Sign In to the Console
AWS CloudFormation
User Guide (API Version 2010-05-15)

AWS Documentation » AWS CloudFormation » User Guide » Template Reference » AWS Resource and Property Types Reference » Amazon Elastic Container Service for Kubernetes Resource Types Reference » AWS::EKS::Cluster

AWS::EKS::Cluster

The AWS::EKS::Cluster resource creates an Amazon EKS cluster control plane. The Amazon EKS cluster control plane consists of control plane instances that run the Kubernetes software, like etcd and the Kubernetes API server. The control plane runs in an account managed by AWS, and the Kubernetes API is exposed via the Amazon EKS endpoint associated with your cluster. For more information, see Clusters in the Amazon EKS User Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::EKS::Cluster",
  "Properties" : {
    "Name" : String,
    "ResourcesVpcConfig" : EKS Cluster ResourcesVpcConfig,
    "RoleArn" : String,
    "Version" : String
  }
}

YAML

Type: "AWS::EKS::Cluster"
Properties:
  Name: String
  ResourcesVpcConfig: EKS Cluster ResourcesVpcConfig
  RoleArn: String
  Version: String

Properties

Name

The name of the cluster.

Required: No

Type: String

Update requires: Replacement

ResourcesVpcConfig

The VPC subnets and security groups used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide.

Required: Yes

Type: EKS Cluster ResourcesVpcConfig

Update requires: Replacement

RoleArn

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

Required: Yes

Type: String

Update requires: Replacement

Version

The Kubernetes server version for the cluster.

Required: No

Type: String

Update requires: Replacement

Return Values

Ref

When you pass the logical ID of an AWS::EKS::Cluster resource to the intrinsic Ref function, the function returns the name of the cluster, such as EKSCluster-NT5EUXTNTXXD.

For more information about using the Ref function, see Ref.

Fn::GetAtt

Fn::GetAtt returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

Arn

The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.

CertificateAuthorityData

The certificate-authority-data for your cluster.

Endpoint

The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com

For more information about using Fn::GetAtt, see Fn::GetAtt.

Examples

Create a Cluster

The following example creates an Amazon EKS cluster called prod.

JSON

{
  "Type": "AWS::EKS::Cluster",
  "Properties": {
    "Name": "prod",
    "Version": "1.10",
    "RoleArn": "arn:aws:iam::012345678910:role/eks-service-role-AWSServiceRoleForAmazonEKS-EXAMPLEBQ4PI",
    "ResourcesVpcConfig": {
      "SecurityGroupIds": [
        "sg-6979fe18"
      ],
      "SubnetIds": [
        "subnet-6782e71e",
        "subnet-e7e761ac"
      ]
    }
  }
}

YAML

Type: "AWS::EKS::Cluster"
Properties:
  Name: "prod"
  Version: "1.10"
  RoleArn: "arn:aws:iam::012345678910:role/eks-service-role-AWSServiceRoleForAmazonEKS-EXAMPLEBQ4PI"
  ResourcesVpcConfig:
    SecurityGroupIds: ["sg-6979fe18"]
    SubnetIds: ["subnet-6782e71e", "subnet-e7e761ac"]

See Also