Class CfnCluster
A CloudFormation AWS::EKS::Cluster
.
Inherited Members
Namespace: Amazon.CDK.AWS.EKS
Assembly: Amazon.CDK.AWS.EKS.dll
Syntax (csharp)
public class CfnCluster : CfnResource, IConstruct, IDependable, IInspectable
Syntax (vb)
Public Class CfnCluster
Inherits CfnResource
Implements IConstruct, IDependable, IInspectable
Remarks
Creates an Amazon EKS control plane.
The Amazon EKS control plane consists of control plane instances that run the Kubernetes software, such as etcd
and the API server. The control plane runs in an account managed by AWS , and the Kubernetes API is exposed by the Amazon EKS API server endpoint. Each Amazon EKS cluster control plane is single tenant and unique. It runs on its own set of Amazon EC2 instances.
The cluster control plane is provisioned across multiple Availability Zones and fronted by an Elastic Load Balancing Network Load Balancer. Amazon EKS also provisions elastic network interfaces in your VPC subnets to provide connectivity from the control plane instances to the nodes (for example, to support kubectl exec
, logs
, and proxy
data flows).
Amazon EKS nodes run in your AWS account and connect to your cluster's control plane over the Kubernetes API server endpoint and a certificate file that is created for your cluster.
In most cases, it takes several minutes to create a cluster. After you create an Amazon EKS cluster, you must configure your Kubernetes tooling to communicate with the API server and launch nodes into your cluster. For more information, see Managing Cluster Authentication and Launching Amazon EKS nodes in the Amazon EKS User Guide .
CloudformationResource: AWS::EKS::Cluster
Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.EKS;
var cfnCluster = new CfnCluster(this, "MyCfnCluster", new CfnClusterProps {
ResourcesVpcConfig = new ResourcesVpcConfigProperty {
SubnetIds = new [] { "subnetIds" },
// the properties below are optional
EndpointPrivateAccess = false,
EndpointPublicAccess = false,
PublicAccessCidrs = new [] { "publicAccessCidrs" },
SecurityGroupIds = new [] { "securityGroupIds" }
},
RoleArn = "roleArn",
// the properties below are optional
EncryptionConfig = new [] { new EncryptionConfigProperty {
Provider = new ProviderProperty {
KeyArn = "keyArn"
},
Resources = new [] { "resources" }
} },
KubernetesNetworkConfig = new KubernetesNetworkConfigProperty {
IpFamily = "ipFamily",
ServiceIpv4Cidr = "serviceIpv4Cidr",
ServiceIpv6Cidr = "serviceIpv6Cidr"
},
Logging = new LoggingProperty {
ClusterLogging = new ClusterLoggingProperty {
EnabledTypes = new [] { new LoggingTypeConfigProperty {
Type = "type"
} }
}
},
Name = "name",
OutpostConfig = new OutpostConfigProperty {
ControlPlaneInstanceType = "controlPlaneInstanceType",
OutpostArns = new [] { "outpostArns" },
// the properties below are optional
ControlPlanePlacement = new ControlPlanePlacementProperty {
GroupName = "groupName"
}
},
Tags = new [] { new CfnTag {
Key = "key",
Value = "value"
} },
Version = "version"
});
Synopsis
Constructors
CfnCluster(Construct, String, ICfnClusterProps) | Create a new |
CfnCluster(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
CfnCluster(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
Properties
AttrArn | The ARN of the cluster, such as |
AttrCertificateAuthorityData | The |
AttrClusterSecurityGroupId | The cluster security group that was created by Amazon EKS for the cluster. |
AttrEncryptionConfigKeyArn | Amazon Resource Name (ARN) or alias of the customer master key (CMK). |
AttrEndpoint | The endpoint for your Kubernetes API server, such as |
AttrId | The ID of your local Amazon EKS cluster on an AWS Outpost. |
AttrKubernetesNetworkConfigServiceIpv6Cidr | The CIDR block that Kubernetes Service IP addresses are assigned from if you created a |
AttrOpenIdConnectIssuerUrl | The issuer URL for the OIDC identity provider. |
CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
CfnProperties | |
EncryptionConfig | The encryption configuration for the cluster. |
KubernetesNetworkConfig | The Kubernetes network configuration for the cluster. |
Logging | The logging configuration for your cluster. |
Name | The unique name to give to your cluster. |
OutpostConfig | An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. |
ResourcesVpcConfig | The VPC configuration that's used by the cluster control plane. |
RoleArn | The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. |
Tags | The metadata that you apply to the cluster to assist with categorization and organization. |
Version | The desired Kubernetes version for your cluster. |
Methods
Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
RenderProperties(IDictionary<String, Object>) |
Constructors
CfnCluster(Construct, String, ICfnClusterProps)
Create a new AWS::EKS::Cluster
.
public CfnCluster(Construct scope, string id, ICfnClusterProps props)
Parameters
- scope Construct
- scope in which this resource is defined.
- id System.String
- scoped id of the resource.
- props ICfnClusterProps
- resource properties.
CfnCluster(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected CfnCluster(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
CfnCluster(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected CfnCluster(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
Properties
AttrArn
The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod
.
public virtual string AttrArn { get; }
Property Value
System.String
Remarks
CloudformationAttribute: Arn
AttrCertificateAuthorityData
The certificate-authority-data
for your cluster.
public virtual string AttrCertificateAuthorityData { get; }
Property Value
System.String
Remarks
CloudformationAttribute: CertificateAuthorityData
AttrClusterSecurityGroupId
The cluster security group that was created by Amazon EKS for the cluster.
public virtual string AttrClusterSecurityGroupId { get; }
Property Value
System.String
Remarks
Managed node groups use this security group for control plane to data plane communication.
This parameter is only returned by Amazon EKS clusters that support managed node groups. For more information, see Managed node groups in the Amazon EKS User Guide .
CloudformationAttribute: ClusterSecurityGroupId
AttrEncryptionConfigKeyArn
Amazon Resource Name (ARN) or alias of the customer master key (CMK).
public virtual string AttrEncryptionConfigKeyArn { get; }
Property Value
System.String
Remarks
CloudformationAttribute: EncryptionConfigKeyArn
AttrEndpoint
The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com
.
public virtual string AttrEndpoint { get; }
Property Value
System.String
Remarks
CloudformationAttribute: Endpoint
AttrId
The ID of your local Amazon EKS cluster on an AWS Outpost.
public virtual string AttrId { get; }
Property Value
System.String
Remarks
This property isn't available for an Amazon EKS cluster on the AWS cloud.
CloudformationAttribute: Id
AttrKubernetesNetworkConfigServiceIpv6Cidr
The CIDR block that Kubernetes Service IP addresses are assigned from if you created a 1.21
or later cluster with version >1.10.1
or later of the Amazon VPC CNI add-on and specified ipv6
for ipFamily when you created the cluster. Kubernetes assigns Service addresses from the unique local address range ( fc00::/7
) because you can't specify a custom IPv6
CIDR block when you create the cluster.
public virtual string AttrKubernetesNetworkConfigServiceIpv6Cidr { get; }
Property Value
System.String
Remarks
CloudformationAttribute: KubernetesNetworkConfig.ServiceIpv6Cidr
AttrOpenIdConnectIssuerUrl
The issuer URL for the OIDC identity provider.
public virtual string AttrOpenIdConnectIssuerUrl { get; }
Property Value
System.String
Remarks
CloudformationAttribute: OpenIdConnectIssuerUrl
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }
Property Value
System.String
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Overrides
EncryptionConfig
The encryption configuration for the cluster.
public virtual object EncryptionConfig { get; set; }
Property Value
System.Object
Remarks
KubernetesNetworkConfig
The Kubernetes network configuration for the cluster.
public virtual object KubernetesNetworkConfig { get; set; }
Property Value
System.Object
Remarks
Logging
The logging configuration for your cluster.
public virtual object Logging { get; set; }
Property Value
System.Object
Remarks
Name
The unique name to give to your cluster.
public virtual string Name { get; set; }
Property Value
System.String
Remarks
OutpostConfig
An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost.
public virtual object OutpostConfig { get; set; }
Property Value
System.Object
Remarks
This object isn't available for clusters on the AWS cloud.
ResourcesVpcConfig
The VPC configuration that's used by the cluster control plane.
public virtual object ResourcesVpcConfig { get; set; }
Property Value
System.Object
Remarks
Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.
Updates require replacement of the SecurityGroupIds
and SubnetIds
sub-properties.
RoleArn
The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
public virtual string RoleArn { get; set; }
Property Value
System.String
Remarks
For more information, see Amazon EKS Service IAM Role in the Amazon EKS User Guide .
Tags
The metadata that you apply to the cluster to assist with categorization and organization.
public virtual TagManager Tags { get; }
Property Value
Remarks
Each tag consists of a key and an optional value, both of which you define. Cluster tags don't propagate to any other resources associated with the cluster.
You must have the eks:TagResource
and eks:UntagResource
permissions for your IAM principal to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.
Version
The desired Kubernetes version for your cluster.
public virtual string Version { get; set; }
Property Value
System.String
Remarks
If you don't specify a value here, the default version available in Amazon EKS is used.
The default version might not be the latest version available.
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)
Parameters
- inspector TreeInspector
- tree inspector to collect and process attributes.
RenderProperties(IDictionary<String, Object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)
Parameters
- props System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
System.Collections.Generic.IDictionary<System.String, System.Object>