Interface ICluster
- All Superinterfaces:
IConnectable
,software.constructs.IConstruct
,software.constructs.IDependable
,IResource
,software.amazon.jsii.JsiiSerializable
- All Known Subinterfaces:
ICluster.Jsii$Default
- All Known Implementing Classes:
Cluster
,FargateCluster
,ICluster.Jsii$Proxy
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic interface
Internal default implementation forICluster
.static final class
A proxy class which represents a concrete javascript instance of this type. -
Method Summary
Modifier and TypeMethodDescriptionaddCdk8sChart
(String id, software.constructs.Construct chart) Defines a CDK8s chart in this cluster.addCdk8sChart
(String id, software.constructs.Construct chart, KubernetesManifestOptions options) Defines a CDK8s chart in this cluster.addHelmChart
(String id, HelmChartOptions options) Defines a Helm chart in this cluster.addManifest
(String id, @NotNull Map<String, Object>... manifest) Defines a Kubernetes resource in this cluster.Creates a new service account with corresponding IAM Role (IRSA).addServiceAccount
(String id, ServiceAccountOptions options) Creates a new service account with corresponding IAM Role (IRSA).void
connectAutoScalingGroupCapacity
(AutoScalingGroup autoScalingGroup, AutoScalingGroupOptions options) Connect capacity in the form of an existing AutoScalingGroup to the EKS cluster.default AuthenticationMode
The authentication mode for the cluster.default ILayerVersion
An AWS Lambda layer that contains theaws
CLI.The unique ARN assigned to the service by AWS in the form of arn:aws:eks:.The certificate-authority-data for your cluster.Amazon Resource Name (ARN) or alias of the customer master key (CMK).The API Server endpoint URL.default ISecurityGroup
A security group to associate with the Cluster Handler's Lambdas.The physical name of the Cluster.The cluster security group that was created by Amazon EKS for the cluster.The id of the cluster security group that was created by Amazon EKS for the cluster.default IAddon
The EKS Pod Identity Agent addon for the EKS cluster.default IpFamily
Specify which IP family is used to assign Kubernetes pod and service IP addresses.Custom environment variables when runningkubectl
against this cluster.default IRole
An IAM role that can perform kubectl operations against this cluster.default ILayerVersion
An AWS Lambda layer that includeskubectl
andhelm
.default Size
Amount of memory to allocate to the provider's lambda function.Subnets to host thekubectl
compute resources.default IKubectlProvider
Kubectl Provider for issuing kubectl commands against it.default IRole
An IAM role that can perform kubectl operations against this cluster.default ISecurityGroup
A security group to use forkubectl
execution.default ILayerVersion
An AWS Lambda layer that includes the NPM dependencyproxy-agent
.The Open ID Connect Provider of the cluster used to configure Service Accounts.getPrune()
Indicates whether Kubernetes resources can be automatically pruned.getVpc()
The VPC in which this Cluster was created.Methods inherited from interface software.amazon.awscdk.services.ec2.IConnectable
getConnections
Methods inherited from interface software.constructs.IConstruct
getNode
Methods inherited from interface software.amazon.awscdk.IResource
applyRemovalPolicy, getEnv, getStack
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getClusterArn
The unique ARN assigned to the service by AWS in the form of arn:aws:eks:. -
getClusterCertificateAuthorityData
The certificate-authority-data for your cluster. -
getClusterEncryptionConfigKeyArn
Amazon Resource Name (ARN) or alias of the customer master key (CMK). -
getClusterEndpoint
The API Server endpoint URL. -
getClusterName
The physical name of the Cluster. -
getClusterSecurityGroup
The cluster security group that was created by Amazon EKS for the cluster. -
getClusterSecurityGroupId
The id of the cluster security group that was created by Amazon EKS for the cluster. -
getOpenIdConnectProvider
The Open ID Connect Provider of the cluster used to configure Service Accounts. -
getPrune
Indicates whether Kubernetes resources can be automatically pruned.When this is enabled (default), prune labels will be allocated and injected to each resource. These labels will then be used when issuing the
kubectl apply
operation with the--prune
switch. -
getVpc
The VPC in which this Cluster was created. -
getAuthenticationMode
The authentication mode for the cluster.Default: AuthenticationMode.CONFIG_MAP
-
getAwscliLayer
An AWS Lambda layer that contains theaws
CLI.If not defined, a default layer will be used containing the AWS CLI 1.x.
-
getClusterHandlerSecurityGroup
A security group to associate with the Cluster Handler's Lambdas.The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.
Requires
placeClusterHandlerInVpc
to be set to true.Default: - No security group.
-
getEksPodIdentityAgent
The EKS Pod Identity Agent addon for the EKS cluster.The EKS Pod Identity Agent is responsible for managing the temporary credentials used by pods in the cluster to access AWS resources. It runs as a DaemonSet on each node and provides the necessary credentials to the pods based on their associated service account.
This property returns the
CfnAddon
resource representing the EKS Pod Identity Agent addon. If the addon has not been created yet, it will be created and returned. -
getIpFamily
Specify which IP family is used to assign Kubernetes pod and service IP addresses.Default: - IpFamily.IP_V4
- See Also:
-
getKubectlEnvironment
Custom environment variables when runningkubectl
against this cluster. -
getKubectlLambdaRole
An IAM role that can perform kubectl operations against this cluster.The role should be mapped to the
system:masters
Kubernetes RBAC role.This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster.
-
getKubectlLayer
An AWS Lambda layer that includeskubectl
andhelm
.If not defined, a default layer will be used containing Kubectl 1.20 and Helm 3.8
-
getKubectlMemory
Amount of memory to allocate to the provider's lambda function. -
getKubectlPrivateSubnets
Subnets to host thekubectl
compute resources.If this is undefined, the k8s endpoint is expected to be accessible publicly.
-
getKubectlProvider
Kubectl Provider for issuing kubectl commands against it.If not defined, a default provider will be used
-
getKubectlRole
An IAM role that can perform kubectl operations against this cluster.The role should be mapped to the
system:masters
Kubernetes RBAC role. -
getKubectlSecurityGroup
A security group to use forkubectl
execution.If this is undefined, the k8s endpoint is expected to be accessible publicly.
-
getOnEventLayer
An AWS Lambda layer that includes the NPM dependencyproxy-agent
.If not defined, a default layer will be used.
-
addCdk8sChart
@Stability(Stable) @NotNull KubernetesManifest addCdk8sChart(@NotNull String id, @NotNull software.constructs.Construct chart, @Nullable KubernetesManifestOptions options) Defines a CDK8s chart in this cluster.- Parameters:
id
- logical id of this chart. This parameter is required.chart
- the cdk8s chart. This parameter is required.options
-- Returns:
- a
KubernetesManifest
construct representing the chart.
-
addCdk8sChart
@Stability(Stable) @NotNull KubernetesManifest addCdk8sChart(@NotNull String id, @NotNull software.constructs.Construct chart) Defines a CDK8s chart in this cluster.- Parameters:
id
- logical id of this chart. This parameter is required.chart
- the cdk8s chart. This parameter is required.- Returns:
- a
KubernetesManifest
construct representing the chart.
-
addHelmChart
@Stability(Stable) @NotNull HelmChart addHelmChart(@NotNull String id, @NotNull HelmChartOptions options) Defines a Helm chart in this cluster.- Parameters:
id
- logical id of this chart. This parameter is required.options
- options of this chart. This parameter is required.- Returns:
- a
HelmChart
construct
-
addManifest
@Stability(Stable) @NotNull KubernetesManifest addManifest(@NotNull String id, @NotNull @NotNull Map<String, Object>... manifest) Defines a Kubernetes resource in this cluster.The manifest will be applied/deleted using kubectl as needed.
- Parameters:
id
- logical id of this manifest. This parameter is required.manifest
- a list of Kubernetes resource specifications. This parameter is required.- Returns:
- a
KubernetesManifest
object.
-
addServiceAccount
@Stability(Stable) @NotNull ServiceAccount addServiceAccount(@NotNull String id, @Nullable ServiceAccountOptions options) Creates a new service account with corresponding IAM Role (IRSA).- Parameters:
id
- logical id of service account. This parameter is required.options
- service account options.
-
addServiceAccount
Creates a new service account with corresponding IAM Role (IRSA).- Parameters:
id
- logical id of service account. This parameter is required.
-
connectAutoScalingGroupCapacity
@Stability(Stable) void connectAutoScalingGroupCapacity(@NotNull AutoScalingGroup autoScalingGroup, @NotNull AutoScalingGroupOptions options) Connect capacity in the form of an existing AutoScalingGroup to the EKS cluster.The AutoScalingGroup must be running an EKS-optimized AMI containing the /etc/eks/bootstrap.sh script. This method will configure Security Groups, add the right policies to the instance role, apply the right tags, and add the required user data to the instance's launch configuration.
Spot instances will be labeled
lifecycle=Ec2Spot
and tainted withPreferNoSchedule
. If kubectl is enabled, the spot interrupt handler daemon will be installed on all spot instances to handle EC2 Spot Instance Termination Notices.Prefer to use
addAutoScalingGroupCapacity
if possible.- Parameters:
autoScalingGroup
- [disable-awslint:ref-via-interface]. This parameter is required.options
- options for adding auto scaling groups, like customizing the bootstrap script. This parameter is required.- See Also:
-