UpdateAddon
Updates an Amazon EKS add-on.
Request Syntax
POST /clusters/name/addons/addonName/update HTTP/1.1
Content-type: application/json
{
"addonVersion": "string",
"clientRequestToken": "string",
"configurationValues": "string",
"resolveConflicts": "string",
"serviceAccountRoleArn": "string"
}URI Request Parameters
The request uses the following URI parameters.
- addonName
-
The name of the add-on. The name must match one of the names returned by
ListAddons.Required: Yes
- name
-
The name of your cluster.
Length Constraints: Minimum length of 1. Maximum length of 100.
Pattern:
^[0-9A-Za-z][A-Za-z0-9\-_]*Required: Yes
Request Body
The request accepts the following data in JSON format.
- addonVersion
-
The version of the add-on. The version must match one of the versions returned by
DescribeAddonVersions.Type: String
Required: No
- clientRequestToken
-
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
Type: String
Required: No
- configurationValues
-
The set of configuration values for the add-on that's created. The values that you provide are validated against the schema returned by
DescribeAddonConfiguration.Type: String
Required: No
- resolveConflicts
-
How to resolve field value conflicts for an Amazon EKS add-on if you've changed a value from the Amazon EKS default value. Conflicts are handled based on the option you choose:
-
None – Amazon EKS doesn't change the value. The update might fail.
-
Overwrite – Amazon EKS overwrites the changed value back to the Amazon EKS default value.
-
Preserve – Amazon EKS preserves the value. If you choose this option, we recommend that you test any field and value changes on a non-production cluster before updating the add-on on your production cluster.
Type: String
Valid Values:
OVERWRITE | NONE | PRESERVERequired: No
-
- serviceAccountRoleArn
-
The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see Amazon EKS node IAM role in the Amazon EKS User Guide.
Note
To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see Enabling IAM roles for service accounts on your cluster in the Amazon EKS User Guide.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 255.
Required: No
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"update": {
"createdAt": number,
"errors": [
{
"errorCode": "string",
"errorMessage": "string",
"resourceIds": [ "string" ]
}
],
"id": "string",
"params": [
{
"type": "string",
"value": "string"
}
],
"status": "string",
"type": "string"
}
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
Errors
For information about the errors that are common to all actions, see Common Errors.
- ClientException
-
These errors are usually caused by a client action. Actions can include using an action or resource on behalf of an IAM principal that doesn't have permissions to use the action or resource or specifying an identifier that is not valid.
HTTP Status Code: 400
- InvalidParameterException
-
The specified parameter is invalid. Review the available parameters for the API request.
HTTP Status Code: 400
- InvalidRequestException
-
The request is invalid given the state of the cluster. Check the state of the cluster and the associated operations.
HTTP Status Code: 400
- ResourceInUseException
-
The specified resource is in use.
HTTP Status Code: 409
- ResourceNotFoundException
-
The specified resource could not be found. You can view your available clusters with
ListClusters. You can view your available managed node groups withListNodegroups. Amazon EKS clusters and node groups are AWS Region specific.HTTP Status Code: 404
- ServerException
-
These errors are usually caused by a server-side issue.
HTTP Status Code: 500
Examples
In the following example or examples, the Authorization header contents
(AUTHPARAMS) must be replaced with an AWS Signature Version 4
signature. For more information about creating these signatures, see Signature
Version 4 Signing Process in the Amazon EKS General
Reference.
You need to learn how to sign HTTP requests only if you intend to manually
create them. When you use the AWS Command Line
Interface (AWS CLI)
Example
The following example updates an add-on named vpc-cni to use an
IAM role named AmazonEKSCNIRole and to overwrite
the add-on's existing configuration with the Amazon EKS add-on's
configuration.
Sample Request
POST /clusters/my-cluster/addons/vpc-cni/update HTTP/1.1
Host: eks.us-west-2.amazonaws.com
Accept-Encoding: identity
User-Agent: aws-cli/1.16.298 Python/3.6.0 Windows/10 botocore/1.13.34
X-Amz-Date: 20201125T145528Z
Authorization: AUTHPARAMS
{
"serviceAccountRoleArn": "arn:aws:iam::012345678910:role/AmazonEKSCNIRole",
"resolveConflicts": "overwrite",
"clientRequestToken": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}Sample Response
HTTP/1.1 200 OK
Date: Wed, 25 Nov 2020 14:55:29 GMT
Content-Type: application/json
Content-Length: 288
x-amzn-RequestId: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx
x-amz-apigw-id: WkZ_KGiBvHcFhtw=
X-Amzn-Trace-Id: Root=1-xxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxx
Connection: keep-alive
{
"update": {
"id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"status": "InProgress",
"type": "AddonUpdate",
"params": [{
"type": "ServiceAccountRoleArn",
"value": "arn:aws:iam::012345678910:role/AmazonEKSCNIRole"
}, {
"type": "ResolveConflicts",
"value": "overwrite"
}],
"createdAt": 1606316129.051,
"errors": []
}
}See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
