1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. container
  5. AwsCluster
Google Cloud Classic v7.16.0 published on Wednesday, Mar 27, 2024 by Pulumi

gcp.container.AwsCluster

Explore with Pulumi AI

gcp logo
Google Cloud Classic v7.16.0 published on Wednesday, Mar 27, 2024 by Pulumi

    An Anthos cluster running on AWS.

    For more information, see:

    Example Usage

    Basic_aws_cluster

    A basic example of a containeraws cluster

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const versions = gcp.container.getAwsVersions({
        project: "my-project-name",
        location: "us-west1",
    });
    const primary = new gcp.container.AwsCluster("primary", {
        authorization: {
            adminUsers: [{
                username: "my@service-account.com",
            }],
            adminGroups: [{
                group: "group@domain.com",
            }],
        },
        awsRegion: "my-aws-region",
        controlPlane: {
            awsServicesAuthentication: {
                roleArn: "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
                roleSessionName: "my--1p-dev-session",
            },
            configEncryption: {
                kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            },
            databaseEncryption: {
                kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            },
            iamInstanceProfile: "my--1p-dev-controlplane",
            subnetIds: ["subnet-00000000000000000"],
            version: versions.then(versions => versions.validVersions?.[0]),
            instanceType: "t3.medium",
            mainVolume: {
                iops: 3000,
                kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                sizeGib: 10,
                volumeType: "GP3",
            },
            proxyConfig: {
                secretArn: "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
                secretVersion: "12345678-ABCD-EFGH-IJKL-987654321098",
            },
            rootVolume: {
                iops: 3000,
                kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                sizeGib: 10,
                volumeType: "GP3",
            },
            securityGroupIds: ["sg-00000000000000000"],
            sshConfig: {
                ec2KeyPair: "my--1p-dev-ssh",
            },
            tags: {
                owner: "my@service-account.com",
            },
        },
        fleet: {
            project: "my-project-number",
        },
        location: "us-west1",
        name: "name",
        networking: {
            podAddressCidrBlocks: ["10.2.0.0/16"],
            serviceAddressCidrBlocks: ["10.1.0.0/16"],
            vpcId: "vpc-00000000000000000",
        },
        annotations: {
            "label-one": "value-one",
        },
        description: "A sample aws cluster",
        project: "my-project-name",
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    versions = gcp.container.get_aws_versions(project="my-project-name",
        location="us-west1")
    primary = gcp.container.AwsCluster("primary",
        authorization=gcp.container.AwsClusterAuthorizationArgs(
            admin_users=[gcp.container.AwsClusterAuthorizationAdminUserArgs(
                username="my@service-account.com",
            )],
            admin_groups=[gcp.container.AwsClusterAuthorizationAdminGroupArgs(
                group="group@domain.com",
            )],
        ),
        aws_region="my-aws-region",
        control_plane=gcp.container.AwsClusterControlPlaneArgs(
            aws_services_authentication=gcp.container.AwsClusterControlPlaneAwsServicesAuthenticationArgs(
                role_arn="arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
                role_session_name="my--1p-dev-session",
            ),
            config_encryption=gcp.container.AwsClusterControlPlaneConfigEncryptionArgs(
                kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            ),
            database_encryption=gcp.container.AwsClusterControlPlaneDatabaseEncryptionArgs(
                kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            ),
            iam_instance_profile="my--1p-dev-controlplane",
            subnet_ids=["subnet-00000000000000000"],
            version=versions.valid_versions[0],
            instance_type="t3.medium",
            main_volume=gcp.container.AwsClusterControlPlaneMainVolumeArgs(
                iops=3000,
                kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                size_gib=10,
                volume_type="GP3",
            ),
            proxy_config=gcp.container.AwsClusterControlPlaneProxyConfigArgs(
                secret_arn="arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
                secret_version="12345678-ABCD-EFGH-IJKL-987654321098",
            ),
            root_volume=gcp.container.AwsClusterControlPlaneRootVolumeArgs(
                iops=3000,
                kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                size_gib=10,
                volume_type="GP3",
            ),
            security_group_ids=["sg-00000000000000000"],
            ssh_config=gcp.container.AwsClusterControlPlaneSshConfigArgs(
                ec2_key_pair="my--1p-dev-ssh",
            ),
            tags={
                "owner": "my@service-account.com",
            },
        ),
        fleet=gcp.container.AwsClusterFleetArgs(
            project="my-project-number",
        ),
        location="us-west1",
        name="name",
        networking=gcp.container.AwsClusterNetworkingArgs(
            pod_address_cidr_blocks=["10.2.0.0/16"],
            service_address_cidr_blocks=["10.1.0.0/16"],
            vpc_id="vpc-00000000000000000",
        ),
        annotations={
            "label-one": "value-one",
        },
        description="A sample aws cluster",
        project="my-project-name")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/container"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		versions, err := container.GetAwsVersions(ctx, &container.GetAwsVersionsArgs{
    			Project:  pulumi.StringRef("my-project-name"),
    			Location: pulumi.StringRef("us-west1"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = container.NewAwsCluster(ctx, "primary", &container.AwsClusterArgs{
    			Authorization: &container.AwsClusterAuthorizationArgs{
    				AdminUsers: container.AwsClusterAuthorizationAdminUserArray{
    					&container.AwsClusterAuthorizationAdminUserArgs{
    						Username: pulumi.String("my@service-account.com"),
    					},
    				},
    				AdminGroups: container.AwsClusterAuthorizationAdminGroupArray{
    					&container.AwsClusterAuthorizationAdminGroupArgs{
    						Group: pulumi.String("group@domain.com"),
    					},
    				},
    			},
    			AwsRegion: pulumi.String("my-aws-region"),
    			ControlPlane: &container.AwsClusterControlPlaneArgs{
    				AwsServicesAuthentication: &container.AwsClusterControlPlaneAwsServicesAuthenticationArgs{
    					RoleArn:         pulumi.String("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform"),
    					RoleSessionName: pulumi.String("my--1p-dev-session"),
    				},
    				ConfigEncryption: &container.AwsClusterControlPlaneConfigEncryptionArgs{
    					KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
    				},
    				DatabaseEncryption: &container.AwsClusterControlPlaneDatabaseEncryptionArgs{
    					KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
    				},
    				IamInstanceProfile: pulumi.String("my--1p-dev-controlplane"),
    				SubnetIds: pulumi.StringArray{
    					pulumi.String("subnet-00000000000000000"),
    				},
    				Version:      pulumi.String(versions.ValidVersions[0]),
    				InstanceType: pulumi.String("t3.medium"),
    				MainVolume: &container.AwsClusterControlPlaneMainVolumeArgs{
    					Iops:       pulumi.Int(3000),
    					KmsKeyArn:  pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
    					SizeGib:    pulumi.Int(10),
    					VolumeType: pulumi.String("GP3"),
    				},
    				ProxyConfig: &container.AwsClusterControlPlaneProxyConfigArgs{
    					SecretArn:     pulumi.String("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF"),
    					SecretVersion: pulumi.String("12345678-ABCD-EFGH-IJKL-987654321098"),
    				},
    				RootVolume: &container.AwsClusterControlPlaneRootVolumeArgs{
    					Iops:       pulumi.Int(3000),
    					KmsKeyArn:  pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
    					SizeGib:    pulumi.Int(10),
    					VolumeType: pulumi.String("GP3"),
    				},
    				SecurityGroupIds: pulumi.StringArray{
    					pulumi.String("sg-00000000000000000"),
    				},
    				SshConfig: &container.AwsClusterControlPlaneSshConfigArgs{
    					Ec2KeyPair: pulumi.String("my--1p-dev-ssh"),
    				},
    				Tags: pulumi.StringMap{
    					"owner": pulumi.String("my@service-account.com"),
    				},
    			},
    			Fleet: &container.AwsClusterFleetArgs{
    				Project: pulumi.String("my-project-number"),
    			},
    			Location: pulumi.String("us-west1"),
    			Name:     pulumi.String("name"),
    			Networking: &container.AwsClusterNetworkingArgs{
    				PodAddressCidrBlocks: pulumi.StringArray{
    					pulumi.String("10.2.0.0/16"),
    				},
    				ServiceAddressCidrBlocks: pulumi.StringArray{
    					pulumi.String("10.1.0.0/16"),
    				},
    				VpcId: pulumi.String("vpc-00000000000000000"),
    			},
    			Annotations: pulumi.StringMap{
    				"label-one": pulumi.String("value-one"),
    			},
    			Description: pulumi.String("A sample aws cluster"),
    			Project:     pulumi.String("my-project-name"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var versions = Gcp.Container.GetAwsVersions.Invoke(new()
        {
            Project = "my-project-name",
            Location = "us-west1",
        });
    
        var primary = new Gcp.Container.AwsCluster("primary", new()
        {
            Authorization = new Gcp.Container.Inputs.AwsClusterAuthorizationArgs
            {
                AdminUsers = new[]
                {
                    new Gcp.Container.Inputs.AwsClusterAuthorizationAdminUserArgs
                    {
                        Username = "my@service-account.com",
                    },
                },
                AdminGroups = new[]
                {
                    new Gcp.Container.Inputs.AwsClusterAuthorizationAdminGroupArgs
                    {
                        Group = "group@domain.com",
                    },
                },
            },
            AwsRegion = "my-aws-region",
            ControlPlane = new Gcp.Container.Inputs.AwsClusterControlPlaneArgs
            {
                AwsServicesAuthentication = new Gcp.Container.Inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs
                {
                    RoleArn = "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
                    RoleSessionName = "my--1p-dev-session",
                },
                ConfigEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneConfigEncryptionArgs
                {
                    KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                },
                DatabaseEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneDatabaseEncryptionArgs
                {
                    KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                },
                IamInstanceProfile = "my--1p-dev-controlplane",
                SubnetIds = new[]
                {
                    "subnet-00000000000000000",
                },
                Version = versions.Apply(getAwsVersionsResult => getAwsVersionsResult.ValidVersions[0]),
                InstanceType = "t3.medium",
                MainVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneMainVolumeArgs
                {
                    Iops = 3000,
                    KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                    SizeGib = 10,
                    VolumeType = "GP3",
                },
                ProxyConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneProxyConfigArgs
                {
                    SecretArn = "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
                    SecretVersion = "12345678-ABCD-EFGH-IJKL-987654321098",
                },
                RootVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneRootVolumeArgs
                {
                    Iops = 3000,
                    KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                    SizeGib = 10,
                    VolumeType = "GP3",
                },
                SecurityGroupIds = new[]
                {
                    "sg-00000000000000000",
                },
                SshConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneSshConfigArgs
                {
                    Ec2KeyPair = "my--1p-dev-ssh",
                },
                Tags = 
                {
                    { "owner", "my@service-account.com" },
                },
            },
            Fleet = new Gcp.Container.Inputs.AwsClusterFleetArgs
            {
                Project = "my-project-number",
            },
            Location = "us-west1",
            Name = "name",
            Networking = new Gcp.Container.Inputs.AwsClusterNetworkingArgs
            {
                PodAddressCidrBlocks = new[]
                {
                    "10.2.0.0/16",
                },
                ServiceAddressCidrBlocks = new[]
                {
                    "10.1.0.0/16",
                },
                VpcId = "vpc-00000000000000000",
            },
            Annotations = 
            {
                { "label-one", "value-one" },
            },
            Description = "A sample aws cluster",
            Project = "my-project-name",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.container.ContainerFunctions;
    import com.pulumi.gcp.container.inputs.GetAwsVersionsArgs;
    import com.pulumi.gcp.container.AwsCluster;
    import com.pulumi.gcp.container.AwsClusterArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterAuthorizationArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneConfigEncryptionArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneDatabaseEncryptionArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneMainVolumeArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneProxyConfigArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneRootVolumeArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneSshConfigArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterFleetArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterNetworkingArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var versions = ContainerFunctions.getAwsVersions(GetAwsVersionsArgs.builder()
                .project("my-project-name")
                .location("us-west1")
                .build());
    
            var primary = new AwsCluster("primary", AwsClusterArgs.builder()        
                .authorization(AwsClusterAuthorizationArgs.builder()
                    .adminUsers(AwsClusterAuthorizationAdminUserArgs.builder()
                        .username("my@service-account.com")
                        .build())
                    .adminGroups(AwsClusterAuthorizationAdminGroupArgs.builder()
                        .group("group@domain.com")
                        .build())
                    .build())
                .awsRegion("my-aws-region")
                .controlPlane(AwsClusterControlPlaneArgs.builder()
                    .awsServicesAuthentication(AwsClusterControlPlaneAwsServicesAuthenticationArgs.builder()
                        .roleArn("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform")
                        .roleSessionName("my--1p-dev-session")
                        .build())
                    .configEncryption(AwsClusterControlPlaneConfigEncryptionArgs.builder()
                        .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                        .build())
                    .databaseEncryption(AwsClusterControlPlaneDatabaseEncryptionArgs.builder()
                        .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                        .build())
                    .iamInstanceProfile("my--1p-dev-controlplane")
                    .subnetIds("subnet-00000000000000000")
                    .version(versions.applyValue(getAwsVersionsResult -> getAwsVersionsResult.validVersions()[0]))
                    .instanceType("t3.medium")
                    .mainVolume(AwsClusterControlPlaneMainVolumeArgs.builder()
                        .iops(3000)
                        .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                        .sizeGib(10)
                        .volumeType("GP3")
                        .build())
                    .proxyConfig(AwsClusterControlPlaneProxyConfigArgs.builder()
                        .secretArn("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF")
                        .secretVersion("12345678-ABCD-EFGH-IJKL-987654321098")
                        .build())
                    .rootVolume(AwsClusterControlPlaneRootVolumeArgs.builder()
                        .iops(3000)
                        .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                        .sizeGib(10)
                        .volumeType("GP3")
                        .build())
                    .securityGroupIds("sg-00000000000000000")
                    .sshConfig(AwsClusterControlPlaneSshConfigArgs.builder()
                        .ec2KeyPair("my--1p-dev-ssh")
                        .build())
                    .tags(Map.of("owner", "my@service-account.com"))
                    .build())
                .fleet(AwsClusterFleetArgs.builder()
                    .project("my-project-number")
                    .build())
                .location("us-west1")
                .name("name")
                .networking(AwsClusterNetworkingArgs.builder()
                    .podAddressCidrBlocks("10.2.0.0/16")
                    .serviceAddressCidrBlocks("10.1.0.0/16")
                    .vpcId("vpc-00000000000000000")
                    .build())
                .annotations(Map.of("label-one", "value-one"))
                .description("A sample aws cluster")
                .project("my-project-name")
                .build());
    
        }
    }
    
    resources:
      primary:
        type: gcp:container:AwsCluster
        properties:
          authorization:
            adminUsers:
              - username: my@service-account.com
            adminGroups:
              - group: group@domain.com
          awsRegion: my-aws-region
          controlPlane:
            awsServicesAuthentication:
              roleArn: arn:aws:iam::012345678910:role/my--1p-dev-oneplatform
              roleSessionName: my--1p-dev-session
            configEncryption:
              kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
            databaseEncryption:
              kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
            iamInstanceProfile: my--1p-dev-controlplane
            subnetIds:
              - subnet-00000000000000000
            version: ${versions.validVersions[0]}
            instanceType: t3.medium
            mainVolume:
              iops: 3000
              kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
              sizeGib: 10
              volumeType: GP3
            proxyConfig:
              secretArn: arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF
              secretVersion: 12345678-ABCD-EFGH-IJKL-987654321098
            rootVolume:
              iops: 3000
              kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
              sizeGib: 10
              volumeType: GP3
            securityGroupIds:
              - sg-00000000000000000
            sshConfig:
              ec2KeyPair: my--1p-dev-ssh
            tags:
              owner: my@service-account.com
          fleet:
            project: my-project-number
          location: us-west1
          name: name
          networking:
            podAddressCidrBlocks:
              - 10.2.0.0/16
            serviceAddressCidrBlocks:
              - 10.1.0.0/16
            vpcId: vpc-00000000000000000
          annotations:
            label-one: value-one
          description: A sample aws cluster
          project: my-project-name
    variables:
      versions:
        fn::invoke:
          Function: gcp:container:getAwsVersions
          Arguments:
            project: my-project-name
            location: us-west1
    

    Basic_enum_aws_cluster

    A basic example of a containeraws cluster with lowercase enums

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const versions = gcp.container.getAwsVersions({
        project: "my-project-name",
        location: "us-west1",
    });
    const primary = new gcp.container.AwsCluster("primary", {
        authorization: {
            adminUsers: [{
                username: "my@service-account.com",
            }],
        },
        awsRegion: "my-aws-region",
        controlPlane: {
            awsServicesAuthentication: {
                roleArn: "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
                roleSessionName: "my--1p-dev-session",
            },
            configEncryption: {
                kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            },
            databaseEncryption: {
                kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            },
            iamInstanceProfile: "my--1p-dev-controlplane",
            subnetIds: ["subnet-00000000000000000"],
            version: versions.then(versions => versions.validVersions?.[0]),
            instanceType: "t3.medium",
            mainVolume: {
                iops: 3000,
                kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                sizeGib: 10,
                volumeType: "gp3",
            },
            proxyConfig: {
                secretArn: "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
                secretVersion: "12345678-ABCD-EFGH-IJKL-987654321098",
            },
            rootVolume: {
                iops: 3000,
                kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                sizeGib: 10,
                volumeType: "gp3",
            },
            securityGroupIds: ["sg-00000000000000000"],
            sshConfig: {
                ec2KeyPair: "my--1p-dev-ssh",
            },
            tags: {
                owner: "my@service-account.com",
            },
        },
        fleet: {
            project: "my-project-number",
        },
        location: "us-west1",
        name: "name",
        networking: {
            podAddressCidrBlocks: ["10.2.0.0/16"],
            serviceAddressCidrBlocks: ["10.1.0.0/16"],
            vpcId: "vpc-00000000000000000",
        },
        annotations: {
            "label-one": "value-one",
        },
        description: "A sample aws cluster",
        project: "my-project-name",
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    versions = gcp.container.get_aws_versions(project="my-project-name",
        location="us-west1")
    primary = gcp.container.AwsCluster("primary",
        authorization=gcp.container.AwsClusterAuthorizationArgs(
            admin_users=[gcp.container.AwsClusterAuthorizationAdminUserArgs(
                username="my@service-account.com",
            )],
        ),
        aws_region="my-aws-region",
        control_plane=gcp.container.AwsClusterControlPlaneArgs(
            aws_services_authentication=gcp.container.AwsClusterControlPlaneAwsServicesAuthenticationArgs(
                role_arn="arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
                role_session_name="my--1p-dev-session",
            ),
            config_encryption=gcp.container.AwsClusterControlPlaneConfigEncryptionArgs(
                kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            ),
            database_encryption=gcp.container.AwsClusterControlPlaneDatabaseEncryptionArgs(
                kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            ),
            iam_instance_profile="my--1p-dev-controlplane",
            subnet_ids=["subnet-00000000000000000"],
            version=versions.valid_versions[0],
            instance_type="t3.medium",
            main_volume=gcp.container.AwsClusterControlPlaneMainVolumeArgs(
                iops=3000,
                kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                size_gib=10,
                volume_type="gp3",
            ),
            proxy_config=gcp.container.AwsClusterControlPlaneProxyConfigArgs(
                secret_arn="arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
                secret_version="12345678-ABCD-EFGH-IJKL-987654321098",
            ),
            root_volume=gcp.container.AwsClusterControlPlaneRootVolumeArgs(
                iops=3000,
                kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                size_gib=10,
                volume_type="gp3",
            ),
            security_group_ids=["sg-00000000000000000"],
            ssh_config=gcp.container.AwsClusterControlPlaneSshConfigArgs(
                ec2_key_pair="my--1p-dev-ssh",
            ),
            tags={
                "owner": "my@service-account.com",
            },
        ),
        fleet=gcp.container.AwsClusterFleetArgs(
            project="my-project-number",
        ),
        location="us-west1",
        name="name",
        networking=gcp.container.AwsClusterNetworkingArgs(
            pod_address_cidr_blocks=["10.2.0.0/16"],
            service_address_cidr_blocks=["10.1.0.0/16"],
            vpc_id="vpc-00000000000000000",
        ),
        annotations={
            "label-one": "value-one",
        },
        description="A sample aws cluster",
        project="my-project-name")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/container"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		versions, err := container.GetAwsVersions(ctx, &container.GetAwsVersionsArgs{
    			Project:  pulumi.StringRef("my-project-name"),
    			Location: pulumi.StringRef("us-west1"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = container.NewAwsCluster(ctx, "primary", &container.AwsClusterArgs{
    			Authorization: &container.AwsClusterAuthorizationArgs{
    				AdminUsers: container.AwsClusterAuthorizationAdminUserArray{
    					&container.AwsClusterAuthorizationAdminUserArgs{
    						Username: pulumi.String("my@service-account.com"),
    					},
    				},
    			},
    			AwsRegion: pulumi.String("my-aws-region"),
    			ControlPlane: &container.AwsClusterControlPlaneArgs{
    				AwsServicesAuthentication: &container.AwsClusterControlPlaneAwsServicesAuthenticationArgs{
    					RoleArn:         pulumi.String("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform"),
    					RoleSessionName: pulumi.String("my--1p-dev-session"),
    				},
    				ConfigEncryption: &container.AwsClusterControlPlaneConfigEncryptionArgs{
    					KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
    				},
    				DatabaseEncryption: &container.AwsClusterControlPlaneDatabaseEncryptionArgs{
    					KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
    				},
    				IamInstanceProfile: pulumi.String("my--1p-dev-controlplane"),
    				SubnetIds: pulumi.StringArray{
    					pulumi.String("subnet-00000000000000000"),
    				},
    				Version:      pulumi.String(versions.ValidVersions[0]),
    				InstanceType: pulumi.String("t3.medium"),
    				MainVolume: &container.AwsClusterControlPlaneMainVolumeArgs{
    					Iops:       pulumi.Int(3000),
    					KmsKeyArn:  pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
    					SizeGib:    pulumi.Int(10),
    					VolumeType: pulumi.String("gp3"),
    				},
    				ProxyConfig: &container.AwsClusterControlPlaneProxyConfigArgs{
    					SecretArn:     pulumi.String("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF"),
    					SecretVersion: pulumi.String("12345678-ABCD-EFGH-IJKL-987654321098"),
    				},
    				RootVolume: &container.AwsClusterControlPlaneRootVolumeArgs{
    					Iops:       pulumi.Int(3000),
    					KmsKeyArn:  pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
    					SizeGib:    pulumi.Int(10),
    					VolumeType: pulumi.String("gp3"),
    				},
    				SecurityGroupIds: pulumi.StringArray{
    					pulumi.String("sg-00000000000000000"),
    				},
    				SshConfig: &container.AwsClusterControlPlaneSshConfigArgs{
    					Ec2KeyPair: pulumi.String("my--1p-dev-ssh"),
    				},
    				Tags: pulumi.StringMap{
    					"owner": pulumi.String("my@service-account.com"),
    				},
    			},
    			Fleet: &container.AwsClusterFleetArgs{
    				Project: pulumi.String("my-project-number"),
    			},
    			Location: pulumi.String("us-west1"),
    			Name:     pulumi.String("name"),
    			Networking: &container.AwsClusterNetworkingArgs{
    				PodAddressCidrBlocks: pulumi.StringArray{
    					pulumi.String("10.2.0.0/16"),
    				},
    				ServiceAddressCidrBlocks: pulumi.StringArray{
    					pulumi.String("10.1.0.0/16"),
    				},
    				VpcId: pulumi.String("vpc-00000000000000000"),
    			},
    			Annotations: pulumi.StringMap{
    				"label-one": pulumi.String("value-one"),
    			},
    			Description: pulumi.String("A sample aws cluster"),
    			Project:     pulumi.String("my-project-name"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var versions = Gcp.Container.GetAwsVersions.Invoke(new()
        {
            Project = "my-project-name",
            Location = "us-west1",
        });
    
        var primary = new Gcp.Container.AwsCluster("primary", new()
        {
            Authorization = new Gcp.Container.Inputs.AwsClusterAuthorizationArgs
            {
                AdminUsers = new[]
                {
                    new Gcp.Container.Inputs.AwsClusterAuthorizationAdminUserArgs
                    {
                        Username = "my@service-account.com",
                    },
                },
            },
            AwsRegion = "my-aws-region",
            ControlPlane = new Gcp.Container.Inputs.AwsClusterControlPlaneArgs
            {
                AwsServicesAuthentication = new Gcp.Container.Inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs
                {
                    RoleArn = "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
                    RoleSessionName = "my--1p-dev-session",
                },
                ConfigEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneConfigEncryptionArgs
                {
                    KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                },
                DatabaseEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneDatabaseEncryptionArgs
                {
                    KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                },
                IamInstanceProfile = "my--1p-dev-controlplane",
                SubnetIds = new[]
                {
                    "subnet-00000000000000000",
                },
                Version = versions.Apply(getAwsVersionsResult => getAwsVersionsResult.ValidVersions[0]),
                InstanceType = "t3.medium",
                MainVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneMainVolumeArgs
                {
                    Iops = 3000,
                    KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                    SizeGib = 10,
                    VolumeType = "gp3",
                },
                ProxyConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneProxyConfigArgs
                {
                    SecretArn = "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
                    SecretVersion = "12345678-ABCD-EFGH-IJKL-987654321098",
                },
                RootVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneRootVolumeArgs
                {
                    Iops = 3000,
                    KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                    SizeGib = 10,
                    VolumeType = "gp3",
                },
                SecurityGroupIds = new[]
                {
                    "sg-00000000000000000",
                },
                SshConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneSshConfigArgs
                {
                    Ec2KeyPair = "my--1p-dev-ssh",
                },
                Tags = 
                {
                    { "owner", "my@service-account.com" },
                },
            },
            Fleet = new Gcp.Container.Inputs.AwsClusterFleetArgs
            {
                Project = "my-project-number",
            },
            Location = "us-west1",
            Name = "name",
            Networking = new Gcp.Container.Inputs.AwsClusterNetworkingArgs
            {
                PodAddressCidrBlocks = new[]
                {
                    "10.2.0.0/16",
                },
                ServiceAddressCidrBlocks = new[]
                {
                    "10.1.0.0/16",
                },
                VpcId = "vpc-00000000000000000",
            },
            Annotations = 
            {
                { "label-one", "value-one" },
            },
            Description = "A sample aws cluster",
            Project = "my-project-name",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.container.ContainerFunctions;
    import com.pulumi.gcp.container.inputs.GetAwsVersionsArgs;
    import com.pulumi.gcp.container.AwsCluster;
    import com.pulumi.gcp.container.AwsClusterArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterAuthorizationArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneConfigEncryptionArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneDatabaseEncryptionArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneMainVolumeArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneProxyConfigArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneRootVolumeArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneSshConfigArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterFleetArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterNetworkingArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var versions = ContainerFunctions.getAwsVersions(GetAwsVersionsArgs.builder()
                .project("my-project-name")
                .location("us-west1")
                .build());
    
            var primary = new AwsCluster("primary", AwsClusterArgs.builder()        
                .authorization(AwsClusterAuthorizationArgs.builder()
                    .adminUsers(AwsClusterAuthorizationAdminUserArgs.builder()
                        .username("my@service-account.com")
                        .build())
                    .build())
                .awsRegion("my-aws-region")
                .controlPlane(AwsClusterControlPlaneArgs.builder()
                    .awsServicesAuthentication(AwsClusterControlPlaneAwsServicesAuthenticationArgs.builder()
                        .roleArn("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform")
                        .roleSessionName("my--1p-dev-session")
                        .build())
                    .configEncryption(AwsClusterControlPlaneConfigEncryptionArgs.builder()
                        .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                        .build())
                    .databaseEncryption(AwsClusterControlPlaneDatabaseEncryptionArgs.builder()
                        .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                        .build())
                    .iamInstanceProfile("my--1p-dev-controlplane")
                    .subnetIds("subnet-00000000000000000")
                    .version(versions.applyValue(getAwsVersionsResult -> getAwsVersionsResult.validVersions()[0]))
                    .instanceType("t3.medium")
                    .mainVolume(AwsClusterControlPlaneMainVolumeArgs.builder()
                        .iops(3000)
                        .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                        .sizeGib(10)
                        .volumeType("gp3")
                        .build())
                    .proxyConfig(AwsClusterControlPlaneProxyConfigArgs.builder()
                        .secretArn("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF")
                        .secretVersion("12345678-ABCD-EFGH-IJKL-987654321098")
                        .build())
                    .rootVolume(AwsClusterControlPlaneRootVolumeArgs.builder()
                        .iops(3000)
                        .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                        .sizeGib(10)
                        .volumeType("gp3")
                        .build())
                    .securityGroupIds("sg-00000000000000000")
                    .sshConfig(AwsClusterControlPlaneSshConfigArgs.builder()
                        .ec2KeyPair("my--1p-dev-ssh")
                        .build())
                    .tags(Map.of("owner", "my@service-account.com"))
                    .build())
                .fleet(AwsClusterFleetArgs.builder()
                    .project("my-project-number")
                    .build())
                .location("us-west1")
                .name("name")
                .networking(AwsClusterNetworkingArgs.builder()
                    .podAddressCidrBlocks("10.2.0.0/16")
                    .serviceAddressCidrBlocks("10.1.0.0/16")
                    .vpcId("vpc-00000000000000000")
                    .build())
                .annotations(Map.of("label-one", "value-one"))
                .description("A sample aws cluster")
                .project("my-project-name")
                .build());
    
        }
    }
    
    resources:
      primary:
        type: gcp:container:AwsCluster
        properties:
          authorization:
            adminUsers:
              - username: my@service-account.com
          awsRegion: my-aws-region
          controlPlane:
            awsServicesAuthentication:
              roleArn: arn:aws:iam::012345678910:role/my--1p-dev-oneplatform
              roleSessionName: my--1p-dev-session
            configEncryption:
              kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
            databaseEncryption:
              kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
            iamInstanceProfile: my--1p-dev-controlplane
            subnetIds:
              - subnet-00000000000000000
            version: ${versions.validVersions[0]}
            instanceType: t3.medium
            mainVolume:
              iops: 3000
              kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
              sizeGib: 10
              volumeType: gp3
            proxyConfig:
              secretArn: arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF
              secretVersion: 12345678-ABCD-EFGH-IJKL-987654321098
            rootVolume:
              iops: 3000
              kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
              sizeGib: 10
              volumeType: gp3
            securityGroupIds:
              - sg-00000000000000000
            sshConfig:
              ec2KeyPair: my--1p-dev-ssh
            tags:
              owner: my@service-account.com
          fleet:
            project: my-project-number
          location: us-west1
          name: name
          networking:
            podAddressCidrBlocks:
              - 10.2.0.0/16
            serviceAddressCidrBlocks:
              - 10.1.0.0/16
            vpcId: vpc-00000000000000000
          annotations:
            label-one: value-one
          description: A sample aws cluster
          project: my-project-name
    variables:
      versions:
        fn::invoke:
          Function: gcp:container:getAwsVersions
          Arguments:
            project: my-project-name
            location: us-west1
    

    Beta_basic_enum_aws_cluster

    A basic example of a containeraws cluster with lowercase enums (beta)

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const versions = gcp.container.getAwsVersions({
        project: "my-project-name",
        location: "us-west1",
    });
    const primary = new gcp.container.AwsCluster("primary", {
        authorization: {
            adminUsers: [{
                username: "my@service-account.com",
            }],
        },
        awsRegion: "my-aws-region",
        controlPlane: {
            awsServicesAuthentication: {
                roleArn: "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
                roleSessionName: "my--1p-dev-session",
            },
            configEncryption: {
                kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            },
            databaseEncryption: {
                kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            },
            iamInstanceProfile: "my--1p-dev-controlplane",
            subnetIds: ["subnet-00000000000000000"],
            version: versions.then(versions => versions.validVersions?.[0]),
            instanceType: "t3.medium",
            mainVolume: {
                iops: 3000,
                kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                sizeGib: 10,
                volumeType: "gp3",
            },
            proxyConfig: {
                secretArn: "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
                secretVersion: "12345678-ABCD-EFGH-IJKL-987654321098",
            },
            rootVolume: {
                iops: 3000,
                kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                sizeGib: 10,
                volumeType: "gp3",
            },
            securityGroupIds: ["sg-00000000000000000"],
            sshConfig: {
                ec2KeyPair: "my--1p-dev-ssh",
            },
            tags: {
                owner: "my@service-account.com",
            },
            instancePlacement: {
                tenancy: "dedicated",
            },
        },
        fleet: {
            project: "my-project-number",
        },
        location: "us-west1",
        name: "name",
        networking: {
            podAddressCidrBlocks: ["10.2.0.0/16"],
            serviceAddressCidrBlocks: ["10.1.0.0/16"],
            vpcId: "vpc-00000000000000000",
        },
        annotations: {
            "label-one": "value-one",
        },
        description: "A sample aws cluster",
        project: "my-project-name",
        loggingConfig: {
            componentConfig: {
                enableComponents: [
                    "system_components",
                    "workloads",
                ],
            },
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    versions = gcp.container.get_aws_versions(project="my-project-name",
        location="us-west1")
    primary = gcp.container.AwsCluster("primary",
        authorization=gcp.container.AwsClusterAuthorizationArgs(
            admin_users=[gcp.container.AwsClusterAuthorizationAdminUserArgs(
                username="my@service-account.com",
            )],
        ),
        aws_region="my-aws-region",
        control_plane=gcp.container.AwsClusterControlPlaneArgs(
            aws_services_authentication=gcp.container.AwsClusterControlPlaneAwsServicesAuthenticationArgs(
                role_arn="arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
                role_session_name="my--1p-dev-session",
            ),
            config_encryption=gcp.container.AwsClusterControlPlaneConfigEncryptionArgs(
                kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            ),
            database_encryption=gcp.container.AwsClusterControlPlaneDatabaseEncryptionArgs(
                kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            ),
            iam_instance_profile="my--1p-dev-controlplane",
            subnet_ids=["subnet-00000000000000000"],
            version=versions.valid_versions[0],
            instance_type="t3.medium",
            main_volume=gcp.container.AwsClusterControlPlaneMainVolumeArgs(
                iops=3000,
                kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                size_gib=10,
                volume_type="gp3",
            ),
            proxy_config=gcp.container.AwsClusterControlPlaneProxyConfigArgs(
                secret_arn="arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
                secret_version="12345678-ABCD-EFGH-IJKL-987654321098",
            ),
            root_volume=gcp.container.AwsClusterControlPlaneRootVolumeArgs(
                iops=3000,
                kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                size_gib=10,
                volume_type="gp3",
            ),
            security_group_ids=["sg-00000000000000000"],
            ssh_config=gcp.container.AwsClusterControlPlaneSshConfigArgs(
                ec2_key_pair="my--1p-dev-ssh",
            ),
            tags={
                "owner": "my@service-account.com",
            },
            instance_placement=gcp.container.AwsClusterControlPlaneInstancePlacementArgs(
                tenancy="dedicated",
            ),
        ),
        fleet=gcp.container.AwsClusterFleetArgs(
            project="my-project-number",
        ),
        location="us-west1",
        name="name",
        networking=gcp.container.AwsClusterNetworkingArgs(
            pod_address_cidr_blocks=["10.2.0.0/16"],
            service_address_cidr_blocks=["10.1.0.0/16"],
            vpc_id="vpc-00000000000000000",
        ),
        annotations={
            "label-one": "value-one",
        },
        description="A sample aws cluster",
        project="my-project-name",
        logging_config=gcp.container.AwsClusterLoggingConfigArgs(
            component_config=gcp.container.AwsClusterLoggingConfigComponentConfigArgs(
                enable_components=[
                    "system_components",
                    "workloads",
                ],
            ),
        ))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/container"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		versions, err := container.GetAwsVersions(ctx, &container.GetAwsVersionsArgs{
    			Project:  pulumi.StringRef("my-project-name"),
    			Location: pulumi.StringRef("us-west1"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = container.NewAwsCluster(ctx, "primary", &container.AwsClusterArgs{
    			Authorization: &container.AwsClusterAuthorizationArgs{
    				AdminUsers: container.AwsClusterAuthorizationAdminUserArray{
    					&container.AwsClusterAuthorizationAdminUserArgs{
    						Username: pulumi.String("my@service-account.com"),
    					},
    				},
    			},
    			AwsRegion: pulumi.String("my-aws-region"),
    			ControlPlane: &container.AwsClusterControlPlaneArgs{
    				AwsServicesAuthentication: &container.AwsClusterControlPlaneAwsServicesAuthenticationArgs{
    					RoleArn:         pulumi.String("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform"),
    					RoleSessionName: pulumi.String("my--1p-dev-session"),
    				},
    				ConfigEncryption: &container.AwsClusterControlPlaneConfigEncryptionArgs{
    					KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
    				},
    				DatabaseEncryption: &container.AwsClusterControlPlaneDatabaseEncryptionArgs{
    					KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
    				},
    				IamInstanceProfile: pulumi.String("my--1p-dev-controlplane"),
    				SubnetIds: pulumi.StringArray{
    					pulumi.String("subnet-00000000000000000"),
    				},
    				Version:      pulumi.String(versions.ValidVersions[0]),
    				InstanceType: pulumi.String("t3.medium"),
    				MainVolume: &container.AwsClusterControlPlaneMainVolumeArgs{
    					Iops:       pulumi.Int(3000),
    					KmsKeyArn:  pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
    					SizeGib:    pulumi.Int(10),
    					VolumeType: pulumi.String("gp3"),
    				},
    				ProxyConfig: &container.AwsClusterControlPlaneProxyConfigArgs{
    					SecretArn:     pulumi.String("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF"),
    					SecretVersion: pulumi.String("12345678-ABCD-EFGH-IJKL-987654321098"),
    				},
    				RootVolume: &container.AwsClusterControlPlaneRootVolumeArgs{
    					Iops:       pulumi.Int(3000),
    					KmsKeyArn:  pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
    					SizeGib:    pulumi.Int(10),
    					VolumeType: pulumi.String("gp3"),
    				},
    				SecurityGroupIds: pulumi.StringArray{
    					pulumi.String("sg-00000000000000000"),
    				},
    				SshConfig: &container.AwsClusterControlPlaneSshConfigArgs{
    					Ec2KeyPair: pulumi.String("my--1p-dev-ssh"),
    				},
    				Tags: pulumi.StringMap{
    					"owner": pulumi.String("my@service-account.com"),
    				},
    				InstancePlacement: &container.AwsClusterControlPlaneInstancePlacementArgs{
    					Tenancy: pulumi.String("dedicated"),
    				},
    			},
    			Fleet: &container.AwsClusterFleetArgs{
    				Project: pulumi.String("my-project-number"),
    			},
    			Location: pulumi.String("us-west1"),
    			Name:     pulumi.String("name"),
    			Networking: &container.AwsClusterNetworkingArgs{
    				PodAddressCidrBlocks: pulumi.StringArray{
    					pulumi.String("10.2.0.0/16"),
    				},
    				ServiceAddressCidrBlocks: pulumi.StringArray{
    					pulumi.String("10.1.0.0/16"),
    				},
    				VpcId: pulumi.String("vpc-00000000000000000"),
    			},
    			Annotations: pulumi.StringMap{
    				"label-one": pulumi.String("value-one"),
    			},
    			Description: pulumi.String("A sample aws cluster"),
    			Project:     pulumi.String("my-project-name"),
    			LoggingConfig: &container.AwsClusterLoggingConfigArgs{
    				ComponentConfig: &container.AwsClusterLoggingConfigComponentConfigArgs{
    					EnableComponents: pulumi.StringArray{
    						pulumi.String("system_components"),
    						pulumi.String("workloads"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var versions = Gcp.Container.GetAwsVersions.Invoke(new()
        {
            Project = "my-project-name",
            Location = "us-west1",
        });
    
        var primary = new Gcp.Container.AwsCluster("primary", new()
        {
            Authorization = new Gcp.Container.Inputs.AwsClusterAuthorizationArgs
            {
                AdminUsers = new[]
                {
                    new Gcp.Container.Inputs.AwsClusterAuthorizationAdminUserArgs
                    {
                        Username = "my@service-account.com",
                    },
                },
            },
            AwsRegion = "my-aws-region",
            ControlPlane = new Gcp.Container.Inputs.AwsClusterControlPlaneArgs
            {
                AwsServicesAuthentication = new Gcp.Container.Inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs
                {
                    RoleArn = "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
                    RoleSessionName = "my--1p-dev-session",
                },
                ConfigEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneConfigEncryptionArgs
                {
                    KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                },
                DatabaseEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneDatabaseEncryptionArgs
                {
                    KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                },
                IamInstanceProfile = "my--1p-dev-controlplane",
                SubnetIds = new[]
                {
                    "subnet-00000000000000000",
                },
                Version = versions.Apply(getAwsVersionsResult => getAwsVersionsResult.ValidVersions[0]),
                InstanceType = "t3.medium",
                MainVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneMainVolumeArgs
                {
                    Iops = 3000,
                    KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                    SizeGib = 10,
                    VolumeType = "gp3",
                },
                ProxyConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneProxyConfigArgs
                {
                    SecretArn = "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
                    SecretVersion = "12345678-ABCD-EFGH-IJKL-987654321098",
                },
                RootVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneRootVolumeArgs
                {
                    Iops = 3000,
                    KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                    SizeGib = 10,
                    VolumeType = "gp3",
                },
                SecurityGroupIds = new[]
                {
                    "sg-00000000000000000",
                },
                SshConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneSshConfigArgs
                {
                    Ec2KeyPair = "my--1p-dev-ssh",
                },
                Tags = 
                {
                    { "owner", "my@service-account.com" },
                },
                InstancePlacement = new Gcp.Container.Inputs.AwsClusterControlPlaneInstancePlacementArgs
                {
                    Tenancy = "dedicated",
                },
            },
            Fleet = new Gcp.Container.Inputs.AwsClusterFleetArgs
            {
                Project = "my-project-number",
            },
            Location = "us-west1",
            Name = "name",
            Networking = new Gcp.Container.Inputs.AwsClusterNetworkingArgs
            {
                PodAddressCidrBlocks = new[]
                {
                    "10.2.0.0/16",
                },
                ServiceAddressCidrBlocks = new[]
                {
                    "10.1.0.0/16",
                },
                VpcId = "vpc-00000000000000000",
            },
            Annotations = 
            {
                { "label-one", "value-one" },
            },
            Description = "A sample aws cluster",
            Project = "my-project-name",
            LoggingConfig = new Gcp.Container.Inputs.AwsClusterLoggingConfigArgs
            {
                ComponentConfig = new Gcp.Container.Inputs.AwsClusterLoggingConfigComponentConfigArgs
                {
                    EnableComponents = new[]
                    {
                        "system_components",
                        "workloads",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.container.ContainerFunctions;
    import com.pulumi.gcp.container.inputs.GetAwsVersionsArgs;
    import com.pulumi.gcp.container.AwsCluster;
    import com.pulumi.gcp.container.AwsClusterArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterAuthorizationArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneConfigEncryptionArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneDatabaseEncryptionArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneMainVolumeArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneProxyConfigArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneRootVolumeArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneSshConfigArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneInstancePlacementArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterFleetArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterNetworkingArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterLoggingConfigArgs;
    import com.pulumi.gcp.container.inputs.AwsClusterLoggingConfigComponentConfigArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var versions = ContainerFunctions.getAwsVersions(GetAwsVersionsArgs.builder()
                .project("my-project-name")
                .location("us-west1")
                .build());
    
            var primary = new AwsCluster("primary", AwsClusterArgs.builder()        
                .authorization(AwsClusterAuthorizationArgs.builder()
                    .adminUsers(AwsClusterAuthorizationAdminUserArgs.builder()
                        .username("my@service-account.com")
                        .build())
                    .build())
                .awsRegion("my-aws-region")
                .controlPlane(AwsClusterControlPlaneArgs.builder()
                    .awsServicesAuthentication(AwsClusterControlPlaneAwsServicesAuthenticationArgs.builder()
                        .roleArn("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform")
                        .roleSessionName("my--1p-dev-session")
                        .build())
                    .configEncryption(AwsClusterControlPlaneConfigEncryptionArgs.builder()
                        .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                        .build())
                    .databaseEncryption(AwsClusterControlPlaneDatabaseEncryptionArgs.builder()
                        .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                        .build())
                    .iamInstanceProfile("my--1p-dev-controlplane")
                    .subnetIds("subnet-00000000000000000")
                    .version(versions.applyValue(getAwsVersionsResult -> getAwsVersionsResult.validVersions()[0]))
                    .instanceType("t3.medium")
                    .mainVolume(AwsClusterControlPlaneMainVolumeArgs.builder()
                        .iops(3000)
                        .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                        .sizeGib(10)
                        .volumeType("gp3")
                        .build())
                    .proxyConfig(AwsClusterControlPlaneProxyConfigArgs.builder()
                        .secretArn("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF")
                        .secretVersion("12345678-ABCD-EFGH-IJKL-987654321098")
                        .build())
                    .rootVolume(AwsClusterControlPlaneRootVolumeArgs.builder()
                        .iops(3000)
                        .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                        .sizeGib(10)
                        .volumeType("gp3")
                        .build())
                    .securityGroupIds("sg-00000000000000000")
                    .sshConfig(AwsClusterControlPlaneSshConfigArgs.builder()
                        .ec2KeyPair("my--1p-dev-ssh")
                        .build())
                    .tags(Map.of("owner", "my@service-account.com"))
                    .instancePlacement(AwsClusterControlPlaneInstancePlacementArgs.builder()
                        .tenancy("dedicated")
                        .build())
                    .build())
                .fleet(AwsClusterFleetArgs.builder()
                    .project("my-project-number")
                    .build())
                .location("us-west1")
                .name("name")
                .networking(AwsClusterNetworkingArgs.builder()
                    .podAddressCidrBlocks("10.2.0.0/16")
                    .serviceAddressCidrBlocks("10.1.0.0/16")
                    .vpcId("vpc-00000000000000000")
                    .build())
                .annotations(Map.of("label-one", "value-one"))
                .description("A sample aws cluster")
                .project("my-project-name")
                .loggingConfig(AwsClusterLoggingConfigArgs.builder()
                    .componentConfig(AwsClusterLoggingConfigComponentConfigArgs.builder()
                        .enableComponents(                    
                            "system_components",
                            "workloads")
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      primary:
        type: gcp:container:AwsCluster
        properties:
          authorization:
            adminUsers:
              - username: my@service-account.com
          awsRegion: my-aws-region
          controlPlane:
            awsServicesAuthentication:
              roleArn: arn:aws:iam::012345678910:role/my--1p-dev-oneplatform
              roleSessionName: my--1p-dev-session
            configEncryption:
              kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
            databaseEncryption:
              kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
            iamInstanceProfile: my--1p-dev-controlplane
            subnetIds:
              - subnet-00000000000000000
            version: ${versions.validVersions[0]}
            instanceType: t3.medium
            mainVolume:
              iops: 3000
              kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
              sizeGib: 10
              volumeType: gp3
            proxyConfig:
              secretArn: arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF
              secretVersion: 12345678-ABCD-EFGH-IJKL-987654321098
            rootVolume:
              iops: 3000
              kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
              sizeGib: 10
              volumeType: gp3
            securityGroupIds:
              - sg-00000000000000000
            sshConfig:
              ec2KeyPair: my--1p-dev-ssh
            tags:
              owner: my@service-account.com
            instancePlacement:
              tenancy: dedicated
          fleet:
            project: my-project-number
          location: us-west1
          name: name
          networking:
            podAddressCidrBlocks:
              - 10.2.0.0/16
            serviceAddressCidrBlocks:
              - 10.1.0.0/16
            vpcId: vpc-00000000000000000
          annotations:
            label-one: value-one
          description: A sample aws cluster
          project: my-project-name
          loggingConfig:
            componentConfig:
              enableComponents:
                - system_components
                - workloads
    variables:
      versions:
        fn::invoke:
          Function: gcp:container:getAwsVersions
          Arguments:
            project: my-project-name
            location: us-west1
    

    Create AwsCluster Resource

    new AwsCluster(name: string, args: AwsClusterArgs, opts?: CustomResourceOptions);
    @overload
    def AwsCluster(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   annotations: Optional[Mapping[str, str]] = None,
                   authorization: Optional[AwsClusterAuthorizationArgs] = None,
                   aws_region: Optional[str] = None,
                   binary_authorization: Optional[AwsClusterBinaryAuthorizationArgs] = None,
                   control_plane: Optional[AwsClusterControlPlaneArgs] = None,
                   description: Optional[str] = None,
                   fleet: Optional[AwsClusterFleetArgs] = None,
                   location: Optional[str] = None,
                   logging_config: Optional[AwsClusterLoggingConfigArgs] = None,
                   name: Optional[str] = None,
                   networking: Optional[AwsClusterNetworkingArgs] = None,
                   project: Optional[str] = None)
    @overload
    def AwsCluster(resource_name: str,
                   args: AwsClusterArgs,
                   opts: Optional[ResourceOptions] = None)
    func NewAwsCluster(ctx *Context, name string, args AwsClusterArgs, opts ...ResourceOption) (*AwsCluster, error)
    public AwsCluster(string name, AwsClusterArgs args, CustomResourceOptions? opts = null)
    public AwsCluster(String name, AwsClusterArgs args)
    public AwsCluster(String name, AwsClusterArgs args, CustomResourceOptions options)
    
    type: gcp:container:AwsCluster
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args AwsClusterArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AwsClusterArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AwsClusterArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AwsClusterArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AwsClusterArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    AwsCluster Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AwsCluster resource accepts the following input properties:

    Authorization AwsClusterAuthorization
    Configuration related to the cluster RBAC settings.
    AwsRegion string
    The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
    ControlPlane AwsClusterControlPlane
    Configuration related to the cluster control plane.
    Fleet AwsClusterFleet
    Fleet configuration.
    Location string
    The location for the resource
    Networking AwsClusterNetworking
    Cluster-wide networking configuration.
    Annotations Dictionary<string, string>

    Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.

    Note: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field effective_annotations for all of the annotations present on the resource.

    BinaryAuthorization AwsClusterBinaryAuthorization
    Configuration options for the Binary Authorization feature.
    Description string
    Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
    LoggingConfig AwsClusterLoggingConfig
    Logging configuration.
    Name string
    The name of this resource.
    Project string
    The number of the Fleet host project where this cluster will be registered.
    Authorization AwsClusterAuthorizationArgs
    Configuration related to the cluster RBAC settings.
    AwsRegion string
    The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
    ControlPlane AwsClusterControlPlaneArgs
    Configuration related to the cluster control plane.
    Fleet AwsClusterFleetArgs
    Fleet configuration.
    Location string
    The location for the resource
    Networking AwsClusterNetworkingArgs
    Cluster-wide networking configuration.
    Annotations map[string]string

    Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.

    Note: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field effective_annotations for all of the annotations present on the resource.

    BinaryAuthorization AwsClusterBinaryAuthorizationArgs
    Configuration options for the Binary Authorization feature.
    Description string
    Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
    LoggingConfig AwsClusterLoggingConfigArgs
    Logging configuration.
    Name string
    The name of this resource.
    Project string
    The number of the Fleet host project where this cluster will be registered.
    authorization AwsClusterAuthorization
    Configuration related to the cluster RBAC settings.
    awsRegion String
    The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
    controlPlane AwsClusterControlPlane
    Configuration related to the cluster control plane.
    fleet AwsClusterFleet
    Fleet configuration.
    location String
    The location for the resource
    networking AwsClusterNetworking
    Cluster-wide networking configuration.
    annotations Map<String,String>

    Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.

    Note: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field effective_annotations for all of the annotations present on the resource.

    binaryAuthorization AwsClusterBinaryAuthorization
    Configuration options for the Binary Authorization feature.
    description String
    Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
    loggingConfig AwsClusterLoggingConfig
    Logging configuration.
    name String
    The name of this resource.
    project String
    The number of the Fleet host project where this cluster will be registered.
    authorization AwsClusterAuthorization
    Configuration related to the cluster RBAC settings.
    awsRegion string
    The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
    controlPlane AwsClusterControlPlane
    Configuration related to the cluster control plane.
    fleet AwsClusterFleet
    Fleet configuration.
    location string
    The location for the resource
    networking AwsClusterNetworking
    Cluster-wide networking configuration.
    annotations {[key: string]: string}

    Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.

    Note: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field effective_annotations for all of the annotations present on the resource.

    binaryAuthorization AwsClusterBinaryAuthorization
    Configuration options for the Binary Authorization feature.
    description string
    Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
    loggingConfig AwsClusterLoggingConfig
    Logging configuration.
    name string
    The name of this resource.
    project string
    The number of the Fleet host project where this cluster will be registered.
    authorization AwsClusterAuthorizationArgs
    Configuration related to the cluster RBAC settings.
    aws_region str
    The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
    control_plane AwsClusterControlPlaneArgs
    Configuration related to the cluster control plane.
    fleet AwsClusterFleetArgs
    Fleet configuration.
    location str
    The location for the resource
    networking AwsClusterNetworkingArgs
    Cluster-wide networking configuration.
    annotations Mapping[str, str]

    Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.

    Note: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field effective_annotations for all of the annotations present on the resource.

    binary_authorization AwsClusterBinaryAuthorizationArgs
    Configuration options for the Binary Authorization feature.
    description str
    Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
    logging_config AwsClusterLoggingConfigArgs
    Logging configuration.
    name str
    The name of this resource.
    project str
    The number of the Fleet host project where this cluster will be registered.
    authorization Property Map
    Configuration related to the cluster RBAC settings.
    awsRegion String
    The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
    controlPlane Property Map
    Configuration related to the cluster control plane.
    fleet Property Map
    Fleet configuration.
    location String
    The location for the resource
    networking Property Map
    Cluster-wide networking configuration.
    annotations Map<String>

    Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.

    Note: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field effective_annotations for all of the annotations present on the resource.

    binaryAuthorization Property Map
    Configuration options for the Binary Authorization feature.
    description String
    Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
    loggingConfig Property Map
    Logging configuration.
    name String
    The name of this resource.
    project String
    The number of the Fleet host project where this cluster will be registered.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AwsCluster resource produces the following output properties:

    CreateTime string
    Output only. The time at which this cluster was created.
    EffectiveAnnotations Dictionary<string, object>
    All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
    Endpoint string
    Output only. The endpoint of the cluster's API server.
    Etag string
    Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    Id string
    The provider-assigned unique ID for this managed resource.
    Reconciling bool
    Output only. If set, there are currently changes in flight to the cluster.
    State string
    Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
    Uid string
    Output only. A globally unique identifier for the cluster.
    UpdateTime string
    Output only. The time at which this cluster was last updated.
    WorkloadIdentityConfigs List<AwsClusterWorkloadIdentityConfig>
    Output only. Workload Identity settings.
    CreateTime string
    Output only. The time at which this cluster was created.
    EffectiveAnnotations map[string]interface{}
    All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
    Endpoint string
    Output only. The endpoint of the cluster's API server.
    Etag string
    Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    Id string
    The provider-assigned unique ID for this managed resource.
    Reconciling bool
    Output only. If set, there are currently changes in flight to the cluster.
    State string
    Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
    Uid string
    Output only. A globally unique identifier for the cluster.
    UpdateTime string
    Output only. The time at which this cluster was last updated.
    WorkloadIdentityConfigs []AwsClusterWorkloadIdentityConfig
    Output only. Workload Identity settings.
    createTime String
    Output only. The time at which this cluster was created.
    effectiveAnnotations Map<String,Object>
    All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
    endpoint String
    Output only. The endpoint of the cluster's API server.
    etag String
    Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    id String
    The provider-assigned unique ID for this managed resource.
    reconciling Boolean
    Output only. If set, there are currently changes in flight to the cluster.
    state String
    Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
    uid String
    Output only. A globally unique identifier for the cluster.
    updateTime String
    Output only. The time at which this cluster was last updated.
    workloadIdentityConfigs List<AwsClusterWorkloadIdentityConfig>
    Output only. Workload Identity settings.
    createTime string
    Output only. The time at which this cluster was created.
    effectiveAnnotations {[key: string]: any}
    All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
    endpoint string
    Output only. The endpoint of the cluster's API server.
    etag string
    Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    id string
    The provider-assigned unique ID for this managed resource.
    reconciling boolean
    Output only. If set, there are currently changes in flight to the cluster.
    state string
    Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
    uid string
    Output only. A globally unique identifier for the cluster.
    updateTime string
    Output only. The time at which this cluster was last updated.
    workloadIdentityConfigs AwsClusterWorkloadIdentityConfig[]
    Output only. Workload Identity settings.
    create_time str
    Output only. The time at which this cluster was created.
    effective_annotations Mapping[str, Any]
    All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
    endpoint str
    Output only. The endpoint of the cluster's API server.
    etag str
    Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    id str
    The provider-assigned unique ID for this managed resource.
    reconciling bool
    Output only. If set, there are currently changes in flight to the cluster.
    state str
    Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
    uid str
    Output only. A globally unique identifier for the cluster.
    update_time str
    Output only. The time at which this cluster was last updated.
    workload_identity_configs Sequence[AwsClusterWorkloadIdentityConfig]
    Output only. Workload Identity settings.
    createTime String
    Output only. The time at which this cluster was created.
    effectiveAnnotations Map<Any>
    All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
    endpoint String
    Output only. The endpoint of the cluster's API server.
    etag String
    Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    id String
    The provider-assigned unique ID for this managed resource.
    reconciling Boolean
    Output only. If set, there are currently changes in flight to the cluster.
    state String
    Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
    uid String
    Output only. A globally unique identifier for the cluster.
    updateTime String
    Output only. The time at which this cluster was last updated.
    workloadIdentityConfigs List<Property Map>
    Output only. Workload Identity settings.

    Look up Existing AwsCluster Resource

    Get an existing AwsCluster resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AwsClusterState, opts?: CustomResourceOptions): AwsCluster
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            annotations: Optional[Mapping[str, str]] = None,
            authorization: Optional[AwsClusterAuthorizationArgs] = None,
            aws_region: Optional[str] = None,
            binary_authorization: Optional[AwsClusterBinaryAuthorizationArgs] = None,
            control_plane: Optional[AwsClusterControlPlaneArgs] = None,
            create_time: Optional[str] = None,
            description: Optional[str] = None,
            effective_annotations: Optional[Mapping[str, Any]] = None,
            endpoint: Optional[str] = None,
            etag: Optional[str] = None,
            fleet: Optional[AwsClusterFleetArgs] = None,
            location: Optional[str] = None,
            logging_config: Optional[AwsClusterLoggingConfigArgs] = None,
            name: Optional[str] = None,
            networking: Optional[AwsClusterNetworkingArgs] = None,
            project: Optional[str] = None,
            reconciling: Optional[bool] = None,
            state: Optional[str] = None,
            uid: Optional[str] = None,
            update_time: Optional[str] = None,
            workload_identity_configs: Optional[Sequence[AwsClusterWorkloadIdentityConfigArgs]] = None) -> AwsCluster
    func GetAwsCluster(ctx *Context, name string, id IDInput, state *AwsClusterState, opts ...ResourceOption) (*AwsCluster, error)
    public static AwsCluster Get(string name, Input<string> id, AwsClusterState? state, CustomResourceOptions? opts = null)
    public static AwsCluster get(String name, Output<String> id, AwsClusterState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Annotations Dictionary<string, string>

    Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.

    Note: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field effective_annotations for all of the annotations present on the resource.

    Authorization AwsClusterAuthorization
    Configuration related to the cluster RBAC settings.
    AwsRegion string
    The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
    BinaryAuthorization AwsClusterBinaryAuthorization
    Configuration options for the Binary Authorization feature.
    ControlPlane AwsClusterControlPlane
    Configuration related to the cluster control plane.
    CreateTime string
    Output only. The time at which this cluster was created.
    Description string
    Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
    EffectiveAnnotations Dictionary<string, object>
    All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
    Endpoint string
    Output only. The endpoint of the cluster's API server.
    Etag string
    Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    Fleet AwsClusterFleet
    Fleet configuration.
    Location string
    The location for the resource
    LoggingConfig AwsClusterLoggingConfig
    Logging configuration.
    Name string
    The name of this resource.
    Networking AwsClusterNetworking
    Cluster-wide networking configuration.
    Project string
    The number of the Fleet host project where this cluster will be registered.
    Reconciling bool
    Output only. If set, there are currently changes in flight to the cluster.
    State string
    Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
    Uid string
    Output only. A globally unique identifier for the cluster.
    UpdateTime string
    Output only. The time at which this cluster was last updated.
    WorkloadIdentityConfigs List<AwsClusterWorkloadIdentityConfig>
    Output only. Workload Identity settings.
    Annotations map[string]string

    Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.

    Note: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field effective_annotations for all of the annotations present on the resource.

    Authorization AwsClusterAuthorizationArgs
    Configuration related to the cluster RBAC settings.
    AwsRegion string
    The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
    BinaryAuthorization AwsClusterBinaryAuthorizationArgs
    Configuration options for the Binary Authorization feature.
    ControlPlane AwsClusterControlPlaneArgs
    Configuration related to the cluster control plane.
    CreateTime string
    Output only. The time at which this cluster was created.
    Description string
    Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
    EffectiveAnnotations map[string]interface{}
    All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
    Endpoint string
    Output only. The endpoint of the cluster's API server.
    Etag string
    Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    Fleet AwsClusterFleetArgs
    Fleet configuration.
    Location string
    The location for the resource
    LoggingConfig AwsClusterLoggingConfigArgs
    Logging configuration.
    Name string
    The name of this resource.
    Networking AwsClusterNetworkingArgs
    Cluster-wide networking configuration.
    Project string
    The number of the Fleet host project where this cluster will be registered.
    Reconciling bool
    Output only. If set, there are currently changes in flight to the cluster.
    State string
    Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
    Uid string
    Output only. A globally unique identifier for the cluster.
    UpdateTime string
    Output only. The time at which this cluster was last updated.
    WorkloadIdentityConfigs []AwsClusterWorkloadIdentityConfigArgs
    Output only. Workload Identity settings.
    annotations Map<String,String>

    Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.

    Note: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field effective_annotations for all of the annotations present on the resource.

    authorization AwsClusterAuthorization
    Configuration related to the cluster RBAC settings.
    awsRegion String
    The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
    binaryAuthorization AwsClusterBinaryAuthorization
    Configuration options for the Binary Authorization feature.
    controlPlane AwsClusterControlPlane
    Configuration related to the cluster control plane.
    createTime String
    Output only. The time at which this cluster was created.
    description String
    Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
    effectiveAnnotations Map<String,Object>
    All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
    endpoint String
    Output only. The endpoint of the cluster's API server.
    etag String
    Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    fleet AwsClusterFleet
    Fleet configuration.
    location String
    The location for the resource
    loggingConfig AwsClusterLoggingConfig
    Logging configuration.
    name String
    The name of this resource.
    networking AwsClusterNetworking
    Cluster-wide networking configuration.
    project String
    The number of the Fleet host project where this cluster will be registered.
    reconciling Boolean
    Output only. If set, there are currently changes in flight to the cluster.
    state String
    Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
    uid String
    Output only. A globally unique identifier for the cluster.
    updateTime String
    Output only. The time at which this cluster was last updated.
    workloadIdentityConfigs List<AwsClusterWorkloadIdentityConfig>
    Output only. Workload Identity settings.
    annotations {[key: string]: string}

    Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.

    Note: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field effective_annotations for all of the annotations present on the resource.

    authorization AwsClusterAuthorization
    Configuration related to the cluster RBAC settings.
    awsRegion string
    The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
    binaryAuthorization AwsClusterBinaryAuthorization
    Configuration options for the Binary Authorization feature.
    controlPlane AwsClusterControlPlane
    Configuration related to the cluster control plane.
    createTime string
    Output only. The time at which this cluster was created.
    description string
    Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
    effectiveAnnotations {[key: string]: any}
    All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
    endpoint string
    Output only. The endpoint of the cluster's API server.
    etag string
    Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    fleet AwsClusterFleet
    Fleet configuration.
    location string
    The location for the resource
    loggingConfig AwsClusterLoggingConfig
    Logging configuration.
    name string
    The name of this resource.
    networking AwsClusterNetworking
    Cluster-wide networking configuration.
    project string
    The number of the Fleet host project where this cluster will be registered.
    reconciling boolean
    Output only. If set, there are currently changes in flight to the cluster.
    state string
    Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
    uid string
    Output only. A globally unique identifier for the cluster.
    updateTime string
    Output only. The time at which this cluster was last updated.
    workloadIdentityConfigs AwsClusterWorkloadIdentityConfig[]
    Output only. Workload Identity settings.
    annotations Mapping[str, str]

    Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.

    Note: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field effective_annotations for all of the annotations present on the resource.

    authorization AwsClusterAuthorizationArgs
    Configuration related to the cluster RBAC settings.
    aws_region str
    The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
    binary_authorization AwsClusterBinaryAuthorizationArgs
    Configuration options for the Binary Authorization feature.
    control_plane AwsClusterControlPlaneArgs
    Configuration related to the cluster control plane.
    create_time str
    Output only. The time at which this cluster was created.
    description str
    Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
    effective_annotations Mapping[str, Any]
    All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
    endpoint str
    Output only. The endpoint of the cluster's API server.
    etag str
    Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    fleet AwsClusterFleetArgs
    Fleet configuration.
    location str
    The location for the resource
    logging_config AwsClusterLoggingConfigArgs
    Logging configuration.
    name str
    The name of this resource.
    networking AwsClusterNetworkingArgs
    Cluster-wide networking configuration.
    project str
    The number of the Fleet host project where this cluster will be registered.
    reconciling bool
    Output only. If set, there are currently changes in flight to the cluster.
    state str
    Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
    uid str
    Output only. A globally unique identifier for the cluster.
    update_time str
    Output only. The time at which this cluster was last updated.
    workload_identity_configs Sequence[AwsClusterWorkloadIdentityConfigArgs]
    Output only. Workload Identity settings.
    annotations Map<String>

    Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.

    Note: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field effective_annotations for all of the annotations present on the resource.

    authorization Property Map
    Configuration related to the cluster RBAC settings.
    awsRegion String
    The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
    binaryAuthorization Property Map
    Configuration options for the Binary Authorization feature.
    controlPlane Property Map
    Configuration related to the cluster control plane.
    createTime String
    Output only. The time at which this cluster was created.
    description String
    Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
    effectiveAnnotations Map<Any>
    All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
    endpoint String
    Output only. The endpoint of the cluster's API server.
    etag String
    Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    fleet Property Map
    Fleet configuration.
    location String
    The location for the resource
    loggingConfig Property Map
    Logging configuration.
    name String
    The name of this resource.
    networking Property Map
    Cluster-wide networking configuration.
    project String
    The number of the Fleet host project where this cluster will be registered.
    reconciling Boolean
    Output only. If set, there are currently changes in flight to the cluster.
    state String
    Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
    uid String
    Output only. A globally unique identifier for the cluster.
    updateTime String
    Output only. The time at which this cluster was last updated.
    workloadIdentityConfigs List<Property Map>
    Output only. Workload Identity settings.

    Supporting Types

    AwsClusterAuthorization, AwsClusterAuthorizationArgs

    AdminUsers List<AwsClusterAuthorizationAdminUser>
    Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
    AdminGroups List<AwsClusterAuthorizationAdminGroup>
    Groups of users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the groups. Up to ten admin groups can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
    AdminUsers []AwsClusterAuthorizationAdminUser
    Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
    AdminGroups []AwsClusterAuthorizationAdminGroup
    Groups of users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the groups. Up to ten admin groups can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
    adminUsers List<AwsClusterAuthorizationAdminUser>
    Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
    adminGroups List<AwsClusterAuthorizationAdminGroup>
    Groups of users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the groups. Up to ten admin groups can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
    adminUsers AwsClusterAuthorizationAdminUser[]
    Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
    adminGroups AwsClusterAuthorizationAdminGroup[]
    Groups of users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the groups. Up to ten admin groups can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
    admin_users Sequence[AwsClusterAuthorizationAdminUser]
    Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
    admin_groups Sequence[AwsClusterAuthorizationAdminGroup]
    Groups of users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the groups. Up to ten admin groups can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
    adminUsers List<Property Map>
    Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
    adminGroups List<Property Map>
    Groups of users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the groups. Up to ten admin groups can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles

    AwsClusterAuthorizationAdminGroup, AwsClusterAuthorizationAdminGroupArgs

    Group string
    The name of the group, e.g. my-group@domain.com.
    Group string
    The name of the group, e.g. my-group@domain.com.
    group String
    The name of the group, e.g. my-group@domain.com.
    group string
    The name of the group, e.g. my-group@domain.com.
    group str
    The name of the group, e.g. my-group@domain.com.
    group String
    The name of the group, e.g. my-group@domain.com.

    AwsClusterAuthorizationAdminUser, AwsClusterAuthorizationAdminUserArgs

    Username string
    The name of the user, e.g. my-gcp-id@gmail.com.
    Username string
    The name of the user, e.g. my-gcp-id@gmail.com.
    username String
    The name of the user, e.g. my-gcp-id@gmail.com.
    username string
    The name of the user, e.g. my-gcp-id@gmail.com.
    username str
    The name of the user, e.g. my-gcp-id@gmail.com.
    username String
    The name of the user, e.g. my-gcp-id@gmail.com.

    AwsClusterBinaryAuthorization, AwsClusterBinaryAuthorizationArgs

    EvaluationMode string
    Mode of operation for Binary Authorization policy evaluation. Possible values: DISABLED, PROJECT_SINGLETON_POLICY_ENFORCE
    EvaluationMode string
    Mode of operation for Binary Authorization policy evaluation. Possible values: DISABLED, PROJECT_SINGLETON_POLICY_ENFORCE
    evaluationMode String
    Mode of operation for Binary Authorization policy evaluation. Possible values: DISABLED, PROJECT_SINGLETON_POLICY_ENFORCE
    evaluationMode string
    Mode of operation for Binary Authorization policy evaluation. Possible values: DISABLED, PROJECT_SINGLETON_POLICY_ENFORCE
    evaluation_mode str
    Mode of operation for Binary Authorization policy evaluation. Possible values: DISABLED, PROJECT_SINGLETON_POLICY_ENFORCE
    evaluationMode String
    Mode of operation for Binary Authorization policy evaluation. Possible values: DISABLED, PROJECT_SINGLETON_POLICY_ENFORCE

    AwsClusterControlPlane, AwsClusterControlPlaneArgs

    AwsServicesAuthentication AwsClusterControlPlaneAwsServicesAuthentication
    Authentication configuration for management of AWS resources.
    ConfigEncryption AwsClusterControlPlaneConfigEncryption
    The ARN of the AWS KMS key used to encrypt cluster configuration.
    DatabaseEncryption AwsClusterControlPlaneDatabaseEncryption
    The ARN of the AWS KMS key used to encrypt cluster secrets.
    IamInstanceProfile string
    The name of the AWS IAM instance pofile to assign to each control plane replica.
    SubnetIds List<string>
    The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
    Version string
    The Kubernetes version to run on control plane replicas (e.g. 1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .
    InstancePlacement AwsClusterControlPlaneInstancePlacement
    Details of placement information for an instance.
    InstanceType string
    Optional. The AWS instance type. When unspecified, it defaults to m5.large.
    MainVolume AwsClusterControlPlaneMainVolume
    Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
    ProxyConfig AwsClusterControlPlaneProxyConfig
    Proxy configuration for outbound HTTP(S) traffic.
    RootVolume AwsClusterControlPlaneRootVolume
    Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
    SecurityGroupIds List<string>
    Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
    SshConfig AwsClusterControlPlaneSshConfig
    Optional. SSH configuration for how to access the underlying control plane machines.
    Tags Dictionary<string, string>
    Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
    AwsServicesAuthentication AwsClusterControlPlaneAwsServicesAuthentication
    Authentication configuration for management of AWS resources.
    ConfigEncryption AwsClusterControlPlaneConfigEncryption
    The ARN of the AWS KMS key used to encrypt cluster configuration.
    DatabaseEncryption AwsClusterControlPlaneDatabaseEncryption
    The ARN of the AWS KMS key used to encrypt cluster secrets.
    IamInstanceProfile string
    The name of the AWS IAM instance pofile to assign to each control plane replica.
    SubnetIds []string
    The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
    Version string
    The Kubernetes version to run on control plane replicas (e.g. 1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .
    InstancePlacement AwsClusterControlPlaneInstancePlacement
    Details of placement information for an instance.
    InstanceType string
    Optional. The AWS instance type. When unspecified, it defaults to m5.large.
    MainVolume AwsClusterControlPlaneMainVolume
    Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
    ProxyConfig AwsClusterControlPlaneProxyConfig
    Proxy configuration for outbound HTTP(S) traffic.
    RootVolume AwsClusterControlPlaneRootVolume
    Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
    SecurityGroupIds []string
    Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
    SshConfig AwsClusterControlPlaneSshConfig
    Optional. SSH configuration for how to access the underlying control plane machines.
    Tags map[string]string
    Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
    awsServicesAuthentication AwsClusterControlPlaneAwsServicesAuthentication
    Authentication configuration for management of AWS resources.
    configEncryption AwsClusterControlPlaneConfigEncryption
    The ARN of the AWS KMS key used to encrypt cluster configuration.
    databaseEncryption AwsClusterControlPlaneDatabaseEncryption
    The ARN of the AWS KMS key used to encrypt cluster secrets.
    iamInstanceProfile String
    The name of the AWS IAM instance pofile to assign to each control plane replica.
    subnetIds List<String>
    The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
    version String
    The Kubernetes version to run on control plane replicas (e.g. 1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .
    instancePlacement AwsClusterControlPlaneInstancePlacement
    Details of placement information for an instance.
    instanceType String
    Optional. The AWS instance type. When unspecified, it defaults to m5.large.
    mainVolume AwsClusterControlPlaneMainVolume
    Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
    proxyConfig AwsClusterControlPlaneProxyConfig
    Proxy configuration for outbound HTTP(S) traffic.
    rootVolume AwsClusterControlPlaneRootVolume
    Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
    securityGroupIds List<String>
    Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
    sshConfig AwsClusterControlPlaneSshConfig
    Optional. SSH configuration for how to access the underlying control plane machines.
    tags Map<String,String>
    Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
    awsServicesAuthentication AwsClusterControlPlaneAwsServicesAuthentication
    Authentication configuration for management of AWS resources.
    configEncryption AwsClusterControlPlaneConfigEncryption
    The ARN of the AWS KMS key used to encrypt cluster configuration.
    databaseEncryption AwsClusterControlPlaneDatabaseEncryption
    The ARN of the AWS KMS key used to encrypt cluster secrets.
    iamInstanceProfile string
    The name of the AWS IAM instance pofile to assign to each control plane replica.
    subnetIds string[]
    The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
    version string
    The Kubernetes version to run on control plane replicas (e.g. 1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .
    instancePlacement AwsClusterControlPlaneInstancePlacement
    Details of placement information for an instance.
    instanceType string
    Optional. The AWS instance type. When unspecified, it defaults to m5.large.
    mainVolume AwsClusterControlPlaneMainVolume
    Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
    proxyConfig AwsClusterControlPlaneProxyConfig
    Proxy configuration for outbound HTTP(S) traffic.
    rootVolume AwsClusterControlPlaneRootVolume
    Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
    securityGroupIds string[]
    Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
    sshConfig AwsClusterControlPlaneSshConfig
    Optional. SSH configuration for how to access the underlying control plane machines.
    tags {[key: string]: string}
    Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
    aws_services_authentication AwsClusterControlPlaneAwsServicesAuthentication
    Authentication configuration for management of AWS resources.
    config_encryption AwsClusterControlPlaneConfigEncryption
    The ARN of the AWS KMS key used to encrypt cluster configuration.
    database_encryption AwsClusterControlPlaneDatabaseEncryption
    The ARN of the AWS KMS key used to encrypt cluster secrets.
    iam_instance_profile str
    The name of the AWS IAM instance pofile to assign to each control plane replica.
    subnet_ids Sequence[str]
    The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
    version str
    The Kubernetes version to run on control plane replicas (e.g. 1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .
    instance_placement AwsClusterControlPlaneInstancePlacement
    Details of placement information for an instance.
    instance_type str
    Optional. The AWS instance type. When unspecified, it defaults to m5.large.
    main_volume AwsClusterControlPlaneMainVolume
    Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
    proxy_config AwsClusterControlPlaneProxyConfig
    Proxy configuration for outbound HTTP(S) traffic.
    root_volume AwsClusterControlPlaneRootVolume
    Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
    security_group_ids Sequence[str]
    Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
    ssh_config AwsClusterControlPlaneSshConfig
    Optional. SSH configuration for how to access the underlying control plane machines.
    tags Mapping[str, str]
    Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
    awsServicesAuthentication Property Map
    Authentication configuration for management of AWS resources.
    configEncryption Property Map
    The ARN of the AWS KMS key used to encrypt cluster configuration.
    databaseEncryption Property Map
    The ARN of the AWS KMS key used to encrypt cluster secrets.
    iamInstanceProfile String
    The name of the AWS IAM instance pofile to assign to each control plane replica.
    subnetIds List<String>
    The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
    version String
    The Kubernetes version to run on control plane replicas (e.g. 1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .
    instancePlacement Property Map
    Details of placement information for an instance.
    instanceType String
    Optional. The AWS instance type. When unspecified, it defaults to m5.large.
    mainVolume Property Map
    Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
    proxyConfig Property Map
    Proxy configuration for outbound HTTP(S) traffic.
    rootVolume Property Map
    Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
    securityGroupIds List<String>
    Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
    sshConfig Property Map
    Optional. SSH configuration for how to access the underlying control plane machines.
    tags Map<String>
    Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.

    AwsClusterControlPlaneAwsServicesAuthentication, AwsClusterControlPlaneAwsServicesAuthenticationArgs

    RoleArn string
    The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
    RoleSessionName string
    Optional. An identifier for the assumed role session. When unspecified, it defaults to multicloud-service-agent.
    RoleArn string
    The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
    RoleSessionName string
    Optional. An identifier for the assumed role session. When unspecified, it defaults to multicloud-service-agent.
    roleArn String
    The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
    roleSessionName String
    Optional. An identifier for the assumed role session. When unspecified, it defaults to multicloud-service-agent.
    roleArn string
    The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
    roleSessionName string
    Optional. An identifier for the assumed role session. When unspecified, it defaults to multicloud-service-agent.
    role_arn str
    The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
    role_session_name str
    Optional. An identifier for the assumed role session. When unspecified, it defaults to multicloud-service-agent.
    roleArn String
    The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
    roleSessionName String
    Optional. An identifier for the assumed role session. When unspecified, it defaults to multicloud-service-agent.

    AwsClusterControlPlaneConfigEncryption, AwsClusterControlPlaneConfigEncryptionArgs

    KmsKeyArn string
    The ARN of the AWS KMS key used to encrypt cluster configuration.
    KmsKeyArn string
    The ARN of the AWS KMS key used to encrypt cluster configuration.
    kmsKeyArn String
    The ARN of the AWS KMS key used to encrypt cluster configuration.
    kmsKeyArn string
    The ARN of the AWS KMS key used to encrypt cluster configuration.
    kms_key_arn str
    The ARN of the AWS KMS key used to encrypt cluster configuration.
    kmsKeyArn String
    The ARN of the AWS KMS key used to encrypt cluster configuration.

    AwsClusterControlPlaneDatabaseEncryption, AwsClusterControlPlaneDatabaseEncryptionArgs

    KmsKeyArn string
    The ARN of the AWS KMS key used to encrypt cluster secrets.
    KmsKeyArn string
    The ARN of the AWS KMS key used to encrypt cluster secrets.
    kmsKeyArn String
    The ARN of the AWS KMS key used to encrypt cluster secrets.
    kmsKeyArn string
    The ARN of the AWS KMS key used to encrypt cluster secrets.
    kms_key_arn str
    The ARN of the AWS KMS key used to encrypt cluster secrets.
    kmsKeyArn String
    The ARN of the AWS KMS key used to encrypt cluster secrets.

    AwsClusterControlPlaneInstancePlacement, AwsClusterControlPlaneInstancePlacementArgs

    Tenancy string
    The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
    Tenancy string
    The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
    tenancy String
    The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
    tenancy string
    The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
    tenancy str
    The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
    tenancy String
    The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST

    AwsClusterControlPlaneMainVolume, AwsClusterControlPlaneMainVolumeArgs

    Iops int
    Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
    KmsKeyArn string
    Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
    SizeGib int
    Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
    Throughput int
    Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
    VolumeType string
    Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
    Iops int
    Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
    KmsKeyArn string
    Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
    SizeGib int
    Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
    Throughput int
    Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
    VolumeType string
    Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
    iops Integer
    Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
    kmsKeyArn String
    Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
    sizeGib Integer
    Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
    throughput Integer
    Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
    volumeType String
    Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
    iops number
    Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
    kmsKeyArn string
    Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
    sizeGib number
    Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
    throughput number
    Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
    volumeType string
    Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
    iops int
    Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
    kms_key_arn str
    Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
    size_gib int
    Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
    throughput int
    Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
    volume_type str
    Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
    iops Number
    Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
    kmsKeyArn String
    Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
    sizeGib Number
    Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
    throughput Number
    Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
    volumeType String
    Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3

    AwsClusterControlPlaneProxyConfig, AwsClusterControlPlaneProxyConfigArgs

    SecretArn string
    The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
    SecretVersion string
    The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
    SecretArn string
    The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
    SecretVersion string
    The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
    secretArn String
    The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
    secretVersion String
    The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
    secretArn string
    The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
    secretVersion string
    The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
    secret_arn str
    The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
    secret_version str
    The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
    secretArn String
    The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
    secretVersion String
    The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.

    AwsClusterControlPlaneRootVolume, AwsClusterControlPlaneRootVolumeArgs

    Iops int
    Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
    KmsKeyArn string
    Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
    SizeGib int
    Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
    Throughput int
    Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
    VolumeType string
    Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
    Iops int
    Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
    KmsKeyArn string
    Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
    SizeGib int
    Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
    Throughput int
    Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
    VolumeType string
    Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
    iops Integer
    Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
    kmsKeyArn String
    Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
    sizeGib Integer
    Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
    throughput Integer
    Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
    volumeType String
    Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
    iops number
    Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
    kmsKeyArn string
    Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
    sizeGib number
    Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
    throughput number
    Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
    volumeType string
    Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
    iops int
    Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
    kms_key_arn str
    Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
    size_gib int
    Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
    throughput int
    Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
    volume_type str
    Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
    iops Number
    Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
    kmsKeyArn String
    Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
    sizeGib Number
    Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
    throughput Number
    Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
    volumeType String
    Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3

    AwsClusterControlPlaneSshConfig, AwsClusterControlPlaneSshConfigArgs

    Ec2KeyPair string
    The name of the EC2 key pair used to login into cluster machines.
    Ec2KeyPair string
    The name of the EC2 key pair used to login into cluster machines.
    ec2KeyPair String
    The name of the EC2 key pair used to login into cluster machines.
    ec2KeyPair string
    The name of the EC2 key pair used to login into cluster machines.
    ec2_key_pair str
    The name of the EC2 key pair used to login into cluster machines.
    ec2KeyPair String
    The name of the EC2 key pair used to login into cluster machines.

    AwsClusterFleet, AwsClusterFleetArgs

    Membership string
    The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
    Project string
    The number of the Fleet host project where this cluster will be registered.
    Membership string
    The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
    Project string
    The number of the Fleet host project where this cluster will be registered.
    membership String
    The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
    project String
    The number of the Fleet host project where this cluster will be registered.
    membership string
    The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
    project string
    The number of the Fleet host project where this cluster will be registered.
    membership str
    The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
    project str
    The number of the Fleet host project where this cluster will be registered.
    membership String
    The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
    project String
    The number of the Fleet host project where this cluster will be registered.

    AwsClusterLoggingConfig, AwsClusterLoggingConfigArgs

    ComponentConfig AwsClusterLoggingConfigComponentConfig
    Configuration of the logging components.
    ComponentConfig AwsClusterLoggingConfigComponentConfig
    Configuration of the logging components.
    componentConfig AwsClusterLoggingConfigComponentConfig
    Configuration of the logging components.
    componentConfig AwsClusterLoggingConfigComponentConfig
    Configuration of the logging components.
    component_config AwsClusterLoggingConfigComponentConfig
    Configuration of the logging components.
    componentConfig Property Map
    Configuration of the logging components.

    AwsClusterLoggingConfigComponentConfig, AwsClusterLoggingConfigComponentConfigArgs

    EnableComponents List<string>
    Components of the logging configuration to be enabled.
    EnableComponents []string
    Components of the logging configuration to be enabled.
    enableComponents List<String>
    Components of the logging configuration to be enabled.
    enableComponents string[]
    Components of the logging configuration to be enabled.
    enable_components Sequence[str]
    Components of the logging configuration to be enabled.
    enableComponents List<String>
    Components of the logging configuration to be enabled.

    AwsClusterNetworking, AwsClusterNetworkingArgs

    PodAddressCidrBlocks List<string>
    All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
    ServiceAddressCidrBlocks List<string>
    All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
    VpcId string
    The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.


    PerNodePoolSgRulesDisabled bool
    Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
    PodAddressCidrBlocks []string
    All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
    ServiceAddressCidrBlocks []string
    All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
    VpcId string
    The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.


    PerNodePoolSgRulesDisabled bool
    Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
    podAddressCidrBlocks List<String>
    All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
    serviceAddressCidrBlocks List<String>
    All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
    vpcId String
    The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.


    perNodePoolSgRulesDisabled Boolean
    Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
    podAddressCidrBlocks string[]
    All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
    serviceAddressCidrBlocks string[]
    All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
    vpcId string
    The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.


    perNodePoolSgRulesDisabled boolean
    Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
    pod_address_cidr_blocks Sequence[str]
    All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
    service_address_cidr_blocks Sequence[str]
    All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
    vpc_id str
    The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.


    per_node_pool_sg_rules_disabled bool
    Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
    podAddressCidrBlocks List<String>
    All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
    serviceAddressCidrBlocks List<String>
    All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
    vpcId String
    The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.


    perNodePoolSgRulesDisabled Boolean
    Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.

    AwsClusterWorkloadIdentityConfig, AwsClusterWorkloadIdentityConfigArgs

    IdentityProvider string
    The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool.
    IssuerUri string
    The OIDC issuer URL for this cluster.
    WorkloadPool string
    The Workload Identity Pool associated to the cluster.
    IdentityProvider string
    The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool.
    IssuerUri string
    The OIDC issuer URL for this cluster.
    WorkloadPool string
    The Workload Identity Pool associated to the cluster.
    identityProvider String
    The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool.
    issuerUri String
    The OIDC issuer URL for this cluster.
    workloadPool String
    The Workload Identity Pool associated to the cluster.
    identityProvider string
    The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool.
    issuerUri string
    The OIDC issuer URL for this cluster.
    workloadPool string
    The Workload Identity Pool associated to the cluster.
    identity_provider str
    The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool.
    issuer_uri str
    The OIDC issuer URL for this cluster.
    workload_pool str
    The Workload Identity Pool associated to the cluster.
    identityProvider String
    The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool.
    issuerUri String
    The OIDC issuer URL for this cluster.
    workloadPool String
    The Workload Identity Pool associated to the cluster.

    Import

    Cluster can be imported using any of these accepted formats:

    • projects/{{project}}/locations/{{location}}/awsClusters/{{name}}

    • {{project}}/{{location}}/{{name}}

    • {{location}}/{{name}}

    When using the pulumi import command, Cluster can be imported using one of the formats above. For example:

    $ pulumi import gcp:container/awsCluster:AwsCluster default projects/{{project}}/locations/{{location}}/awsClusters/{{name}}
    
    $ pulumi import gcp:container/awsCluster:AwsCluster default {{project}}/{{location}}/{{name}}
    
    $ pulumi import gcp:container/awsCluster:AwsCluster default {{location}}/{{name}}
    

    Package Details

    Repository
    Google Cloud (GCP) Classic pulumi/pulumi-gcp
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the google-beta Terraform Provider.
    gcp logo
    Google Cloud Classic v7.16.0 published on Wednesday, Mar 27, 2024 by Pulumi