ClusterAttributes

class aws_cdk.aws_eks.ClusterAttributes(*, cluster_name, cluster_certificate_authority_data=None, cluster_encryption_config_key_arn=None, cluster_endpoint=None, cluster_security_group_id=None, kubectl_environment=None, kubectl_layer=None, kubectl_private_subnet_ids=None, kubectl_role_arn=None, kubectl_security_group_id=None, security_group_ids=None, vpc=None)

Bases: object

(experimental) Attributes for EKS clusters.

Parameters
  • cluster_name (str) – (experimental) The physical name of the Cluster.

  • cluster_certificate_authority_data (Optional[str]) – (experimental) The certificate-authority-data for your cluster. Default: - if not specified cluster.clusterCertificateAuthorityData will throw an error

  • cluster_encryption_config_key_arn (Optional[str]) – (experimental) Amazon Resource Name (ARN) or alias of the customer master key (CMK). Default: - if not specified cluster.clusterEncryptionConfigKeyArn will throw an error

  • cluster_endpoint (Optional[str]) – (experimental) The API Server endpoint URL. Default: - if not specified cluster.clusterEndpoint will throw an error.

  • cluster_security_group_id (Optional[str]) – (experimental) The cluster security group that was created by Amazon EKS for the cluster. Default: - if not specified cluster.clusterSecurityGroupId will throw an error

  • kubectl_environment (Optional[Mapping[str, str]]) – (experimental) Environment variables to use when running kubectl against this cluster. Default: - no additional variables

  • kubectl_layer (Optional[ILayerVersion]) – (experimental) An AWS Lambda Layer which includes kubectl, Helm and the AWS CLI. By default, the provider will use the layer included in the “aws-lambda-layer-kubectl” SAR application which is available in all commercial regions. To deploy the layer locally, visit https://github.com/aws-samples/aws-lambda-layer-kubectl/blob/master/cdk/README.md for instructions on how to prepare the .zip file and then define it in your app as follows:: const layer = new lambda.LayerVersion(this, ‘kubectl-layer’, { code: lambda.Code.fromAsset(${__dirname}/layer.zip)), compatibleRuntimes: [lambda.Runtime.PROVIDED] }); Or you can use the standard layer like this (with options to customize the version and SAR application ID): `ts const layer = new eks.KubectlLayer(this, 'KubectlLayer'); Default: - the layer provided by the ``aws-lambda-layer-kubectl SAR app.

  • kubectl_private_subnet_ids (Optional[List[str]]) – (experimental) Subnets to host the kubectl compute resources. If not specified, the k8s endpoint is expected to be accessible publicly. Default: - k8s endpoint is expected to be accessible publicly

  • kubectl_role_arn (Optional[str]) – (experimental) An IAM role with cluster administrator and “system:masters” permissions. Default: - if not specified, it not be possible to issue kubectl commands against an imported cluster.

  • kubectl_security_group_id (Optional[str]) – (experimental) A security group to use for kubectl execution. If not specified, the k8s endpoint is expected to be accessible publicly. Default: - k8s endpoint is expected to be accessible publicly

  • security_group_ids (Optional[List[str]]) – (experimental) Additional security groups associated with this cluster. Default: - if not specified, no additional security groups will be considered in cluster.connections.

  • vpc (Optional[IVpc]) – (experimental) The VPC in which this Cluster was created. Default: - if not specified cluster.vpc will throw an error

Stability

experimental

Attributes

cluster_certificate_authority_data

(experimental) The certificate-authority-data for your cluster.

Default

  • if not specified cluster.clusterCertificateAuthorityData will

throw an error

Stability

experimental

Return type

Optional[str]

cluster_encryption_config_key_arn

(experimental) Amazon Resource Name (ARN) or alias of the customer master key (CMK).

Default

  • if not specified cluster.clusterEncryptionConfigKeyArn will

throw an error

Stability

experimental

Return type

Optional[str]

cluster_endpoint

(experimental) The API Server endpoint URL.

Default
  • if not specified cluster.clusterEndpoint will throw an error.

Stability

experimental

Return type

Optional[str]

cluster_name

(experimental) The physical name of the Cluster.

Stability

experimental

Return type

str

cluster_security_group_id

(experimental) The cluster security group that was created by Amazon EKS for the cluster.

Default

  • if not specified cluster.clusterSecurityGroupId will throw an

error

Stability

experimental

Return type

Optional[str]

kubectl_environment

(experimental) Environment variables to use when running kubectl against this cluster.

Default
  • no additional variables

Stability

experimental

Return type

Optional[Mapping[str, str]]

kubectl_layer

(experimental) An AWS Lambda Layer which includes kubectl, Helm and the AWS CLI.

By default, the provider will use the layer included in the “aws-lambda-layer-kubectl” SAR application which is available in all commercial regions.

To deploy the layer locally, visit https://github.com/aws-samples/aws-lambda-layer-kubectl/blob/master/cdk/README.md for instructions on how to prepare the .zip file and then define it in your app as follows:

# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
layer = lambda_.LayerVersion(self, "kubectl-layer",
    code=lambda_.Code.from_asset(f"{__dirname}/layer.zip")
)
compatible_runtimes =

Oryoucanusethestandardlayerlikeself()with options
tocustomizetheversionandSARapplicationID

```ts
const layer = new eks.KubectlLayer(this, 'KubectlLayer');
Default
  • the layer provided by the aws-lambda-layer-kubectl SAR app.

See

https://github.com/aws-samples/aws-lambda-layer-kubectl

Stability

experimental

Return type

Optional[ILayerVersion]

kubectl_private_subnet_ids

(experimental) Subnets to host the kubectl compute resources.

If not specified, the k8s endpoint is expected to be accessible publicly.

Default
  • k8s endpoint is expected to be accessible publicly

Stability

experimental

Return type

Optional[List[str]]

kubectl_role_arn

masters” permissions.

Default

  • if not specified, it not be possible to issue kubectl commands

against an imported cluster.

Stability

experimental

Type

(experimental) An IAM role with cluster administrator and “system

Return type

Optional[str]

kubectl_security_group_id

(experimental) A security group to use for kubectl execution.

If not specified, the k8s endpoint is expected to be accessible publicly.

Default
  • k8s endpoint is expected to be accessible publicly

Stability

experimental

Return type

Optional[str]

security_group_ids

(experimental) Additional security groups associated with this cluster.

Default

  • if not specified, no additional security groups will be

considered in cluster.connections.

Stability

experimental

Return type

Optional[List[str]]

vpc

(experimental) The VPC in which this Cluster was created.

Default
  • if not specified cluster.vpc will throw an error

Stability

experimental

Return type

Optional[IVpc]