Amazon EKS

v0.35.0 published on Wednesday, Nov 10, 2021 by Pulumi

ManagedNodeGroup

ManagedNodeGroup is a component that wraps creating an AWS managed node group.

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html

Create a ManagedNodeGroup Resource

new ManagedNodeGroup(name: string, args: ManagedNodeGroupArgs, opts?: CustomResourceOptions);
@overload
def ManagedNodeGroup(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     ami_type: Optional[str] = None,
                     capacity_type: Optional[str] = None,
                     cluster: Optional[CoreDataArgs] = None,
                     cluster_name: Optional[str] = None,
                     disk_size: Optional[int] = None,
                     force_update_version: Optional[bool] = None,
                     instance_types: Optional[Sequence[str]] = None,
                     labels: Optional[Mapping[str, str]] = None,
                     launch_template: Optional[pulumi_aws.eks.NodeGroupLaunchTemplateArgs] = None,
                     node_group_name: Optional[str] = None,
                     node_group_name_prefix: Optional[str] = None,
                     node_role: Optional[pulumi_aws.iam.Role] = None,
                     node_role_arn: Optional[str] = None,
                     release_version: Optional[str] = None,
                     remote_access: Optional[pulumi_aws.eks.NodeGroupRemoteAccessArgs] = None,
                     scaling_config: Optional[pulumi_aws.eks.NodeGroupScalingConfigArgs] = None,
                     subnet_ids: Optional[Sequence[str]] = None,
                     tags: Optional[Mapping[str, str]] = None,
                     taints: Optional[Sequence[pulumi_aws.eks.NodeGroupTaintArgs]] = None,
                     version: Optional[str] = None)
@overload
def ManagedNodeGroup(resource_name: str,
                     args: ManagedNodeGroupArgs,
                     opts: Optional[ResourceOptions] = None)
func NewManagedNodeGroup(ctx *Context, name string, args ManagedNodeGroupArgs, opts ...ResourceOption) (*ManagedNodeGroup, error)
public ManagedNodeGroup(string name, ManagedNodeGroupArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args ManagedNodeGroupArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ManagedNodeGroupArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ManagedNodeGroupArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ManagedNodeGroupArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

ManagedNodeGroup Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ManagedNodeGroup resource accepts the following input properties:

Cluster CoreDataArgs
The target EKS cluster.
AmiType string
Type of Amazon Machine Image (AMI) associated with the EKS Node Group. Defaults to AL2_x86_64. Valid values: AL2_x86_64, AL2_x86_64_GPU, AL2_ARM_64. This provider will only perform drift detection if a configuration value is provided.
CapacityType string
Type of capacity associated with the EKS Node Group. Valid values: ON_DEMAND, SPOT. This provider will only perform drift detection if a configuration value is provided.
ClusterName string
Name of the EKS Cluster.
DiskSize int
Disk size in GiB for worker nodes. Defaults to 20. This provider will only perform drift detection if a configuration value is provided.
ForceUpdateVersion bool
Force version update if existing pods are unable to be drained due to a pod disruption budget issue.
InstanceTypes List<string>
Set of instance types associated with the EKS Node Group. Defaults to ["t3.medium"]. This provider will only perform drift detection if a configuration value is provided. Currently, the EKS API only accepts a single value in the set.
Labels Dictionary<string, string>
Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.
LaunchTemplate Pulumi.Aws.Eks.Inputs.NodeGroupLaunchTemplateArgs
Launch Template settings.
NodeGroupName string
Name of the EKS Node Group. If omitted, this provider will assign a random, unique name. Conflicts with nodeGroupNamePrefix.
NodeGroupNamePrefix string
Creates a unique name beginning with the specified prefix. Conflicts with nodeGroupName.
NodeRole Pulumi.Aws.Iam.Role

The IAM Role that provides permissions for the EKS Node Group.

Note, nodeRole and nodeRoleArn are mutually exclusive, and a single option must be used.

NodeRoleArn string

Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.

Note, nodeRoleArn and nodeRole are mutually exclusive, and a single option must be used.

ReleaseVersion string
AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.
RemoteAccess Pulumi.Aws.Eks.Inputs.NodeGroupRemoteAccessArgs
Remote access settings.
ScalingConfig Pulumi.Aws.Eks.Inputs.NodeGroupScalingConfigArgs

Scaling settings.

Default scaling amounts of the node group autoscaling group are:

  • desiredSize: 2
  • minSize: 1
  • maxSize: 2
SubnetIds List<string>

Identifiers of EC2 Subnets to associate with the EKS Node Group. These subnets must have the following resource tag: kubernetes.io/cluster/CLUSTER_NAME (where CLUSTER_NAME is replaced with the name of the EKS Cluster).

Default subnetIds is chosen from the following list, in order, if subnetIds arg is not set:

  • core.subnetIds
  • core.privateIds
  • core.publicSublicSubnetIds

This default logic is based on the existing subnet IDs logic of this package: https://git.io/JeM11

Tags Dictionary<string, string>
Key-value mapping of resource tags.
Taints List<Pulumi.Aws.Eks.Inputs.NodeGroupTaintArgs>
The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group.
Version string
Cluster CoreDataArgs
The target EKS cluster.
AmiType string
Type of Amazon Machine Image (AMI) associated with the EKS Node Group. Defaults to AL2_x86_64. Valid values: AL2_x86_64, AL2_x86_64_GPU, AL2_ARM_64. This provider will only perform drift detection if a configuration value is provided.
CapacityType string
Type of capacity associated with the EKS Node Group. Valid values: ON_DEMAND, SPOT. This provider will only perform drift detection if a configuration value is provided.
ClusterName string
Name of the EKS Cluster.
DiskSize int
Disk size in GiB for worker nodes. Defaults to 20. This provider will only perform drift detection if a configuration value is provided.
ForceUpdateVersion bool
Force version update if existing pods are unable to be drained due to a pod disruption budget issue.
InstanceTypes []string
Set of instance types associated with the EKS Node Group. Defaults to ["t3.medium"]. This provider will only perform drift detection if a configuration value is provided. Currently, the EKS API only accepts a single value in the set.
Labels map[string]string
Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.
LaunchTemplate NodeGroupLaunchTemplateArgs
Launch Template settings.
NodeGroupName string
Name of the EKS Node Group. If omitted, this provider will assign a random, unique name. Conflicts with nodeGroupNamePrefix.
NodeGroupNamePrefix string
Creates a unique name beginning with the specified prefix. Conflicts with nodeGroupName.
NodeRole Role

The IAM Role that provides permissions for the EKS Node Group.

Note, nodeRole and nodeRoleArn are mutually exclusive, and a single option must be used.

NodeRoleArn string

Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.

Note, nodeRoleArn and nodeRole are mutually exclusive, and a single option must be used.

ReleaseVersion string
AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.
RemoteAccess NodeGroupRemoteAccessArgs
Remote access settings.
ScalingConfig NodeGroupScalingConfigArgs

Scaling settings.

Default scaling amounts of the node group autoscaling group are:

  • desiredSize: 2
  • minSize: 1
  • maxSize: 2
SubnetIds []string

Identifiers of EC2 Subnets to associate with the EKS Node Group. These subnets must have the following resource tag: kubernetes.io/cluster/CLUSTER_NAME (where CLUSTER_NAME is replaced with the name of the EKS Cluster).

Default subnetIds is chosen from the following list, in order, if subnetIds arg is not set:

  • core.subnetIds
  • core.privateIds
  • core.publicSublicSubnetIds

This default logic is based on the existing subnet IDs logic of this package: https://git.io/JeM11

Tags map[string]string
Key-value mapping of resource tags.
Taints NodeGroupTaintArgs
The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group.
Version string
cluster CoreDataArgs
The target EKS cluster.
amiType string
Type of Amazon Machine Image (AMI) associated with the EKS Node Group. Defaults to AL2_x86_64. Valid values: AL2_x86_64, AL2_x86_64_GPU, AL2_ARM_64. This provider will only perform drift detection if a configuration value is provided.
capacityType string
Type of capacity associated with the EKS Node Group. Valid values: ON_DEMAND, SPOT. This provider will only perform drift detection if a configuration value is provided.
clusterName string
Name of the EKS Cluster.
diskSize number
Disk size in GiB for worker nodes. Defaults to 20. This provider will only perform drift detection if a configuration value is provided.
forceUpdateVersion boolean
Force version update if existing pods are unable to be drained due to a pod disruption budget issue.
instanceTypes string[]
Set of instance types associated with the EKS Node Group. Defaults to ["t3.medium"]. This provider will only perform drift detection if a configuration value is provided. Currently, the EKS API only accepts a single value in the set.
labels {[key: string]: string}
Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.
launchTemplate pulumiAwstypesinputeksNodeGroupLaunchTemplateArgs
Launch Template settings.
nodeGroupName string
Name of the EKS Node Group. If omitted, this provider will assign a random, unique name. Conflicts with nodeGroupNamePrefix.
nodeGroupNamePrefix string
Creates a unique name beginning with the specified prefix. Conflicts with nodeGroupName.
nodeRole pulumiAwsiamRole

The IAM Role that provides permissions for the EKS Node Group.

Note, nodeRole and nodeRoleArn are mutually exclusive, and a single option must be used.

nodeRoleArn string

Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.

Note, nodeRoleArn and nodeRole are mutually exclusive, and a single option must be used.

releaseVersion string
AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.
remoteAccess pulumiAwstypesinputeksNodeGroupRemoteAccessArgs
Remote access settings.
scalingConfig pulumiAwstypesinputeksNodeGroupScalingConfigArgs

Scaling settings.

Default scaling amounts of the node group autoscaling group are:

  • desiredSize: 2
  • minSize: 1
  • maxSize: 2
subnetIds string[]

Identifiers of EC2 Subnets to associate with the EKS Node Group. These subnets must have the following resource tag: kubernetes.io/cluster/CLUSTER_NAME (where CLUSTER_NAME is replaced with the name of the EKS Cluster).

Default subnetIds is chosen from the following list, in order, if subnetIds arg is not set:

  • core.subnetIds
  • core.privateIds
  • core.publicSublicSubnetIds

This default logic is based on the existing subnet IDs logic of this package: https://git.io/JeM11

tags {[key: string]: string}
Key-value mapping of resource tags.
taints pulumiAwstypesinputeksNodeGroupTaintArgs[]
The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group.
version string
cluster CoreDataArgs
The target EKS cluster.
ami_type str
Type of Amazon Machine Image (AMI) associated with the EKS Node Group. Defaults to AL2_x86_64. Valid values: AL2_x86_64, AL2_x86_64_GPU, AL2_ARM_64. This provider will only perform drift detection if a configuration value is provided.
capacity_type str
Type of capacity associated with the EKS Node Group. Valid values: ON_DEMAND, SPOT. This provider will only perform drift detection if a configuration value is provided.
cluster_name str
Name of the EKS Cluster.
disk_size int
Disk size in GiB for worker nodes. Defaults to 20. This provider will only perform drift detection if a configuration value is provided.
force_update_version bool
Force version update if existing pods are unable to be drained due to a pod disruption budget issue.
instance_types Sequence[str]
Set of instance types associated with the EKS Node Group. Defaults to ["t3.medium"]. This provider will only perform drift detection if a configuration value is provided. Currently, the EKS API only accepts a single value in the set.
labels Mapping[str, str]
Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.
launch_template NodeGroupLaunchTemplateArgs
Launch Template settings.
node_group_name str
Name of the EKS Node Group. If omitted, this provider will assign a random, unique name. Conflicts with nodeGroupNamePrefix.
node_group_name_prefix str
Creates a unique name beginning with the specified prefix. Conflicts with nodeGroupName.
node_role Role

The IAM Role that provides permissions for the EKS Node Group.

Note, nodeRole and nodeRoleArn are mutually exclusive, and a single option must be used.

node_role_arn str

Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.

Note, nodeRoleArn and nodeRole are mutually exclusive, and a single option must be used.

release_version str
AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.
remote_access NodeGroupRemoteAccessArgs
Remote access settings.
scaling_config NodeGroupScalingConfigArgs

Scaling settings.

Default scaling amounts of the node group autoscaling group are:

  • desiredSize: 2
  • minSize: 1
  • maxSize: 2
subnet_ids Sequence[str]

Identifiers of EC2 Subnets to associate with the EKS Node Group. These subnets must have the following resource tag: kubernetes.io/cluster/CLUSTER_NAME (where CLUSTER_NAME is replaced with the name of the EKS Cluster).

Default subnetIds is chosen from the following list, in order, if subnetIds arg is not set:

  • core.subnetIds
  • core.privateIds
  • core.publicSublicSubnetIds

This default logic is based on the existing subnet IDs logic of this package: https://git.io/JeM11

tags Mapping[str, str]
Key-value mapping of resource tags.
taints NodeGroupTaintArgs]
The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group.
version str

Outputs

All input properties are implicitly available as output properties. Additionally, the ManagedNodeGroup resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
NodeGroup Pulumi.Aws.Eks.NodeGroup
The AWS managed node group.
Id string
The provider-assigned unique ID for this managed resource.
NodeGroup NodeGroup
The AWS managed node group.
id string
The provider-assigned unique ID for this managed resource.
nodeGroup pulumiAwseksNodeGroup
The AWS managed node group.
id str
The provider-assigned unique ID for this managed resource.
node_group NodeGroup
The AWS managed node group.

Supporting Types

ClusterNodeGroupOptions

AmiId string

The AMI ID to use for the worker nodes.

Defaults to the latest recommended EKS Optimized Linux AMI from the AWS Systems Manager Parameter Store.

Note: amiId and gpu are mutually exclusive.

See for more details:

AutoScalingGroupTags Dictionary<string, string>

The tags to apply to the NodeGroup’s AutoScalingGroup in the CloudFormation Stack.

Per AWS, all stack-level tags, including automatically created tags, and the cloudFormationTags option are propagated to resources that AWS CloudFormation supports, including the AutoScalingGroup. See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

BootstrapExtraArgs string
Additional args to pass directly to /etc/eks/bootstrap.sh. Fror details on available options, see: https://github.com/awslabs/amazon-eks-ami/blob/master/files/bootstrap.sh. Note that the –apiserver-endpoint, –b64-cluster-ca and –kubelet-extra-args flags are included automatically based on other configuration parameters.
CloudFormationTags Dictionary<string, string>

The tags to apply to the CloudFormation Stack of the Worker NodeGroup.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

ClusterIngressRule Pulumi.Aws.Ec2.SecurityGroupRule
The ingress rule that gives node group access.
DesiredCapacity int
The number of worker nodes that should be running in the cluster. Defaults to 2.
EncryptRootBlockDevice bool
Encrypt the root block device of the nodes in the node group.
ExtraNodeSecurityGroups List<Pulumi.Aws.Ec2.SecurityGroup>

Extra security groups to attach on all nodes in this worker node group.

This additional set of security groups captures any user application rules that will be needed for the nodes.

Gpu bool

Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.

Defaults to false.

Note: gpu and amiId are mutually exclusive.

See for more details:

InstanceProfile Pulumi.Aws.Iam.InstanceProfile
The ingress rule that gives node group access.
InstanceType string
The instance type to use for the cluster’s nodes. Defaults to “t2.medium”.
KeyName string
Name of the key pair to use for SSH access to worker nodes.
KubeletExtraArgs string
Extra args to pass to the Kubelet. Corresponds to the options passed in the –kubeletExtraArgs flag to /etc/eks/bootstrap.sh. For example, ‘–port=10251 –address=0.0.0.0’. Note that the labels and taints properties will be applied to this list (using –node-labels and –register-with-taints respectively) after to the expicit kubeletExtraArgs.
Labels Dictionary<string, string>
Custom k8s node labels to be attached to each woker node. Adds the given key/value pairs to the –node-labels kubelet argument.
MaxSize int
The maximum number of worker nodes running in the cluster. Defaults to 2.
MinSize int
The minimum number of worker nodes running in the cluster. Defaults to 1.
NodeAssociatePublicIpAddress bool
Whether or not to auto-assign public IP addresses on the EKS worker nodes. If this toggle is set to true, the EKS workers will be auto-assigned public IPs. If false, they will not be auto-assigned public IPs.
NodePublicKey string
Public key material for SSH access to worker nodes. See allowed formats at: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html If not provided, no SSH access is enabled on VMs.
NodeRootVolumeSize int
The size in GiB of a cluster node’s root volume. Defaults to 20.
NodeSecurityGroup Pulumi.Aws.Ec2.SecurityGroup

The security group for the worker node group to communicate with the cluster.

This security group requires specific inbound and outbound rules.

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html

Note: The nodeSecurityGroup option and the cluster optionnodeSecurityGroupTags are mutually exclusive.

NodeSubnetIds List<string>

The set of subnets to override and use for the worker node group.

Setting this option overrides which subnets to use for the worker node group, regardless if the cluster’s subnetIds is set, or if publicSubnetIds and/or privateSubnetIds were set.

NodeUserData string
Extra code to run on node startup. This code will run after the AWS EKS bootstrapping code and before the node signals its readiness to the managing CloudFormation stack. This code must be a typical user data script: critically it must begin with an interpreter directive (i.e. a #!).
NodeUserDataOverride string

User specified code to run on node startup. This code is expected to handle the full AWS EKS bootstrapping code and signal node readiness to the managing CloudFormation stack. This code must be a complete and executable user data script in bash (Linux) or powershell (Windows).

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/worker.html

SpotPrice string
Bidding price for spot instance. If set, only spot instances will be added as worker node.
Taints Dictionary<string, Taint>
Custom k8s node taints to be attached to each worker node. Adds the given taints to the –register-with-taints kubelet argument
Version string
Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.
AmiId string

The AMI ID to use for the worker nodes.

Defaults to the latest recommended EKS Optimized Linux AMI from the AWS Systems Manager Parameter Store.

Note: amiId and gpu are mutually exclusive.

See for more details:

AutoScalingGroupTags map[string]string

The tags to apply to the NodeGroup’s AutoScalingGroup in the CloudFormation Stack.

Per AWS, all stack-level tags, including automatically created tags, and the cloudFormationTags option are propagated to resources that AWS CloudFormation supports, including the AutoScalingGroup. See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

BootstrapExtraArgs string
Additional args to pass directly to /etc/eks/bootstrap.sh. Fror details on available options, see: https://github.com/awslabs/amazon-eks-ami/blob/master/files/bootstrap.sh. Note that the –apiserver-endpoint, –b64-cluster-ca and –kubelet-extra-args flags are included automatically based on other configuration parameters.
CloudFormationTags map[string]string

The tags to apply to the CloudFormation Stack of the Worker NodeGroup.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

ClusterIngressRule SecurityGroupRule
The ingress rule that gives node group access.
DesiredCapacity int
The number of worker nodes that should be running in the cluster. Defaults to 2.
EncryptRootBlockDevice bool
Encrypt the root block device of the nodes in the node group.
ExtraNodeSecurityGroups SecurityGroup

Extra security groups to attach on all nodes in this worker node group.

This additional set of security groups captures any user application rules that will be needed for the nodes.

Gpu bool

Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.

Defaults to false.

Note: gpu and amiId are mutually exclusive.

See for more details:

InstanceProfile InstanceProfile
The ingress rule that gives node group access.
InstanceType string
The instance type to use for the cluster’s nodes. Defaults to “t2.medium”.
KeyName string
Name of the key pair to use for SSH access to worker nodes.
KubeletExtraArgs string
Extra args to pass to the Kubelet. Corresponds to the options passed in the –kubeletExtraArgs flag to /etc/eks/bootstrap.sh. For example, ‘–port=10251 –address=0.0.0.0’. Note that the labels and taints properties will be applied to this list (using –node-labels and –register-with-taints respectively) after to the expicit kubeletExtraArgs.
Labels map[string]string
Custom k8s node labels to be attached to each woker node. Adds the given key/value pairs to the –node-labels kubelet argument.
MaxSize int
The maximum number of worker nodes running in the cluster. Defaults to 2.
MinSize int
The minimum number of worker nodes running in the cluster. Defaults to 1.
NodeAssociatePublicIpAddress bool
Whether or not to auto-assign public IP addresses on the EKS worker nodes. If this toggle is set to true, the EKS workers will be auto-assigned public IPs. If false, they will not be auto-assigned public IPs.
NodePublicKey string
Public key material for SSH access to worker nodes. See allowed formats at: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html If not provided, no SSH access is enabled on VMs.
NodeRootVolumeSize int
The size in GiB of a cluster node’s root volume. Defaults to 20.
NodeSecurityGroup SecurityGroup

The security group for the worker node group to communicate with the cluster.

This security group requires specific inbound and outbound rules.

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html

Note: The nodeSecurityGroup option and the cluster optionnodeSecurityGroupTags are mutually exclusive.

NodeSubnetIds []string

The set of subnets to override and use for the worker node group.

Setting this option overrides which subnets to use for the worker node group, regardless if the cluster’s subnetIds is set, or if publicSubnetIds and/or privateSubnetIds were set.

NodeUserData string
Extra code to run on node startup. This code will run after the AWS EKS bootstrapping code and before the node signals its readiness to the managing CloudFormation stack. This code must be a typical user data script: critically it must begin with an interpreter directive (i.e. a #!).
NodeUserDataOverride string

User specified code to run on node startup. This code is expected to handle the full AWS EKS bootstrapping code and signal node readiness to the managing CloudFormation stack. This code must be a complete and executable user data script in bash (Linux) or powershell (Windows).

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/worker.html

SpotPrice string
Bidding price for spot instance. If set, only spot instances will be added as worker node.
Taints map[string]Taint
Custom k8s node taints to be attached to each worker node. Adds the given taints to the –register-with-taints kubelet argument
Version string
Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.
amiId string

The AMI ID to use for the worker nodes.

Defaults to the latest recommended EKS Optimized Linux AMI from the AWS Systems Manager Parameter Store.

Note: amiId and gpu are mutually exclusive.

See for more details:

autoScalingGroupTags {[key: string]: string}

The tags to apply to the NodeGroup’s AutoScalingGroup in the CloudFormation Stack.

Per AWS, all stack-level tags, including automatically created tags, and the cloudFormationTags option are propagated to resources that AWS CloudFormation supports, including the AutoScalingGroup. See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

bootstrapExtraArgs string
Additional args to pass directly to /etc/eks/bootstrap.sh. Fror details on available options, see: https://github.com/awslabs/amazon-eks-ami/blob/master/files/bootstrap.sh. Note that the –apiserver-endpoint, –b64-cluster-ca and –kubelet-extra-args flags are included automatically based on other configuration parameters.
cloudFormationTags {[key: string]: string}

The tags to apply to the CloudFormation Stack of the Worker NodeGroup.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

clusterIngressRule pulumiAwsec2SecurityGroupRule
The ingress rule that gives node group access.
desiredCapacity number
The number of worker nodes that should be running in the cluster. Defaults to 2.
encryptRootBlockDevice boolean
Encrypt the root block device of the nodes in the node group.
extraNodeSecurityGroups pulumiAwsec2SecurityGroup[]

Extra security groups to attach on all nodes in this worker node group.

This additional set of security groups captures any user application rules that will be needed for the nodes.

gpu boolean

Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.

Defaults to false.

Note: gpu and amiId are mutually exclusive.

See for more details:

instanceProfile pulumiAwsiamInstanceProfile
The ingress rule that gives node group access.
instanceType string
The instance type to use for the cluster’s nodes. Defaults to “t2.medium”.
keyName string
Name of the key pair to use for SSH access to worker nodes.
kubeletExtraArgs string
Extra args to pass to the Kubelet. Corresponds to the options passed in the –kubeletExtraArgs flag to /etc/eks/bootstrap.sh. For example, ‘–port=10251 –address=0.0.0.0’. Note that the labels and taints properties will be applied to this list (using –node-labels and –register-with-taints respectively) after to the expicit kubeletExtraArgs.
labels {[key: string]: string}
Custom k8s node labels to be attached to each woker node. Adds the given key/value pairs to the –node-labels kubelet argument.
maxSize number
The maximum number of worker nodes running in the cluster. Defaults to 2.
minSize number
The minimum number of worker nodes running in the cluster. Defaults to 1.
nodeAssociatePublicIpAddress boolean
Whether or not to auto-assign public IP addresses on the EKS worker nodes. If this toggle is set to true, the EKS workers will be auto-assigned public IPs. If false, they will not be auto-assigned public IPs.
nodePublicKey string
Public key material for SSH access to worker nodes. See allowed formats at: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html If not provided, no SSH access is enabled on VMs.
nodeRootVolumeSize number
The size in GiB of a cluster node’s root volume. Defaults to 20.
nodeSecurityGroup pulumiAwsec2SecurityGroup

The security group for the worker node group to communicate with the cluster.

This security group requires specific inbound and outbound rules.

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html

Note: The nodeSecurityGroup option and the cluster optionnodeSecurityGroupTags are mutually exclusive.

nodeSubnetIds string[]

The set of subnets to override and use for the worker node group.

Setting this option overrides which subnets to use for the worker node group, regardless if the cluster’s subnetIds is set, or if publicSubnetIds and/or privateSubnetIds were set.

nodeUserData string
Extra code to run on node startup. This code will run after the AWS EKS bootstrapping code and before the node signals its readiness to the managing CloudFormation stack. This code must be a typical user data script: critically it must begin with an interpreter directive (i.e. a #!).
nodeUserDataOverride string

User specified code to run on node startup. This code is expected to handle the full AWS EKS bootstrapping code and signal node readiness to the managing CloudFormation stack. This code must be a complete and executable user data script in bash (Linux) or powershell (Windows).

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/worker.html

spotPrice string
Bidding price for spot instance. If set, only spot instances will be added as worker node.
taints {[key: string]: Taint}
Custom k8s node taints to be attached to each worker node. Adds the given taints to the –register-with-taints kubelet argument
version string
Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.
ami_id str

The AMI ID to use for the worker nodes.

Defaults to the latest recommended EKS Optimized Linux AMI from the AWS Systems Manager Parameter Store.

Note: amiId and gpu are mutually exclusive.

See for more details:

auto_scaling_group_tags Mapping[str, str]

The tags to apply to the NodeGroup’s AutoScalingGroup in the CloudFormation Stack.

Per AWS, all stack-level tags, including automatically created tags, and the cloudFormationTags option are propagated to resources that AWS CloudFormation supports, including the AutoScalingGroup. See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

bootstrap_extra_args str
Additional args to pass directly to /etc/eks/bootstrap.sh. Fror details on available options, see: https://github.com/awslabs/amazon-eks-ami/blob/master/files/bootstrap.sh. Note that the –apiserver-endpoint, –b64-cluster-ca and –kubelet-extra-args flags are included automatically based on other configuration parameters.
cloud_formation_tags Mapping[str, str]

The tags to apply to the CloudFormation Stack of the Worker NodeGroup.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

cluster_ingress_rule SecurityGroupRule
The ingress rule that gives node group access.
desired_capacity int
The number of worker nodes that should be running in the cluster. Defaults to 2.
encrypt_root_block_device bool
Encrypt the root block device of the nodes in the node group.
extra_node_security_groups SecurityGroup]

Extra security groups to attach on all nodes in this worker node group.

This additional set of security groups captures any user application rules that will be needed for the nodes.

gpu bool

Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.

Defaults to false.

Note: gpu and amiId are mutually exclusive.

See for more details:

instance_profile InstanceProfile
The ingress rule that gives node group access.
instance_type str
The instance type to use for the cluster’s nodes. Defaults to “t2.medium”.
key_name str
Name of the key pair to use for SSH access to worker nodes.
kubelet_extra_args str
Extra args to pass to the Kubelet. Corresponds to the options passed in the –kubeletExtraArgs flag to /etc/eks/bootstrap.sh. For example, ‘–port=10251 –address=0.0.0.0’. Note that the labels and taints properties will be applied to this list (using –node-labels and –register-with-taints respectively) after to the expicit kubeletExtraArgs.
labels Mapping[str, str]
Custom k8s node labels to be attached to each woker node. Adds the given key/value pairs to the –node-labels kubelet argument.
max_size int
The maximum number of worker nodes running in the cluster. Defaults to 2.
min_size int
The minimum number of worker nodes running in the cluster. Defaults to 1.
node_associate_public_ip_address bool
Whether or not to auto-assign public IP addresses on the EKS worker nodes. If this toggle is set to true, the EKS workers will be auto-assigned public IPs. If false, they will not be auto-assigned public IPs.
node_public_key str
Public key material for SSH access to worker nodes. See allowed formats at: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html If not provided, no SSH access is enabled on VMs.
node_root_volume_size int
The size in GiB of a cluster node’s root volume. Defaults to 20.
node_security_group SecurityGroup

The security group for the worker node group to communicate with the cluster.

This security group requires specific inbound and outbound rules.

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html

Note: The nodeSecurityGroup option and the cluster optionnodeSecurityGroupTags are mutually exclusive.

node_subnet_ids Sequence[str]

The set of subnets to override and use for the worker node group.

Setting this option overrides which subnets to use for the worker node group, regardless if the cluster’s subnetIds is set, or if publicSubnetIds and/or privateSubnetIds were set.

node_user_data str
Extra code to run on node startup. This code will run after the AWS EKS bootstrapping code and before the node signals its readiness to the managing CloudFormation stack. This code must be a typical user data script: critically it must begin with an interpreter directive (i.e. a #!).
node_user_data_override str

User specified code to run on node startup. This code is expected to handle the full AWS EKS bootstrapping code and signal node readiness to the managing CloudFormation stack. This code must be a complete and executable user data script in bash (Linux) or powershell (Windows).

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/worker.html

spot_price str
Bidding price for spot instance. If set, only spot instances will be added as worker node.
taints Mapping[str, Taint]
Custom k8s node taints to be attached to each worker node. Adds the given taints to the –register-with-taints kubelet argument
version str
Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.

CoreData

Cluster Pulumi.Aws.Eks.Cluster
ClusterSecurityGroup Pulumi.Aws.Ec2.SecurityGroup
Endpoint string
InstanceRoles List<Pulumi.Aws.Iam.Role>
NodeGroupOptions ClusterNodeGroupOptions
Provider Pulumi.Kubernetes.Provider
SubnetIds List<string>
VpcId string
AwsProvider Pulumi.Aws.Provider
EksNodeAccess Pulumi.Kubernetes.Core.V1.ConfigMap
EncryptionConfig Pulumi.Aws.Eks.Inputs.ClusterEncryptionConfig
FargateProfile Pulumi.Aws.Eks.FargateProfile
Kubeconfig object
NodeSecurityGroupTags Dictionary<string, string>
OidcProvider Pulumi.Aws.Iam.OpenIdConnectProvider
PrivateSubnetIds List<string>
PublicSubnetIds List<string>
StorageClasses Dictionary<string, Pulumi.Kubernetes.Storage.V1.StorageClass>
Tags Dictionary<string, string>
VpcCni Pulumi.Eks.VpcCni
Cluster Cluster
ClusterSecurityGroup SecurityGroup
Endpoint string
InstanceRoles Role
NodeGroupOptions ClusterNodeGroupOptions
Provider Provider
SubnetIds []string
VpcId string
AwsProvider Provider
EksNodeAccess ConfigMap
EncryptionConfig ClusterEncryptionConfig
FargateProfile FargateProfile
Kubeconfig interface{}
NodeSecurityGroupTags map[string]string
OidcProvider OpenIdConnectProvider
PrivateSubnetIds []string
PublicSubnetIds []string
StorageClasses StorageClass
Tags map[string]string
VpcCni VpcCni
cluster pulumiAwseksCluster
clusterSecurityGroup pulumiAwsec2SecurityGroup
endpoint string
instanceRoles pulumiAwsiamRole[]
nodeGroupOptions ClusterNodeGroupOptions
provider pulumiKubernetesProvider
subnetIds string[]
vpcId string
awsProvider pulumiAwsProvider
eksNodeAccess pulumiKubernetescorev1ConfigMap
encryptionConfig pulumiAwstypesinputeksClusterEncryptionConfig
fargateProfile pulumiAwseksFargateProfile
kubeconfig any
nodeSecurityGroupTags {[key: string]: string}
oidcProvider pulumiAwsiamOpenIdConnectProvider
privateSubnetIds string[]
publicSubnetIds string[]
storageClasses {[key: string]: pulumiKubernetesstoragev1StorageClass}
tags {[key: string]: string}
vpcCni VpcCni

Taint

Effect string
The effect of the taint.
Value string
The value of the taint.
Effect string
The effect of the taint.
Value string
The value of the taint.
effect string
The effect of the taint.
value string
The value of the taint.
effect str
The effect of the taint.
value str
The value of the taint.

Package Details

Repository
https://github.com/pulumi/pulumi-eks
License
Apache-2.0