Amazon EKS v1.0.1, Dec 14 22

eks.ManagedNodeGroup

ManagedNodeGroup is a component that wraps creating an AWS managed node group.

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html

Create ManagedNodeGroup Resource

new ManagedNodeGroup(name: string, args: ManagedNodeGroupArgs, opts?: CustomResourceOptions);

@overload
def ManagedNodeGroup(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     ami_type: Optional[str] = None,
                     capacity_type: Optional[str] = None,
                     cluster: Optional[Union[Cluster, CoreDataArgs]] = None,
                     cluster_name: Optional[str] = None,
                     disk_size: Optional[int] = None,
                     force_update_version: Optional[bool] = None,
                     instance_types: Optional[Sequence[str]] = None,
                     labels: Optional[Mapping[str, str]] = None,
                     launch_template: Optional[pulumi_aws.eks.NodeGroupLaunchTemplateArgs] = None,
                     node_group_name: Optional[str] = None,
                     node_group_name_prefix: Optional[str] = None,
                     node_role: Optional[pulumi_aws.iam.Role] = None,
                     node_role_arn: Optional[str] = None,
                     release_version: Optional[str] = None,
                     remote_access: Optional[pulumi_aws.eks.NodeGroupRemoteAccessArgs] = None,
                     scaling_config: Optional[pulumi_aws.eks.NodeGroupScalingConfigArgs] = None,
                     subnet_ids: Optional[Sequence[str]] = None,
                     tags: Optional[Mapping[str, str]] = None,
                     taints: Optional[Sequence[pulumi_aws.eks.NodeGroupTaintArgs]] = None,
                     version: Optional[str] = None)
@overload
def ManagedNodeGroup(resource_name: str,
                     args: ManagedNodeGroupArgs,
                     opts: Optional[ResourceOptions] = None)

func NewManagedNodeGroup(ctx *Context, name string, args ManagedNodeGroupArgs, opts ...ResourceOption) (*ManagedNodeGroup, error)

public ManagedNodeGroup(string name, ManagedNodeGroupArgs args, CustomResourceOptions? opts = null)

public ManagedNodeGroup(String name, ManagedNodeGroupArgs args)
public ManagedNodeGroup(String name, ManagedNodeGroupArgs args, CustomResourceOptions options)

type: eks:ManagedNodeGroup
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ManagedNodeGroupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ManagedNodeGroupArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ManagedNodeGroupArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ManagedNodeGroupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ManagedNodeGroupArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

ManagedNodeGroup Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ManagedNodeGroup resource accepts the following input properties:

Cluster Pulumi.Eks.Cluster | CoreDataArgs

The target EKS cluster.

AmiType string

Type of Amazon Machine Image (AMI) associated with the EKS Node Group. Defaults to AL2_x86_64. See the AWS documentation (https://docs.aws.amazon.com/eks/latest/APIReference/API_Nodegroup.html#AmazonEKS-Type-Nodegroup-amiType) for valid AMI Types. This provider will only perform drift detection if a configuration value is provided.

CapacityType string

Type of capacity associated with the EKS Node Group. Valid values: ON_DEMAND, SPOT. This provider will only perform drift detection if a configuration value is provided.

ClusterName string

Name of the EKS Cluster.

DiskSize int

Disk size in GiB for worker nodes. Defaults to 20. This provider will only perform drift detection if a configuration value is provided.

ForceUpdateVersion bool

Force version update if existing pods are unable to be drained due to a pod disruption budget issue.

InstanceTypes List<string>

Set of instance types associated with the EKS Node Group. Defaults to ["t3.medium"]. This provider will only perform drift detection if a configuration value is provided. Currently, the EKS API only accepts a single value in the set.

Labels Dictionary<string, string>

Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.

LaunchTemplate Pulumi.Aws.Eks.Inputs.NodeGroupLaunchTemplateArgs

Launch Template settings.

NodeGroupName string

Name of the EKS Node Group. If omitted, this provider will assign a random, unique name. Conflicts with nodeGroupNamePrefix.

NodeGroupNamePrefix string

Creates a unique name beginning with the specified prefix. Conflicts with nodeGroupName.

NodeRole Pulumi.Aws.Iam.Role

The IAM Role that provides permissions for the EKS Node Group.

Note, nodeRole and nodeRoleArn are mutually exclusive, and a single option must be used.

NodeRoleArn string

Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.

Note, nodeRoleArn and nodeRole are mutually exclusive, and a single option must be used.

ReleaseVersion string

AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.

RemoteAccess Pulumi.Aws.Eks.Inputs.NodeGroupRemoteAccessArgs

Remote access settings.

ScalingConfig Pulumi.Aws.Eks.Inputs.NodeGroupScalingConfigArgs

Scaling settings.

Default scaling amounts of the node group autoscaling group are:

desiredSize: 2
minSize: 1
maxSize: 2

SubnetIds List<string>

Identifiers of EC2 Subnets to associate with the EKS Node Group. These subnets must have the following resource tag: kubernetes.io/cluster/CLUSTER_NAME (where CLUSTER_NAME is replaced with the name of the EKS Cluster).

Default subnetIds is chosen from the following list, in order, if subnetIds arg is not set:

core.subnetIds
core.privateIds
core.publicSubnetIds

This default logic is based on the existing subnet IDs logic of this package: https://git.io/JeM11

Tags Dictionary<string, string>

Key-value mapping of resource tags.

Taints List<Pulumi.Aws.Eks.Inputs.NodeGroupTaintArgs>

The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group.

Version string

Cluster Cluster | CoreDataArgs

The target EKS cluster.

AmiType string

CapacityType string

Type of capacity associated with the EKS Node Group. Valid values: ON_DEMAND, SPOT. This provider will only perform drift detection if a configuration value is provided.

ClusterName string

Name of the EKS Cluster.

DiskSize int

Disk size in GiB for worker nodes. Defaults to 20. This provider will only perform drift detection if a configuration value is provided.

ForceUpdateVersion bool

Force version update if existing pods are unable to be drained due to a pod disruption budget issue.

InstanceTypes []string

Labels map[string]string

Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.

LaunchTemplate NodeGroupLaunchTemplateArgs

Launch Template settings.

NodeGroupName string

Name of the EKS Node Group. If omitted, this provider will assign a random, unique name. Conflicts with nodeGroupNamePrefix.

NodeGroupNamePrefix string

Creates a unique name beginning with the specified prefix. Conflicts with nodeGroupName.

NodeRole Role

The IAM Role that provides permissions for the EKS Node Group.

Note, nodeRole and nodeRoleArn are mutually exclusive, and a single option must be used.

NodeRoleArn string

Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.

Note, nodeRoleArn and nodeRole are mutually exclusive, and a single option must be used.

ReleaseVersion string

AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.

RemoteAccess NodeGroupRemoteAccessArgs

Remote access settings.

ScalingConfig NodeGroupScalingConfigArgs

Scaling settings.

Default scaling amounts of the node group autoscaling group are:

desiredSize: 2
minSize: 1
maxSize: 2

SubnetIds []string

Default subnetIds is chosen from the following list, in order, if subnetIds arg is not set:

core.subnetIds
core.privateIds
core.publicSubnetIds

This default logic is based on the existing subnet IDs logic of this package: https://git.io/JeM11

Tags map[string]string

Key-value mapping of resource tags.

Taints NodeGroupTaintArgs

The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group.

Version string

cluster Cluster | CoreDataArgs

The target EKS cluster.

amiType String

capacityType String

Type of capacity associated with the EKS Node Group. Valid values: ON_DEMAND, SPOT. This provider will only perform drift detection if a configuration value is provided.

clusterName String

Name of the EKS Cluster.

diskSize Integer

Disk size in GiB for worker nodes. Defaults to 20. This provider will only perform drift detection if a configuration value is provided.

forceUpdateVersion Boolean

Force version update if existing pods are unable to be drained due to a pod disruption budget issue.

instanceTypes List<String>

labels Map<String,String>

Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.

launchTemplate NodeGroupLaunchTemplateArgs

Launch Template settings.

nodeGroupName String

Name of the EKS Node Group. If omitted, this provider will assign a random, unique name. Conflicts with nodeGroupNamePrefix.

nodeGroupNamePrefix String

Creates a unique name beginning with the specified prefix. Conflicts with nodeGroupName.

nodeRole Role

The IAM Role that provides permissions for the EKS Node Group.

Note, nodeRole and nodeRoleArn are mutually exclusive, and a single option must be used.

nodeRoleArn String

Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.

Note, nodeRoleArn and nodeRole are mutually exclusive, and a single option must be used.

releaseVersion String

AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.

remoteAccess NodeGroupRemoteAccessArgs

Remote access settings.

scalingConfig NodeGroupScalingConfigArgs

Scaling settings.

Default scaling amounts of the node group autoscaling group are:

desiredSize: 2
minSize: 1
maxSize: 2

subnetIds List<String>

Default subnetIds is chosen from the following list, in order, if subnetIds arg is not set:

core.subnetIds
core.privateIds
core.publicSubnetIds

This default logic is based on the existing subnet IDs logic of this package: https://git.io/JeM11

tags Map<String,String>

Key-value mapping of resource tags.

taints List<NodeGroupTaintArgs>

The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group.

version String

cluster Cluster | CoreDataArgs

The target EKS cluster.

amiType string

capacityType string

Type of capacity associated with the EKS Node Group. Valid values: ON_DEMAND, SPOT. This provider will only perform drift detection if a configuration value is provided.

clusterName string

Name of the EKS Cluster.

diskSize number

Disk size in GiB for worker nodes. Defaults to 20. This provider will only perform drift detection if a configuration value is provided.

forceUpdateVersion boolean

Force version update if existing pods are unable to be drained due to a pod disruption budget issue.

instanceTypes string[]

labels {[key: string]: string}

Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.

launchTemplate pulumiAwstypesinputeksNodeGroupLaunchTemplate

Launch Template settings.

nodeGroupName string

Name of the EKS Node Group. If omitted, this provider will assign a random, unique name. Conflicts with nodeGroupNamePrefix.

nodeGroupNamePrefix string

Creates a unique name beginning with the specified prefix. Conflicts with nodeGroupName.

nodeRole pulumiAwsiamRole

The IAM Role that provides permissions for the EKS Node Group.

Note, nodeRole and nodeRoleArn are mutually exclusive, and a single option must be used.

nodeRoleArn string

Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.

Note, nodeRoleArn and nodeRole are mutually exclusive, and a single option must be used.

releaseVersion string

AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.

remoteAccess pulumiAwstypesinputeksNodeGroupRemoteAccess

Remote access settings.

scalingConfig pulumiAwstypesinputeksNodeGroupScalingConfig

Scaling settings.

Default scaling amounts of the node group autoscaling group are:

desiredSize: 2
minSize: 1
maxSize: 2

subnetIds string[]

Default subnetIds is chosen from the following list, in order, if subnetIds arg is not set:

core.subnetIds
core.privateIds
core.publicSubnetIds

This default logic is based on the existing subnet IDs logic of this package: https://git.io/JeM11

tags {[key: string]: string}

Key-value mapping of resource tags.

taints pulumiAwstypesinputeksNodeGroupTaint[]

The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group.

version string

cluster Cluster | CoreDataArgs

The target EKS cluster.

ami_type str

capacity_type str

Type of capacity associated with the EKS Node Group. Valid values: ON_DEMAND, SPOT. This provider will only perform drift detection if a configuration value is provided.

cluster_name str

Name of the EKS Cluster.

disk_size int

Disk size in GiB for worker nodes. Defaults to 20. This provider will only perform drift detection if a configuration value is provided.

force_update_version bool

Force version update if existing pods are unable to be drained due to a pod disruption budget issue.

instance_types Sequence[str]

labels Mapping[str, str]

Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.

launch_template NodeGroupLaunchTemplateArgs

Launch Template settings.

node_group_name str

Name of the EKS Node Group. If omitted, this provider will assign a random, unique name. Conflicts with nodeGroupNamePrefix.

node_group_name_prefix str

Creates a unique name beginning with the specified prefix. Conflicts with nodeGroupName.

node_role Role

The IAM Role that provides permissions for the EKS Node Group.

Note, nodeRole and nodeRoleArn are mutually exclusive, and a single option must be used.

node_role_arn str

Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.

Note, nodeRoleArn and nodeRole are mutually exclusive, and a single option must be used.

release_version str

AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.

remote_access NodeGroupRemoteAccessArgs

Remote access settings.

scaling_config NodeGroupScalingConfigArgs

Scaling settings.

Default scaling amounts of the node group autoscaling group are:

desiredSize: 2
minSize: 1
maxSize: 2

subnet_ids Sequence[str]

Default subnetIds is chosen from the following list, in order, if subnetIds arg is not set:

core.subnetIds
core.privateIds
core.publicSubnetIds

This default logic is based on the existing subnet IDs logic of this package: https://git.io/JeM11

tags Mapping[str, str]

Key-value mapping of resource tags.

taints NodeGroupTaintArgs]

The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group.

version str

cluster eks:Cluster | Property Map

The target EKS cluster.

amiType String

capacityType String

Type of capacity associated with the EKS Node Group. Valid values: ON_DEMAND, SPOT. This provider will only perform drift detection if a configuration value is provided.

clusterName String

Name of the EKS Cluster.

diskSize Number

Disk size in GiB for worker nodes. Defaults to 20. This provider will only perform drift detection if a configuration value is provided.

forceUpdateVersion Boolean

Force version update if existing pods are unable to be drained due to a pod disruption budget issue.

instanceTypes List<String>

labels Map<String>

Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed.

launchTemplate Property Map

Launch Template settings.

nodeGroupName String

Name of the EKS Node Group. If omitted, this provider will assign a random, unique name. Conflicts with nodeGroupNamePrefix.

nodeGroupNamePrefix String

Creates a unique name beginning with the specified prefix. Conflicts with nodeGroupName.

nodeRole aws:iam:Role

The IAM Role that provides permissions for the EKS Node Group.

Note, nodeRole and nodeRoleArn are mutually exclusive, and a single option must be used.

nodeRoleArn String

Amazon Resource Name (ARN) of the IAM Role that provides permissions for the EKS Node Group.

Note, nodeRoleArn and nodeRole are mutually exclusive, and a single option must be used.

releaseVersion String

AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version.

remoteAccess Property Map

Remote access settings.

scalingConfig Property Map

Scaling settings.

Default scaling amounts of the node group autoscaling group are:

desiredSize: 2
minSize: 1
maxSize: 2

subnetIds List<String>

Default subnetIds is chosen from the following list, in order, if subnetIds arg is not set:

core.subnetIds
core.privateIds
core.publicSubnetIds

This default logic is based on the existing subnet IDs logic of this package: https://git.io/JeM11

tags Map<String>

Key-value mapping of resource tags.

taints List<Property Map>

The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group.

version String

Outputs

All input properties are implicitly available as output properties. Additionally, the ManagedNodeGroup resource produces the following output properties:

NodeGroup Pulumi.Aws.Eks.NodeGroup: The AWS managed node group.

NodeGroup NodeGroup: The AWS managed node group.

nodeGroup NodeGroup: The AWS managed node group.

nodeGroup pulumiAwseksNodeGroup: The AWS managed node group.

node_group NodeGroup: The AWS managed node group.

nodeGroup aws:eks:NodeGroup: The AWS managed node group.

Supporting Types

ClusterNodeGroupOptions

AmiId string

The AMI ID to use for the worker nodes.

Defaults to the latest recommended EKS Optimized Linux AMI from the AWS Systems Manager Parameter Store.

Note: amiId and gpu are mutually exclusive.

See for more details:

https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html.

AmiType string

The AMI Type to use for the worker nodes.

Only applicable when setting an AMI ID that is of type arm64.

Note: amiType and gpu are mutually exclusive.

AutoScalingGroupTags Dictionary<string, string>

The tags to apply to the NodeGroup's AutoScalingGroup in the CloudFormation Stack.

Per AWS, all stack-level tags, including automatically created tags, and the cloudFormationTags option are propagated to resources that AWS CloudFormation supports, including the AutoScalingGroup. See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

BootstrapExtraArgs string

Additional args to pass directly to /etc/eks/bootstrap.sh. For details on available options, see: https://github.com/awslabs/amazon-eks-ami/blob/master/files/bootstrap.sh. Note that the --apiserver-endpoint, --b64-cluster-ca and --kubelet-extra-args flags are included automatically based on other configuration parameters.

CloudFormationTags Dictionary<string, string>

The tags to apply to the CloudFormation Stack of the Worker NodeGroup.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

ClusterIngressRule Pulumi.Aws.Ec2.SecurityGroupRule

The ingress rule that gives node group access.

DesiredCapacity int

The number of worker nodes that should be running in the cluster. Defaults to 2.

EncryptRootBlockDevice bool

Encrypt the root block device of the nodes in the node group.

ExtraNodeSecurityGroups List<Pulumi.Aws.Ec2.SecurityGroup>

Extra security groups to attach on all nodes in this worker node group.

This additional set of security groups captures any user application rules that will be needed for the nodes.

Gpu bool

Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.

Defaults to false.

Note: gpu and amiId are mutually exclusive.

See for more details:

https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html
https://docs.aws.amazon.com/eks/latest/userguide/retrieve-ami-id.html

InstanceProfile Pulumi.Aws.Iam.InstanceProfile

The ingress rule that gives node group access.

InstanceType string

The instance type to use for the cluster's nodes. Defaults to "t2.medium".

KeyName string

Name of the key pair to use for SSH access to worker nodes.

KubeletExtraArgs string

Extra args to pass to the Kubelet. Corresponds to the options passed in the --kubeletExtraArgs flag to /etc/eks/bootstrap.sh. For example, '--port=10251 --address=0.0.0.0'. Note that the labels and taints properties will be applied to this list (using --node-labels and --register-with-taints respectively) after to the explicit kubeletExtraArgs.

Labels Dictionary<string, string>

Custom k8s node labels to be attached to each worker node. Adds the given key/value pairs to the --node-labels kubelet argument.

MaxSize int

The maximum number of worker nodes running in the cluster. Defaults to 2.

MinSize int

The minimum number of worker nodes running in the cluster. Defaults to 1.

NodeAssociatePublicIpAddress bool

Whether or not to auto-assign public IP addresses on the EKS worker nodes. If this toggle is set to true, the EKS workers will be auto-assigned public IPs. If false, they will not be auto-assigned public IPs.

NodePublicKey string

Public key material for SSH access to worker nodes. See allowed formats at: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html If not provided, no SSH access is enabled on VMs.

NodeRootVolumeSize int

The size in GiB of a cluster node's root volume. Defaults to 20.

NodeSecurityGroup Pulumi.Aws.Ec2.SecurityGroup

The security group for the worker node group to communicate with the cluster.

This security group requires specific inbound and outbound rules.

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html

Note: The nodeSecurityGroup option and the cluster optionnodeSecurityGroupTags are mutually exclusive.

NodeSubnetIds List<string>

The set of subnets to override and use for the worker node group.

Setting this option overrides which subnets to use for the worker node group, regardless if the cluster's subnetIds is set, or if publicSubnetIds and/or privateSubnetIds were set.

NodeUserData string

Extra code to run on node startup. This code will run after the AWS EKS bootstrapping code and before the node signals its readiness to the managing CloudFormation stack. This code must be a typical user data script: critically it must begin with an interpreter directive (i.e. a #!).

NodeUserDataOverride string

User specified code to run on node startup. This code is expected to handle the full AWS EKS bootstrapping code and signal node readiness to the managing CloudFormation stack. This code must be a complete and executable user data script in bash (Linux) or powershell (Windows).

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/worker.html

SpotPrice string

Bidding price for spot instance. If set, only spot instances will be added as worker node.

Taints Dictionary<string, Taint>

Custom k8s node taints to be attached to each worker node. Adds the given taints to the --register-with-taints kubelet argument

Version string

Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.

AmiId string

The AMI ID to use for the worker nodes.

Defaults to the latest recommended EKS Optimized Linux AMI from the AWS Systems Manager Parameter Store.

Note: amiId and gpu are mutually exclusive.

See for more details:

https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html.

AmiType string

The AMI Type to use for the worker nodes.

Only applicable when setting an AMI ID that is of type arm64.

Note: amiType and gpu are mutually exclusive.

AutoScalingGroupTags map[string]string

The tags to apply to the NodeGroup's AutoScalingGroup in the CloudFormation Stack.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

BootstrapExtraArgs string

CloudFormationTags map[string]string

The tags to apply to the CloudFormation Stack of the Worker NodeGroup.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

ClusterIngressRule SecurityGroupRule

The ingress rule that gives node group access.

DesiredCapacity int

The number of worker nodes that should be running in the cluster. Defaults to 2.

EncryptRootBlockDevice bool

Encrypt the root block device of the nodes in the node group.

ExtraNodeSecurityGroups SecurityGroup

Extra security groups to attach on all nodes in this worker node group.

This additional set of security groups captures any user application rules that will be needed for the nodes.

Gpu bool

Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.

Defaults to false.

Note: gpu and amiId are mutually exclusive.

See for more details:

https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html
https://docs.aws.amazon.com/eks/latest/userguide/retrieve-ami-id.html

InstanceProfile InstanceProfile

The ingress rule that gives node group access.

InstanceType string

The instance type to use for the cluster's nodes. Defaults to "t2.medium".

KeyName string

Name of the key pair to use for SSH access to worker nodes.

KubeletExtraArgs string

Labels map[string]string

Custom k8s node labels to be attached to each worker node. Adds the given key/value pairs to the --node-labels kubelet argument.

MaxSize int

The maximum number of worker nodes running in the cluster. Defaults to 2.

MinSize int

The minimum number of worker nodes running in the cluster. Defaults to 1.

NodeAssociatePublicIpAddress bool

NodePublicKey string

Public key material for SSH access to worker nodes. See allowed formats at: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html If not provided, no SSH access is enabled on VMs.

NodeRootVolumeSize int

The size in GiB of a cluster node's root volume. Defaults to 20.

NodeSecurityGroup SecurityGroup

The security group for the worker node group to communicate with the cluster.

This security group requires specific inbound and outbound rules.

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html

Note: The nodeSecurityGroup option and the cluster optionnodeSecurityGroupTags are mutually exclusive.

NodeSubnetIds []string

The set of subnets to override and use for the worker node group.

Setting this option overrides which subnets to use for the worker node group, regardless if the cluster's subnetIds is set, or if publicSubnetIds and/or privateSubnetIds were set.

NodeUserData string

NodeUserDataOverride string

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/worker.html

SpotPrice string

Bidding price for spot instance. If set, only spot instances will be added as worker node.

Taints map[string]Taint

Custom k8s node taints to be attached to each worker node. Adds the given taints to the --register-with-taints kubelet argument

Version string

Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.

amiId String

The AMI ID to use for the worker nodes.

Defaults to the latest recommended EKS Optimized Linux AMI from the AWS Systems Manager Parameter Store.

Note: amiId and gpu are mutually exclusive.

See for more details:

https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html.

amiType String

The AMI Type to use for the worker nodes.

Only applicable when setting an AMI ID that is of type arm64.

Note: amiType and gpu are mutually exclusive.

autoScalingGroupTags Map<String,String>

The tags to apply to the NodeGroup's AutoScalingGroup in the CloudFormation Stack.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

bootstrapExtraArgs String

cloudFormationTags Map<String,String>

The tags to apply to the CloudFormation Stack of the Worker NodeGroup.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

clusterIngressRule SecurityGroupRule

The ingress rule that gives node group access.

desiredCapacity Integer

The number of worker nodes that should be running in the cluster. Defaults to 2.

encryptRootBlockDevice Boolean

Encrypt the root block device of the nodes in the node group.

extraNodeSecurityGroups List<SecurityGroup>

Extra security groups to attach on all nodes in this worker node group.

This additional set of security groups captures any user application rules that will be needed for the nodes.

gpu Boolean

Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.

Defaults to false.

Note: gpu and amiId are mutually exclusive.

See for more details:

https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html
https://docs.aws.amazon.com/eks/latest/userguide/retrieve-ami-id.html

instanceProfile InstanceProfile

The ingress rule that gives node group access.

instanceType String

The instance type to use for the cluster's nodes. Defaults to "t2.medium".

keyName String

Name of the key pair to use for SSH access to worker nodes.

kubeletExtraArgs String

labels Map<String,String>

Custom k8s node labels to be attached to each worker node. Adds the given key/value pairs to the --node-labels kubelet argument.

maxSize Integer

The maximum number of worker nodes running in the cluster. Defaults to 2.

minSize Integer

The minimum number of worker nodes running in the cluster. Defaults to 1.

nodeAssociatePublicIpAddress Boolean

nodePublicKey String

Public key material for SSH access to worker nodes. See allowed formats at: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html If not provided, no SSH access is enabled on VMs.

nodeRootVolumeSize Integer

The size in GiB of a cluster node's root volume. Defaults to 20.

nodeSecurityGroup SecurityGroup

The security group for the worker node group to communicate with the cluster.

This security group requires specific inbound and outbound rules.

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html

Note: The nodeSecurityGroup option and the cluster optionnodeSecurityGroupTags are mutually exclusive.

nodeSubnetIds List<String>

The set of subnets to override and use for the worker node group.

Setting this option overrides which subnets to use for the worker node group, regardless if the cluster's subnetIds is set, or if publicSubnetIds and/or privateSubnetIds were set.

nodeUserData String

nodeUserDataOverride String

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/worker.html

spotPrice String

Bidding price for spot instance. If set, only spot instances will be added as worker node.

taints Map<String,Taint>

Custom k8s node taints to be attached to each worker node. Adds the given taints to the --register-with-taints kubelet argument

version String

Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.

amiId string

The AMI ID to use for the worker nodes.

Defaults to the latest recommended EKS Optimized Linux AMI from the AWS Systems Manager Parameter Store.

Note: amiId and gpu are mutually exclusive.

See for more details:

https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html.

amiType string

The AMI Type to use for the worker nodes.

Only applicable when setting an AMI ID that is of type arm64.

Note: amiType and gpu are mutually exclusive.

autoScalingGroupTags {[key: string]: string}

The tags to apply to the NodeGroup's AutoScalingGroup in the CloudFormation Stack.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

bootstrapExtraArgs string

cloudFormationTags {[key: string]: string}

The tags to apply to the CloudFormation Stack of the Worker NodeGroup.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

clusterIngressRule pulumiAwsec2SecurityGroupRule

The ingress rule that gives node group access.

desiredCapacity number

The number of worker nodes that should be running in the cluster. Defaults to 2.

encryptRootBlockDevice boolean

Encrypt the root block device of the nodes in the node group.

extraNodeSecurityGroups pulumiAwsec2SecurityGroup[]

Extra security groups to attach on all nodes in this worker node group.

This additional set of security groups captures any user application rules that will be needed for the nodes.

gpu boolean

Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.

Defaults to false.

Note: gpu and amiId are mutually exclusive.

See for more details:

https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html
https://docs.aws.amazon.com/eks/latest/userguide/retrieve-ami-id.html

instanceProfile pulumiAwsiamInstanceProfile

The ingress rule that gives node group access.

instanceType string

The instance type to use for the cluster's nodes. Defaults to "t2.medium".

keyName string

Name of the key pair to use for SSH access to worker nodes.

kubeletExtraArgs string

labels {[key: string]: string}

Custom k8s node labels to be attached to each worker node. Adds the given key/value pairs to the --node-labels kubelet argument.

maxSize number

The maximum number of worker nodes running in the cluster. Defaults to 2.

minSize number

The minimum number of worker nodes running in the cluster. Defaults to 1.

nodeAssociatePublicIpAddress boolean

nodePublicKey string

Public key material for SSH access to worker nodes. See allowed formats at: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html If not provided, no SSH access is enabled on VMs.

nodeRootVolumeSize number

The size in GiB of a cluster node's root volume. Defaults to 20.

nodeSecurityGroup pulumiAwsec2SecurityGroup

The security group for the worker node group to communicate with the cluster.

This security group requires specific inbound and outbound rules.

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html

Note: The nodeSecurityGroup option and the cluster optionnodeSecurityGroupTags are mutually exclusive.

nodeSubnetIds string[]

The set of subnets to override and use for the worker node group.

Setting this option overrides which subnets to use for the worker node group, regardless if the cluster's subnetIds is set, or if publicSubnetIds and/or privateSubnetIds were set.

nodeUserData string

nodeUserDataOverride string

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/worker.html

spotPrice string

Bidding price for spot instance. If set, only spot instances will be added as worker node.

taints {[key: string]: Taint}

Custom k8s node taints to be attached to each worker node. Adds the given taints to the --register-with-taints kubelet argument

version string

Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.

ami_id str

The AMI ID to use for the worker nodes.

Defaults to the latest recommended EKS Optimized Linux AMI from the AWS Systems Manager Parameter Store.

Note: amiId and gpu are mutually exclusive.

See for more details:

https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html.

ami_type str

The AMI Type to use for the worker nodes.

Only applicable when setting an AMI ID that is of type arm64.

Note: amiType and gpu are mutually exclusive.

auto_scaling_group_tags Mapping[str, str]

The tags to apply to the NodeGroup's AutoScalingGroup in the CloudFormation Stack.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

bootstrap_extra_args str

cloud_formation_tags Mapping[str, str]

The tags to apply to the CloudFormation Stack of the Worker NodeGroup.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

cluster_ingress_rule SecurityGroupRule

The ingress rule that gives node group access.

desired_capacity int

The number of worker nodes that should be running in the cluster. Defaults to 2.

encrypt_root_block_device bool

Encrypt the root block device of the nodes in the node group.

extra_node_security_groups SecurityGroup]

Extra security groups to attach on all nodes in this worker node group.

This additional set of security groups captures any user application rules that will be needed for the nodes.

gpu bool

Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.

Defaults to false.

Note: gpu and amiId are mutually exclusive.

See for more details:

https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html
https://docs.aws.amazon.com/eks/latest/userguide/retrieve-ami-id.html

instance_profile InstanceProfile

The ingress rule that gives node group access.

instance_type str

The instance type to use for the cluster's nodes. Defaults to "t2.medium".

key_name str

Name of the key pair to use for SSH access to worker nodes.

kubelet_extra_args str

labels Mapping[str, str]

Custom k8s node labels to be attached to each worker node. Adds the given key/value pairs to the --node-labels kubelet argument.

max_size int

The maximum number of worker nodes running in the cluster. Defaults to 2.

min_size int

The minimum number of worker nodes running in the cluster. Defaults to 1.

node_associate_public_ip_address bool

node_public_key str

Public key material for SSH access to worker nodes. See allowed formats at: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html If not provided, no SSH access is enabled on VMs.

node_root_volume_size int

The size in GiB of a cluster node's root volume. Defaults to 20.

node_security_group SecurityGroup

The security group for the worker node group to communicate with the cluster.

This security group requires specific inbound and outbound rules.

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html

Note: The nodeSecurityGroup option and the cluster optionnodeSecurityGroupTags are mutually exclusive.

node_subnet_ids Sequence[str]

The set of subnets to override and use for the worker node group.

Setting this option overrides which subnets to use for the worker node group, regardless if the cluster's subnetIds is set, or if publicSubnetIds and/or privateSubnetIds were set.

node_user_data str

node_user_data_override str

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/worker.html

spot_price str

Bidding price for spot instance. If set, only spot instances will be added as worker node.

taints Mapping[str, Taint]

Custom k8s node taints to be attached to each worker node. Adds the given taints to the --register-with-taints kubelet argument

version str

Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.

amiId String

The AMI ID to use for the worker nodes.

Defaults to the latest recommended EKS Optimized Linux AMI from the AWS Systems Manager Parameter Store.

Note: amiId and gpu are mutually exclusive.

See for more details:

https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html.

amiType String

The AMI Type to use for the worker nodes.

Only applicable when setting an AMI ID that is of type arm64.

Note: amiType and gpu are mutually exclusive.

autoScalingGroupTags Map<String>

The tags to apply to the NodeGroup's AutoScalingGroup in the CloudFormation Stack.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

bootstrapExtraArgs String

cloudFormationTags Map<String>

The tags to apply to the CloudFormation Stack of the Worker NodeGroup.

Note: Given the inheritance of auto-generated CF tags and cloudFormationTags, you should either supply the tag in autoScalingGroupTags or cloudFormationTags, but not both.

clusterIngressRule aws:ec2:SecurityGroupRule

The ingress rule that gives node group access.

desiredCapacity Number

The number of worker nodes that should be running in the cluster. Defaults to 2.

encryptRootBlockDevice Boolean

Encrypt the root block device of the nodes in the node group.

extraNodeSecurityGroups List<aws:ec2:SecurityGroup>

Extra security groups to attach on all nodes in this worker node group.

This additional set of security groups captures any user application rules that will be needed for the nodes.

gpu Boolean

Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.

Defaults to false.

Note: gpu and amiId are mutually exclusive.

See for more details:

https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html
https://docs.aws.amazon.com/eks/latest/userguide/retrieve-ami-id.html

instanceProfile aws:iam:InstanceProfile

The ingress rule that gives node group access.

instanceType String

The instance type to use for the cluster's nodes. Defaults to "t2.medium".

keyName String

Name of the key pair to use for SSH access to worker nodes.

kubeletExtraArgs String

labels Map<String>

Custom k8s node labels to be attached to each worker node. Adds the given key/value pairs to the --node-labels kubelet argument.

maxSize Number

The maximum number of worker nodes running in the cluster. Defaults to 2.

minSize Number

The minimum number of worker nodes running in the cluster. Defaults to 1.

nodeAssociatePublicIpAddress Boolean

nodePublicKey String

Public key material for SSH access to worker nodes. See allowed formats at: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html If not provided, no SSH access is enabled on VMs.

nodeRootVolumeSize Number

The size in GiB of a cluster node's root volume. Defaults to 20.

nodeSecurityGroup aws:ec2:SecurityGroup

The security group for the worker node group to communicate with the cluster.

This security group requires specific inbound and outbound rules.

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html

Note: The nodeSecurityGroup option and the cluster optionnodeSecurityGroupTags are mutually exclusive.

nodeSubnetIds List<String>

The set of subnets to override and use for the worker node group.

Setting this option overrides which subnets to use for the worker node group, regardless if the cluster's subnetIds is set, or if publicSubnetIds and/or privateSubnetIds were set.

nodeUserData String

nodeUserDataOverride String

See for more details: https://docs.aws.amazon.com/eks/latest/userguide/worker.html

spotPrice String

Bidding price for spot instance. If set, only spot instances will be added as worker node.

taints Map<Property Map>

Custom k8s node taints to be attached to each worker node. Adds the given taints to the --register-with-taints kubelet argument

version String

Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.

CoreData

Cluster Pulumi.Aws.Eks.Cluster
ClusterIamRole Pulumi.Aws.Iam.Role: The IAM Role attached to the EKS Cluster
ClusterSecurityGroup Pulumi.Aws.Ec2.SecurityGroup
Endpoint string
InstanceRoles List<Pulumi.Aws.Iam.Role>
NodeGroupOptions ClusterNodeGroupOptions
Provider Pulumi.Kubernetes.Provider
SubnetIds List<string>
VpcId string
AwsProvider Pulumi.Aws.Provider
EksNodeAccess Pulumi.Kubernetes.Core.V1.ConfigMap
EncryptionConfig Pulumi.Aws.Eks.Inputs.ClusterEncryptionConfig
FargateProfile Pulumi.Aws.Eks.FargateProfile
Kubeconfig object
NodeSecurityGroupTags Dictionary<string, string>
OidcProvider Pulumi.Aws.Iam.OpenIdConnectProvider
PrivateSubnetIds List<string>
PublicSubnetIds List<string>
StorageClasses Dictionary<string, Pulumi.Kubernetes.Storage.V1.StorageClass>
Tags Dictionary<string, string>
VpcCni Pulumi.Eks.VpcCni

Cluster Cluster
ClusterIamRole Role: The IAM Role attached to the EKS Cluster
ClusterSecurityGroup SecurityGroup
Endpoint string
InstanceRoles Role
NodeGroupOptions ClusterNodeGroupOptions
Provider Provider
SubnetIds []string
VpcId string
AwsProvider Provider
EksNodeAccess ConfigMap
EncryptionConfig ClusterEncryptionConfig
FargateProfile FargateProfile
Kubeconfig interface{}
NodeSecurityGroupTags map[string]string
OidcProvider OpenIdConnectProvider
PrivateSubnetIds []string
PublicSubnetIds []string
StorageClasses StorageClass
Tags map[string]string
VpcCni VpcCni

cluster Cluster
clusterIamRole Role: The IAM Role attached to the EKS Cluster
clusterSecurityGroup SecurityGroup
endpoint String
instanceRoles List<Role>
nodeGroupOptions ClusterNodeGroupOptions
provider Provider
subnetIds List<String>
vpcId String
awsProvider Provider
eksNodeAccess ConfigMap
encryptionConfig ClusterEncryptionConfig
fargateProfile FargateProfile
kubeconfig Object
nodeSecurityGroupTags Map<String,String>
oidcProvider OpenIdConnectProvider
privateSubnetIds List<String>
publicSubnetIds List<String>
storageClasses Map<String,StorageClass>
tags Map<String,String>
vpcCni VpcCni

cluster pulumiAwseksCluster
clusterIamRole pulumiAwsiamRole: The IAM Role attached to the EKS Cluster
clusterSecurityGroup pulumiAwsec2SecurityGroup
endpoint string
instanceRoles pulumiAwsiamRole[]
nodeGroupOptions ClusterNodeGroupOptions
provider pulumiKubernetesProvider
subnetIds string[]
vpcId string
awsProvider pulumiAwsProvider
eksNodeAccess pulumiKubernetescorev1ConfigMap
encryptionConfig pulumiAwstypesinputeksClusterEncryptionConfig
fargateProfile pulumiAwseksFargateProfile
kubeconfig any
nodeSecurityGroupTags {[key: string]: string}
oidcProvider pulumiAwsiamOpenIdConnectProvider
privateSubnetIds string[]
publicSubnetIds string[]
storageClasses {[key: string]: pulumiKubernetesstoragev1StorageClass}
tags {[key: string]: string}
vpcCni VpcCni

cluster Cluster
cluster_iam_role Role: The IAM Role attached to the EKS Cluster
cluster_security_group SecurityGroup
endpoint str
instance_roles Role]
node_group_options ClusterNodeGroupOptions
provider Provider
subnet_ids Sequence[str]
vpc_id str
aws_provider Provider
eks_node_access ConfigMap
encryption_config ClusterEncryptionConfigArgs
fargate_profile FargateProfile
kubeconfig Any
node_security_group_tags Mapping[str, str]
oidc_provider OpenIdConnectProvider
private_subnet_ids Sequence[str]
public_subnet_ids Sequence[str]
storage_classes StorageClass]
tags Mapping[str, str]
vpc_cni VpcCni

cluster aws:eks:Cluster
clusterIamRole aws:iam:Role: The IAM Role attached to the EKS Cluster
clusterSecurityGroup aws:ec2:SecurityGroup
endpoint String
instanceRoles List<aws:iam:Role>
nodeGroupOptions Property Map
provider pulumi:providers:kubernetes
subnetIds List<String>
vpcId String
awsProvider pulumi:providers:aws
eksNodeAccess kubernetes:core/v1:ConfigMap
encryptionConfig Property Map
fargateProfile aws:eks:FargateProfile
kubeconfig Any
nodeSecurityGroupTags Map<String>
oidcProvider aws:iam:OpenIdConnectProvider
privateSubnetIds List<String>
publicSubnetIds List<String>
storageClasses Map<kubernetes:storage.k8s.io/v1:StorageClass>
tags Map<String>
vpcCni eks:VpcCni

Taint

Effect string: The effect of the taint.
Value string: The value of the taint.

Effect string: The effect of the taint.
Value string: The value of the taint.

effect String: The effect of the taint.
value String: The value of the taint.

effect string: The effect of the taint.
value string: The value of the taint.

effect str: The effect of the taint.
value str: The value of the taint.

effect String: The effect of the taint.
value String: The value of the taint.

Package Details

Repository: Amazon EKS pulumi/pulumi-eks
License: Apache-2.0

eks.ManagedNodeGroup

Create ManagedNodeGroup Resource

ManagedNodeGroup Resource Properties

Inputs

Outputs

Supporting Types

ClusterNodeGroupOptions

CoreData

Taint

Package Details

Contents