Class Cluster
(experimental) A Cluster represents a managed Kubernetes Service (EKS).
Inherited Members
Namespace: Amazon.CDK.AWS.Eks.V2.Alpha
Assembly: Amazon.CDK.AWS.Eks.V2.Alpha.dll
Syntax (csharp)
public class Cluster : Resource, ICluster, IResource, IConstruct, IDependable, IEnvironmentAware, IConnectableSyntax (vb)
Public Class Cluster Inherits Resource Implements ICluster, IResource, IConstruct, IDependable, IEnvironmentAware, IConnectableRemarks
This is a fully managed cluster of API Servers (control-plane) The user is still required to create the worker nodes.
Stability: Experimental
Resource: AWS::EKS::Cluster
ExampleMetadata: infused
Examples
var cluster = new Cluster(this, "ManagedNodeCluster", new ClusterProps {
Version = KubernetesVersion.V1_33,
DefaultCapacityType = DefaultCapacityType.NODEGROUP
});
// Add a Fargate Profile for specific workloads (e.g., default namespace)
cluster.AddFargateProfile("FargateProfile", new FargateProfileOptions {
Selectors = new [] { new Selector { Namespace = "default" } }
});Synopsis
Constructors
| Cluster(Construct, string, IClusterProps) | (experimental) Initiates an EKS Cluster with the supplied arguments. |
Properties
| AlbController | (experimental) The ALB Controller construct defined for this cluster. |
| ClusterArn | (experimental) The AWS generated ARN for the Cluster resource. |
| ClusterCertificateAuthorityData | (experimental) The certificate-authority-data for your cluster. |
| ClusterEncryptionConfigKeyArn | (experimental) Amazon Resource Name (ARN) or alias of the customer master key (CMK). |
| ClusterEndpoint | (experimental) The endpoint URL for the Cluster. |
| ClusterName | (experimental) The Name of the created EKS Cluster. |
| ClusterOpenIdConnectIssuerUrl | (experimental) If this cluster is kubectl-enabled, returns the OpenID Connect issuer url. |
| ClusterSecurityGroup | (experimental) The cluster security group that was created by Amazon EKS for the cluster. |
| ClusterSecurityGroupId | (experimental) The id of the cluster security group that was created by Amazon EKS for the cluster. |
| Connections | (experimental) Manages connection rules (Security Group Rules) for the cluster. |
| DefaultCapacity | (experimental) The auto scaling group that hosts the default capacity for this cluster. |
| DefaultNodegroup | (experimental) The node group that hosts the default capacity for this cluster. |
| EksPodIdentityAgent | (experimental) Retrieves the EKS Pod Identity Agent addon for the EKS cluster. |
| IpFamily | (experimental) Specify which IP family is used to assign Kubernetes pod and service IP addresses. |
| KubectlProvider | (experimental) A Cluster represents a managed Kubernetes Service (EKS). |
| OpenIdConnectProvider | (experimental) An |
| PROPERTY_INJECTION_ID | (experimental) Uniquely identifies this class. |
| Prune | (experimental) Determines if Kubernetes resources can be pruned automatically. |
| Role | (experimental) IAM role assumed by the EKS Control Plane. |
| Vpc | (experimental) The VPC in which this Cluster was created. |
Methods
| AddAutoScalingGroupCapacity(string, IAutoScalingGroupCapacityOptions) | (experimental) Add nodes to this EKS cluster. |
| AddCdk8sChart(string, Construct, IKubernetesManifestOptions?) | (experimental) Defines a CDK8s chart in this cluster. |
| AddFargateProfile(string, IFargateProfileOptions) | (experimental) Adds a Fargate profile to this cluster. |
| AddHelmChart(string, IHelmChartOptions) | (experimental) Defines a Helm chart in this cluster. |
| AddManifest(string, params IDictionary<string, object>[]) | (experimental) Defines a Kubernetes resource in this cluster. |
| AddNodegroupCapacity(string, INodegroupOptions?) | (experimental) Add managed nodegroup to this Amazon EKS cluster. |
| AddServiceAccount(string, IServiceAccountOptions?) | (experimental) Creates a new service account with corresponding IAM Role (IRSA). |
| ConnectAutoScalingGroupCapacity(AutoScalingGroup, IAutoScalingGroupOptions) | (experimental) Connect capacity in the form of an existing AutoScalingGroup to the EKS cluster. |
| FromClusterAttributes(Construct, string, IClusterAttributes) | (experimental) Import an existing cluster. |
| GetIngressLoadBalancerAddress(string, IIngressLoadBalancerAddressOptions?) | (experimental) Fetch the load balancer address of an ingress backed by a load balancer. |
| GetServiceLoadBalancerAddress(string, IServiceLoadBalancerAddressOptions?) | (experimental) Fetch the load balancer address of a service of type 'LoadBalancer'. |
| GrantAccess(string, string, IAccessPolicy[]) | (experimental) Grants the specified IAM principal access to the EKS cluster based on the provided access policies. |
| GrantClusterAdmin(string, string) | (experimental) Grants the specified IAM principal cluster admin access to the EKS cluster. |
Constructors
Cluster(Construct, string, IClusterProps)
(experimental) Initiates an EKS Cluster with the supplied arguments.
public Cluster(Construct scope, string id, IClusterProps props)Parameters
- scope Construct
a Construct, most likely a cdk.Stack created.
- id string
the id of the Construct to create.
- props IClusterProps
properties in the IClusterProps interface.
Remarks
Stability: Experimental
Properties
AlbController
(experimental) The ALB Controller construct defined for this cluster.
public virtual AlbController? AlbController { get; }Property Value
Remarks
Will be undefined if albController wasn't configured.
Stability: Experimental
ClusterArn
(experimental) The AWS generated ARN for the Cluster resource.
public virtual string ClusterArn { get; }Property Value
Remarks
For example, arn:aws:eks:us-west-2:666666666666:cluster/prod
Stability: Experimental
ClusterCertificateAuthorityData
(experimental) The certificate-authority-data for your cluster.
public virtual string ClusterCertificateAuthorityData { get; }Property Value
Remarks
Stability: Experimental
ClusterEncryptionConfigKeyArn
(experimental) Amazon Resource Name (ARN) or alias of the customer master key (CMK).
public virtual string ClusterEncryptionConfigKeyArn { get; }Property Value
Remarks
Stability: Experimental
ClusterEndpoint
(experimental) The endpoint URL for the Cluster.
public virtual string ClusterEndpoint { get; }Property Value
Remarks
This is the URL inside the kubeconfig file to use with kubectl
For example, https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com
Stability: Experimental
ClusterName
(experimental) The Name of the created EKS Cluster.
public virtual string ClusterName { get; }Property Value
Remarks
Stability: Experimental
ClusterOpenIdConnectIssuerUrl
(experimental) If this cluster is kubectl-enabled, returns the OpenID Connect issuer url.
public virtual string ClusterOpenIdConnectIssuerUrl { get; }Property Value
Remarks
If this cluster is not kubectl-enabled (i.e. uses the
stock CfnCluster), this is undefined.
Stability: Experimental
Attribute: true
ClusterSecurityGroup
(experimental) The cluster security group that was created by Amazon EKS for the cluster.
public virtual ISecurityGroup ClusterSecurityGroup { get; }Property Value
Remarks
Stability: Experimental
ClusterSecurityGroupId
(experimental) The id of the cluster security group that was created by Amazon EKS for the cluster.
public virtual string ClusterSecurityGroupId { get; }Property Value
Remarks
Stability: Experimental
Connections
(experimental) Manages connection rules (Security Group Rules) for the cluster.
public virtual Connections_ Connections { get; }Property Value
Remarks
Stability: Experimental
Memberof: Cluster
Type: {ec2.Connections}
DefaultCapacity
(experimental) The auto scaling group that hosts the default capacity for this cluster.
public virtual AutoScalingGroup? DefaultCapacity { get; }Property Value
Remarks
This will be undefined if the defaultCapacityType is not EC2 or
defaultCapacityType is EC2 but default capacity is set to 0.
Stability: Experimental
DefaultNodegroup
(experimental) The node group that hosts the default capacity for this cluster.
public virtual Nodegroup? DefaultNodegroup { get; }Property Value
Remarks
This will be undefined if the defaultCapacityType is EC2 or
defaultCapacityType is NODEGROUP but default capacity is set to 0.
Stability: Experimental
EksPodIdentityAgent
(experimental) Retrieves the EKS Pod Identity Agent addon for the EKS cluster.
public virtual IAddon? EksPodIdentityAgent { get; }Property Value
Remarks
The EKS Pod Identity Agent is responsible for managing the temporary credentials used by pods in the cluster to access AWS resources. It runs as a DaemonSet on each node and provides the necessary credentials to the pods based on their associated service account.
Stability: Experimental
IpFamily
(experimental) Specify which IP family is used to assign Kubernetes pod and service IP addresses.
public virtual IpFamily? IpFamily { get; }Property Value
Remarks
Default: - IpFamily.IP_V4
Stability: Experimental
KubectlProvider
(experimental) A Cluster represents a managed Kubernetes Service (EKS).
public virtual IKubectlProvider? KubectlProvider { get; }Property Value
Remarks
Stability: Experimental
OpenIdConnectProvider
(experimental) An OpenIdConnectProvider resource associated with this cluster, and which can be used to link this cluster to AWS IAM.
public virtual IOpenIdConnectProvider OpenIdConnectProvider { get; }Property Value
Remarks
A provider will only be defined if this property is accessed (lazy initialization).
Stability: Experimental
PROPERTY_INJECTION_ID
(experimental) Uniquely identifies this class.
public static string PROPERTY_INJECTION_ID { get; }Property Value
Remarks
Stability: Experimental
Prune
(experimental) Determines if Kubernetes resources can be pruned automatically.
public virtual bool Prune { get; }Property Value
Remarks
Stability: Experimental
Role
(experimental) IAM role assumed by the EKS Control Plane.
public virtual IRole Role { get; }Property Value
Remarks
Stability: Experimental
Vpc
(experimental) The VPC in which this Cluster was created.
public virtual IVpc Vpc { get; }Property Value
Remarks
Stability: Experimental
Methods
AddAutoScalingGroupCapacity(string, IAutoScalingGroupCapacityOptions)
(experimental) Add nodes to this EKS cluster.
public virtual AutoScalingGroup AddAutoScalingGroupCapacity(string id, IAutoScalingGroupCapacityOptions options)Parameters
- id string
- options IAutoScalingGroupCapacityOptions
Returns
Remarks
The nodes will automatically be configured with the right VPC and AMI for the instance type and Kubernetes version.
Note that if you specify updateType: RollingUpdate or updateType: ReplacingUpdate, your nodes might be replaced at deploy
time without notice in case the recommended AMI for your machine image type has been updated by AWS.
The default behavior for updateType is None, which means only new instances will be launched using the new AMI.
Stability: Experimental
AddCdk8sChart(string, Construct, IKubernetesManifestOptions?)
(experimental) Defines a CDK8s chart in this cluster.
public virtual KubernetesManifest AddCdk8sChart(string id, Construct chart, IKubernetesManifestOptions? options = null)Parameters
- id string
logical id of this chart.
- chart Construct
the cdk8s chart.
- options IKubernetesManifestOptions
logical id of this chart.
Returns
a KubernetesManifest construct representing the chart.
Remarks
Stability: Experimental
AddFargateProfile(string, IFargateProfileOptions)
(experimental) Adds a Fargate profile to this cluster.
public virtual FargateProfile AddFargateProfile(string id, IFargateProfileOptions options)Parameters
- id string
the id of this profile.
- options IFargateProfileOptions
profile options.
Returns
Remarks
Stability: Experimental
See: https://docs.aws.amazon.com/eks/latest/userguide/fargate-profile.html
AddHelmChart(string, IHelmChartOptions)
(experimental) Defines a Helm chart in this cluster.
public virtual HelmChart AddHelmChart(string id, IHelmChartOptions options)Parameters
- id string
logical id of this chart.
- options IHelmChartOptions
options of this chart.
Returns
a HelmChart construct
Remarks
Stability: Experimental
AddManifest(string, params IDictionary<string, object>[])
(experimental) Defines a Kubernetes resource in this cluster.
public virtual KubernetesManifest AddManifest(string id, params IDictionary<string, object>[] manifest)Parameters
- id string
logical id of this manifest.
- manifest IDictionary<string, object>[]
a list of Kubernetes resource specifications.
Returns
a KubernetesResource object.
Remarks
The manifest will be applied/deleted using kubectl as needed.
Stability: Experimental
AddNodegroupCapacity(string, INodegroupOptions?)
(experimental) Add managed nodegroup to this Amazon EKS cluster.
public virtual Nodegroup AddNodegroupCapacity(string id, INodegroupOptions? options = null)Parameters
- id string
The ID of the nodegroup.
- options INodegroupOptions
options for creating a new nodegroup.
Returns
Remarks
This method will create a new managed nodegroup and add into the capacity.
Stability: Experimental
See: https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html
AddServiceAccount(string, IServiceAccountOptions?)
(experimental) Creates a new service account with corresponding IAM Role (IRSA).
public virtual ServiceAccount AddServiceAccount(string id, IServiceAccountOptions? options = null)Parameters
- id string
- options IServiceAccountOptions
Returns
Remarks
Stability: Experimental
ConnectAutoScalingGroupCapacity(AutoScalingGroup, IAutoScalingGroupOptions)
(experimental) Connect capacity in the form of an existing AutoScalingGroup to the EKS cluster.
public virtual void ConnectAutoScalingGroupCapacity(AutoScalingGroup autoScalingGroup, IAutoScalingGroupOptions options)Parameters
- autoScalingGroup AutoScalingGroup
[disable-awslint:ref-via-interface].
- options IAutoScalingGroupOptions
options for adding auto scaling groups, like customizing the bootstrap script.
Remarks
The AutoScalingGroup must be running an EKS-optimized AMI containing the /etc/eks/bootstrap.sh script. This method will configure Security Groups, add the right policies to the instance role, apply the right tags, and add the required user data to the instance's launch configuration.
Prefer to use addAutoScalingGroupCapacity if possible.
Stability: Experimental
See: https://docs.aws.amazon.com/eks/latest/userguide/launch-workers.html
FromClusterAttributes(Construct, string, IClusterAttributes)
(experimental) Import an existing cluster.
public static ICluster FromClusterAttributes(Construct scope, string id, IClusterAttributes attrs)Parameters
- scope Construct
the construct scope, in most cases 'this'.
- id string
the id or name to import as.
- attrs IClusterAttributes
the cluster properties to use for importing information.
Returns
Remarks
Stability: Experimental
GetIngressLoadBalancerAddress(string, IIngressLoadBalancerAddressOptions?)
(experimental) Fetch the load balancer address of an ingress backed by a load balancer.
public virtual string GetIngressLoadBalancerAddress(string ingressName, IIngressLoadBalancerAddressOptions? options = null)Parameters
- ingressName string
The name of the ingress.
- options IIngressLoadBalancerAddressOptions
Additional operation options.
Returns
Remarks
Stability: Experimental
GetServiceLoadBalancerAddress(string, IServiceLoadBalancerAddressOptions?)
(experimental) Fetch the load balancer address of a service of type 'LoadBalancer'.
public virtual string GetServiceLoadBalancerAddress(string serviceName, IServiceLoadBalancerAddressOptions? options = null)Parameters
- serviceName string
The name of the service.
- options IServiceLoadBalancerAddressOptions
Additional operation options.
Returns
Remarks
Stability: Experimental
GrantAccess(string, string, IAccessPolicy[])
(experimental) Grants the specified IAM principal access to the EKS cluster based on the provided access policies.
public virtual void GrantAccess(string id, string principal, IAccessPolicy[] accessPolicies)Parameters
- id string
- The ID of the
AccessEntryconstruct to be created.
- The ID of the
- principal string
- The IAM principal (role or user) to be granted access to the EKS cluster.
- accessPolicies IAccessPolicy[]
- An array of
IAccessPolicyobjects that define the access permissions to be granted to the IAM principal.
- An array of
Remarks
This method creates an AccessEntry construct that grants the specified IAM principal the access permissions
defined by the provided IAccessPolicy array. This allows the IAM principal to perform the actions permitted
by the access policies within the EKS cluster.
Stability: Experimental
GrantClusterAdmin(string, string)
(experimental) Grants the specified IAM principal cluster admin access to the EKS cluster.
public virtual AccessEntry GrantClusterAdmin(string id, string principal)Parameters
- id string
- The ID of the
AccessEntryconstruct to be created.
- The ID of the
- principal string
- The IAM principal (role or user) to be granted access to the EKS cluster.
Returns
the access entry construct
Remarks
This method creates an AccessEntry construct that grants the specified IAM principal the cluster admin
access permissions. This allows the IAM principal to perform the actions permitted
by the cluster admin acces.
Stability: Experimental