UpdateAddon - Amazon Elastic Kubernetes Service

UpdateAddon

Updates an Amazon EKS add-on.

Request Syntax

POST /clusters/name/addons/addonName/update HTTP/1.1 Content-type: application/json { "addonVersion": "string", "clientRequestToken": "string", "resolveConflicts": "string", "serviceAccountRoleArn": "string" }

URI Request Parameters

The request uses the following URI parameters.

addonName

The name of the add-on. The name must match one of the names returned by ListAddons .

Required: Yes

name

The name of the cluster.

Length Constraints: Minimum length of 1. Maximum length of 100.

Pattern: ^[0-9A-Za-z][A-Za-z0-9\-_]*

Required: Yes

Request Body

The request accepts the following data in JSON format.

addonVersion

The version of the add-on. The version must match one of the versions returned by DescribeAddonVersions .

Type: String

Required: No

clientRequestToken

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

Type: String

Required: No

resolveConflicts

How to resolve parameter value conflicts when applying the new version of the add-on to the cluster.

Type: String

Valid Values: OVERWRITE | NONE

Required: No

serviceAccountRoleArn

The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see Amazon EKS node IAM role in the Amazon EKS User Guide.

Note

To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see Enabling IAM roles for service accounts on your cluster in the Amazon EKS User Guide.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 255.

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "update": { "createdAt": number, "errors": [ { "errorCode": "string", "errorMessage": "string", "resourceIds": [ "string" ] } ], "id": "string", "params": [ { "type": "string", "value": "string" } ], "status": "string", "type": "string" } }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

update

An object representing an asynchronous update.

Type: Update object

Errors

For information about the errors that are common to all actions, see Common Errors.

ClientException

These errors are usually caused by a client action. Actions can include using an action or resource on behalf of a user that doesn't have permissions to use the action or resource or specifying an identifier that is not valid.

HTTP Status Code: 400

InvalidParameterException

The specified parameter is invalid. Review the available parameters for the API request.

HTTP Status Code: 400

InvalidRequestException

The request is invalid given the state of the cluster. Check the state of the cluster and the associated operations.

HTTP Status Code: 400

ResourceInUseException

The specified resource is in use.

HTTP Status Code: 409

ResourceNotFoundException

The specified resource could not be found. You can view your available clusters with ListClusters. You can view your available managed node groups with ListNodegroups. Amazon EKS clusters and node groups are Region-specific.

HTTP Status Code: 404

ServerException

These errors are usually caused by a server-side issue.

HTTP Status Code: 500

Examples

In the following example or examples, the Authorization header contents (AUTHPARAMS) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see Signature Version 4 Signing Process in the AWS General Reference.

You need to learn how to sign HTTP requests only if you intend to manually create them. When you use the AWS Command Line Interface (AWS CLI) or one of the AWS SDKs to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.

Example

The following example updates an add-on named vpc-cni to use an IAM role named AmazonEKSCNIRole and to overwrite the add-on's existing configuration with the Amazon EKS add-on's configuration.

Sample Request

POST /clusters/1-18/addons/vpc-cni/update HTTP/1.1 Host: eks.us-west-2.amazonaws.com Accept-Encoding: identity User-Agent: aws-cli/1.16.298 Python/3.6.0 Windows/10 botocore/1.13.34 X-Amz-Date: 20201125T145528Z Authorization: AUTHPARAMS { "serviceAccountRoleArn": "arn:aws:iam::012345678910:role/AmazonEKSCNIRole", "resolveConflicts": "overwrite", "clientRequestToken": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" }

Sample Response

HTTP/1.1 200 OK Date: Wed, 25 Nov 2020 14:55:29 GMT Content-Type: application/json Content-Length: 288 x-amzn-RequestId: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx x-amz-apigw-id: WkZ_KGiBvHcFhtw= X-Amzn-Trace-Id: Root=1-xxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxx Connection: keep-alive { "update": { "id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "status": "InProgress", "type": "AddonUpdate", "params": [{ "type": "ServiceAccountRoleArn", "value": "arn:aws:iam::012345678910:role/AmazonEKSCNIRole" }, { "type": "ResolveConflicts", "value": "overwrite" }], "createdAt": 1606316129.051, "errors": [] } }

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: