Class CfnCluster
Creates an Amazon EKS control plane.
Inherited Members
Namespace: Amazon.CDK.AWS.EKS
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnCluster : CfnResource, IInspectable, ITaggable
Syntax (vb)
Public Class CfnCluster
Inherits CfnResource
Implements IInspectable, ITaggable
Remarks
The Amazon EKS control plane consists of control plane instances that run the Kubernetes software, such as etcd
and the API server. The control plane runs in an account managed by AWS , and the Kubernetes API is exposed by the Amazon EKS API server endpoint. Each Amazon EKS cluster control plane is single tenant and unique. It runs on its own set of Amazon EC2 instances.
The cluster control plane is provisioned across multiple Availability Zones and fronted by an Elastic Load Balancing Network Load Balancer. Amazon EKS also provisions elastic network interfaces in your VPC subnets to provide connectivity from the control plane instances to the nodes (for example, to support kubectl exec
, logs
, and proxy
data flows).
Amazon EKS nodes run in your AWS account and connect to your cluster's control plane over the Kubernetes API server endpoint and a certificate file that is created for your cluster.
You can use the endpointPublicAccess
and endpointPrivateAccess
parameters to enable or disable public and private access to your cluster's Kubernetes API server endpoint. By default, public access is enabled, and private access is disabled. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .
You can use the logging
parameter to enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs. By default, cluster control plane logs aren't exported to CloudWatch Logs. For more information, see Amazon EKS Cluster Control Plane Logs in the Amazon EKS User Guide .
CloudWatch Logs ingestion, archive storage, and data scanning rates apply to exported control plane logs. For more information, see CloudWatch Pricing .
In most cases, it takes several minutes to create a cluster. After you create an Amazon EKS cluster, you must configure your Kubernetes tooling to communicate with the API server and launch nodes into your cluster. For more information, see Allowing users to access your cluster and Launching Amazon EKS nodes in the Amazon EKS User Guide .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html
CloudformationResource: AWS::EKS::Cluster
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.EKS;
var cfnCluster = new CfnCluster(this, "MyCfnCluster", new CfnClusterProps {
ResourcesVpcConfig = new ResourcesVpcConfigProperty {
SubnetIds = new [] { "subnetIds" },
// the properties below are optional
EndpointPrivateAccess = false,
EndpointPublicAccess = false,
PublicAccessCidrs = new [] { "publicAccessCidrs" },
SecurityGroupIds = new [] { "securityGroupIds" }
},
RoleArn = "roleArn",
// the properties below are optional
AccessConfig = new AccessConfigProperty {
AuthenticationMode = "authenticationMode",
BootstrapClusterCreatorAdminPermissions = false
},
BootstrapSelfManagedAddons = false,
EncryptionConfig = new [] { new EncryptionConfigProperty {
Provider = new ProviderProperty {
KeyArn = "keyArn"
},
Resources = new [] { "resources" }
} },
KubernetesNetworkConfig = new KubernetesNetworkConfigProperty {
IpFamily = "ipFamily",
ServiceIpv4Cidr = "serviceIpv4Cidr",
ServiceIpv6Cidr = "serviceIpv6Cidr"
},
Logging = new LoggingProperty {
ClusterLogging = new ClusterLoggingProperty {
EnabledTypes = new [] { new LoggingTypeConfigProperty {
Type = "type"
} }
}
},
Name = "name",
OutpostConfig = new OutpostConfigProperty {
ControlPlaneInstanceType = "controlPlaneInstanceType",
OutpostArns = new [] { "outpostArns" },
// the properties below are optional
ControlPlanePlacement = new ControlPlanePlacementProperty {
GroupName = "groupName"
}
},
Tags = new [] { new CfnTag {
Key = "key",
Value = "value"
} },
UpgradePolicy = new UpgradePolicyProperty {
SupportType = "supportType"
},
Version = "version",
ZonalShiftConfig = new ZonalShiftConfigProperty {
Enabled = false
}
});
Synopsis
Constructors
CfnCluster(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
CfnCluster(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
CfnCluster(Construct, String, ICfnClusterProps) |
Properties
AccessConfig | The access configuration for the cluster. |
AttrArn | The ARN of the cluster, such as |
AttrCertificateAuthorityData | The |
AttrClusterSecurityGroupId | The cluster security group that was created by Amazon EKS for the cluster. |
AttrEncryptionConfigKeyArn | Amazon Resource Name (ARN) or alias of the customer master key (CMK). |
AttrEndpoint | The endpoint for your Kubernetes API server, such as |
AttrId | The ID of your local Amazon EKS cluster on an AWS Outpost. |
AttrKubernetesNetworkConfigServiceIpv6Cidr | The CIDR block that Kubernetes Service IP addresses are assigned from if you created a |
AttrOpenIdConnectIssuerUrl | The issuer URL for the OIDC identity provider of the cluster, such as |
BootstrapSelfManagedAddons | If you set this value to |
CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
CfnProperties | |
EncryptionConfig | The encryption configuration for the cluster. |
KubernetesNetworkConfig | The Kubernetes network configuration for the cluster. |
Logging | The logging configuration for your cluster. |
Name | The unique name to give to your cluster. |
OutpostConfig | An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. |
ResourcesVpcConfig | The VPC configuration that's used by the cluster control plane. |
RoleArn | The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. |
Tags | Tag Manager which manages the tags for this resource. |
TagsRaw | The metadata that you apply to the cluster to assist with categorization and organization. |
UpgradePolicy | This value indicates if extended support is enabled or disabled for the cluster. |
Version | The desired Kubernetes version for your cluster. |
ZonalShiftConfig | The configuration for zonal shift for the cluster. |
Methods
Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
RenderProperties(IDictionary<String, Object>) |
Constructors
CfnCluster(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected CfnCluster(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
CfnCluster(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected CfnCluster(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
CfnCluster(Construct, String, ICfnClusterProps)
public CfnCluster(Construct scope, string id, ICfnClusterProps props)
Parameters
- scope Constructs.Construct
Scope in which this resource is defined.
- id System.String
Construct identifier for this resource (unique in its scope).
- props ICfnClusterProps
Resource properties.
Properties
AccessConfig
The access configuration for the cluster.
public virtual object AccessConfig { get; set; }
Property Value
System.Object
AttrArn
The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod
.
public virtual string AttrArn { get; }
Property Value
System.String
Remarks
CloudformationAttribute: Arn
AttrCertificateAuthorityData
The certificate-authority-data
for your cluster.
public virtual string AttrCertificateAuthorityData { get; }
Property Value
System.String
Remarks
CloudformationAttribute: CertificateAuthorityData
AttrClusterSecurityGroupId
The cluster security group that was created by Amazon EKS for the cluster.
public virtual string AttrClusterSecurityGroupId { get; }
Property Value
System.String
Remarks
Managed node groups use this security group for control plane to data plane communication.
This parameter is only returned by Amazon EKS clusters that support managed node groups. For more information, see Managed node groups in the Amazon EKS User Guide .
CloudformationAttribute: ClusterSecurityGroupId
AttrEncryptionConfigKeyArn
Amazon Resource Name (ARN) or alias of the customer master key (CMK).
public virtual string AttrEncryptionConfigKeyArn { get; }
Property Value
System.String
Remarks
CloudformationAttribute: EncryptionConfigKeyArn
AttrEndpoint
The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com
.
public virtual string AttrEndpoint { get; }
Property Value
System.String
Remarks
CloudformationAttribute: Endpoint
AttrId
The ID of your local Amazon EKS cluster on an AWS Outpost.
public virtual string AttrId { get; }
Property Value
System.String
Remarks
This property isn't available for an Amazon EKS cluster on the AWS cloud.
CloudformationAttribute: Id
AttrKubernetesNetworkConfigServiceIpv6Cidr
The CIDR block that Kubernetes Service IP addresses are assigned from if you created a 1.21
or later cluster with version >1.10.1
or later of the Amazon VPC CNI add-on and specified ipv6
for ipFamily when you created the cluster. Kubernetes assigns Service addresses from the unique local address range ( fc00::/7
) because you can't specify a custom IPv6
CIDR block when you create the cluster.
public virtual string AttrKubernetesNetworkConfigServiceIpv6Cidr { get; }
Property Value
System.String
Remarks
CloudformationAttribute: KubernetesNetworkConfig.ServiceIpv6Cidr
AttrOpenIdConnectIssuerUrl
The issuer URL for the OIDC identity provider of the cluster, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E
. If you need to remove https://
from this output value, you can include the following code in your template.
public virtual string AttrOpenIdConnectIssuerUrl { get; }
Property Value
System.String
Remarks
!Select [1, !Split ["//", !GetAtt EKSCluster.OpenIdConnectIssuerUrl]]
CloudformationAttribute: OpenIdConnectIssuerUrl
BootstrapSelfManagedAddons
If you set this value to False
when creating a cluster, the default networking add-ons will not be installed.
public virtual object BootstrapSelfManagedAddons { get; set; }
Property Value
System.Object
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }
Property Value
System.String
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Overrides
EncryptionConfig
The encryption configuration for the cluster.
public virtual object EncryptionConfig { get; set; }
Property Value
System.Object
KubernetesNetworkConfig
The Kubernetes network configuration for the cluster.
public virtual object KubernetesNetworkConfig { get; set; }
Property Value
System.Object
Logging
The logging configuration for your cluster.
public virtual object Logging { get; set; }
Property Value
System.Object
Name
The unique name to give to your cluster.
public virtual string Name { get; set; }
Property Value
System.String
OutpostConfig
An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost.
public virtual object OutpostConfig { get; set; }
Property Value
System.Object
ResourcesVpcConfig
The VPC configuration that's used by the cluster control plane.
public virtual object ResourcesVpcConfig { get; set; }
Property Value
System.Object
RoleArn
The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
public virtual string RoleArn { get; set; }
Property Value
System.String
Tags
Tag Manager which manages the tags for this resource.
public virtual TagManager Tags { get; }
Property Value
TagsRaw
The metadata that you apply to the cluster to assist with categorization and organization.
public virtual ICfnTag[] TagsRaw { get; set; }
Property Value
ICfnTag[]
UpgradePolicy
This value indicates if extended support is enabled or disabled for the cluster.
public virtual object UpgradePolicy { get; set; }
Property Value
System.Object
Version
The desired Kubernetes version for your cluster.
public virtual string Version { get; set; }
Property Value
System.String
ZonalShiftConfig
The configuration for zonal shift for the cluster.
public virtual object ZonalShiftConfig { get; set; }
Property Value
System.Object
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)
Parameters
- inspector TreeInspector
tree inspector to collect and process attributes.
RenderProperties(IDictionary<String, Object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)
Parameters
- props System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
System.Collections.Generic.IDictionary<System.String, System.Object>