Package software.amazon.awscdk.services.eks.v2.alpha

Class Cluster

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.Resource
software.amazon.awscdk.services.eks.v2.alpha.Cluster
All Implemented Interfaces:
IEnvironmentAware, IResource, IConnectable, ICluster, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable
Direct Known Subclasses:
FargateCluster
@Generated(value="jsii-pacmak/1.118.0 (build 02eec31)", date="2025-11-04T09:27:53.127Z") @Stability(Experimental) public class Cluster extends Resource implements ICluster
(experimental) A Cluster represents a managed Kubernetes Service (EKS).

This is a fully managed cluster of API Servers (control-plane) The user is still required to create the worker nodes.

Example: 

 Cluster cluster = Cluster.Builder.create(this, "ManagedNodeCluster")
         .version(KubernetesVersion.V1_33)
         .defaultCapacityType(DefaultCapacityType.NODEGROUP)
         .build();
 // Add a Fargate Profile for specific workloads (e.g., default namespace)
 cluster.addFargateProfile("FargateProfile", FargateProfileOptions.builder()
         .selectors(List.of(Selector.builder().namespace("default").build()))
         .build());

  • Field Details

    • PROPERTY_INJECTION_ID

      @Stability(Experimental) public static final String PROPERTY_INJECTION_ID
      (experimental) Uniquely identifies this class.

  • Constructor Details

    • Cluster

      protected Cluster(software.amazon.jsii.JsiiObjectRef objRef)

    • Cluster

      protected Cluster(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • Cluster

      @Stability(Experimental) public Cluster(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull ClusterProps props)
      (experimental) Initiates an EKS Cluster with the supplied arguments.

      Parameters:
      scope - a Construct, most likely a cdk.Stack created. This parameter is required.
      id - the id of the Construct to create. This parameter is required.
      props - properties in the IClusterProps interface. This parameter is required.

  • Method Details

    • fromClusterAttributes

      @Stability(Experimental) @NotNull public static ICluster fromClusterAttributes(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull ClusterAttributes attrs)
      (experimental) Import an existing cluster.

      Parameters:
      scope - the construct scope, in most cases 'this'. This parameter is required.
      id - the id or name to import as. This parameter is required.
      attrs - the cluster properties to use for importing information. This parameter is required.

    • addAutoScalingGroupCapacity

      @Stability(Experimental) @NotNull public AutoScalingGroup addAutoScalingGroupCapacity(@NotNull String id, @NotNull AutoScalingGroupCapacityOptions options)
      (experimental) Add nodes to this EKS cluster.

      The nodes will automatically be configured with the right VPC and AMI for the instance type and Kubernetes version.

      Note that if you specify updateType: RollingUpdate or updateType: ReplacingUpdate, your nodes might be replaced at deploy time without notice in case the recommended AMI for your machine image type has been updated by AWS. The default behavior for updateType is None, which means only new instances will be launched using the new AMI.

      Parameters:
      id - This parameter is required.
      options - This parameter is required.

    • addCdk8sChart

      @Stability(Experimental) @NotNull public KubernetesManifest addCdk8sChart(@NotNull String id, @NotNull software.constructs.Construct chart, @Nullable KubernetesManifestOptions options)
      (experimental) Defines a CDK8s chart in this cluster.

      Specified by:
      addCdk8sChart in interface ICluster
      Parameters:
      id - logical id of this chart. This parameter is required.
      chart - the cdk8s chart. This parameter is required.
      options -
      Returns:
      a KubernetesManifest construct representing the chart.

    • addCdk8sChart

      @Stability(Experimental) @NotNull public KubernetesManifest addCdk8sChart(@NotNull String id, @NotNull software.constructs.Construct chart)
      (experimental) Defines a CDK8s chart in this cluster.

      Specified by:
      addCdk8sChart in interface ICluster
      Parameters:
      id - logical id of this chart. This parameter is required.
      chart - the cdk8s chart. This parameter is required.
      Returns:
      a KubernetesManifest construct representing the chart.

    • addFargateProfile

      @Stability(Experimental) @NotNull public FargateProfile addFargateProfile(@NotNull String id, @NotNull FargateProfileOptions options)
      (experimental) Adds a Fargate profile to this cluster.

      Parameters:
      id - the id of this profile. This parameter is required.
      options - profile options. This parameter is required.
      See Also:

    • addHelmChart

      @Stability(Experimental) @NotNull public HelmChart addHelmChart(@NotNull String id, @NotNull HelmChartOptions options)
      (experimental) Defines a Helm chart in this cluster.

      Specified by:
      addHelmChart in interface ICluster
      Parameters:
      id - logical id of this chart. This parameter is required.
      options - options of this chart. This parameter is required.
      Returns:
      a HelmChart construct

    • addManifest

      @Stability(Experimental) @NotNull public KubernetesManifest addManifest(@NotNull String id, @NotNull Map<String,Object>... manifest)
      (experimental) Defines a Kubernetes resource in this cluster.

      The manifest will be applied/deleted using kubectl as needed.

      Specified by:
      addManifest in interface ICluster
      Parameters:
      id - logical id of this manifest. This parameter is required.
      manifest - a list of Kubernetes resource specifications. This parameter is required.
      Returns:
      a KubernetesResource object.

    • addNodegroupCapacity

      @Stability(Experimental) @NotNull public Nodegroup addNodegroupCapacity(@NotNull String id, @Nullable NodegroupOptions options)
      (experimental) Add managed nodegroup to this Amazon EKS cluster.

      This method will create a new managed nodegroup and add into the capacity.

      Parameters:
      id - The ID of the nodegroup. This parameter is required.
      options - options for creating a new nodegroup.
      See Also:

    • addNodegroupCapacity

      @Stability(Experimental) @NotNull public Nodegroup addNodegroupCapacity(@NotNull String id)
      (experimental) Add managed nodegroup to this Amazon EKS cluster.

      This method will create a new managed nodegroup and add into the capacity.

      Parameters:
      id - The ID of the nodegroup. This parameter is required.
      See Also:

    • addServiceAccount

      @Stability(Experimental) @NotNull public ServiceAccount addServiceAccount(@NotNull String id, @Nullable ServiceAccountOptions options)
      (experimental) Creates a new service account with corresponding IAM Role (IRSA).

      Specified by:
      addServiceAccount in interface ICluster
      Parameters:
      id - This parameter is required.
      options -

    • addServiceAccount

      @Stability(Experimental) @NotNull public ServiceAccount addServiceAccount(@NotNull String id)
      (experimental) Creates a new service account with corresponding IAM Role (IRSA).

      Specified by:
      addServiceAccount in interface ICluster
      Parameters:
      id - This parameter is required.

    • connectAutoScalingGroupCapacity

      @Stability(Experimental) public void connectAutoScalingGroupCapacity(@NotNull AutoScalingGroup autoScalingGroup, @NotNull AutoScalingGroupOptions options)
      (experimental) Connect capacity in the form of an existing AutoScalingGroup to the EKS cluster.

      The AutoScalingGroup must be running an EKS-optimized AMI containing the /etc/eks/bootstrap.sh script. This method will configure Security Groups, add the right policies to the instance role, apply the right tags, and add the required user data to the instance's launch configuration.

      Prefer to use addAutoScalingGroupCapacity if possible.

      Specified by:
      connectAutoScalingGroupCapacity in interface ICluster
      Parameters:
      autoScalingGroup - [disable-awslint:ref-via-interface]. This parameter is required.
      options - options for adding auto scaling groups, like customizing the bootstrap script. This parameter is required.
      See Also:

    • getIngressLoadBalancerAddress

      @Stability(Experimental) @NotNull public String getIngressLoadBalancerAddress(@NotNull String ingressName, @Nullable IngressLoadBalancerAddressOptions options)
      (experimental) Fetch the load balancer address of an ingress backed by a load balancer.

      Parameters:
      ingressName - The name of the ingress. This parameter is required.
      options - Additional operation options.

    • getIngressLoadBalancerAddress

      @Stability(Experimental) @NotNull public String getIngressLoadBalancerAddress(@NotNull String ingressName)
      (experimental) Fetch the load balancer address of an ingress backed by a load balancer.

      Parameters:
      ingressName - The name of the ingress. This parameter is required.

    • getServiceLoadBalancerAddress

      @Stability(Experimental) @NotNull public String getServiceLoadBalancerAddress(@NotNull String serviceName, @Nullable ServiceLoadBalancerAddressOptions options)
      (experimental) Fetch the load balancer address of a service of type 'LoadBalancer'.

      Parameters:
      serviceName - The name of the service. This parameter is required.
      options - Additional operation options.

    • getServiceLoadBalancerAddress

      @Stability(Experimental) @NotNull public String getServiceLoadBalancerAddress(@NotNull String serviceName)
      (experimental) Fetch the load balancer address of a service of type 'LoadBalancer'.

      Parameters:
      serviceName - The name of the service. This parameter is required.

    • grantAccess

      @Stability(Experimental) public void grantAccess(@NotNull String id, @NotNull String principal, @NotNull List<IAccessPolicy> accessPolicies)
      (experimental) Grants the specified IAM principal access to the EKS cluster based on the provided access policies.

      This method creates an AccessEntry construct that grants the specified IAM principal the access permissions defined by the provided IAccessPolicy array. This allows the IAM principal to perform the actions permitted by the access policies within the EKS cluster.

      Parameters:
      id -
      • The ID of the AccessEntry construct to be created.
      This parameter is required.
      principal -
      • The IAM principal (role or user) to be granted access to the EKS cluster.
      This parameter is required.
      accessPolicies -
      • An array of IAccessPolicy objects that define the access permissions to be granted to the IAM principal.
      This parameter is required.

    • grantClusterAdmin

      @Stability(Experimental) @NotNull public AccessEntry grantClusterAdmin(@NotNull String id, @NotNull String principal)
      (experimental) Grants the specified IAM principal cluster admin access to the EKS cluster.

      This method creates an AccessEntry construct that grants the specified IAM principal the cluster admin access permissions. This allows the IAM principal to perform the actions permitted by the cluster admin acces.

      Parameters:
      id -
      • The ID of the AccessEntry construct to be created.
      This parameter is required.
      principal -
      • The IAM principal (role or user) to be granted access to the EKS cluster.
      This parameter is required.
      Returns:
      the access entry construct

    • getClusterArn

      @Stability(Experimental) @NotNull public String getClusterArn()
      (experimental) The AWS generated ARN for the Cluster resource.

      For example, arn:aws:eks:us-west-2:666666666666:cluster/prod

      Specified by:
      getClusterArn in interface ICluster

    • getClusterCertificateAuthorityData

      @Stability(Experimental) @NotNull public String getClusterCertificateAuthorityData()
      (experimental) The certificate-authority-data for your cluster.
      Specified by:
      getClusterCertificateAuthorityData in interface ICluster

    • getClusterEncryptionConfigKeyArn

      @Stability(Experimental) @NotNull public String getClusterEncryptionConfigKeyArn()
      (experimental) Amazon Resource Name (ARN) or alias of the customer master key (CMK).
      Specified by:
      getClusterEncryptionConfigKeyArn in interface ICluster

    • getClusterEndpoint

      @Stability(Experimental) @NotNull public String getClusterEndpoint()
      (experimental) The endpoint URL for the Cluster.

      This is the URL inside the kubeconfig file to use with kubectl

      For example, https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com

      Specified by:
      getClusterEndpoint in interface ICluster

    • getClusterName

      @Stability(Experimental) @NotNull public String getClusterName()
      (experimental) The Name of the created EKS Cluster.
      Specified by:
      getClusterName in interface ICluster

    • getClusterOpenIdConnectIssuerUrl

      @Stability(Experimental) @NotNull public String getClusterOpenIdConnectIssuerUrl()
      (experimental) If this cluster is kubectl-enabled, returns the OpenID Connect issuer url.

      If this cluster is not kubectl-enabled (i.e. uses the stock CfnCluster), this is undefined.

    • getClusterSecurityGroup

      @Stability(Experimental) @NotNull public ISecurityGroup getClusterSecurityGroup()
      (experimental) The cluster security group that was created by Amazon EKS for the cluster.
      Specified by:
      getClusterSecurityGroup in interface ICluster

    • getClusterSecurityGroupId

      @Stability(Experimental) @NotNull public String getClusterSecurityGroupId()
      (experimental) The id of the cluster security group that was created by Amazon EKS for the cluster.
      Specified by:
      getClusterSecurityGroupId in interface ICluster

    • getConnections

      @Stability(Experimental) @NotNull public Connections getConnections()
      (experimental) Manages connection rules (Security Group Rules) for the cluster.
      Specified by:
      getConnections in interface IConnectable

    • getOpenIdConnectProvider

      @Stability(Experimental) @NotNull public IOpenIdConnectProvider getOpenIdConnectProvider()
      (experimental) An OpenIdConnectProvider resource associated with this cluster, and which can be used to link this cluster to AWS IAM.

      A provider will only be defined if this property is accessed (lazy initialization).

      Specified by:
      getOpenIdConnectProvider in interface ICluster

    • getPrune

      @Stability(Experimental) @NotNull public Boolean getPrune()
      (experimental) Determines if Kubernetes resources can be pruned automatically.
      Specified by:
      getPrune in interface ICluster

    • getRole

      @Stability(Experimental) @NotNull public IRole getRole()
      (experimental) IAM role assumed by the EKS Control Plane.

    • getVpc

      @Stability(Experimental) @NotNull public IVpc getVpc()
      (experimental) The VPC in which this Cluster was created.
      Specified by:
      getVpc in interface ICluster

    • getAlbController

      @Stability(Experimental) @Nullable public AlbController getAlbController()
      (experimental) The ALB Controller construct defined for this cluster.

      Will be undefined if albController wasn't configured.

    • getDefaultCapacity

      @Stability(Experimental) @Nullable public AutoScalingGroup getDefaultCapacity()
      (experimental) The auto scaling group that hosts the default capacity for this cluster.

      This will be undefined if the defaultCapacityType is not EC2 or defaultCapacityType is EC2 but default capacity is set to 0.

    • getDefaultNodegroup

      @Stability(Experimental) @Nullable public Nodegroup getDefaultNodegroup()
      (experimental) The node group that hosts the default capacity for this cluster.

      This will be undefined if the defaultCapacityType is EC2 or defaultCapacityType is NODEGROUP but default capacity is set to 0.

    • getEksPodIdentityAgent

      @Stability(Experimental) @Nullable public IAddon getEksPodIdentityAgent()
      (experimental) Retrieves the EKS Pod Identity Agent addon for the EKS cluster.

      The EKS Pod Identity Agent is responsible for managing the temporary credentials used by pods in the cluster to access AWS resources. It runs as a DaemonSet on each node and provides the necessary credentials to the pods based on their associated service account.

      Specified by:
      getEksPodIdentityAgent in interface ICluster

    • getIpFamily

      @Stability(Experimental) @Nullable public IpFamily getIpFamily()
      (experimental) Specify which IP family is used to assign Kubernetes pod and service IP addresses.

      Default: - IpFamily.IP_V4

      Specified by:
      getIpFamily in interface ICluster
      See Also:

    • getKubectlProvider

      @Stability(Experimental) @Nullable public IKubectlProvider getKubectlProvider()
      Description copied from interface: ICluster
      (experimental) Kubectl Provider for issuing kubectl commands against it.

      If not defined, a default provider will be used

      Specified by:
      getKubectlProvider in interface ICluster