interface ClusterAttributes

Language	Type name
.NET	Amazon.CDK.AWS.EKS.ClusterAttributes
Go	github.com/aws/aws-cdk-go/awscdk/v2/awseks#ClusterAttributes
Java	software.amazon.awscdk.services.eks.ClusterAttributes
Python	aws_cdk.aws_eks.ClusterAttributes
TypeScript (source)	aws-cdk-lib » aws_eks » ClusterAttributes

Attributes for EKS clusters.

Example

declare const cluster: eks.Cluster;
declare const asg: autoscaling.AutoScalingGroup;
const importedCluster = eks.Cluster.fromClusterAttributes(this, 'ImportedCluster', {
  clusterName: cluster.clusterName,
  clusterSecurityGroupId: cluster.clusterSecurityGroupId,
});

importedCluster.connectAutoScalingGroupCapacity(asg, {});

Properties

Name	Type	Description
clusterName	string	The physical name of the Cluster.
awscliLayer?	ILayerVersion	An AWS Lambda layer that contains the aws CLI.
clusterCertificateAuthorityData?	string	The certificate-authority-data for your cluster.
clusterEncryptionConfigKeyArn?	string	Amazon Resource Name (ARN) or alias of the customer master key (CMK).
clusterEndpoint?	string	The API Server endpoint URL.
clusterHandlerSecurityGroupId?	string	A security group id to associate with the Cluster Handler's Lambdas.
clusterSecurityGroupId?	string	The cluster security group that was created by Amazon EKS for the cluster.
ipFamily?	IpFamily	Specify which IP family is used to assign Kubernetes pod and service IP addresses.
kubectlEnvironment?	{ [string]: string }	Environment variables to use when running kubectl against this cluster.
kubectlLambdaRole?	IRole	An IAM role that can perform kubectl operations against this cluster.
kubectlLayer?	ILayerVersion	An AWS Lambda Layer which includes kubectl and Helm.
kubectlMemory?	Size	Amount of memory to allocate to the provider's lambda function.
kubectlPrivateSubnetIds?	string[]	Subnets to host the kubectl compute resources.
kubectlProvider?	IKubectlProvider	KubectlProvider for issuing kubectl commands.
kubectlRoleArn?	string	An IAM role with cluster administrator and "system:masters" permissions.
kubectlSecurityGroupId?	string	A security group to use for kubectl execution.
onEventLayer?	ILayerVersion	An AWS Lambda Layer which includes the NPM dependency proxy-agent.
openIdConnectProvider?	IOpenIdConnectProvider	An Open ID Connect provider for this cluster that can be used to configure service accounts.
prune?	boolean	Indicates whether Kubernetes resources added through addManifest() can be automatically pruned.
securityGroupIds?	string[]	Additional security groups associated with this cluster.
vpc?	IVpc	The VPC in which this Cluster was created.

---

clusterName

Type: string

The physical name of the Cluster.

---

awscliLayer?

Type: ILayerVersion (optional, default: a default layer with the AWS CLI 1.x)

An AWS Lambda layer that contains the aws CLI.

The handler expects the layer to include the following executables:

/opt/awscli/aws

---

clusterCertificateAuthorityData?

Type: string (optional, default: if not specified cluster.clusterCertificateAuthorityData will throw an error)

The certificate-authority-data for your cluster.

---

clusterEncryptionConfigKeyArn?

Type: string (optional, default: if not specified cluster.clusterEncryptionConfigKeyArn will throw an error)

Amazon Resource Name (ARN) or alias of the customer master key (CMK).

---

clusterEndpoint?

Type: string (optional, default: if not specified cluster.clusterEndpoint will throw an error.)

The API Server endpoint URL.

---

clusterHandlerSecurityGroupId?

Type: string (optional, default: No security group.)

A security group id to associate with the Cluster Handler's Lambdas.

The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.

---

clusterSecurityGroupId?

Type: string (optional, default: if not specified cluster.clusterSecurityGroupId will throw an error)

The cluster security group that was created by Amazon EKS for the cluster.

---

ipFamily?

Type: IpFamily (optional, default: IpFamily.IP_V4)

Specify which IP family is used to assign Kubernetes pod and service IP addresses.

See also: https://docs.aws.amazon.com/eks/latest/APIReference/API_KubernetesNetworkConfigRequest.html#AmazonEKS-Type-KubernetesNetworkConfigRequest-ipFamily

---

kubectlEnvironment?

Type: { [string]: string } (optional, default: no additional variables)

Environment variables to use when running kubectl against this cluster.

---

kubectlLambdaRole?

Type: IRole (optional, default: if not specified, the default role created by a lambda function will be used.)

An IAM role that can perform kubectl operations against this cluster.

The role should be mapped to the system:masters Kubernetes RBAC role.

This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster.

---

kubectlLayer?

Type: ILayerVersion (optional, default: a default layer with Kubectl 1.20 and helm 3.8.)

An AWS Lambda Layer which includes kubectl and Helm.

This layer is used by the kubectl handler to apply manifests and install helm charts. You must pick an appropriate releases of one of the @aws-cdk/layer-kubectl-vXX packages, that works with the version of Kubernetes you have chosen. If you don't supply this value kubectl 1.20 will be used, but that version is most likely too old.

The handler expects the layer to include the following executables:

/opt/helm/helm
/opt/kubectl/kubectl

---

kubectlMemory?

Type: Size (optional, default: Size.gibibytes(1))

Amount of memory to allocate to the provider's lambda function.

---

kubectlPrivateSubnetIds?

Type: string[] (optional, default: k8s endpoint is expected to be accessible publicly)

Subnets to host the kubectl compute resources.

If not specified, the k8s endpoint is expected to be accessible publicly.

---

kubectlProvider?

Type: IKubectlProvider (optional, default: Default CDK provider)

KubectlProvider for issuing kubectl commands.

---

kubectlRoleArn?

Type: string (optional, default: if not specified, it not be possible to issue kubectl commands against an imported cluster.)

An IAM role with cluster administrator and "system:masters" permissions.

---

kubectlSecurityGroupId?

Type: string (optional, default: k8s endpoint is expected to be accessible publicly)

A security group to use for kubectl execution.

If not specified, the k8s endpoint is expected to be accessible publicly.

---

onEventLayer?

Type: ILayerVersion (optional, default: a layer bundled with this module.)

An AWS Lambda Layer which includes the NPM dependency proxy-agent.

This layer is used by the onEvent handler to route AWS SDK requests through a proxy.

The handler expects the layer to include the following node_modules:

proxy-agent

---

openIdConnectProvider?

Type: IOpenIdConnectProvider (optional, default: if not specified cluster.openIdConnectProvider and cluster.addServiceAccount will throw an error.)

An Open ID Connect provider for this cluster that can be used to configure service accounts.

You can either import an existing provider using iam.OpenIdConnectProvider.fromProviderArn, or create a new provider using new eks.OpenIdConnectProvider

---

prune?

Type: boolean (optional, default: true)

Indicates whether Kubernetes resources added through addManifest() can be automatically pruned.

When this is enabled (default), prune labels will be allocated and injected to each resource. These labels will then be used when issuing the kubectl apply operation with the --prune switch.

---

securityGroupIds?

Type: string[] (optional, default: if not specified, no additional security groups will be considered in cluster.connections.)

Additional security groups associated with this cluster.

---

vpc?

Type: IVpc (optional, default: if not specified cluster.vpc will throw an error)

The VPC in which this Cluster was created.