AWS::EKS::FargateProfile
Creates an AWS Fargate profile for your Amazon EKS cluster. You must have at least one Fargate profile in a cluster to be able to run pods on Fargate.
The Fargate profile allows an administrator to declare which pods run on Fargate and specify which pods run on which Fargate profile. This declaration is done through the profile’s selectors. Each profile can have up to five selectors that contain a namespace and labels. A namespace is required for every selector. The label field consists of multiple optional key-value pairs. Pods that match the selectors are scheduled on Fargate. If a to-be-scheduled pod matches any of the selectors in the Fargate profile, then that pod is run on Fargate.
When you create a Fargate profile, you must specify a pod execution
role to use with the pods that are scheduled with the profile. This role is added to the
cluster's Kubernetes Role Based
Access Controlkubelet
that is running on the Fargate infrastructure can register with your
Amazon EKS cluster so that it can appear in your cluster as a node. The pod
execution role also provides IAM permissions to the Fargate infrastructure to allow read access to Amazon ECR image repositories. For
more information, see Pod Execution Role in the Amazon EKS User Guide.
Fargate profiles are immutable. However, you can create a new updated profile to replace an existing profile and then delete the original after the updated profile has finished creating.
If any Fargate profiles in a cluster are in the DELETING
status, you must wait for that Fargate profile to finish deleting before
you can create any other profiles in that cluster.
For more information, see AWS Fargate profile in the Amazon EKS User Guide.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::EKS::FargateProfile", "Properties" : { "ClusterName" :String, "FargateProfileName" :String, "PodExecutionRoleArn" :String, "Selectors" :[ Selector, ... ], "Subnets" :[ String, ... ], "Tags" :[ Tag, ... ]} }
YAML
Type: AWS::EKS::FargateProfile Properties: ClusterName:StringFargateProfileName:StringPodExecutionRoleArn:StringSelectors:- SelectorSubnets:- StringTags:- Tag
Properties
ClusterName-
The name of your cluster.
Required: Yes
Type: String
Minimum:
1Update requires: Replacement
FargateProfileName-
The name of the Fargate profile.
Required: No
Type: String
Minimum:
1Update requires: Replacement
PodExecutionRoleArn-
The Amazon Resource Name (ARN) of the
Podexecution role to use for aPodthat matches the selectors in the Fargate profile. ThePodexecution role allows Fargate infrastructure to register with your cluster as a node, and it provides read access to Amazon ECR image repositories. For more information, seePodexecution role in the Amazon EKS User Guide.Required: Yes
Type: String
Minimum:
1Update requires: Replacement
Selectors-
The selectors to match for a
Podto use this Fargate profile. Each selector must have an associated Kubernetesnamespace. Optionally, you can also specifylabelsfor anamespace. You may specify up to five selectors in a Fargate profile.Required: Yes
Type: Array of Selector
Minimum:
1Update requires: Replacement
Subnets-
The IDs of subnets to launch a
Podinto. APodrunning on Fargate isn't assigned a public IP address, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.Required: No
Type: Array of String
Update requires: Replacement
-
Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.
Required: No
Type: Array of Tag
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource name. For example:
{ "Ref": "myFargateProfile" }
For the Fargate profilemyFargateProfile, Ref returns the
physical resource ID of the Fargate profile. For example,
<cluster-name>/<Fargate_profile_name>.
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
Arn-
The ARN of the cluster, such as
arn:aws:eks:us-west-2:666666666666:fargateprofile/myCluster/myFargateProfile/1cb1a11a-1dc1-1d11-cf11-1111f11fa111.
Remarks
Creating a Fargate profile and identity provider config resources in the same template.
If AWS CloudFormation attempts to create both resources at the same time, resource
creation fails. If you want to create both resources in the same template, then add
the DependsOn property in your template, as shown in the
examples.
Examples
Create a Fargate profile
The following example creates a Fargate profile for pods
deployed to a namespace with the name my-namespace that have a
label with a key value pair assigned to them. If you're not creating an
EKSIdpConfig in the same template, remove the
"DependsOn" line in the following example. For more
information, see AWS::EKS::IdentityProviderConfig.
JSON
{ "Resources" : { "EKSFargateProfile" : { "DependsOn" : "EKSIdpConfig", "Type" : "AWS::EKS::FargateProfile", "Properties" : { "FargateProfileName" : "my-fargate-profile", "ClusterName" : "my-cluster", "PodExecutionRoleArn" : "arn:aws:iam::012345678910:role/AmazonEKSFargatePodExecutionRole", "Subnets" : [ "subnet-6782e71e", "subnet-e7e761ac" ], "Selectors" : [ { "Namespace" : "my-namespace", "Labels" : [ { "Key" : "my-key", "Value" : "my-value" } ] } ] } } } }
YAML
Resources: EKSFargateProfile: DependsOn: EKSIdpConfig Type: 'AWS::EKS::FargateProfile' Properties: FargateProfileName: my-fargate-profile ClusterName: my-cluster PodExecutionRoleArn: 'arn:aws:iam::012345678910:role/AmazonEKSFargatePodExecutionRole' Subnets: - subnet-6782e71e - subnet-e7e761ac Selectors: - Namespace: my-namespace Labels: - Key: my-key Value: my-value
See also
-
Fargate profile in the Amazon EKS User Guide .
-
CreateFargateProfilein the Amazon EKS API Reference .
