Class ClusterAttributes

Attributes for EKS clusters.

Inheritance

System.Object

ClusterAttributes

Implements

IClusterAttributes

Namespace: Amazon.CDK.AWS.EKS

Assembly: Amazon.CDK.AWS.EKS.dll

Syntax (csharp)

public class ClusterAttributes : Object, IClusterAttributes

Syntax (vb)

Public Class ClusterAttributes
    Inherits Object
    Implements IClusterAttributes

Remarks

ExampleMetadata: infused

Examples

Cluster cluster;
AutoScalingGroup asg;

var importedCluster = Cluster.FromClusterAttributes(this, "ImportedCluster", new ClusterAttributes {
    ClusterName = cluster.ClusterName,
    ClusterSecurityGroupId = cluster.ClusterSecurityGroupId
});

importedCluster.ConnectAutoScalingGroupCapacity(asg, new AutoScalingGroupOptions { });

Synopsis

Constructors

ClusterAttributes()

Properties

ClusterCertificateAuthorityData	The certificate-authority-data for your cluster.
ClusterEncryptionConfigKeyArn	Amazon Resource Name (ARN) or alias of the customer master key (CMK).
ClusterEndpoint	The API Server endpoint URL.
ClusterHandlerSecurityGroupId	A security group id to associate with the Cluster Handler's Lambdas.
ClusterName	The physical name of the Cluster.
ClusterSecurityGroupId	The cluster security group that was created by Amazon EKS for the cluster.
KubectlEnvironment	Environment variables to use when running `kubectl` against this cluster.
KubectlLambdaRole	An IAM role that can perform kubectl operations against this cluster.
KubectlLayer	An AWS Lambda Layer which includes `kubectl`, Helm and the AWS CLI.
KubectlMemory	Amount of memory to allocate to the provider's lambda function.
KubectlPrivateSubnetIds	Subnets to host the `kubectl` compute resources.
KubectlProvider	KubectlProvider for issuing kubectl commands.
KubectlRoleArn	An IAM role with cluster administrator and "system:masters" permissions.
KubectlSecurityGroupId	A security group to use for `kubectl` execution.
OnEventLayer	An AWS Lambda Layer which includes the NPM dependency `proxy-agent`.
OpenIdConnectProvider	An Open ID Connect provider for this cluster that can be used to configure service accounts.
Prune	Indicates whether Kubernetes resources added through `addManifest()` can be automatically pruned.
SecurityGroupIds	Additional security groups associated with this cluster.
Vpc	The VPC in which this Cluster was created.

Constructors

ClusterAttributes()

public ClusterAttributes()

Properties

ClusterCertificateAuthorityData

The certificate-authority-data for your cluster.

public string ClusterCertificateAuthorityData { get; set; }

Property Value

System.String

Remarks

Default: - if not specified cluster.clusterCertificateAuthorityData will throw an error

ClusterEncryptionConfigKeyArn

Amazon Resource Name (ARN) or alias of the customer master key (CMK).

public string ClusterEncryptionConfigKeyArn { get; set; }

Property Value

System.String

Remarks

Default: - if not specified cluster.clusterEncryptionConfigKeyArn will throw an error

ClusterEndpoint

The API Server endpoint URL.

public string ClusterEndpoint { get; set; }

Property Value

System.String

Remarks

Default: - if not specified cluster.clusterEndpoint will throw an error.

ClusterHandlerSecurityGroupId

A security group id to associate with the Cluster Handler's Lambdas.

public string ClusterHandlerSecurityGroupId { get; set; }

Property Value

System.String

Remarks

The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.

Default: - No security group.

ClusterName

The physical name of the Cluster.

public string ClusterName { get; set; }

Property Value

System.String

ClusterSecurityGroupId

The cluster security group that was created by Amazon EKS for the cluster.

public string ClusterSecurityGroupId { get; set; }

Property Value

System.String

Remarks

Default: - if not specified cluster.clusterSecurityGroupId will throw an error

KubectlEnvironment

Environment variables to use when running kubectl against this cluster.

public IDictionary<string, string> KubectlEnvironment { get; set; }

Property Value

System.Collections.Generic.IDictionary<System.String, System.String>

Remarks

Default: - no additional variables

KubectlLambdaRole

An IAM role that can perform kubectl operations against this cluster.

public IRole KubectlLambdaRole { get; set; }

Property Value

IRole

Remarks

The role should be mapped to the system:masters Kubernetes RBAC role.

This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster.

Default: - if not specified, the default role created by a lambda function will be used.

KubectlLayer

An AWS Lambda Layer which includes kubectl, Helm and the AWS CLI.

public ILayerVersion KubectlLayer { get; set; }

Property Value

ILayerVersion

Remarks

This layer is used by the kubectl handler to apply manifests and install helm charts.

The handler expects the layer to include the following executables:

helm/helm
kubectl/kubectl
awscli/aws

Default: - a layer bundled with this module.

KubectlMemory

Amount of memory to allocate to the provider's lambda function.

public Size KubectlMemory { get; set; }

Property Value

Size

Remarks

Default: Size.gibibytes(1)

KubectlPrivateSubnetIds

Subnets to host the kubectl compute resources.

public string[] KubectlPrivateSubnetIds { get; set; }

Property Value

System.String[]

Remarks

If not specified, the k8s endpoint is expected to be accessible publicly.

Default: - k8s endpoint is expected to be accessible publicly

KubectlProvider

KubectlProvider for issuing kubectl commands.

public IKubectlProvider KubectlProvider { get; set; }

Property Value

IKubectlProvider

Remarks

Default: - Default CDK provider

KubectlRoleArn

An IAM role with cluster administrator and "system:masters" permissions.

public string KubectlRoleArn { get; set; }

Property Value

System.String

Remarks

Default: - if not specified, it not be possible to issue kubectl commands against an imported cluster.

KubectlSecurityGroupId

A security group to use for kubectl execution.

public string KubectlSecurityGroupId { get; set; }

Property Value

System.String

Remarks

If not specified, the k8s endpoint is expected to be accessible publicly.

Default: - k8s endpoint is expected to be accessible publicly

OnEventLayer

An AWS Lambda Layer which includes the NPM dependency proxy-agent.

public ILayerVersion OnEventLayer { get; set; }

Property Value

ILayerVersion

Remarks

This layer is used by the onEvent handler to route AWS SDK requests through a proxy.

The handler expects the layer to include the following node_modules:

proxy-agent

Default: - a layer bundled with this module.

OpenIdConnectProvider

An Open ID Connect provider for this cluster that can be used to configure service accounts.

public IOpenIdConnectProvider OpenIdConnectProvider { get; set; }

Property Value

IOpenIdConnectProvider

Remarks

You can either import an existing provider using iam.OpenIdConnectProvider.fromProviderArn, or create a new provider using new eks.OpenIdConnectProvider

Default: - if not specified cluster.openIdConnectProvider and cluster.addServiceAccount will throw an error.

Prune

Indicates whether Kubernetes resources added through addManifest() can be automatically pruned.

public Nullable<bool> Prune { get; set; }

Property Value

System.Nullable<System.Boolean>

Remarks

When this is enabled (default), prune labels will be allocated and injected to each resource. These labels will then be used when issuing the kubectl apply operation with the --prune switch.

Default: true

SecurityGroupIds

Additional security groups associated with this cluster.

public string[] SecurityGroupIds { get; set; }

Property Value

System.String[]

Remarks

Default: - if not specified, no additional security groups will be considered in cluster.connections.

Vpc

The VPC in which this Cluster was created.

public IVpc Vpc { get; set; }

Property Value

IVpc

Remarks

Default: - if not specified cluster.vpc will throw an error

Implements

IClusterAttributes