguments are optional:

    accessConfig ClusterAccessConfig
    Configuration block for the access config associated with your cluster, see Amazon EKS Access Entries.
    bootstrapSelfManagedAddons boolean
    Install default unmanaged add-ons, such as aws-cni, kube-proxy, and CoreDNS during cluster creation. If false, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to true.
    computeConfig ClusterComputeConfig
    Configuration block with compute configuration for EKS Auto Mode. Detailed below.
    defaultAddonsToRemoves string[]
    enabledClusterLogTypes string[]
    List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.
    encryptionConfig ClusterEncryptionConfig
    Configuration block with encryption configuration for the cluster. Detailed below.
    kubernetesNetworkConfig ClusterKubernetesNetworkConfig
    Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.
    name string
    Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (^[0-9A-Za-z][A-Za-z0-9\-_]*$).
    outpostConfig ClusterOutpostConfig
    Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
    remoteNetworkConfig ClusterRemoteNetworkConfig
    Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
    storageConfig ClusterStorageConfig
    Configuration block with storage configuration for EKS Auto Mode. Detailed below.
    tags {[key: string]: string}
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    upgradePolicy ClusterUpgradePolicy
    Configuration block for the support policy to use for the cluster. See upgrade_policy for details.
    version string
    Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
    zonalShiftConfig ClusterZonalShiftConfig
    Configuration block with zonal shift configuration for the cluster. Detailed below.
    role_arn str
    ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws.iam.RolePolicy resource or aws.iam.RolePolicyAttachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
    vpc_config ClusterVpcConfigArgs

    Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.

    The following arguments are optional:

    access_config ClusterAccessConfigArgs
    Configuration block for the access config associated with your cluster, see Amazon EKS Access Entries.
    bootstrap_self_managed_addons bool
    Install default unmanaged add-ons, such as aws-cni, kube-proxy, and CoreDNS during cluster creation. If false, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to true.
    compute_config ClusterComputeConfigArgs
    Configuration block with compute configuration for EKS Auto Mode. Detailed below.
    default_addons_to_removes Sequence[str]
    enabled_cluster_log_types Sequence[str]
    List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.
    encryption_config ClusterEncryptionConfigArgs
    Configuration block with encryption configuration for the cluster. Detailed below.
    kubernetes_network_config ClusterKubernetesNetworkConfigArgs
    Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.
    name str
    Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (^[0-9A-Za-z][A-Za-z0-9\-_]*$).
    outpost_config ClusterOutpostConfigArgs
    Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
    remote_network_config ClusterRemoteNetworkConfigArgs
    Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
    storage_config ClusterStorageConfigArgs
    Configuration block with storage configuration for EKS Auto Mode. Detailed below.
    tags Mapping[str, str]
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    upgrade_policy ClusterUpgradePolicyArgs
    Configuration block for the support policy to use for the cluster. See upgrade_policy for details.
    version str
    Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
    zonal_shift_config ClusterZonalShiftConfigArgs
    Configuration block with zonal shift configuration for the cluster. Detailed below.
    roleArn String
    ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws.iam.RolePolicy resource or aws.iam.RolePolicyAttachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
    vpcConfig Property Map

    Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.

    The following arguments are optional:

    accessConfig Property Map
    Configuration block for the access config associated with your cluster, see Amazon EKS Access Entries.
    bootstrapSelfManagedAddons Boolean
    Install default unmanaged add-ons, such as aws-cni, kube-proxy, and CoreDNS during cluster creation. If false, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to true.
    computeConfig Property Map
    Configuration block with compute configuration for EKS Auto Mode. Detailed below.
    defaultAddonsToRemoves List<String>
    enabledClusterLogTypes List<String>
    List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.
    encryptionConfig Property Map
    Configuration block with encryption configuration for the cluster. Detailed below.
    kubernetesNetworkConfig Property Map
    Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.
    name String
    Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (^[0-9A-Za-z][A-Za-z0-9\-_]*$).
    outpostConfig Property Map
    Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
    remoteNetworkConfig Property Map
    Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
    storageConfig Property Map
    Configuration block with storage configuration for EKS Auto Mode. Detailed below.
    tags Map<String>
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    upgradePolicy Property Map
    Configuration block for the support policy to use for the cluster. See upgrade_policy for details.
    version String
    Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
    zonalShiftConfig Property Map
    Configuration block with zonal shift configuration for the cluster. Detailed below.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Cluster resource produces the following output properties:

    Arn string
    ARN of the cluster.
    CertificateAuthorities List<ClusterCertificateAuthority>
    CertificateAuthority ClusterCertificateAuthority
    Attribute block containing certificate-authority-data for your cluster. Detailed below.
    ClusterId string
    The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
    CreatedAt string
    Unix epoch timestamp in seconds for when the cluster was created.
    Endpoint string
    Endpoint for your Kubernetes API server.
    Id string
    The provider-assigned unique ID for this managed resource.
    Identities List<ClusterIdentity>
    Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
    PlatformVersion string
    Platform version for the cluster.
    Status string
    Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.
    TagsAll Dictionary<string, string>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Arn string
    ARN of the cluster.
    CertificateAuthorities []ClusterCertificateAuthority
    CertificateAuthority ClusterCertificateAuthority
    Attribute block containing certificate-authority-data for your cluster. Detailed below.
    ClusterId string
    The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
    CreatedAt string
    Unix epoch timestamp in seconds for when the cluster was created.
    Endpoint string
    Endpoint for your Kubernetes API server.
    Id string
    The provider-assigned unique ID for this managed resource.
    Identities []ClusterIdentity
    Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
    PlatformVersion string
    Platform version for the cluster.
    Status string
    Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.
    TagsAll map[string]string
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    arn String
    ARN of the cluster.
    certificateAuthorities List<ClusterCertificateAuthority>
    certificateAuthority ClusterCertificateAuthority
    Attribute block containing certificate-authority-data for your cluster. Detailed below.
    clusterId String
    The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
    createdAt String
    Unix epoch timestamp in seconds for when the cluster was created.
    endpoint String
    Endpoint for your Kubernetes API server.
    id String
    The provider-assigned unique ID for this managed resource.
    identities List<ClusterIdentity>
    Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
    platformVersion String
    Platform version for the cluster.
    status String
    Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.
    tagsAll Map<String,String>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    arn string
    ARN of the cluster.
    certificateAuthorities ClusterCertificateAuthority[]
    certificateAuthority ClusterCertificateAuthority
    Attribute block containing certificate-authority-data for your cluster. Detailed below.
    clusterId string
    The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
    createdAt string
    Unix epoch timestamp in seconds for when the cluster was created.
    endpoint string
    Endpoint for your Kubernetes API server.
    id string
    The provider-assigned unique ID for this managed resource.
    identities ClusterIdentity[]
    Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
    platformVersion string
    Platform version for the cluster.
    status string
    Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.
    tagsAll {[key: string]: string}
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    arn str
    ARN of the cluster.
    certificate_authorities Sequence[ClusterCertificateAuthority]
    certificate_authority ClusterCertificateAuthority
    Attribute block containing certificate-authority-data for your cluster. Detailed below.
    cluster_id str
    The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
    created_at str
    Unix epoch timestamp in seconds for when the cluster was created.
    endpoint str
    Endpoint for your Kubernetes API server.
    id str
    The provider-assigned unique ID for this managed resource.
    identities Sequence[ClusterIdentity]
    Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
    platform_version str
    Platform version for the cluster.
    status str
    Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.
    tags_all Mapping[str, str]
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    arn String
    ARN of the cluster.
    certificateAuthorities List<Property Map>
    certificateAuthority Property Map
    Attribute block containing certificate-authority-data for your cluster. Detailed below.
    clusterId String
    The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
    createdAt String
    Unix epoch timestamp in seconds for when the cluster was created.
    endpoint String
    Endpoint for your Kubernetes API server.
    id String
    The provider-assigned unique ID for this managed resource.
    identities List<Property Map>
    Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
    platformVersion String
    Platform version for the cluster.
    status String
    Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.
    tagsAll Map<String>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Look up Existing Cluster Resource

    Get an existing Cluster resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ClusterState, opts?: CustomResourceOptions): Cluster
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            access_config: Optional[ClusterAccessConfigArgs] = None,
            arn: Optional[str] = None,
            bootstrap_self_managed_addons: Optional[bool] = None,
            certificate_authorities: Optional[Sequence[ClusterCertificateAuthorityArgs]] = None,
            certificate_authority: Optional[ClusterCertificateAuthorityArgs] = None,
            cluster_id: Optional[str] = None,
            compute_config: Optional[ClusterComputeConfigArgs] = None,
            created_at: Optional[str] = None,
            default_addons_to_removes: Optional[Sequence[str]] = None,
            enabled_cluster_log_types: Optional[Sequence[str]] = None,
            encryption_config: Optional[ClusterEncryptionConfigArgs] = None,
            endpoint: Optional[str] = None,
            identities: Optional[Sequence[ClusterIdentityArgs]] = None,
            kubernetes_network_config: Optional[ClusterKubernetesNetworkConfigArgs] = None,
            name: Optional[str] = None,
            outpost_config: Optional[ClusterOutpostConfigArgs] = None,
            platform_version: Optional[str] = None,
            remote_network_config: Optional[ClusterRemoteNetworkConfigArgs] = None,
            role_arn: Optional[str] = None,
            status: Optional[str] = None,
            storage_config: Optional[ClusterStorageConfigArgs] = None,
            tags: Optional[Mapping[str, str]] = None,
            tags_all: Optional[Mapping[str, str]] = None,
            upgrade_policy: Optional[ClusterUpgradePolicyArgs] = None,
            version: Optional[str] = None,
            vpc_config: Optional[ClusterVpcConfigArgs] = None,
            zonal_shift_config: Optional[ClusterZonalShiftConfigArgs] = None) -> Cluster
    func GetCluster(ctx *Context, name string, id IDInput, state *ClusterState, opts ...ResourceOption) (*Cluster, error)
    public static Cluster Get(string name, Input<string> id, ClusterState? state, CustomResourceOptions? opts = null)
    public static Cluster get(String name, Output<String> id, ClusterState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccessConfig ClusterAccessConfig
    Configuration block for the access config associated with your cluster, see Amazon EKS Access Entries.
    Arn string
    ARN of the cluster.
    BootstrapSelfManagedAddons bool
    Install default unmanaged add-ons, such as aws-cni, kube-proxy, and CoreDNS during cluster creation. If false, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to true.
    CertificateAuthorities List<ClusterCertificateAuthority>
    CertificateAuthority ClusterCertificateAuthority
    Attribute block containing certificate-authority-data for your cluster. Detailed below.
    ClusterId string
    The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
    ComputeConfig ClusterComputeConfig
    Configuration block with compute configuration for EKS Auto Mode. Detailed below.
    CreatedAt string
    Unix epoch timestamp in seconds for when the cluster was created.
    DefaultAddonsToRemoves List<string>
    EnabledClusterLogTypes List<string>
    List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.
    EncryptionConfig ClusterEncryptionConfig
    Configuration block with encryption configuration for the cluster. Detailed below.
    Endpoint string
    Endpoint for your Kubernetes API server.
    Identities List<ClusterIdentity>
    Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
    KubernetesNetworkConfig ClusterKubernetesNetworkConfig
    Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.
    Name string
    Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (^[0-9A-Za-z][A-Za-z0-9\-_]*$).
    OutpostConfig ClusterOutpostConfig
    Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
    PlatformVersion string
    Platform version for the cluster.
    RemoteNetworkConfig ClusterRemoteNetworkConfig
    Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
    RoleArn string
    ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws.iam.RolePolicy resource or aws.iam.RolePolicyAttachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
    Status string
    Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.
    StorageConfig ClusterStorageConfig
    Configuration block with storage configuration for EKS Auto Mode. Detailed below.
    Tags Dictionary<string, string>
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll Dictionary<string, string>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    UpgradePolicy ClusterUpgradePolicy
    Configuration block for the support policy to use for the cluster. See upgrade_policy for details.
    Version string
    Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
    VpcConfig ClusterVpcConfig

    Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.

    The following arguments are optional:

    ZonalShiftConfig ClusterZonalShiftConfig
    Configuration block with zonal shift configuration for the cluster. Detailed below.
    AccessConfig ClusterAccessConfigArgs
    Configuration block for the access config associated with your cluster, see Amazon EKS Access Entries.
    Arn string
    ARN of the cluster.
    BootstrapSelfManagedAddons bool
    Install default unmanaged add-ons, such as aws-cni, kube-proxy, and CoreDNS during cluster creation. If false, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to true.
    CertificateAuthorities []ClusterCertificateAuthorityArgs
    CertificateAuthority ClusterCertificateAuthorityArgs
    Attribute block containing certificate-authority-data for your cluster. Detailed below.
    ClusterId string
    The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
    ComputeConfig ClusterComputeConfigArgs
    Configuration block with compute configuration for EKS Auto Mode. Detailed below.
    CreatedAt string
    Unix epoch timestamp in seconds for when the cluster was created.
    DefaultAddonsToRemoves []string
    EnabledClusterLogTypes []string
    List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.
    EncryptionConfig ClusterEncryptionConfigArgs
    Configuration block with encryption configuration for the cluster. Detailed below.
    Endpoint string
    Endpoint for your Kubernetes API server.
    Identities []ClusterIdentityArgs
    Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
    KubernetesNetworkConfig ClusterKubernetesNetworkConfigArgs
    Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.
    Name string
    Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (^[0-9A-Za-z][A-Za-z0-9\-_]*$).
    OutpostConfig ClusterOutpostConfigArgs
    Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
    PlatformVersion string
    Platform version for the cluster.
    RemoteNetworkConfig ClusterRemoteNetworkConfigArgs
    Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
    RoleArn string
    ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws.iam.RolePolicy resource or aws.iam.RolePolicyAttachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
    Status string
    Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.
    StorageConfig ClusterStorageConfigArgs
    Configuration block with storage configuration for EKS Auto Mode. Detailed below.
    Tags map[string]string
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll map[string]string
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    UpgradePolicy ClusterUpgradePolicyArgs
    Configuration block for the support policy to use for the cluster. See upgrade_policy for details.
    Version string
    Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
    VpcConfig ClusterVpcConfigArgs

    Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.

    The following arguments are optional:

    ZonalShiftConfig ClusterZonalShiftConfigArgs
    Configuration block with zonal shift configuration for the cluster. Detailed below.
    accessConfig ClusterAccessConfig
    Configuration block for the access config associated with your cluster, see Amazon EKS Access Entries.
    arn String
    ARN of the cluster.
    bootstrapSelfManagedAddons Boolean
    Install default unmanaged add-ons, such as aws-cni, kube-proxy, and CoreDNS during cluster creation. If false, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to true.
    certificateAuthorities List<ClusterCertificateAuthority>
    certificateAuthority ClusterCertificateAuthority
    Attribute block containing certificate-authority-data for your cluster. Detailed below.
    clusterId String
    The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
    computeConfig ClusterComputeConfig
    Configuration block with compute configuration for EKS Auto Mode. Detailed below.
    createdAt String
    Unix epoch timestamp in seconds for when the cluster was created.
    defaultAddonsToRemoves List<String>
    enabledClusterLogTypes List<String>
    List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.
    encryptionConfig ClusterEncryptionConfig
    Configuration block with encryption configuration for the cluster. Detailed below.
    endpoint String
    Endpoint for your Kubernetes API server.
    identities List<ClusterIdentity>
    Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
    kubernetesNetworkConfig ClusterKubernetesNetworkConfig
    Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.
    name String
    Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (^[0-9A-Za-z][A-Za-z0-9\-_]*$).
    outpostConfig ClusterOutpostConfig
    Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
    platformVersion String
    Platform version for the cluster.
    remoteNetworkConfig ClusterRemoteNetworkConfig
    Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
    roleArn String
    ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws.iam.RolePolicy resource or aws.iam.RolePolicyAttachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
    status String
    Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.
    storageConfig ClusterStorageConfig
    Configuration block with storage configuration for EKS Auto Mode. Detailed below.
    tags Map<String,String>
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String,String>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    upgradePolicy ClusterUpgradePolicy
    Configuration block for the support policy to use for the cluster. See upgrade_policy for details.
    version String
    Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
    vpcConfig ClusterVpcConfig

    Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.

    The following arguments are optional:

    zonalShiftConfig ClusterZonalShiftConfig
    Configuration block with zonal shift configuration for the cluster. Detailed below.
    accessConfig ClusterAccessConfig
    Configuration block for the access config associated with your cluster, see Amazon EKS Access Entries.
    arn string
    ARN of the cluster.
    bootstrapSelfManagedAddons boolean
    Install default unmanaged add-ons, such as aws-cni, kube-proxy, and CoreDNS during cluster creation. If false, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to true.
    certificateAuthorities ClusterCertificateAuthority[]
    certificateAuthority ClusterCertificateAuthority
    Attribute block containing certificate-authority-data for your cluster. Detailed below.
    clusterId string
    The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
    computeConfig ClusterComputeConfig
    Configuration block with compute configuration for EKS Auto Mode. Detailed below.
    createdAt string
    Unix epoch timestamp in seconds for when the cluster was created.
    defaultAddonsToRemoves string[]
    enabledClusterLogTypes string[]
    List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.
    encryptionConfig ClusterEncryptionConfig
    Configuration block with encryption configuration for the cluster. Detailed below.
    endpoint string
    Endpoint for your Kubernetes API server.
    identities ClusterIdentity[]
    Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
    kubernetesNetworkConfig ClusterKubernetesNetworkConfig
    Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.
    name string
    Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (^[0-9A-Za-z][A-Za-z0-9\-_]*$).
    outpostConfig ClusterOutpostConfig
    Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
    platformVersion string
    Platform version for the cluster.
    remoteNetworkConfig ClusterRemoteNetworkConfig
    Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
    roleArn string
    ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws.iam.RolePolicy resource or aws.iam.RolePolicyAttachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
    status string
    Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.
    storageConfig ClusterStorageConfig
    Configuration block with storage configuration for EKS Auto Mode. Detailed below.
    tags {[key: string]: string}
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll {[key: string]: string}
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    upgradePolicy ClusterUpgradePolicy
    Configuration block for the support policy to use for the cluster. See upgrade_policy for details.
    version string
    Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
    vpcConfig ClusterVpcConfig

    Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.

    The following arguments are optional:

    zonalShiftConfig ClusterZonalShiftConfig
    Configuration block with zonal shift configuration for the cluster. Detailed below.
    access_config ClusterAccessConfigArgs
    Configuration block for the access config associated with your cluster, see Amazon EKS Access Entries.
    arn str
    ARN of the cluster.
    bootstrap_self_managed_addons bool
    Install default unmanaged add-ons, such as aws-cni, kube-proxy, and CoreDNS during cluster creation. If false, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to true.
    certificate_authorities Sequence[ClusterCertificateAuthorityArgs]
    certificate_authority ClusterCertificateAuthorityArgs
    Attribute block containing certificate-authority-data for your cluster. Detailed below.
    cluster_id str
    The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
    compute_config ClusterComputeConfigArgs
    Configuration block with compute configuration for EKS Auto Mode. Detailed below.
    created_at str
    Unix epoch timestamp in seconds for when the cluster was created.
    default_addons_to_removes Sequence[str]
    enabled_cluster_log_types Sequence[str]
    List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.
    encryption_config ClusterEncryptionConfigArgs
    Configuration block with encryption configuration for the cluster. Detailed below.
    endpoint str
    Endpoint for your Kubernetes API server.
    identities Sequence[ClusterIdentityArgs]
    Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
    kubernetes_network_config ClusterKubernetesNetworkConfigArgs
    Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.
    name str
    Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (^[0-9A-Za-z][A-Za-z0-9\-_]*$).
    outpost_config ClusterOutpostConfigArgs
    Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
    platform_version str
    Platform version for the cluster.
    remote_network_config ClusterRemoteNetworkConfigArgs
    Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
    role_arn str
    ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws.iam.RolePolicy resource or aws.iam.RolePolicyAttachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
    status str
    Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.
    storage_config ClusterStorageConfigArgs
    Configuration block with storage configuration for EKS Auto Mode. Detailed below.
    tags Mapping[str, str]
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tags_all Mapping[str, str]
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    upgrade_policy ClusterUpgradePolicyArgs
    Configuration block for the support policy to use for the cluster. See upgrade_policy for details.
    version str
    Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
    vpc_config ClusterVpcConfigArgs

    Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.

    The following arguments are optional:

    zonal_shift_config ClusterZonalShiftConfigArgs
    Configuration block with zonal shift configuration for the cluster. Detailed below.
    accessConfig Property Map
    Configuration block for the access config associated with your cluster, see Amazon EKS Access Entries.
    arn String
    ARN of the cluster.
    bootstrapSelfManagedAddons Boolean
    Install default unmanaged add-ons, such as aws-cni, kube-proxy, and CoreDNS during cluster creation. If false, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to true.
    certificateAuthorities List<Property Map>
    certificateAuthority Property Map
    Attribute block containing certificate-authority-data for your cluster. Detailed below.
    clusterId String
    The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
    computeConfig Property Map
    Configuration block with compute configuration for EKS Auto Mode. Detailed below.
    createdAt String
    Unix epoch timestamp in seconds for when the cluster was created.
    defaultAddonsToRemoves List<String>
    enabledClusterLogTypes List<String>
    List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.
    encryptionConfig Property Map
    Configuration block with encryption configuration for the cluster. Detailed below.
    endpoint String
    Endpoint for your Kubernetes API server.
    identities List<Property Map>
    Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
    kubernetesNetworkConfig Property Map
    Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, this provider will only perform drift detection if a configuration value is provided.
    name String
    Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (^[0-9A-Za-z][A-Za-z0-9\-_]*$).
    outpostConfig Property Map
    Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
    platformVersion String
    Platform version for the cluster.
    remoteNetworkConfig Property Map
    Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
    roleArn String
    ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws.iam.RolePolicy resource or aws.iam.RolePolicyAttachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
    status String
    Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.
    storageConfig Property Map
    Configuration block with storage configuration for EKS Auto Mode. Detailed below.
    tags Map<String>
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    upgradePolicy Property Map
    Configuration block for the support policy to use for the cluster. See upgrade_policy for details.
    version String
    Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
    vpcConfig Property Map

    Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.

    The following arguments are optional:

    zonalShiftConfig Property Map
    Configuration block with zonal shift configuration for the cluster. Detailed below.

    Supporting Types

    ClusterAccessConfig, ClusterAccessConfigArgs

    AuthenticationMode string
    The authentication mode for the cluster. Valid values are CONFIG_MAP, API or API_AND_CONFIG_MAP
    BootstrapClusterCreatorAdminPermissions bool
    Whether or not to bootstrap the access config values to the cluster. Default is false.
    AuthenticationMode string
    The authentication mode for the cluster. Valid values are CONFIG_MAP, API or API_AND_CONFIG_MAP
    BootstrapClusterCreatorAdminPermissions bool
    Whether or not to bootstrap the access config values to the cluster. Default is false.
    authenticationMode String
    The authentication mode for the cluster. Valid values are CONFIG_MAP, API or API_AND_CONFIG_MAP
    bootstrapClusterCreatorAdminPermissions Boolean
    Whether or not to bootstrap the access config values to the cluster. Default is false.
    authenticationMode string
    The authentication mode for the cluster. Valid values are CONFIG_MAP, API or API_AND_CONFIG_MAP
    bootstrapClusterCreatorAdminPermissions boolean
    Whether or not to bootstrap the access config values to the cluster. Default is false.
    authentication_mode str
    The authentication mode for the cluster. Valid values are CONFIG_MAP, API or API_AND_CONFIG_MAP
    bootstrap_cluster_creator_admin_permissions bool
    Whether or not to bootstrap the access config values to the cluster. Default is false.
    authenticationMode String
    The authentication mode for the cluster. Valid values are CONFIG_MAP, API or API_AND_CONFIG_MAP
    bootstrapClusterCreatorAdminPermissions Boolean
    Whether or not to bootstrap the access config values to the cluster. Default is false.

    ClusterCertificateAuthority, ClusterCertificateAuthorityArgs

    Data string
    Base64 encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.
    Data string
    Base64 encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.
    data String
    Base64 encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.
    data string
    Base64 encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.
    data str
    Base64 encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.
    data String
    Base64 encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

    ClusterComputeConfig, ClusterComputeConfigArgs

    Enabled bool
    Request to enable or disable the compute capability on your EKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your Amazon Web Services account.
    NodePools List<string>
    Configuration for node pools that defines the compute resources for your EKS Auto Mode cluster. Valid options are general-purpose and system.
    NodeRoleArn string
    The ARN of the IAM Role EKS will assign to EC2 Managed Instances in your EKS Auto Mode cluster. This value cannot be changed after the compute capability of EKS Auto Mode is enabled..
    Enabled bool
    Request to enable or disable the compute capability on your EKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your Amazon Web Services account.
    NodePools []string
    Configuration for node pools that defines the compute resources for your EKS Auto Mode cluster. Valid options are general-purpose and system.
    NodeRoleArn string
    The ARN of the IAM Role EKS will assign to EC2 Managed Instances in your EKS Auto Mode cluster. This value cannot be changed after the compute capability of EKS Auto Mode is enabled..
    enabled Boolean
    Request to enable or disable the compute capability on your EKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your Amazon Web Services account.
    nodePools List<String>
    Configuration for node pools that defines the compute resources for your EKS Auto Mode cluster. Valid options are general-purpose and system.
    nodeRoleArn String
    The ARN of the IAM Role EKS will assign to EC2 Managed Instances in your EKS Auto Mode cluster. This value cannot be changed after the compute capability of EKS Auto Mode is enabled..
    enabled boolean
    Request to enable or disable the compute capability on your EKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your Amazon Web Services account.
    nodePools string[]
    Configuration for node pools that defines the compute resources for your EKS Auto Mode cluster. Valid options are general-purpose and system.
    nodeRoleArn string
    The ARN of the IAM Role EKS will assign to EC2 Managed Instances in your EKS Auto Mode cluster. This value cannot be changed after the compute capability of EKS Auto Mode is enabled..
    enabled bool
    Request to enable or disable the compute capability on your EKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your Amazon Web Services account.
    node_pools Sequence[str]
    Configuration for node pools that defines the compute resources for your EKS Auto Mode cluster. Valid options are general-purpose and system.
    node_role_arn str
    The ARN of the IAM Role EKS will assign to EC2 Managed Instances in your EKS Auto Mode cluster. This value cannot be changed after the compute capability of EKS Auto Mode is enabled..
    enabled Boolean
    Request to enable or disable the compute capability on your EKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your Amazon Web Services account.
    nodePools List<String>
    Configuration for node pools that defines the compute resources for your EKS Auto Mode cluster. Valid options are general-purpose and system.
    nodeRoleArn String
    The ARN of the IAM Role EKS will assign to EC2 Managed Instances in your EKS Auto Mode cluster. This value cannot be changed after the compute capability of EKS Auto Mode is enabled..

    ClusterEncryptionConfig, ClusterEncryptionConfigArgs

    Provider ClusterEncryptionConfigProvider
    Configuration block with provider for encryption. Detailed below.
    Resources List<string>
    List of strings with resources to be encrypted. Valid values: secrets.
    Provider ClusterEncryptionConfigProvider
    Configuration block with provider for encryption. Detailed below.
    Resources []string
    List of strings with resources to be encrypted. Valid values: secrets.
    provider ClusterEncryptionConfigProvider
    Configuration block with provider for encryption. Detailed below.
    resources List<String>
    List of strings with resources to be encrypted. Valid values: secrets.
    provider ClusterEncryptionConfigProvider
    Configuration block with provider for encryption. Detailed below.
    resources string[]
    List of strings with resources to be encrypted. Valid values: secrets.
    provider ClusterEncryptionConfigProvider
    Configuration block with provider for encryption. Detailed below.
    resources Sequence[str]
    List of strings with resources to be encrypted. Valid values: secrets.
    provider Property Map
    Configuration block with provider for encryption. Detailed below.
    resources List<String>
    List of strings with resources to be encrypted. Valid values: secrets.

    ClusterEncryptionConfigProvider, ClusterEncryptionConfigProviderArgs

    KeyArn string
    ARN of the Key Management Service (KMS) customer master key (CMK). The CMK must be symmetric, created in the same region as the cluster, and if the CMK was created in a different account, the user must have access to the CMK. For more information, see Allowing Users in Other Accounts to Use a CMK in the AWS Key Management Service Developer Guide.
    KeyArn string
    ARN of the Key Management Service (KMS) customer master key (CMK). The CMK must be symmetric, created in the same region as the cluster, and if the CMK was created in a different account, the user must have access to the CMK. For more information, see Allowing Users in Other Accounts to Use a CMK in the AWS Key Management Service Developer Guide.
    keyArn String
    ARN of the Key Management Service (KMS) customer master key (CMK). The CMK must be symmetric, created in the same region as the cluster, and if the CMK was created in a different account, the user must have access to the CMK. For more information, see Allowing Users in Other Accounts to Use a CMK in the AWS Key Management Service Developer Guide.
    keyArn string
    ARN of the Key Management Service (KMS) customer master key (CMK). The CMK must be symmetric, created in the same region as the cluster, and if the CMK was created in a different account, the user must have access to the CMK. For more information, see Allowing Users in Other Accounts to Use a CMK in the AWS Key Management Service Developer Guide.
    key_arn str
    ARN of the Key Management Service (KMS) customer master key (CMK). The CMK must be symmetric, created in the same region as the cluster, and if the CMK was created in a different account, the user must have access to the CMK. For more information, see Allowing Users in Other Accounts to Use a CMK in the AWS Key Management Service Developer Guide.
    keyArn String
    ARN of the Key Management Service (KMS) customer master key (CMK). The CMK must be symmetric, created in the same region as the cluster, and if the CMK was created in a different account, the user must have access to the CMK. For more information, see Allowing Users in Other Accounts to Use a CMK in the AWS Key Management Service Developer Guide.

    ClusterIdentity, ClusterIdentityArgs

    Oidcs List<ClusterIdentityOidc>
    Nested block containing OpenID Connect identity provider information for the cluster. Detailed below.
    Oidcs []ClusterIdentityOidc
    Nested block containing OpenID Connect identity provider information for the cluster. Detailed below.
    oidcs List<ClusterIdentityOidc>
    Nested block containing OpenID Connect identity provider information for the cluster. Detailed below.
    oidcs ClusterIdentityOidc[]
    Nested block containing OpenID Connect identity provider information for the cluster. Detailed below.
    oidcs Sequence[ClusterIdentityOidc]
    Nested block containing OpenID Connect identity provider information for the cluster. Detailed below.
    oidcs List<Property Map>
    Nested block containing OpenID Connect identity provider information for the cluster. Detailed below.

    ClusterIdentityOidc, ClusterIdentityOidcArgs

    Issuer string
    Issuer URL for the OpenID Connect identity provider.
    Issuer string
    Issuer URL for the OpenID Connect identity provider.
    issuer String
    Issuer URL for the OpenID Connect identity provider.
    issuer string
    Issuer URL for the OpenID Connect identity provider.
    issuer str
    Issuer URL for the OpenID Connect identity provider.
    issuer String
    Issuer URL for the OpenID Connect identity provider.

    ClusterKubernetesNetworkConfig, ClusterKubernetesNetworkConfigArgs

    ElasticLoadBalancing ClusterKubernetesNetworkConfigElasticLoadBalancing
    Configuration block with elastic load balancing configuration for the cluster. Detailed below.
    IpFamily string
    The IP family used to assign Kubernetes pod and service addresses. Valid values are ipv4 (default) and ipv6. You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.
    ServiceIpv4Cidr string

    The CIDR block to assign Kubernetes pod and service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements:

    • Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.

    • Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.

    • Between /24 and /12.

    ServiceIpv6Cidr string
    The CIDR block that Kubernetes pod and service IP addresses are assigned from if you specified ipv6 for ip_family when you created the cluster. Kubernetes assigns service addresses from the unique local address range (fc00::/7) because you can't specify a custom IPv6 CIDR block when you create the cluster.
    ElasticLoadBalancing ClusterKubernetesNetworkConfigElasticLoadBalancing
    Configuration block with elastic load balancing configuration for the cluster. Detailed below.
    IpFamily string
    The IP family used to assign Kubernetes pod and service addresses. Valid values are ipv4 (default) and ipv6. You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.
    ServiceIpv4Cidr string

    The CIDR block to assign Kubernetes pod and service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements:

    • Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.

    • Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.

    • Between /24 and /12.

    ServiceIpv6Cidr string
    The CIDR block that Kubernetes pod and service IP addresses are assigned from if you specified ipv6 for ip_family when you created the cluster. Kubernetes assigns service addresses from the unique local address range (fc00::/7) because you can't specify a custom IPv6 CIDR block when you create the cluster.
    elasticLoadBalancing ClusterKubernetesNetworkConfigElasticLoadBalancing
    Configuration block with elastic load balancing configuration for the cluster. Detailed below.
    ipFamily String
    The IP family used to assign Kubernetes pod and service addresses. Valid values are ipv4 (default) and ipv6. You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.
    serviceIpv4Cidr String

    The CIDR block to assign Kubernetes pod and service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements:

    • Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.

    • Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.

    • Between /24 and /12.

    serviceIpv6Cidr String
    The CIDR block that Kubernetes pod and service IP addresses are assigned from if you specified ipv6 for ip_family when you created the cluster. Kubernetes assigns service addresses from the unique local address range (fc00::/7) because you can't specify a custom IPv6 CIDR block when you create the cluster.
    elasticLoadBalancing ClusterKubernetesNetworkConfigElasticLoadBalancing
    Configuration block with elastic load balancing configuration for the cluster. Detailed below.
    ipFamily string
    The IP family used to assign Kubernetes pod and service addresses. Valid values are ipv4 (default) and ipv6. You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.
    serviceIpv4Cidr string

    The CIDR block to assign Kubernetes pod and service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements:

    • Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.

    • Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.

    • Between /24 and /12.

    serviceIpv6Cidr string
    The CIDR block that Kubernetes pod and service IP addresses are assigned from if you specified ipv6 for ip_family when you created the cluster. Kubernetes assigns service addresses from the unique local address range (fc00::/7) because you can't specify a custom IPv6 CIDR block when you create the cluster.
    elastic_load_balancing ClusterKubernetesNetworkConfigElasticLoadBalancing
    Configuration block with elastic load balancing configuration for the cluster. Detailed below.
    ip_family str
    The IP family used to assign Kubernetes pod and service addresses. Valid values are ipv4 (default) and ipv6. You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.
    service_ipv4_cidr str

    The CIDR block to assign Kubernetes pod and service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements:

    • Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.

    • Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.

    • Between /24 and /12.

    service_ipv6_cidr str
    The CIDR block that Kubernetes pod and service IP addresses are assigned from if you specified ipv6 for ip_family when you created the cluster. Kubernetes assigns service addresses from the unique local address range (fc00::/7) because you can't specify a custom IPv6 CIDR block when you create the cluster.
    elasticLoadBalancing Property Map
    Configuration block with elastic load balancing configuration for the cluster. Detailed below.
    ipFamily String
    The IP family used to assign Kubernetes pod and service addresses. Valid values are ipv4 (default) and ipv6. You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.
    serviceIpv4Cidr String

    The CIDR block to assign Kubernetes pod and service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements:

    • Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.

    • Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.

    • Between /24 and /12.

    serviceIpv6Cidr String
    The CIDR block that Kubernetes pod and service IP addresses are assigned from if you specified ipv6 for ip_family when you created the cluster. Kubernetes assigns service addresses from the unique local address range (fc00::/7) because you can't specify a custom IPv6 CIDR block when you create the cluster.

    ClusterKubernetesNetworkConfigElasticLoadBalancing, ClusterKubernetesNetworkConfigElasticLoadBalancingArgs

    Enabled bool
    Indicates if the load balancing capability is enabled on your EKS Auto Mode cluster. If the load balancing capability is enabled, EKS Auto Mode will create and delete load balancers in your Amazon Web Services account.
    Enabled bool
    Indicates if the load balancing capability is enabled on your EKS Auto Mode cluster. If the load balancing capability is enabled, EKS Auto Mode will create and delete load balancers in your Amazon Web Services account.
    enabled Boolean
    Indicates if the load balancing capability is enabled on your EKS Auto Mode cluster. If the load balancing capability is enabled, EKS Auto Mode will create and delete load balancers in your Amazon Web Services account.
    enabled boolean
    Indicates if the load balancing capability is enabled on your EKS Auto Mode cluster. If the load balancing capability is enabled, EKS Auto Mode will create and delete load balancers in your Amazon Web Services account.
    enabled bool
    Indicates if the load balancing capability is enabled on your EKS Auto Mode cluster. If the load balancing capability is enabled, EKS Auto Mode will create and delete load balancers in your Amazon Web Services account.
    enabled Boolean
    Indicates if the load balancing capability is enabled on your EKS Auto Mode cluster. If the load balancing capability is enabled, EKS Auto Mode will create and delete load balancers in your Amazon Web Services account.

    ClusterOutpostConfig, ClusterOutpostConfigArgs

    ControlPlaneInstanceType string

    The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. The instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. Choose an instance type based on the number of nodes that your cluster will have. If your cluster will have:

    • 1–20 nodes, then we recommend specifying a large instance type.

    • 21–100 nodes, then we recommend specifying an xlarge instance type.

    • 101–250 nodes, then we recommend specifying a 2xlarge instance type.

    For a list of the available Amazon EC2 instance types, see Compute and storage in AWS Outposts rack features The control plane is not automatically scaled by Amazon EKS.

    OutpostArns List<string>
    The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. This argument is a list of arns, but only a single Outpost ARN is supported currently.
    ControlPlanePlacement ClusterOutpostConfigControlPlanePlacement
    An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on AWS Outpost. The control_plane_placement configuration block supports the following arguments:
    ControlPlaneInstanceType string

    The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. The instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. Choose an instance type based on the number of nodes that your cluster will have. If your cluster will have:

    • 1–20 nodes, then we recommend specifying a large instance type.

    • 21–100 nodes, then we recommend specifying an xlarge instance type.

    • 101–250 nodes, then we recommend specifying a 2xlarge instance type.

    For a list of the available Amazon EC2 instance types, see Compute and storage in AWS Outposts rack features The control plane is not automatically scaled by Amazon EKS.

    OutpostArns []string
    The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. This argument is a list of arns, but only a single Outpost ARN is supported currently.
    ControlPlanePlacement ClusterOutpostConfigControlPlanePlacement
    An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on AWS Outpost. The control_plane_placement configuration block supports the following arguments:
    controlPlaneInstanceType String

    The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. The instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. Choose an instance type based on the number of nodes that your cluster will have. If your cluster will have:

    • 1–20 nodes, then we recommend specifying a large instance type.

    • 21–100 nodes, then we recommend specifying an xlarge instance type.

    • 101–250 nodes, then we recommend specifying a 2xlarge instance type.

    For a list of the available Amazon EC2 instance types, see Compute and storage in AWS Outposts rack features The control plane is not automatically scaled by Amazon EKS.

    outpostArns List<String>
    The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. This argument is a list of arns, but only a single Outpost ARN is supported currently.
    controlPlanePlacement ClusterOutpostConfigControlPlanePlacement
    An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on AWS Outpost. The control_plane_placement configuration block supports the following arguments:
    controlPlaneInstanceType string

    The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. The instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. Choose an instance type based on the number of nodes that your cluster will have. If your cluster will have:

    • 1–20 nodes, then we recommend specifying a large instance type.

    • 21–100 nodes, then we recommend specifying an xlarge instance type.

    • 101–250 nodes, then we recommend specifying a 2xlarge instance type.

    For a list of the available Amazon EC2 instance types, see Compute and storage in AWS Outposts rack features The control plane is not automatically scaled by Amazon EKS.

    outpostArns string[]
    The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. This argument is a list of arns, but only a single Outpost ARN is supported currently.
    controlPlanePlacement ClusterOutpostConfigControlPlanePlacement
    An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on AWS Outpost. The control_plane_placement configuration block supports the following arguments:
    control_plane_instance_type str

    The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. The instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. Choose an instance type based on the number of nodes that your cluster will have. If your cluster will have:

    • 1–20 nodes, then we recommend specifying a large instance type.

    • 21–100 nodes, then we recommend specifying an xlarge instance type.

    • 101–250 nodes, then we recommend specifying a 2xlarge instance type.

    For a list of the available Amazon EC2 instance types, see Compute and storage in AWS Outposts rack features The control plane is not automatically scaled by Amazon EKS.

    outpost_arns Sequence[str]
    The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. This argument is a list of arns, but only a single Outpost ARN is supported currently.
    control_plane_placement ClusterOutpostConfigControlPlanePlacement
    An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on AWS Outpost. The control_plane_placement configuration block supports the following arguments:
    controlPlaneInstanceType String

    The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. The instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. Choose an instance type based on the number of nodes that your cluster will have. If your cluster will have:

    • 1–20 nodes, then we recommend specifying a large instance type.

    • 21–100 nodes, then we recommend specifying an xlarge instance type.

    • 101–250 nodes, then we recommend specifying a 2xlarge instance type.

    For a list of the available Amazon EC2 instance types, see Compute and storage in AWS Outposts rack features The control plane is not automatically scaled by Amazon EKS.

    outpostArns List<String>
    The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. This argument is a list of arns, but only a single Outpost ARN is supported currently.
    controlPlanePlacement Property Map
    An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on AWS Outpost. The control_plane_placement configuration block supports the following arguments:

    ClusterOutpostConfigControlPlanePlacement, ClusterOutpostConfigControlPlanePlacementArgs

    GroupName string
    The name of the placement group for the Kubernetes control plane instances. This setting can't be changed after cluster creation.
    GroupName string
    The name of the placement group for the Kubernetes control plane instances. This setting can't be changed after cluster creation.
    groupName String
    The name of the placement group for the Kubernetes control plane instances. This setting can't be changed after cluster creation.
    groupName string
    The name of the placement group for the Kubernetes control plane instances. This setting can't be changed after cluster creation.
    group_name str
    The name of the placement group for the Kubernetes control plane instances. This setting can't be changed after cluster creation.
    groupName String
    The name of the placement group for the Kubernetes control plane instances. This setting can't be changed after cluster creation.

    ClusterRemoteNetworkConfig, ClusterRemoteNetworkConfigArgs

    RemoteNodeNetworks ClusterRemoteNetworkConfigRemoteNodeNetworks
    Configuration block with remote node network configuration for EKS Hybrid Nodes. Detailed below.
    RemotePodNetworks ClusterRemoteNetworkConfigRemotePodNetworks
    Configuration block with remote pod network configuration for EKS Hybrid Nodes. Detailed below.
    RemoteNodeNetworks ClusterRemoteNetworkConfigRemoteNodeNetworks
    Configuration block with remote node network configuration for EKS Hybrid Nodes. Detailed below.
    RemotePodNetworks ClusterRemoteNetworkConfigRemotePodNetworks
    Configuration block with remote pod network configuration for EKS Hybrid Nodes. Detailed below.
    remoteNodeNetworks ClusterRemoteNetworkConfigRemoteNodeNetworks
    Configuration block with remote node network configuration for EKS Hybrid Nodes. Detailed below.
    remotePodNetworks ClusterRemoteNetworkConfigRemotePodNetworks
    Configuration block with remote pod network configuration for EKS Hybrid Nodes. Detailed below.
    remoteNodeNetworks ClusterRemoteNetworkConfigRemoteNodeNetworks
    Configuration block with remote node network configuration for EKS Hybrid Nodes. Detailed below.
    remotePodNetworks ClusterRemoteNetworkConfigRemotePodNetworks
    Configuration block with remote pod network configuration for EKS Hybrid Nodes. Detailed below.
    remote_node_networks ClusterRemoteNetworkConfigRemoteNodeNetworks
    Configuration block with remote node network configuration for EKS Hybrid Nodes. Detailed below.
    remote_pod_networks ClusterRemoteNetworkConfigRemotePodNetworks
    Configuration block with remote pod network configuration for EKS Hybrid Nodes. Detailed below.
    remoteNodeNetworks Property Map
    Configuration block with remote node network configuration for EKS Hybrid Nodes. Detailed below.
    remotePodNetworks Property Map
    Configuration block with remote pod network configuration for EKS Hybrid Nodes. Detailed below.

    ClusterRemoteNetworkConfigRemoteNodeNetworks, ClusterRemoteNetworkConfigRemoteNodeNetworksArgs

    Cidrs List<string>
    List of network CIDRs that can contain hybrid nodes.
    Cidrs []string
    List of network CIDRs that can contain hybrid nodes.
    cidrs List<String>
    List of network CIDRs that can contain hybrid nodes.
    cidrs string[]
    List of network CIDRs that can contain hybrid nodes.
    cidrs Sequence[str]
    List of network CIDRs that can contain hybrid nodes.
    cidrs List<String>
    List of network CIDRs that can contain hybrid nodes.

    ClusterRemoteNetworkConfigRemotePodNetworks, ClusterRemoteNetworkConfigRemotePodNetworksArgs

    Cidrs List<string>
    List of network CIDRs that can contain pods that run Kubernetes webhooks on hybrid nodes.
    Cidrs []string
    List of network CIDRs that can contain pods that run Kubernetes webhooks on hybrid nodes.
    cidrs List<String>
    List of network CIDRs that can contain pods that run Kubernetes webhooks on hybrid nodes.
    cidrs string[]
    List of network CIDRs that can contain pods that run Kubernetes webhooks on hybrid nodes.
    cidrs Sequence[str]
    List of network CIDRs that can contain pods that run Kubernetes webhooks on hybrid nodes.
    cidrs List<String>
    List of network CIDRs that can contain pods that run Kubernetes webhooks on hybrid nodes.

    ClusterStorageConfig, ClusterStorageConfigArgs

    ClusterStorageConfigBlockStorage, ClusterStorageConfigBlockStorageArgs

    Enabled bool
    Enabled bool
    enabled Boolean
    enabled boolean
    enabled bool
    enabled Boolean

    ClusterUpgradePolicy, ClusterUpgradePolicyArgs

    SupportType string
    Support type to use for the cluster. If the cluster is set to EXTENDED, it will enter extended support at the end of standard support. If the cluster is set to STANDARD, it will be automatically upgraded at the end of standard support. Valid values are EXTENDED, STANDARD
    SupportType string
    Support type to use for the cluster. If the cluster is set to EXTENDED, it will enter extended support at the end of standard support. If the cluster is set to STANDARD, it will be automatically upgraded at the end of standard support. Valid values are EXTENDED, STANDARD
    supportType String
    Support type to use for the cluster. If the cluster is set to EXTENDED, it will enter extended support at the end of standard support. If the cluster is set to STANDARD, it will be automatically upgraded at the end of standard support. Valid values are EXTENDED, STANDARD
    supportType string
    Support type to use for the cluster. If the cluster is set to EXTENDED, it will enter extended support at the end of standard support. If the cluster is set to STANDARD, it will be automatically upgraded at the end of standard support. Valid values are EXTENDED, STANDARD
    support_type str
    Support type to use for the cluster. If the cluster is set to EXTENDED, it will enter extended support at the end of standard support. If the cluster is set to STANDARD, it will be automatically upgraded at the end of standard support. Valid values are EXTENDED, STANDARD
    supportType String
    Support type to use for the cluster. If the cluster is set to EXTENDED, it will enter extended support at the end of standard support. If the cluster is set to STANDARD, it will be automatically upgraded at the end of standard support. Valid values are EXTENDED, STANDARD

    ClusterVpcConfig, ClusterVpcConfigArgs

    SubnetIds List<string>
    List of subnet IDs. Must be in at least two different availability zones. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.
    ClusterSecurityGroupId string
    Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.
    EndpointPrivateAccess bool
    Whether the Amazon EKS private API server endpoint is enabled. Default is false.
    EndpointPublicAccess bool
    Whether the Amazon EKS public API server endpoint is enabled. Default is true.
    PublicAccessCidrs List<string>
    List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint when enabled. EKS defaults this to a list with 0.0.0.0/0. The provider will only perform drift detection of its value when present in a configuration.
    SecurityGroupIds List<string>
    List of security group IDs for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane.
    VpcId string
    ID of the VPC associated with your cluster.
    SubnetIds []string
    List of subnet IDs. Must be in at least two different availability zones. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.
    ClusterSecurityGroupId string
    Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.
    EndpointPrivateAccess bool
    Whether the Amazon EKS private API server endpoint is enabled. Default is false.
    EndpointPublicAccess bool
    Whether the Amazon EKS public API server endpoint is enabled. Default is true.
    PublicAccessCidrs []string
    List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint when enabled. EKS defaults this to a list with 0.0.0.0/0. The provider will only perform drift detection of its value when present in a configuration.
    SecurityGroupIds []string
    List of security group IDs for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane.
    VpcId string
    ID of the VPC associated with your cluster.
    subnetIds List<String>
    List of subnet IDs. Must be in at least two different availability zones. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.
    clusterSecurityGroupId String
    Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.
    endpointPrivateAccess Boolean
    Whether the Amazon EKS private API server endpoint is enabled. Default is false.
    endpointPublicAccess Boolean
    Whether the Amazon EKS public API server endpoint is enabled. Default is true.
    publicAccessCidrs List<String>
    List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint when enabled. EKS defaults this to a list with 0.0.0.0/0. The provider will only perform drift detection of its value when present in a configuration.
    securityGroupIds List<String>
    List of security group IDs for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane.
    vpcId String
    ID of the VPC associated with your cluster.
    subnetIds string[]
    List of subnet IDs. Must be in at least two different availability zones. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.
    clusterSecurityGroupId string
    Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.
    endpointPrivateAccess boolean
    Whether the Amazon EKS private API server endpoint is enabled. Default is false.
    endpointPublicAccess boolean
    Whether the Amazon EKS public API server endpoint is enabled. Default is true.
    publicAccessCidrs string[]
    List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint when enabled. EKS defaults this to a list with 0.0.0.0/0. The provider will only perform drift detection of its value when present in a configuration.
    securityGroupIds string[]
    List of security group IDs for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane.
    vpcId string
    ID of the VPC associated with your cluster.
    subnet_ids Sequence[str]
    List of subnet IDs. Must be in at least two different availability zones. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.
    cluster_security_group_id str
    Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.
    endpoint_private_access bool
    Whether the Amazon EKS private API server endpoint is enabled. Default is false.
    endpoint_public_access bool
    Whether the Amazon EKS public API server endpoint is enabled. Default is true.
    public_access_cidrs Sequence[str]
    List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint when enabled. EKS defaults this to a list with 0.0.0.0/0. The provider will only perform drift detection of its value when present in a configuration.
    security_group_ids Sequence[str]
    List of security group IDs for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane.
    vpc_id str
    ID of the VPC associated with your cluster.
    subnetIds List<String>
    List of subnet IDs. Must be in at least two different availability zones. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.
    clusterSecurityGroupId String
    Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.
    endpointPrivateAccess Boolean
    Whether the Amazon EKS private API server endpoint is enabled. Default is false.
    endpointPublicAccess Boolean
    Whether the Amazon EKS public API server endpoint is enabled. Default is true.
    publicAccessCidrs List<String>
    List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint when enabled. EKS defaults this to a list with 0.0.0.0/0. The provider will only perform drift detection of its value when present in a configuration.
    securityGroupIds List<String>
    List of security group IDs for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane.
    vpcId String
    ID of the VPC associated with your cluster.

    ClusterZonalShiftConfig, ClusterZonalShiftConfigArgs

    Enabled bool
    Whether zonal shift is enabled for the cluster.
    Enabled bool
    Whether zonal shift is enabled for the cluster.
    enabled Boolean
    Whether zonal shift is enabled for the cluster.
    enabled boolean
    Whether zonal shift is enabled for the cluster.
    enabled bool
    Whether zonal shift is enabled for the cluster.
    enabled Boolean
    Whether zonal shift is enabled for the cluster.

    Import

    Using pulumi import, import EKS Clusters using the name. For example:

    $ pulumi import aws:eks/cluster:Cluster my_cluster my_cluster
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo
    AWS v6.64.0 published on Friday, Dec 6, 2024 by Pulumi