Docs
Packagesgcp.container.AwsCluster
Explore with Pulumi AI
An Anthos cluster running on AWS.
For more information, see:
Example Usage
Basic_aws_cluster
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var versions = Gcp.Container.GetAwsVersions.Invoke(new()
{
Location = "us-west1",
Project = "my-project-name",
});
var primary = new Gcp.Container.AwsCluster("primary", new()
{
Annotations =
{
{ "label-one", "value-one" },
},
Authorization = new Gcp.Container.Inputs.AwsClusterAuthorizationArgs
{
AdminUsers = new[]
{
new Gcp.Container.Inputs.AwsClusterAuthorizationAdminUserArgs
{
Username = "my@service-account.com",
},
},
},
AwsRegion = "my-aws-region",
ControlPlane = new Gcp.Container.Inputs.AwsClusterControlPlaneArgs
{
AwsServicesAuthentication = new Gcp.Container.Inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs
{
RoleArn = "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
RoleSessionName = "my--1p-dev-session",
},
ConfigEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneConfigEncryptionArgs
{
KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
},
DatabaseEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneDatabaseEncryptionArgs
{
KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
},
IamInstanceProfile = "my--1p-dev-controlplane",
InstanceType = "t3.medium",
MainVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneMainVolumeArgs
{
Iops = 3000,
KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
SizeGib = 10,
VolumeType = "GP3",
},
ProxyConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneProxyConfigArgs
{
SecretArn = "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
SecretVersion = "12345678-ABCD-EFGH-IJKL-987654321098",
},
RootVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneRootVolumeArgs
{
Iops = 3000,
KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
SizeGib = 10,
VolumeType = "GP3",
},
SecurityGroupIds = new[]
{
"sg-00000000000000000",
},
SshConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneSshConfigArgs
{
Ec2KeyPair = "my--1p-dev-ssh",
},
SubnetIds = new[]
{
"subnet-00000000000000000",
},
Tags =
{
{ "owner", "my@service-account.com" },
},
Version = versions.Apply(getAwsVersionsResult => getAwsVersionsResult.ValidVersions[0]),
},
Description = "A sample aws cluster",
Fleet = new Gcp.Container.Inputs.AwsClusterFleetArgs
{
Project = "my-project-number",
},
Location = "us-west1",
Networking = new Gcp.Container.Inputs.AwsClusterNetworkingArgs
{
PodAddressCidrBlocks = new[]
{
"10.2.0.0/16",
},
ServiceAddressCidrBlocks = new[]
{
"10.1.0.0/16",
},
VpcId = "vpc-00000000000000000",
},
Project = "my-project-name",
});
});
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/container"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
versions, err := container.GetAwsVersions(ctx, &container.GetAwsVersionsArgs{
Location: pulumi.StringRef("us-west1"),
Project: pulumi.StringRef("my-project-name"),
}, nil)
if err != nil {
return err
}
_, err = container.NewAwsCluster(ctx, "primary", &container.AwsClusterArgs{
Annotations: pulumi.StringMap{
"label-one": pulumi.String("value-one"),
},
Authorization: &container.AwsClusterAuthorizationArgs{
AdminUsers: container.AwsClusterAuthorizationAdminUserArray{
&container.AwsClusterAuthorizationAdminUserArgs{
Username: pulumi.String("my@service-account.com"),
},
},
},
AwsRegion: pulumi.String("my-aws-region"),
ControlPlane: &container.AwsClusterControlPlaneArgs{
AwsServicesAuthentication: &container.AwsClusterControlPlaneAwsServicesAuthenticationArgs{
RoleArn: pulumi.String("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform"),
RoleSessionName: pulumi.String("my--1p-dev-session"),
},
ConfigEncryption: &container.AwsClusterControlPlaneConfigEncryptionArgs{
KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
},
DatabaseEncryption: &container.AwsClusterControlPlaneDatabaseEncryptionArgs{
KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
},
IamInstanceProfile: pulumi.String("my--1p-dev-controlplane"),
InstanceType: pulumi.String("t3.medium"),
MainVolume: &container.AwsClusterControlPlaneMainVolumeArgs{
Iops: pulumi.Int(3000),
KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
SizeGib: pulumi.Int(10),
VolumeType: pulumi.String("GP3"),
},
ProxyConfig: &container.AwsClusterControlPlaneProxyConfigArgs{
SecretArn: pulumi.String("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF"),
SecretVersion: pulumi.String("12345678-ABCD-EFGH-IJKL-987654321098"),
},
RootVolume: &container.AwsClusterControlPlaneRootVolumeArgs{
Iops: pulumi.Int(3000),
KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
SizeGib: pulumi.Int(10),
VolumeType: pulumi.String("GP3"),
},
SecurityGroupIds: pulumi.StringArray{
pulumi.String("sg-00000000000000000"),
},
SshConfig: &container.AwsClusterControlPlaneSshConfigArgs{
Ec2KeyPair: pulumi.String("my--1p-dev-ssh"),
},
SubnetIds: pulumi.StringArray{
pulumi.String("subnet-00000000000000000"),
},
Tags: pulumi.StringMap{
"owner": pulumi.String("my@service-account.com"),
},
Version: *pulumi.String(versions.ValidVersions[0]),
},
Description: pulumi.String("A sample aws cluster"),
Fleet: &container.AwsClusterFleetArgs{
Project: pulumi.String("my-project-number"),
},
Location: pulumi.String("us-west1"),
Networking: &container.AwsClusterNetworkingArgs{
PodAddressCidrBlocks: pulumi.StringArray{
pulumi.String("10.2.0.0/16"),
},
ServiceAddressCidrBlocks: pulumi.StringArray{
pulumi.String("10.1.0.0/16"),
},
VpcId: pulumi.String("vpc-00000000000000000"),
},
Project: pulumi.String("my-project-name"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.container.ContainerFunctions;
import com.pulumi.gcp.container.inputs.GetAwsVersionsArgs;
import com.pulumi.gcp.container.AwsCluster;
import com.pulumi.gcp.container.AwsClusterArgs;
import com.pulumi.gcp.container.inputs.AwsClusterAuthorizationArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneConfigEncryptionArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneDatabaseEncryptionArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneMainVolumeArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneProxyConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneRootVolumeArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneSshConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterFleetArgs;
import com.pulumi.gcp.container.inputs.AwsClusterNetworkingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var versions = ContainerFunctions.getAwsVersions(GetAwsVersionsArgs.builder()
.location("us-west1")
.project("my-project-name")
.build());
var primary = new AwsCluster("primary", AwsClusterArgs.builder()
.annotations(Map.of("label-one", "value-one"))
.authorization(AwsClusterAuthorizationArgs.builder()
.adminUsers(AwsClusterAuthorizationAdminUserArgs.builder()
.username("my@service-account.com")
.build())
.build())
.awsRegion("my-aws-region")
.controlPlane(AwsClusterControlPlaneArgs.builder()
.awsServicesAuthentication(AwsClusterControlPlaneAwsServicesAuthenticationArgs.builder()
.roleArn("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform")
.roleSessionName("my--1p-dev-session")
.build())
.configEncryption(AwsClusterControlPlaneConfigEncryptionArgs.builder()
.kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
.build())
.databaseEncryption(AwsClusterControlPlaneDatabaseEncryptionArgs.builder()
.kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
.build())
.iamInstanceProfile("my--1p-dev-controlplane")
.instanceType("t3.medium")
.mainVolume(AwsClusterControlPlaneMainVolumeArgs.builder()
.iops(3000)
.kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
.sizeGib(10)
.volumeType("GP3")
.build())
.proxyConfig(AwsClusterControlPlaneProxyConfigArgs.builder()
.secretArn("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF")
.secretVersion("12345678-ABCD-EFGH-IJKL-987654321098")
.build())
.rootVolume(AwsClusterControlPlaneRootVolumeArgs.builder()
.iops(3000)
.kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
.sizeGib(10)
.volumeType("GP3")
.build())
.securityGroupIds("sg-00000000000000000")
.sshConfig(AwsClusterControlPlaneSshConfigArgs.builder()
.ec2KeyPair("my--1p-dev-ssh")
.build())
.subnetIds("subnet-00000000000000000")
.tags(Map.of("owner", "my@service-account.com"))
.version(versions.applyValue(getAwsVersionsResult -> getAwsVersionsResult.validVersions()[0]))
.build())
.description("A sample aws cluster")
.fleet(AwsClusterFleetArgs.builder()
.project("my-project-number")
.build())
.location("us-west1")
.networking(AwsClusterNetworkingArgs.builder()
.podAddressCidrBlocks("10.2.0.0/16")
.serviceAddressCidrBlocks("10.1.0.0/16")
.vpcId("vpc-00000000000000000")
.build())
.project("my-project-name")
.build());
}
}
import pulumi
import pulumi_gcp as gcp
versions = gcp.container.get_aws_versions(location="us-west1",
project="my-project-name")
primary = gcp.container.AwsCluster("primary",
annotations={
"label-one": "value-one",
},
authorization=gcp.container.AwsClusterAuthorizationArgs(
admin_users=[gcp.container.AwsClusterAuthorizationAdminUserArgs(
username="my@service-account.com",
)],
),
aws_region="my-aws-region",
control_plane=gcp.container.AwsClusterControlPlaneArgs(
aws_services_authentication=gcp.container.AwsClusterControlPlaneAwsServicesAuthenticationArgs(
role_arn="arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
role_session_name="my--1p-dev-session",
),
config_encryption=gcp.container.AwsClusterControlPlaneConfigEncryptionArgs(
kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
),
database_encryption=gcp.container.AwsClusterControlPlaneDatabaseEncryptionArgs(
kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
),
iam_instance_profile="my--1p-dev-controlplane",
instance_type="t3.medium",
main_volume=gcp.container.AwsClusterControlPlaneMainVolumeArgs(
iops=3000,
kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
size_gib=10,
volume_type="GP3",
),
proxy_config=gcp.container.AwsClusterControlPlaneProxyConfigArgs(
secret_arn="arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
secret_version="12345678-ABCD-EFGH-IJKL-987654321098",
),
root_volume=gcp.container.AwsClusterControlPlaneRootVolumeArgs(
iops=3000,
kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
size_gib=10,
volume_type="GP3",
),
security_group_ids=["sg-00000000000000000"],
ssh_config=gcp.container.AwsClusterControlPlaneSshConfigArgs(
ec2_key_pair="my--1p-dev-ssh",
),
subnet_ids=["subnet-00000000000000000"],
tags={
"owner": "my@service-account.com",
},
version=versions.valid_versions[0],
),
description="A sample aws cluster",
fleet=gcp.container.AwsClusterFleetArgs(
project="my-project-number",
),
location="us-west1",
networking=gcp.container.AwsClusterNetworkingArgs(
pod_address_cidr_blocks=["10.2.0.0/16"],
service_address_cidr_blocks=["10.1.0.0/16"],
vpc_id="vpc-00000000000000000",
),
project="my-project-name")
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const versions = gcp.container.getAwsVersions({
location: "us-west1",
project: "my-project-name",
});
const primary = new gcp.container.AwsCluster("primary", {
annotations: {
"label-one": "value-one",
},
authorization: {
adminUsers: [{
username: "my@service-account.com",
}],
},
awsRegion: "my-aws-region",
controlPlane: {
awsServicesAuthentication: {
roleArn: "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
roleSessionName: "my--1p-dev-session",
},
configEncryption: {
kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
},
databaseEncryption: {
kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
},
iamInstanceProfile: "my--1p-dev-controlplane",
instanceType: "t3.medium",
mainVolume: {
iops: 3000,
kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
sizeGib: 10,
volumeType: "GP3",
},
proxyConfig: {
secretArn: "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
secretVersion: "12345678-ABCD-EFGH-IJKL-987654321098",
},
rootVolume: {
iops: 3000,
kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
sizeGib: 10,
volumeType: "GP3",
},
securityGroupIds: ["sg-00000000000000000"],
sshConfig: {
ec2KeyPair: "my--1p-dev-ssh",
},
subnetIds: ["subnet-00000000000000000"],
tags: {
owner: "my@service-account.com",
},
version: versions.then(versions => versions.validVersions?.[0]),
},
description: "A sample aws cluster",
fleet: {
project: "my-project-number",
},
location: "us-west1",
networking: {
podAddressCidrBlocks: ["10.2.0.0/16"],
serviceAddressCidrBlocks: ["10.1.0.0/16"],
vpcId: "vpc-00000000000000000",
},
project: "my-project-name",
});
resources:
primary:
type: gcp:container:AwsCluster
properties:
annotations:
label-one: value-one
authorization:
adminUsers:
- username: my@service-account.com
awsRegion: my-aws-region
controlPlane:
awsServicesAuthentication:
roleArn: arn:aws:iam::012345678910:role/my--1p-dev-oneplatform
roleSessionName: my--1p-dev-session
configEncryption:
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
databaseEncryption:
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
iamInstanceProfile: my--1p-dev-controlplane
instanceType: t3.medium
mainVolume:
iops: 3000
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
sizeGib: 10
volumeType: GP3
proxyConfig:
secretArn: arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF
secretVersion: 12345678-ABCD-EFGH-IJKL-987654321098
rootVolume:
iops: 3000
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
sizeGib: 10
volumeType: GP3
securityGroupIds:
- sg-00000000000000000
sshConfig:
ec2KeyPair: my--1p-dev-ssh
subnetIds:
- subnet-00000000000000000
tags:
owner: my@service-account.com
version: ${versions.validVersions[0]}
description: A sample aws cluster
fleet:
project: my-project-number
location: us-west1
networking:
podAddressCidrBlocks:
- 10.2.0.0/16
serviceAddressCidrBlocks:
- 10.1.0.0/16
vpcId: vpc-00000000000000000
project: my-project-name
variables:
versions:
fn::invoke:
Function: gcp:container:getAwsVersions
Arguments:
location: us-west1
project: my-project-name
Basic_enum_aws_cluster
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var versions = Gcp.Container.GetAwsVersions.Invoke(new()
{
Location = "us-west1",
Project = "my-project-name",
});
var primary = new Gcp.Container.AwsCluster("primary", new()
{
Annotations =
{
{ "label-one", "value-one" },
},
Authorization = new Gcp.Container.Inputs.AwsClusterAuthorizationArgs
{
AdminUsers = new[]
{
new Gcp.Container.Inputs.AwsClusterAuthorizationAdminUserArgs
{
Username = "my@service-account.com",
},
},
},
AwsRegion = "my-aws-region",
ControlPlane = new Gcp.Container.Inputs.AwsClusterControlPlaneArgs
{
AwsServicesAuthentication = new Gcp.Container.Inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs
{
RoleArn = "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
RoleSessionName = "my--1p-dev-session",
},
ConfigEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneConfigEncryptionArgs
{
KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
},
DatabaseEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneDatabaseEncryptionArgs
{
KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
},
IamInstanceProfile = "my--1p-dev-controlplane",
InstanceType = "t3.medium",
MainVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneMainVolumeArgs
{
Iops = 3000,
KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
SizeGib = 10,
VolumeType = "gp3",
},
ProxyConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneProxyConfigArgs
{
SecretArn = "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
SecretVersion = "12345678-ABCD-EFGH-IJKL-987654321098",
},
RootVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneRootVolumeArgs
{
Iops = 3000,
KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
SizeGib = 10,
VolumeType = "gp3",
},
SecurityGroupIds = new[]
{
"sg-00000000000000000",
},
SshConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneSshConfigArgs
{
Ec2KeyPair = "my--1p-dev-ssh",
},
SubnetIds = new[]
{
"subnet-00000000000000000",
},
Tags =
{
{ "owner", "my@service-account.com" },
},
Version = versions.Apply(getAwsVersionsResult => getAwsVersionsResult.ValidVersions[0]),
},
Description = "A sample aws cluster",
Fleet = new Gcp.Container.Inputs.AwsClusterFleetArgs
{
Project = "my-project-number",
},
Location = "us-west1",
Networking = new Gcp.Container.Inputs.AwsClusterNetworkingArgs
{
PodAddressCidrBlocks = new[]
{
"10.2.0.0/16",
},
ServiceAddressCidrBlocks = new[]
{
"10.1.0.0/16",
},
VpcId = "vpc-00000000000000000",
},
Project = "my-project-name",
});
});
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/container"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
versions, err := container.GetAwsVersions(ctx, &container.GetAwsVersionsArgs{
Location: pulumi.StringRef("us-west1"),
Project: pulumi.StringRef("my-project-name"),
}, nil)
if err != nil {
return err
}
_, err = container.NewAwsCluster(ctx, "primary", &container.AwsClusterArgs{
Annotations: pulumi.StringMap{
"label-one": pulumi.String("value-one"),
},
Authorization: &container.AwsClusterAuthorizationArgs{
AdminUsers: container.AwsClusterAuthorizationAdminUserArray{
&container.AwsClusterAuthorizationAdminUserArgs{
Username: pulumi.String("my@service-account.com"),
},
},
},
AwsRegion: pulumi.String("my-aws-region"),
ControlPlane: &container.AwsClusterControlPlaneArgs{
AwsServicesAuthentication: &container.AwsClusterControlPlaneAwsServicesAuthenticationArgs{
RoleArn: pulumi.String("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform"),
RoleSessionName: pulumi.String("my--1p-dev-session"),
},
ConfigEncryption: &container.AwsClusterControlPlaneConfigEncryptionArgs{
KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
},
DatabaseEncryption: &container.AwsClusterControlPlaneDatabaseEncryptionArgs{
KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
},
IamInstanceProfile: pulumi.String("my--1p-dev-controlplane"),
InstanceType: pulumi.String("t3.medium"),
MainVolume: &container.AwsClusterControlPlaneMainVolumeArgs{
Iops: pulumi.Int(3000),
KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
SizeGib: pulumi.Int(10),
VolumeType: pulumi.String("gp3"),
},
ProxyConfig: &container.AwsClusterControlPlaneProxyConfigArgs{
SecretArn: pulumi.String("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF"),
SecretVersion: pulumi.String("12345678-ABCD-EFGH-IJKL-987654321098"),
},
RootVolume: &container.AwsClusterControlPlaneRootVolumeArgs{
Iops: pulumi.Int(3000),
KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
SizeGib: pulumi.Int(10),
VolumeType: pulumi.String("gp3"),
},
SecurityGroupIds: pulumi.StringArray{
pulumi.String("sg-00000000000000000"),
},
SshConfig: &container.AwsClusterControlPlaneSshConfigArgs{
Ec2KeyPair: pulumi.String("my--1p-dev-ssh"),
},
SubnetIds: pulumi.StringArray{
pulumi.String("subnet-00000000000000000"),
},
Tags: pulumi.StringMap{
"owner": pulumi.String("my@service-account.com"),
},
Version: *pulumi.String(versions.ValidVersions[0]),
},
Description: pulumi.String("A sample aws cluster"),
Fleet: &container.AwsClusterFleetArgs{
Project: pulumi.String("my-project-number"),
},
Location: pulumi.String("us-west1"),
Networking: &container.AwsClusterNetworkingArgs{
PodAddressCidrBlocks: pulumi.StringArray{
pulumi.String("10.2.0.0/16"),
},
ServiceAddressCidrBlocks: pulumi.StringArray{
pulumi.String("10.1.0.0/16"),
},
VpcId: pulumi.String("vpc-00000000000000000"),
},
Project: pulumi.String("my-project-name"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.container.ContainerFunctions;
import com.pulumi.gcp.container.inputs.GetAwsVersionsArgs;
import com.pulumi.gcp.container.AwsCluster;
import com.pulumi.gcp.container.AwsClusterArgs;
import com.pulumi.gcp.container.inputs.AwsClusterAuthorizationArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneConfigEncryptionArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneDatabaseEncryptionArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneMainVolumeArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneProxyConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneRootVolumeArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneSshConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterFleetArgs;
import com.pulumi.gcp.container.inputs.AwsClusterNetworkingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var versions = ContainerFunctions.getAwsVersions(GetAwsVersionsArgs.builder()
.location("us-west1")
.project("my-project-name")
.build());
var primary = new AwsCluster("primary", AwsClusterArgs.builder()
.annotations(Map.of("label-one", "value-one"))
.authorization(AwsClusterAuthorizationArgs.builder()
.adminUsers(AwsClusterAuthorizationAdminUserArgs.builder()
.username("my@service-account.com")
.build())
.build())
.awsRegion("my-aws-region")
.controlPlane(AwsClusterControlPlaneArgs.builder()
.awsServicesAuthentication(AwsClusterControlPlaneAwsServicesAuthenticationArgs.builder()
.roleArn("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform")
.roleSessionName("my--1p-dev-session")
.build())
.configEncryption(AwsClusterControlPlaneConfigEncryptionArgs.builder()
.kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
.build())
.databaseEncryption(AwsClusterControlPlaneDatabaseEncryptionArgs.builder()
.kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
.build())
.iamInstanceProfile("my--1p-dev-controlplane")
.instanceType("t3.medium")
.mainVolume(AwsClusterControlPlaneMainVolumeArgs.builder()
.iops(3000)
.kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
.sizeGib(10)
.volumeType("gp3")
.build())
.proxyConfig(AwsClusterControlPlaneProxyConfigArgs.builder()
.secretArn("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF")
.secretVersion("12345678-ABCD-EFGH-IJKL-987654321098")
.build())
.rootVolume(AwsClusterControlPlaneRootVolumeArgs.builder()
.iops(3000)
.kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
.sizeGib(10)
.volumeType("gp3")
.build())
.securityGroupIds("sg-00000000000000000")
.sshConfig(AwsClusterControlPlaneSshConfigArgs.builder()
.ec2KeyPair("my--1p-dev-ssh")
.build())
.subnetIds("subnet-00000000000000000")
.tags(Map.of("owner", "my@service-account.com"))
.version(versions.applyValue(getAwsVersionsResult -> getAwsVersionsResult.validVersions()[0]))
.build())
.description("A sample aws cluster")
.fleet(AwsClusterFleetArgs.builder()
.project("my-project-number")
.build())
.location("us-west1")
.networking(AwsClusterNetworkingArgs.builder()
.podAddressCidrBlocks("10.2.0.0/16")
.serviceAddressCidrBlocks("10.1.0.0/16")
.vpcId("vpc-00000000000000000")
.build())
.project("my-project-name")
.build());
}
}
import pulumi
import pulumi_gcp as gcp
versions = gcp.container.get_aws_versions(location="us-west1",
project="my-project-name")
primary = gcp.container.AwsCluster("primary",
annotations={
"label-one": "value-one",
},
authorization=gcp.container.AwsClusterAuthorizationArgs(
admin_users=[gcp.container.AwsClusterAuthorizationAdminUserArgs(
username="my@service-account.com",
)],
),
aws_region="my-aws-region",
control_plane=gcp.container.AwsClusterControlPlaneArgs(
aws_services_authentication=gcp.container.AwsClusterControlPlaneAwsServicesAuthenticationArgs(
role_arn="arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
role_session_name="my--1p-dev-session",
),
config_encryption=gcp.container.AwsClusterControlPlaneConfigEncryptionArgs(
kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
),
database_encryption=gcp.container.AwsClusterControlPlaneDatabaseEncryptionArgs(
kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
),
iam_instance_profile="my--1p-dev-controlplane",
instance_type="t3.medium",
main_volume=gcp.container.AwsClusterControlPlaneMainVolumeArgs(
iops=3000,
kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
size_gib=10,
volume_type="gp3",
),
proxy_config=gcp.container.AwsClusterControlPlaneProxyConfigArgs(
secret_arn="arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
secret_version="12345678-ABCD-EFGH-IJKL-987654321098",
),
root_volume=gcp.container.AwsClusterControlPlaneRootVolumeArgs(
iops=3000,
kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
size_gib=10,
volume_type="gp3",
),
security_group_ids=["sg-00000000000000000"],
ssh_config=gcp.container.AwsClusterControlPlaneSshConfigArgs(
ec2_key_pair="my--1p-dev-ssh",
),
subnet_ids=["subnet-00000000000000000"],
tags={
"owner": "my@service-account.com",
},
version=versions.valid_versions[0],
),
description="A sample aws cluster",
fleet=gcp.container.AwsClusterFleetArgs(
project="my-project-number",
),
location="us-west1",
networking=gcp.container.AwsClusterNetworkingArgs(
pod_address_cidr_blocks=["10.2.0.0/16"],
service_address_cidr_blocks=["10.1.0.0/16"],
vpc_id="vpc-00000000000000000",
),
project="my-project-name")
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const versions = gcp.container.getAwsVersions({
location: "us-west1",
project: "my-project-name",
});
const primary = new gcp.container.AwsCluster("primary", {
annotations: {
"label-one": "value-one",
},
authorization: {
adminUsers: [{
username: "my@service-account.com",
}],
},
awsRegion: "my-aws-region",
controlPlane: {
awsServicesAuthentication: {
roleArn: "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
roleSessionName: "my--1p-dev-session",
},
configEncryption: {
kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
},
databaseEncryption: {
kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
},
iamInstanceProfile: "my--1p-dev-controlplane",
instanceType: "t3.medium",
mainVolume: {
iops: 3000,
kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
sizeGib: 10,
volumeType: "gp3",
},
proxyConfig: {
secretArn: "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
secretVersion: "12345678-ABCD-EFGH-IJKL-987654321098",
},
rootVolume: {
iops: 3000,
kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
sizeGib: 10,
volumeType: "gp3",
},
securityGroupIds: ["sg-00000000000000000"],
sshConfig: {
ec2KeyPair: "my--1p-dev-ssh",
},
subnetIds: ["subnet-00000000000000000"],
tags: {
owner: "my@service-account.com",
},
version: versions.then(versions => versions.validVersions?.[0]),
},
description: "A sample aws cluster",
fleet: {
project: "my-project-number",
},
location: "us-west1",
networking: {
podAddressCidrBlocks: ["10.2.0.0/16"],
serviceAddressCidrBlocks: ["10.1.0.0/16"],
vpcId: "vpc-00000000000000000",
},
project: "my-project-name",
});
resources:
primary:
type: gcp:container:AwsCluster
properties:
annotations:
label-one: value-one
authorization:
adminUsers:
- username: my@service-account.com
awsRegion: my-aws-region
controlPlane:
awsServicesAuthentication:
roleArn: arn:aws:iam::012345678910:role/my--1p-dev-oneplatform
roleSessionName: my--1p-dev-session
configEncryption:
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
databaseEncryption:
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
iamInstanceProfile: my--1p-dev-controlplane
instanceType: t3.medium
mainVolume:
iops: 3000
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
sizeGib: 10
volumeType: gp3
proxyConfig:
secretArn: arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF
secretVersion: 12345678-ABCD-EFGH-IJKL-987654321098
rootVolume:
iops: 3000
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
sizeGib: 10
volumeType: gp3
securityGroupIds:
- sg-00000000000000000
sshConfig:
ec2KeyPair: my--1p-dev-ssh
subnetIds:
- subnet-00000000000000000
tags:
owner: my@service-account.com
version: ${versions.validVersions[0]}
description: A sample aws cluster
fleet:
project: my-project-number
location: us-west1
networking:
podAddressCidrBlocks:
- 10.2.0.0/16
serviceAddressCidrBlocks:
- 10.1.0.0/16
vpcId: vpc-00000000000000000
project: my-project-name
variables:
versions:
fn::invoke:
Function: gcp:container:getAwsVersions
Arguments:
location: us-west1
project: my-project-name
Beta_basic_enum_aws_cluster
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var versions = Gcp.Container.GetAwsVersions.Invoke(new()
{
Project = "my-project-name",
Location = "us-west1",
});
var primary = new Gcp.Container.AwsCluster("primary", new()
{
Authorization = new Gcp.Container.Inputs.AwsClusterAuthorizationArgs
{
AdminUsers = new[]
{
new Gcp.Container.Inputs.AwsClusterAuthorizationAdminUserArgs
{
Username = "my@service-account.com",
},
},
},
AwsRegion = "my-aws-region",
ControlPlane = new Gcp.Container.Inputs.AwsClusterControlPlaneArgs
{
AwsServicesAuthentication = new Gcp.Container.Inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs
{
RoleArn = "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
RoleSessionName = "my--1p-dev-session",
},
ConfigEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneConfigEncryptionArgs
{
KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
},
DatabaseEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneDatabaseEncryptionArgs
{
KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
},
IamInstanceProfile = "my--1p-dev-controlplane",
SubnetIds = new[]
{
"subnet-00000000000000000",
},
Version = versions.Apply(getAwsVersionsResult => getAwsVersionsResult.ValidVersions[0]),
InstanceType = "t3.medium",
MainVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneMainVolumeArgs
{
Iops = 3000,
KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
SizeGib = 10,
VolumeType = "gp3",
},
ProxyConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneProxyConfigArgs
{
SecretArn = "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
SecretVersion = "12345678-ABCD-EFGH-IJKL-987654321098",
},
RootVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneRootVolumeArgs
{
Iops = 3000,
KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
SizeGib = 10,
VolumeType = "gp3",
},
SecurityGroupIds = new[]
{
"sg-00000000000000000",
},
SshConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneSshConfigArgs
{
Ec2KeyPair = "my--1p-dev-ssh",
},
Tags =
{
{ "owner", "my@service-account.com" },
},
InstancePlacement = new Gcp.Container.Inputs.AwsClusterControlPlaneInstancePlacementArgs
{
Tenancy = "dedicated",
},
},
Fleet = new Gcp.Container.Inputs.AwsClusterFleetArgs
{
Project = "my-project-number",
},
Location = "us-west1",
Networking = new Gcp.Container.Inputs.AwsClusterNetworkingArgs
{
PodAddressCidrBlocks = new[]
{
"10.2.0.0/16",
},
ServiceAddressCidrBlocks = new[]
{
"10.1.0.0/16",
},
VpcId = "vpc-00000000000000000",
},
Annotations =
{
{ "label-one", "value-one" },
},
Description = "A sample aws cluster",
Project = "my-project-name",
LoggingConfig = new Gcp.Container.Inputs.AwsClusterLoggingConfigArgs
{
ComponentConfig = new Gcp.Container.Inputs.AwsClusterLoggingConfigComponentConfigArgs
{
EnableComponents = new[]
{
"system_components",
"workloads",
},
},
},
}, new CustomResourceOptions
{
Provider = google_beta,
});
});
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/container"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
versions, err := container.GetAwsVersions(ctx, &container.GetAwsVersionsArgs{
Project: pulumi.StringRef("my-project-name"),
Location: pulumi.StringRef("us-west1"),
}, nil)
if err != nil {
return err
}
_, err = container.NewAwsCluster(ctx, "primary", &container.AwsClusterArgs{
Authorization: &container.AwsClusterAuthorizationArgs{
AdminUsers: container.AwsClusterAuthorizationAdminUserArray{
&container.AwsClusterAuthorizationAdminUserArgs{
Username: pulumi.String("my@service-account.com"),
},
},
},
AwsRegion: pulumi.String("my-aws-region"),
ControlPlane: &container.AwsClusterControlPlaneArgs{
AwsServicesAuthentication: &container.AwsClusterControlPlaneAwsServicesAuthenticationArgs{
RoleArn: pulumi.String("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform"),
RoleSessionName: pulumi.String("my--1p-dev-session"),
},
ConfigEncryption: &container.AwsClusterControlPlaneConfigEncryptionArgs{
KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
},
DatabaseEncryption: &container.AwsClusterControlPlaneDatabaseEncryptionArgs{
KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
},
IamInstanceProfile: pulumi.String("my--1p-dev-controlplane"),
SubnetIds: pulumi.StringArray{
pulumi.String("subnet-00000000000000000"),
},
Version: *pulumi.String(versions.ValidVersions[0]),
InstanceType: pulumi.String("t3.medium"),
MainVolume: &container.AwsClusterControlPlaneMainVolumeArgs{
Iops: pulumi.Int(3000),
KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
SizeGib: pulumi.Int(10),
VolumeType: pulumi.String("gp3"),
},
ProxyConfig: &container.AwsClusterControlPlaneProxyConfigArgs{
SecretArn: pulumi.String("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF"),
SecretVersion: pulumi.String("12345678-ABCD-EFGH-IJKL-987654321098"),
},
RootVolume: &container.AwsClusterControlPlaneRootVolumeArgs{
Iops: pulumi.Int(3000),
KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
SizeGib: pulumi.Int(10),
VolumeType: pulumi.String("gp3"),
},
SecurityGroupIds: pulumi.StringArray{
pulumi.String("sg-00000000000000000"),
},
SshConfig: &container.AwsClusterControlPlaneSshConfigArgs{
Ec2KeyPair: pulumi.String("my--1p-dev-ssh"),
},
Tags: pulumi.StringMap{
"owner": pulumi.String("my@service-account.com"),
},
InstancePlacement: &container.AwsClusterControlPlaneInstancePlacementArgs{
Tenancy: pulumi.String("dedicated"),
},
},
Fleet: &container.AwsClusterFleetArgs{
Project: pulumi.String("my-project-number"),
},
Location: pulumi.String("us-west1"),
Networking: &container.AwsClusterNetworkingArgs{
PodAddressCidrBlocks: pulumi.StringArray{
pulumi.String("10.2.0.0/16"),
},
ServiceAddressCidrBlocks: pulumi.StringArray{
pulumi.String("10.1.0.0/16"),
},
VpcId: pulumi.String("vpc-00000000000000000"),
},
Annotations: pulumi.StringMap{
"label-one": pulumi.String("value-one"),
},
Description: pulumi.String("A sample aws cluster"),
Project: pulumi.String("my-project-name"),
LoggingConfig: &container.AwsClusterLoggingConfigArgs{
ComponentConfig: &container.AwsClusterLoggingConfigComponentConfigArgs{
EnableComponents: pulumi.StringArray{
pulumi.String("system_components"),
pulumi.String("workloads"),
},
},
},
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.container.ContainerFunctions;
import com.pulumi.gcp.container.inputs.GetAwsVersionsArgs;
import com.pulumi.gcp.container.AwsCluster;
import com.pulumi.gcp.container.AwsClusterArgs;
import com.pulumi.gcp.container.inputs.AwsClusterAuthorizationArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneConfigEncryptionArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneDatabaseEncryptionArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneMainVolumeArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneProxyConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneRootVolumeArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneSshConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneInstancePlacementArgs;
import com.pulumi.gcp.container.inputs.AwsClusterFleetArgs;
import com.pulumi.gcp.container.inputs.AwsClusterNetworkingArgs;
import com.pulumi.gcp.container.inputs.AwsClusterLoggingConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterLoggingConfigComponentConfigArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var versions = ContainerFunctions.getAwsVersions(GetAwsVersionsArgs.builder()
.project("my-project-name")
.location("us-west1")
.build());
var primary = new AwsCluster("primary", AwsClusterArgs.builder()
.authorization(AwsClusterAuthorizationArgs.builder()
.adminUsers(AwsClusterAuthorizationAdminUserArgs.builder()
.username("my@service-account.com")
.build())
.build())
.awsRegion("my-aws-region")
.controlPlane(AwsClusterControlPlaneArgs.builder()
.awsServicesAuthentication(AwsClusterControlPlaneAwsServicesAuthenticationArgs.builder()
.roleArn("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform")
.roleSessionName("my--1p-dev-session")
.build())
.configEncryption(AwsClusterControlPlaneConfigEncryptionArgs.builder()
.kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
.build())
.databaseEncryption(AwsClusterControlPlaneDatabaseEncryptionArgs.builder()
.kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
.build())
.iamInstanceProfile("my--1p-dev-controlplane")
.subnetIds("subnet-00000000000000000")
.version(versions.applyValue(getAwsVersionsResult -> getAwsVersionsResult.validVersions()[0]))
.instanceType("t3.medium")
.mainVolume(AwsClusterControlPlaneMainVolumeArgs.builder()
.iops(3000)
.kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
.sizeGib(10)
.volumeType("gp3")
.build())
.proxyConfig(AwsClusterControlPlaneProxyConfigArgs.builder()
.secretArn("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF")
.secretVersion("12345678-ABCD-EFGH-IJKL-987654321098")
.build())
.rootVolume(AwsClusterControlPlaneRootVolumeArgs.builder()
.iops(3000)
.kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
.sizeGib(10)
.volumeType("gp3")
.build())
.securityGroupIds("sg-00000000000000000")
.sshConfig(AwsClusterControlPlaneSshConfigArgs.builder()
.ec2KeyPair("my--1p-dev-ssh")
.build())
.tags(Map.of("owner", "my@service-account.com"))
.instancePlacement(AwsClusterControlPlaneInstancePlacementArgs.builder()
.tenancy("dedicated")
.build())
.build())
.fleet(AwsClusterFleetArgs.builder()
.project("my-project-number")
.build())
.location("us-west1")
.networking(AwsClusterNetworkingArgs.builder()
.podAddressCidrBlocks("10.2.0.0/16")
.serviceAddressCidrBlocks("10.1.0.0/16")
.vpcId("vpc-00000000000000000")
.build())
.annotations(Map.of("label-one", "value-one"))
.description("A sample aws cluster")
.project("my-project-name")
.loggingConfig(AwsClusterLoggingConfigArgs.builder()
.componentConfig(AwsClusterLoggingConfigComponentConfigArgs.builder()
.enableComponents(
"system_components",
"workloads")
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}
import pulumi
import pulumi_gcp as gcp
versions = gcp.container.get_aws_versions(project="my-project-name",
location="us-west1")
primary = gcp.container.AwsCluster("primary",
authorization=gcp.container.AwsClusterAuthorizationArgs(
admin_users=[gcp.container.AwsClusterAuthorizationAdminUserArgs(
username="my@service-account.com",
)],
),
aws_region="my-aws-region",
control_plane=gcp.container.AwsClusterControlPlaneArgs(
aws_services_authentication=gcp.container.AwsClusterControlPlaneAwsServicesAuthenticationArgs(
role_arn="arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
role_session_name="my--1p-dev-session",
),
config_encryption=gcp.container.AwsClusterControlPlaneConfigEncryptionArgs(
kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
),
database_encryption=gcp.container.AwsClusterControlPlaneDatabaseEncryptionArgs(
kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
),
iam_instance_profile="my--1p-dev-controlplane",
subnet_ids=["subnet-00000000000000000"],
version=versions.valid_versions[0],
instance_type="t3.medium",
main_volume=gcp.container.AwsClusterControlPlaneMainVolumeArgs(
iops=3000,
kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
size_gib=10,
volume_type="gp3",
),
proxy_config=gcp.container.AwsClusterControlPlaneProxyConfigArgs(
secret_arn="arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
secret_version="12345678-ABCD-EFGH-IJKL-987654321098",
),
root_volume=gcp.container.AwsClusterControlPlaneRootVolumeArgs(
iops=3000,
kms_key_arn="arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
size_gib=10,
volume_type="gp3",
),
security_group_ids=["sg-00000000000000000"],
ssh_config=gcp.container.AwsClusterControlPlaneSshConfigArgs(
ec2_key_pair="my--1p-dev-ssh",
),
tags={
"owner": "my@service-account.com",
},
instance_placement=gcp.container.AwsClusterControlPlaneInstancePlacementArgs(
tenancy="dedicated",
),
),
fleet=gcp.container.AwsClusterFleetArgs(
project="my-project-number",
),
location="us-west1",
networking=gcp.container.AwsClusterNetworkingArgs(
pod_address_cidr_blocks=["10.2.0.0/16"],
service_address_cidr_blocks=["10.1.0.0/16"],
vpc_id="vpc-00000000000000000",
),
annotations={
"label-one": "value-one",
},
description="A sample aws cluster",
project="my-project-name",
logging_config=gcp.container.AwsClusterLoggingConfigArgs(
component_config=gcp.container.AwsClusterLoggingConfigComponentConfigArgs(
enable_components=[
"system_components",
"workloads",
],
),
),
opts=pulumi.ResourceOptions(provider=google_beta))
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const versions = gcp.container.getAwsVersions({
project: "my-project-name",
location: "us-west1",
});
const primary = new gcp.container.AwsCluster("primary", {
authorization: {
adminUsers: [{
username: "my@service-account.com",
}],
},
awsRegion: "my-aws-region",
controlPlane: {
awsServicesAuthentication: {
roleArn: "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
roleSessionName: "my--1p-dev-session",
},
configEncryption: {
kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
},
databaseEncryption: {
kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
},
iamInstanceProfile: "my--1p-dev-controlplane",
subnetIds: ["subnet-00000000000000000"],
version: versions.then(versions => versions.validVersions?.[0]),
instanceType: "t3.medium",
mainVolume: {
iops: 3000,
kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
sizeGib: 10,
volumeType: "gp3",
},
proxyConfig: {
secretArn: "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
secretVersion: "12345678-ABCD-EFGH-IJKL-987654321098",
},
rootVolume: {
iops: 3000,
kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
sizeGib: 10,
volumeType: "gp3",
},
securityGroupIds: ["sg-00000000000000000"],
sshConfig: {
ec2KeyPair: "my--1p-dev-ssh",
},
tags: {
owner: "my@service-account.com",
},
instancePlacement: {
tenancy: "dedicated",
},
},
fleet: {
project: "my-project-number",
},
location: "us-west1",
networking: {
podAddressCidrBlocks: ["10.2.0.0/16"],
serviceAddressCidrBlocks: ["10.1.0.0/16"],
vpcId: "vpc-00000000000000000",
},
annotations: {
"label-one": "value-one",
},
description: "A sample aws cluster",
project: "my-project-name",
loggingConfig: {
componentConfig: {
enableComponents: [
"system_components",
"workloads",
],
},
},
}, {
provider: google_beta,
});
resources:
primary:
type: gcp:container:AwsCluster
properties:
authorization:
adminUsers:
- username: my@service-account.com
awsRegion: my-aws-region
controlPlane:
awsServicesAuthentication:
roleArn: arn:aws:iam::012345678910:role/my--1p-dev-oneplatform
roleSessionName: my--1p-dev-session
configEncryption:
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
databaseEncryption:
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
iamInstanceProfile: my--1p-dev-controlplane
subnetIds:
- subnet-00000000000000000
version: ${versions.validVersions[0]}
instanceType: t3.medium
mainVolume:
iops: 3000
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
sizeGib: 10
volumeType: gp3
proxyConfig:
secretArn: arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF
secretVersion: 12345678-ABCD-EFGH-IJKL-987654321098
rootVolume:
iops: 3000
kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
sizeGib: 10
volumeType: gp3
securityGroupIds:
- sg-00000000000000000
sshConfig:
ec2KeyPair: my--1p-dev-ssh
tags:
owner: my@service-account.com
instancePlacement:
tenancy: dedicated
fleet:
project: my-project-number
location: us-west1
networking:
podAddressCidrBlocks:
- 10.2.0.0/16
serviceAddressCidrBlocks:
- 10.1.0.0/16
vpcId: vpc-00000000000000000
annotations:
label-one: value-one
description: A sample aws cluster
project: my-project-name
loggingConfig:
componentConfig:
enableComponents:
- system_components
- workloads
options:
provider: ${["google-beta"]}
variables:
versions:
fn::invoke:
Function: gcp:container:getAwsVersions
Arguments:
project: my-project-name
location: us-west1
Create AwsCluster Resource
new AwsCluster(name: string, args: AwsClusterArgs, opts?: CustomResourceOptions);@overload
def AwsCluster(resource_name: str,
opts: Optional[ResourceOptions] = None,
annotations: Optional[Mapping[str, str]] = None,
authorization: Optional[AwsClusterAuthorizationArgs] = None,
aws_region: Optional[str] = None,
control_plane: Optional[AwsClusterControlPlaneArgs] = None,
description: Optional[str] = None,
fleet: Optional[AwsClusterFleetArgs] = None,
location: Optional[str] = None,
logging_config: Optional[AwsClusterLoggingConfigArgs] = None,
name: Optional[str] = None,
networking: Optional[AwsClusterNetworkingArgs] = None,
project: Optional[str] = None)
@overload
def AwsCluster(resource_name: str,
args: AwsClusterArgs,
opts: Optional[ResourceOptions] = None)func NewAwsCluster(ctx *Context, name string, args AwsClusterArgs, opts ...ResourceOption) (*AwsCluster, error)public AwsCluster(string name, AwsClusterArgs args, CustomResourceOptions? opts = null)
public AwsCluster(String name, AwsClusterArgs args)
public AwsCluster(String name, AwsClusterArgs args, CustomResourceOptions options)
type: gcp:container:AwsCluster
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AwsClusterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AwsClusterArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AwsClusterArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AwsClusterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AwsClusterArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
AwsCluster Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AwsCluster resource accepts the following input properties:
-
Aws
Cluster Authorization Configuration related to the cluster RBAC settings.
- Aws
Region string The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- Control
Plane AwsCluster Control Plane Configuration related to the cluster control plane.
- Fleet
Aws
Cluster Fleet Fleet configuration.
- Location string
The location for the resource
- Networking
Aws
Cluster Networking Cluster-wide networking configuration.
- Annotations Dictionary<string, string>
Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
- Description string
Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- Logging
Config AwsCluster Logging Config (Beta only) Logging configuration.
- Name string
The name of this resource.
- Project string
The number of the Fleet host project where this cluster will be registered.
(Optional) The project for the resource
-
Aws
Cluster Authorization Args Configuration related to the cluster RBAC settings.
- Aws
Region string The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- Control
Plane AwsCluster Control Plane Args Configuration related to the cluster control plane.
- Fleet
Aws
Cluster Fleet Args Fleet configuration.
- Location string
The location for the resource
- Networking
Aws
Cluster Networking Args Cluster-wide networking configuration.
- Annotations map[string]string
Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
- Description string
Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- Logging
Config AwsCluster Logging Config Args (Beta only) Logging configuration.
- Name string
The name of this resource.
- Project string
The number of the Fleet host project where this cluster will be registered.
(Optional) The project for the resource
-
Aws
Cluster Authorization Configuration related to the cluster RBAC settings.
- aws
Region String The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- control
Plane AwsCluster Control Plane Configuration related to the cluster control plane.
- fleet
Aws
Cluster Fleet Fleet configuration.
- location String
The location for the resource
- networking
Aws
Cluster Networking Cluster-wide networking configuration.
- annotations Map<String,String>
Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
- description String
Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- logging
Config AwsCluster Logging Config (Beta only) Logging configuration.
- name String
The name of this resource.
- project String
The number of the Fleet host project where this cluster will be registered.
(Optional) The project for the resource
-
Aws
Cluster Authorization Configuration related to the cluster RBAC settings.
- aws
Region string The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- control
Plane AwsCluster Control Plane Configuration related to the cluster control plane.
- fleet
Aws
Cluster Fleet Fleet configuration.
- location string
The location for the resource
- networking
Aws
Cluster Networking Cluster-wide networking configuration.
- annotations {[key: string]: string}
Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
- description string
Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- logging
Config AwsCluster Logging Config (Beta only) Logging configuration.
- name string
The name of this resource.
- project string
The number of the Fleet host project where this cluster will be registered.
(Optional) The project for the resource
-
Aws
Cluster Authorization Args Configuration related to the cluster RBAC settings.
- aws_
region str The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- control_
plane AwsCluster Control Plane Args Configuration related to the cluster control plane.
- fleet
Aws
Cluster Fleet Args Fleet configuration.
- location str
The location for the resource
- networking
Aws
Cluster Networking Args Cluster-wide networking configuration.
- annotations Mapping[str, str]
Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
- description str
Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- logging_
config AwsCluster Logging Config Args (Beta only) Logging configuration.
- name str
The name of this resource.
- project str
The number of the Fleet host project where this cluster will be registered.
(Optional) The project for the resource
- Property Map
Configuration related to the cluster RBAC settings.
- aws
Region String The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- control
Plane Property Map Configuration related to the cluster control plane.
- fleet Property Map
Fleet configuration.
- location String
The location for the resource
- networking Property Map
Cluster-wide networking configuration.
- annotations Map<String>
Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
- description String
Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- logging
Config Property Map (Beta only) Logging configuration.
- name String
The name of this resource.
- project String
The number of the Fleet host project where this cluster will be registered.
(Optional) The project for the resource
Outputs
All input properties are implicitly available as output properties. Additionally, the AwsCluster resource produces the following output properties:
- Create
Time string Output only. The time at which this cluster was created.
- Endpoint string
Output only. The endpoint of the cluster's API server.
- Etag string
Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Id string
The provider-assigned unique ID for this managed resource.
- Reconciling bool
Output only. If set, there are currently changes in flight to the cluster.
- State string
Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- Uid string
Output only. A globally unique identifier for the cluster.
- Update
Time string Output only. The time at which this cluster was last updated.
- Workload
Identity List<AwsConfigs Cluster Workload Identity Config> Output only. Workload Identity settings.
- Create
Time string Output only. The time at which this cluster was created.
- Endpoint string
Output only. The endpoint of the cluster's API server.
- Etag string
Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Id string
The provider-assigned unique ID for this managed resource.
- Reconciling bool
Output only. If set, there are currently changes in flight to the cluster.
- State string
Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- Uid string
Output only. A globally unique identifier for the cluster.
- Update
Time string Output only. The time at which this cluster was last updated.
- Workload
Identity []AwsConfigs Cluster Workload Identity Config Output only. Workload Identity settings.
- create
Time String Output only. The time at which this cluster was created.
- endpoint String
Output only. The endpoint of the cluster's API server.
- etag String
Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id String
The provider-assigned unique ID for this managed resource.
- reconciling Boolean
Output only. If set, there are currently changes in flight to the cluster.
- state String
Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid String
Output only. A globally unique identifier for the cluster.
- update
Time String Output only. The time at which this cluster was last updated.
- workload
Identity List<AwsConfigs Cluster Workload Identity Config> Output only. Workload Identity settings.
- create
Time string Output only. The time at which this cluster was created.
- endpoint string
Output only. The endpoint of the cluster's API server.
- etag string
Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id string
The provider-assigned unique ID for this managed resource.
- reconciling boolean
Output only. If set, there are currently changes in flight to the cluster.
- state string
Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid string
Output only. A globally unique identifier for the cluster.
- update
Time string Output only. The time at which this cluster was last updated.
- workload
Identity AwsConfigs Cluster Workload Identity Config[] Output only. Workload Identity settings.
- create_
time str Output only. The time at which this cluster was created.
- endpoint str
Output only. The endpoint of the cluster's API server.
- etag str
Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id str
The provider-assigned unique ID for this managed resource.
- reconciling bool
Output only. If set, there are currently changes in flight to the cluster.
- state str
Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid str
Output only. A globally unique identifier for the cluster.
- update_
time str Output only. The time at which this cluster was last updated.
- workload_
identity_ Sequence[Awsconfigs Cluster Workload Identity Config] Output only. Workload Identity settings.
- create
Time String Output only. The time at which this cluster was created.
- endpoint String
Output only. The endpoint of the cluster's API server.
- etag String
Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id String
The provider-assigned unique ID for this managed resource.
- reconciling Boolean
Output only. If set, there are currently changes in flight to the cluster.
- state String
Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid String
Output only. A globally unique identifier for the cluster.
- update
Time String Output only. The time at which this cluster was last updated.
- workload
Identity List<Property Map>Configs Output only. Workload Identity settings.
Look up Existing AwsCluster Resource
Get an existing AwsCluster resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AwsClusterState, opts?: CustomResourceOptions): AwsCluster@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
annotations: Optional[Mapping[str, str]] = None,
authorization: Optional[AwsClusterAuthorizationArgs] = None,
aws_region: Optional[str] = None,
control_plane: Optional[AwsClusterControlPlaneArgs] = None,
create_time: Optional[str] = None,
description: Optional[str] = None,
endpoint: Optional[str] = None,
etag: Optional[str] = None,
fleet: Optional[AwsClusterFleetArgs] = None,
location: Optional[str] = None,
logging_config: Optional[AwsClusterLoggingConfigArgs] = None,
name: Optional[str] = None,
networking: Optional[AwsClusterNetworkingArgs] = None,
project: Optional[str] = None,
reconciling: Optional[bool] = None,
state: Optional[str] = None,
uid: Optional[str] = None,
update_time: Optional[str] = None,
workload_identity_configs: Optional[Sequence[AwsClusterWorkloadIdentityConfigArgs]] = None) -> AwsClusterfunc GetAwsCluster(ctx *Context, name string, id IDInput, state *AwsClusterState, opts ...ResourceOption) (*AwsCluster, error)public static AwsCluster Get(string name, Input<string> id, AwsClusterState? state, CustomResourceOptions? opts = null)public static AwsCluster get(String name, Output<String> id, AwsClusterState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Annotations Dictionary<string, string>
Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
-
Aws
Cluster Authorization Configuration related to the cluster RBAC settings.
- Aws
Region string The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- Control
Plane AwsCluster Control Plane Configuration related to the cluster control plane.
- Create
Time string Output only. The time at which this cluster was created.
- Description string
Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- Endpoint string
Output only. The endpoint of the cluster's API server.
- Etag string
Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Fleet
Aws
Cluster Fleet Fleet configuration.
- Location string
The location for the resource
- Logging
Config AwsCluster Logging Config (Beta only) Logging configuration.
- Name string
The name of this resource.
- Networking
Aws
Cluster Networking Cluster-wide networking configuration.
- Project string
The number of the Fleet host project where this cluster will be registered.
(Optional) The project for the resource
- Reconciling bool
Output only. If set, there are currently changes in flight to the cluster.
- State string
Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- Uid string
Output only. A globally unique identifier for the cluster.
- Update
Time string Output only. The time at which this cluster was last updated.
- Workload
Identity List<AwsConfigs Cluster Workload Identity Config> Output only. Workload Identity settings.
- Annotations map[string]string
Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
-
Aws
Cluster Authorization Args Configuration related to the cluster RBAC settings.
- Aws
Region string The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- Control
Plane AwsCluster Control Plane Args Configuration related to the cluster control plane.
- Create
Time string Output only. The time at which this cluster was created.
- Description string
Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- Endpoint string
Output only. The endpoint of the cluster's API server.
- Etag string
Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Fleet
Aws
Cluster Fleet Args Fleet configuration.
- Location string
The location for the resource
- Logging
Config AwsCluster Logging Config Args (Beta only) Logging configuration.
- Name string
The name of this resource.
- Networking
Aws
Cluster Networking Args Cluster-wide networking configuration.
- Project string
The number of the Fleet host project where this cluster will be registered.
(Optional) The project for the resource
- Reconciling bool
Output only. If set, there are currently changes in flight to the cluster.
- State string
Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- Uid string
Output only. A globally unique identifier for the cluster.
- Update
Time string Output only. The time at which this cluster was last updated.
- Workload
Identity []AwsConfigs Cluster Workload Identity Config Args Output only. Workload Identity settings.
- annotations Map<String,String>
Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
-
Aws
Cluster Authorization Configuration related to the cluster RBAC settings.
- aws
Region String The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- control
Plane AwsCluster Control Plane Configuration related to the cluster control plane.
- create
Time String Output only. The time at which this cluster was created.
- description String
Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- endpoint String
Output only. The endpoint of the cluster's API server.
- etag String
Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- fleet
Aws
Cluster Fleet Fleet configuration.
- location String
The location for the resource
- logging
Config AwsCluster Logging Config (Beta only) Logging configuration.
- name String
The name of this resource.
- networking
Aws
Cluster Networking Cluster-wide networking configuration.
- project String
The number of the Fleet host project where this cluster will be registered.
(Optional) The project for the resource
- reconciling Boolean
Output only. If set, there are currently changes in flight to the cluster.
- state String
Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid String
Output only. A globally unique identifier for the cluster.
- update
Time String Output only. The time at which this cluster was last updated.
- workload
Identity List<AwsConfigs Cluster Workload Identity Config> Output only. Workload Identity settings.
- annotations {[key: string]: string}
Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
-
Aws
Cluster Authorization Configuration related to the cluster RBAC settings.
- aws
Region string The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- control
Plane AwsCluster Control Plane Configuration related to the cluster control plane.
- create
Time string Output only. The time at which this cluster was created.
- description string
Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- endpoint string
Output only. The endpoint of the cluster's API server.
- etag string
Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- fleet
Aws
Cluster Fleet Fleet configuration.
- location string
The location for the resource
- logging
Config AwsCluster Logging Config (Beta only) Logging configuration.
- name string
The name of this resource.
- networking
Aws
Cluster Networking Cluster-wide networking configuration.
- project string
The number of the Fleet host project where this cluster will be registered.
(Optional) The project for the resource
- reconciling boolean
Output only. If set, there are currently changes in flight to the cluster.
- state string
Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid string
Output only. A globally unique identifier for the cluster.
- update
Time string Output only. The time at which this cluster was last updated.
- workload
Identity AwsConfigs Cluster Workload Identity Config[] Output only. Workload Identity settings.
- annotations Mapping[str, str]
Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
-
Aws
Cluster Authorization Args Configuration related to the cluster RBAC settings.
- aws_
region str The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- control_
plane AwsCluster Control Plane Args Configuration related to the cluster control plane.
- create_
time str Output only. The time at which this cluster was created.
- description str
Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- endpoint str
Output only. The endpoint of the cluster's API server.
- etag str
Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- fleet
Aws
Cluster Fleet Args Fleet configuration.
- location str
The location for the resource
- logging_
config AwsCluster Logging Config Args (Beta only) Logging configuration.
- name str
The name of this resource.
- networking
Aws
Cluster Networking Args Cluster-wide networking configuration.
- project str
The number of the Fleet host project where this cluster will be registered.
(Optional) The project for the resource
- reconciling bool
Output only. If set, there are currently changes in flight to the cluster.
- state str
Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid str
Output only. A globally unique identifier for the cluster.
- update_
time str Output only. The time at which this cluster was last updated.
- workload_
identity_ Sequence[Awsconfigs Cluster Workload Identity Config Args] Output only. Workload Identity settings.
- annotations Map<String>
Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
- Property Map
Configuration related to the cluster RBAC settings.
- aws
Region String The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- control
Plane Property Map Configuration related to the cluster control plane.
- create
Time String Output only. The time at which this cluster was created.
- description String
Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- endpoint String
Output only. The endpoint of the cluster's API server.
- etag String
Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- fleet Property Map
Fleet configuration.
- location String
The location for the resource
- logging
Config Property Map (Beta only) Logging configuration.
- name String
The name of this resource.
- networking Property Map
Cluster-wide networking configuration.
- project String
The number of the Fleet host project where this cluster will be registered.
(Optional) The project for the resource
- reconciling Boolean
Output only. If set, there are currently changes in flight to the cluster.
- state String
Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid String
Output only. A globally unique identifier for the cluster.
- update
Time String Output only. The time at which this cluster was last updated.
- workload
Identity List<Property Map>Configs Output only. Workload Identity settings.
Supporting Types
AwsClusterAuthorization, AwsClusterAuthorizationArgs
- Admin
Users List<AwsCluster Authorization Admin User> Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the
cluster-adminClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- Admin
Users []AwsCluster Authorization Admin User Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the
cluster-adminClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- admin
Users List<AwsCluster Authorization Admin User> Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the
cluster-adminClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- admin
Users AwsCluster Authorization Admin User[] Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the
cluster-adminClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- admin_
users Sequence[AwsCluster Authorization Admin User] Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the
cluster-adminClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- admin
Users List<Property Map> Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the
cluster-adminClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
AwsClusterAuthorizationAdminUser, AwsClusterAuthorizationAdminUserArgs
- Username string
The name of the user, e.g.
my-gcp-id@gmail.com.
- Username string
The name of the user, e.g.
my-gcp-id@gmail.com.
- username String
The name of the user, e.g.
my-gcp-id@gmail.com.
- username string
The name of the user, e.g.
my-gcp-id@gmail.com.
- username str
The name of the user, e.g.
my-gcp-id@gmail.com.
- username String
The name of the user, e.g.
my-gcp-id@gmail.com.
AwsClusterControlPlane, AwsClusterControlPlaneArgs
- Aws
Services AwsAuthentication Cluster Control Plane Aws Services Authentication Authentication configuration for management of AWS resources.
- Config
Encryption AwsCluster Control Plane Config Encryption The ARN of the AWS KMS key used to encrypt cluster configuration.
- Database
Encryption AwsCluster Control Plane Database Encryption The ARN of the AWS KMS key used to encrypt cluster secrets.
- Iam
Instance stringProfile The name of the AWS IAM instance pofile to assign to each control plane replica.
- Subnet
Ids List<string> The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
- Version string
The Kubernetes version to run on control plane replicas (e.g.
1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .- Instance
Placement AwsCluster Control Plane Instance Placement (Beta only) Details of placement information for an instance.
- Instance
Type string Optional. The AWS instance type. When unspecified, it defaults to
m5.large.- Main
Volume AwsCluster Control Plane Main Volume Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
- Proxy
Config AwsCluster Control Plane Proxy Config Proxy configuration for outbound HTTP(S) traffic.
- Root
Volume AwsCluster Control Plane Root Volume Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
- Security
Group List<string>Ids Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
- Ssh
Config AwsCluster Control Plane Ssh Config Optional. SSH configuration for how to access the underlying control plane machines.
- Dictionary<string, string>
Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
- Aws
Services AwsAuthentication Cluster Control Plane Aws Services Authentication Authentication configuration for management of AWS resources.
- Config
Encryption AwsCluster Control Plane Config Encryption The ARN of the AWS KMS key used to encrypt cluster configuration.
- Database
Encryption AwsCluster Control Plane Database Encryption The ARN of the AWS KMS key used to encrypt cluster secrets.
- Iam
Instance stringProfile The name of the AWS IAM instance pofile to assign to each control plane replica.
- Subnet
Ids []string The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
- Version string
The Kubernetes version to run on control plane replicas (e.g.
1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .- Instance
Placement AwsCluster Control Plane Instance Placement (Beta only) Details of placement information for an instance.
- Instance
Type string Optional. The AWS instance type. When unspecified, it defaults to
m5.large.- Main
Volume AwsCluster Control Plane Main Volume Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
- Proxy
Config AwsCluster Control Plane Proxy Config Proxy configuration for outbound HTTP(S) traffic.
- Root
Volume AwsCluster Control Plane Root Volume Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
- Security
Group []stringIds Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
- Ssh
Config AwsCluster Control Plane Ssh Config Optional. SSH configuration for how to access the underlying control plane machines.
- map[string]string
Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
- aws
Services AwsAuthentication Cluster Control Plane Aws Services Authentication Authentication configuration for management of AWS resources.
- config
Encryption AwsCluster Control Plane Config Encryption The ARN of the AWS KMS key used to encrypt cluster configuration.
- database
Encryption AwsCluster Control Plane Database Encryption The ARN of the AWS KMS key used to encrypt cluster secrets.
- iam
Instance StringProfile The name of the AWS IAM instance pofile to assign to each control plane replica.
- subnet
Ids List<String> The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
- version String
The Kubernetes version to run on control plane replicas (e.g.
1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .- instance
Placement AwsCluster Control Plane Instance Placement (Beta only) Details of placement information for an instance.
- instance
Type String Optional. The AWS instance type. When unspecified, it defaults to
m5.large.- main
Volume AwsCluster Control Plane Main Volume Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
- proxy
Config AwsCluster Control Plane Proxy Config Proxy configuration for outbound HTTP(S) traffic.
- root
Volume AwsCluster Control Plane Root Volume Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
- security
Group List<String>Ids Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
- ssh
Config AwsCluster Control Plane Ssh Config Optional. SSH configuration for how to access the underlying control plane machines.
- Map<String,String>
Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
- aws
Services AwsAuthentication Cluster Control Plane Aws Services Authentication Authentication configuration for management of AWS resources.
- config
Encryption AwsCluster Control Plane Config Encryption The ARN of the AWS KMS key used to encrypt cluster configuration.
- database
Encryption AwsCluster Control Plane Database Encryption The ARN of the AWS KMS key used to encrypt cluster secrets.
- iam
Instance stringProfile The name of the AWS IAM instance pofile to assign to each control plane replica.
- subnet
Ids string[] The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
- version string
The Kubernetes version to run on control plane replicas (e.g.
1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .- instance
Placement AwsCluster Control Plane Instance Placement (Beta only) Details of placement information for an instance.
- instance
Type string Optional. The AWS instance type. When unspecified, it defaults to
m5.large.- main
Volume AwsCluster Control Plane Main Volume Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
- proxy
Config AwsCluster Control Plane Proxy Config Proxy configuration for outbound HTTP(S) traffic.
- root
Volume AwsCluster Control Plane Root Volume Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
- security
Group string[]Ids Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
- ssh
Config AwsCluster Control Plane Ssh Config Optional. SSH configuration for how to access the underlying control plane machines.
- {[key: string]: string}
Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
- aws_
services_ Awsauthentication Cluster Control Plane Aws Services Authentication Authentication configuration for management of AWS resources.
- config_
encryption AwsCluster Control Plane Config Encryption The ARN of the AWS KMS key used to encrypt cluster configuration.
- database_
encryption AwsCluster Control Plane Database Encryption The ARN of the AWS KMS key used to encrypt cluster secrets.
- iam_
instance_ strprofile The name of the AWS IAM instance pofile to assign to each control plane replica.
- subnet_
ids Sequence[str] The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
- version str
The Kubernetes version to run on control plane replicas (e.g.
1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .- instance_
placement AwsCluster Control Plane Instance Placement (Beta only) Details of placement information for an instance.
- instance_
type str Optional. The AWS instance type. When unspecified, it defaults to
m5.large.- main_
volume AwsCluster Control Plane Main Volume Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
- proxy_
config AwsCluster Control Plane Proxy Config Proxy configuration for outbound HTTP(S) traffic.
- root_
volume AwsCluster Control Plane Root Volume Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
- security_
group_ Sequence[str]ids Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
- ssh_
config AwsCluster Control Plane Ssh Config Optional. SSH configuration for how to access the underlying control plane machines.
- Mapping[str, str]
Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
- aws
Services Property MapAuthentication Authentication configuration for management of AWS resources.
- config
Encryption Property Map The ARN of the AWS KMS key used to encrypt cluster configuration.
- database
Encryption Property Map The ARN of the AWS KMS key used to encrypt cluster secrets.
- iam
Instance StringProfile The name of the AWS IAM instance pofile to assign to each control plane replica.
- subnet
Ids List<String> The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
- version String
The Kubernetes version to run on control plane replicas (e.g.
1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .- instance
Placement Property Map (Beta only) Details of placement information for an instance.
- instance
Type String Optional. The AWS instance type. When unspecified, it defaults to
m5.large.- main
Volume Property Map Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
- proxy
Config Property Map Proxy configuration for outbound HTTP(S) traffic.
- root
Volume Property Map Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
- security
Group List<String>Ids Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
- ssh
Config Property Map Optional. SSH configuration for how to access the underlying control plane machines.
- Map<String>
Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
AwsClusterControlPlaneAwsServicesAuthentication, AwsClusterControlPlaneAwsServicesAuthenticationArgs
- Role
Arn string The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
- Role
Session stringName Optional. An identifier for the assumed role session. When unspecified, it defaults to
multicloud-service-agent.
- Role
Arn string The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
- Role
Session stringName Optional. An identifier for the assumed role session. When unspecified, it defaults to
multicloud-service-agent.
- role
Arn String The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
- role
Session StringName Optional. An identifier for the assumed role session. When unspecified, it defaults to
multicloud-service-agent.
- role
Arn string The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
- role
Session stringName Optional. An identifier for the assumed role session. When unspecified, it defaults to
multicloud-service-agent.
- role_
arn str The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
- role_
session_ strname Optional. An identifier for the assumed role session. When unspecified, it defaults to
multicloud-service-agent.
- role
Arn String The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
- role
Session StringName Optional. An identifier for the assumed role session. When unspecified, it defaults to
multicloud-service-agent.
AwsClusterControlPlaneConfigEncryption, AwsClusterControlPlaneConfigEncryptionArgs
- Kms
Key stringArn The ARN of the AWS KMS key used to encrypt cluster configuration.
- Kms
Key stringArn The ARN of the AWS KMS key used to encrypt cluster configuration.
- kms
Key StringArn The ARN of the AWS KMS key used to encrypt cluster configuration.
- kms
Key stringArn The ARN of the AWS KMS key used to encrypt cluster configuration.
- kms_
key_ strarn The ARN of the AWS KMS key used to encrypt cluster configuration.
- kms
Key StringArn The ARN of the AWS KMS key used to encrypt cluster configuration.
AwsClusterControlPlaneDatabaseEncryption, AwsClusterControlPlaneDatabaseEncryptionArgs
- Kms
Key stringArn The ARN of the AWS KMS key used to encrypt cluster secrets.
- Kms
Key stringArn The ARN of the AWS KMS key used to encrypt cluster secrets.
- kms
Key StringArn The ARN of the AWS KMS key used to encrypt cluster secrets.
- kms
Key stringArn The ARN of the AWS KMS key used to encrypt cluster secrets.
- kms_
key_ strarn The ARN of the AWS KMS key used to encrypt cluster secrets.
- kms
Key StringArn The ARN of the AWS KMS key used to encrypt cluster secrets.
AwsClusterControlPlaneInstancePlacement, AwsClusterControlPlaneInstancePlacementArgs
- Tenancy string
The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
- Tenancy string
The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
- tenancy String
The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
- tenancy string
The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
- tenancy str
The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
- tenancy String
The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
AwsClusterControlPlaneMainVolume, AwsClusterControlPlaneMainVolumeArgs
- Iops int
Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- Kms
Key stringArn Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- Size
Gib int Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- Throughput int
Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3.
- Volume
Type string Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- Iops int
Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- Kms
Key stringArn Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- Size
Gib int Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- Throughput int
Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3.
- Volume
Type string Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops Integer
Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kms
Key StringArn Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- size
Gib Integer Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput Integer
Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3.
- volume
Type String Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops number
Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kms
Key stringArn Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- size
Gib number Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput number
Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3.
- volume
Type string Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops int
Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kms_
key_ strarn Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- size_
gib int Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput int
Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3.
- volume_
type str Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops Number
Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kms
Key StringArn Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- size
Gib Number Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput Number
Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3.
- volume
Type String Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
AwsClusterControlPlaneProxyConfig, AwsClusterControlPlaneProxyConfigArgs
- Secret
Arn string The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- Secret
Version string The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- Secret
Arn string The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- Secret
Version string The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secret
Arn String The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secret
Version String The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secret
Arn string The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secret
Version string The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secret_
arn str The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secret_
version str The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secret
Arn String The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secret
Version String The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
AwsClusterControlPlaneRootVolume, AwsClusterControlPlaneRootVolumeArgs
- Iops int
Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- Kms
Key stringArn Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- Size
Gib int Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- Throughput int
Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3.
- Volume
Type string Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- Iops int
Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- Kms
Key stringArn Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- Size
Gib int Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- Throughput int
Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3.
- Volume
Type string Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops Integer
Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kms
Key StringArn Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- size
Gib Integer Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput Integer
Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3.
- volume
Type String Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops number
Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kms
Key stringArn Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- size
Gib number Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput number
Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3.
- volume
Type string Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops int
Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kms_
key_ strarn Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- size_
gib int Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput int
Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3.
- volume_
type str Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops Number
Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kms
Key StringArn Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- size
Gib Number Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput Number
Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3.
- volume
Type String Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
AwsClusterControlPlaneSshConfig, AwsClusterControlPlaneSshConfigArgs
- Ec2Key
Pair string The name of the EC2 key pair used to login into cluster machines.
- Ec2Key
Pair string The name of the EC2 key pair used to login into cluster machines.
- ec2Key
Pair String The name of the EC2 key pair used to login into cluster machines.
- ec2Key
Pair string The name of the EC2 key pair used to login into cluster machines.
- ec2_
key_ strpair The name of the EC2 key pair used to login into cluster machines.
- ec2Key
Pair String The name of the EC2 key pair used to login into cluster machines.
AwsClusterFleet, AwsClusterFleetArgs
- Membership string
The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
- Project string
The number of the Fleet host project where this cluster will be registered.
- Membership string
The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
- Project string
The number of the Fleet host project where this cluster will be registered.
- membership String
The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
- project String
The number of the Fleet host project where this cluster will be registered.
- membership string
The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
- project string
The number of the Fleet host project where this cluster will be registered.
- membership str
The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
- project str
The number of the Fleet host project where this cluster will be registered.
- membership String
The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
- project String
The number of the Fleet host project where this cluster will be registered.
AwsClusterLoggingConfig, AwsClusterLoggingConfigArgs
- Component
Config AwsCluster Logging Config Component Config Configuration of the logging components.
- Component
Config AwsCluster Logging Config Component Config Configuration of the logging components.
- component
Config AwsCluster Logging Config Component Config Configuration of the logging components.
- component
Config AwsCluster Logging Config Component Config Configuration of the logging components.
- component_
config AwsCluster Logging Config Component Config Configuration of the logging components.
- component
Config Property Map Configuration of the logging components.
AwsClusterLoggingConfigComponentConfig, AwsClusterLoggingConfigComponentConfigArgs
- Enable
Components List<string> Components of the logging configuration to be enabled.
- Enable
Components []string Components of the logging configuration to be enabled.
- enable
Components List<String> Components of the logging configuration to be enabled.
- enable
Components string[] Components of the logging configuration to be enabled.
- enable_
components Sequence[str] Components of the logging configuration to be enabled.
- enable
Components List<String> Components of the logging configuration to be enabled.
AwsClusterNetworking, AwsClusterNetworkingArgs
- Pod
Address List<string>Cidr Blocks All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- Service
Address List<string>Cidr Blocks All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- Vpc
Id string The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.
- Per
Node boolPool Sg Rules Disabled Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
- Pod
Address []stringCidr Blocks All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- Service
Address []stringCidr Blocks All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- Vpc
Id string The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.
- Per
Node boolPool Sg Rules Disabled Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
- pod
Address List<String>Cidr Blocks All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- service
Address List<String>Cidr Blocks All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- vpc
Id String The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.
- per
Node BooleanPool Sg Rules Disabled Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
- pod
Address string[]Cidr Blocks All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- service
Address string[]Cidr Blocks All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- vpc
Id string The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.
- per
Node booleanPool Sg Rules Disabled Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
- pod_
address_ Sequence[str]cidr_ blocks All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- service_
address_ Sequence[str]cidr_ blocks All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- vpc_
id str The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.
- per_
node_ boolpool_ sg_ rules_ disabled Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
- pod
Address List<String>Cidr Blocks All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- service
Address List<String>Cidr Blocks All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- vpc
Id String The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.
- per
Node BooleanPool Sg Rules Disabled Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
AwsClusterWorkloadIdentityConfig, AwsClusterWorkloadIdentityConfigArgs
- Identity
Provider string - Issuer
Uri string - Workload
Pool string
- Identity
Provider string - Issuer
Uri string - Workload
Pool string
- identity
Provider String - issuer
Uri String - workload
Pool String
- identity
Provider string - issuer
Uri string - workload
Pool string
- identity_
provider str - issuer_
uri str - workload_
pool str
- identity
Provider String - issuer
Uri String - workload
Pool String
Import
Cluster can be imported using any of these accepted formats
$ pulumi import gcp:container/awsCluster:AwsCluster default projects/{{project}}/locations/{{location}}/awsClusters/{{name}}
$ pulumi import gcp:container/awsCluster:AwsCluster default {{project}}/{{location}}/{{name}}
$ pulumi import gcp:container/awsCluster:AwsCluster default {{location}}/{{name}}
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
google-betaTerraform Provider.