This is the new *CloudFormation Template Reference Guide*. Please update your bookmarks and links. For help getting started with CloudFormation, see the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html).
# AWS::EKS::Nodegroup
Creates a managed node group for an Amazon EKS cluster.
You can only create a node group for your cluster that is equal to the current Kubernetes version for the cluster. All node groups are created with the latest AMI release version for the respective minor Kubernetes version of the cluster, unless you deploy a custom AMI using a launch template.
For later updates, you will only be able to update a node group using a launch template only if it was originally deployed with a launch template. Additionally, the launch template ID or name must match what was used when the node group was created. You can update the launch template version with necessary changes. For more information about using launch templates, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html).
An Amazon EKS managed node group is an Amazon EC2 Auto Scaling group and associated Amazon EC2 instances that are managed by AWS for an Amazon EKS cluster. For more information, see [Managed node groups](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html) in the *Amazon EKS User Guide*.
**Note**
Windows AMI types are only supported for commercial AWS Regions that support Windows on Amazon EKS.
## Syntax
To declare this entity in your CloudFormation template, use the following syntax:
### JSON
```
{
"Type" : "AWS::EKS::Nodegroup",
"Properties" : {
"[AmiType](#cfn-eks-nodegroup-amitype)" : String,
"[CapacityType](#cfn-eks-nodegroup-capacitytype)" : String,
"[ClusterName](#cfn-eks-nodegroup-clustername)" : String,
"[DiskSize](#cfn-eks-nodegroup-disksize)" : Integer,
"[ForceUpdateEnabled](#cfn-eks-nodegroup-forceupdateenabled)" : Boolean,
"[InstanceTypes](#cfn-eks-nodegroup-instancetypes)" : [ String, ... ],
"[Labels](#cfn-eks-nodegroup-labels)" : {Key: Value, ...},
"[LaunchTemplate](#cfn-eks-nodegroup-launchtemplate)" : LaunchTemplateSpecification,
"[NodegroupName](#cfn-eks-nodegroup-nodegroupname)" : String,
"[NodeRepairConfig](#cfn-eks-nodegroup-noderepairconfig)" : NodeRepairConfig,
"[NodeRole](#cfn-eks-nodegroup-noderole)" : String,
"[ReleaseVersion](#cfn-eks-nodegroup-releaseversion)" : String,
"[RemoteAccess](#cfn-eks-nodegroup-remoteaccess)" : RemoteAccess,
"[ScalingConfig](#cfn-eks-nodegroup-scalingconfig)" : ScalingConfig,
"[Subnets](#cfn-eks-nodegroup-subnets)" : [ String, ... ],
"[Tags](#cfn-eks-nodegroup-tags)" : {Key: Value, ...},
"[Taints](#cfn-eks-nodegroup-taints)" : [ Taint, ... ],
"[UpdateConfig](#cfn-eks-nodegroup-updateconfig)" : UpdateConfig,
"[Version](#cfn-eks-nodegroup-version)" : String,
"[WarmPoolConfig](#cfn-eks-nodegroup-warmpoolconfig)" : WarmPoolConfig
}
}
```
### YAML
```
Type: AWS::EKS::Nodegroup
Properties:
[AmiType](#cfn-eks-nodegroup-amitype): String
[CapacityType](#cfn-eks-nodegroup-capacitytype): String
[ClusterName](#cfn-eks-nodegroup-clustername): String
[DiskSize](#cfn-eks-nodegroup-disksize): Integer
[ForceUpdateEnabled](#cfn-eks-nodegroup-forceupdateenabled): Boolean
[InstanceTypes](#cfn-eks-nodegroup-instancetypes):
- String
[Labels](#cfn-eks-nodegroup-labels):
Key: Value
[LaunchTemplate](#cfn-eks-nodegroup-launchtemplate):
LaunchTemplateSpecification
[NodegroupName](#cfn-eks-nodegroup-nodegroupname): String
[NodeRepairConfig](#cfn-eks-nodegroup-noderepairconfig):
NodeRepairConfig
[NodeRole](#cfn-eks-nodegroup-noderole): String
[ReleaseVersion](#cfn-eks-nodegroup-releaseversion): String
[RemoteAccess](#cfn-eks-nodegroup-remoteaccess):
RemoteAccess
[ScalingConfig](#cfn-eks-nodegroup-scalingconfig):
ScalingConfig
[Subnets](#cfn-eks-nodegroup-subnets):
- String
[Tags](#cfn-eks-nodegroup-tags):
Key: Value
[Taints](#cfn-eks-nodegroup-taints):
- Taint
[UpdateConfig](#cfn-eks-nodegroup-updateconfig):
UpdateConfig
[Version](#cfn-eks-nodegroup-version): String
[WarmPoolConfig](#cfn-eks-nodegroup-warmpoolconfig):
WarmPoolConfig
```
## Properties
`AmiType`
The AMI type for your node group. If you specify `launchTemplate`, and your launch template uses a custom AMI, then don't specify `amiType`, or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add `eks:kube-proxy-windows` to your Windows nodes `rolearn` in the `aws-auth``ConfigMap`. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide*.
*Required*: No
*Type*: String
*Allowed values*: `AL2_x86_64 | AL2_x86_64_GPU | AL2_ARM_64 | CUSTOM | BOTTLEROCKET_ARM_64 | BOTTLEROCKET_x86_64 | BOTTLEROCKET_ARM_64_FIPS | BOTTLEROCKET_x86_64_FIPS | BOTTLEROCKET_ARM_64_NVIDIA | BOTTLEROCKET_x86_64_NVIDIA | BOTTLEROCKET_ARM_64_NVIDIA_FIPS | BOTTLEROCKET_x86_64_NVIDIA_FIPS | WINDOWS_CORE_2019_x86_64 | WINDOWS_FULL_2019_x86_64 | WINDOWS_CORE_2022_x86_64 | WINDOWS_FULL_2022_x86_64 | WINDOWS_CORE_2025_x86_64 | WINDOWS_FULL_2025_x86_64 | AL2023_x86_64_STANDARD | AL2023_ARM_64_STANDARD | AL2023_x86_64_NEURON | AL2023_x86_64_NVIDIA | AL2023_ARM_64_NVIDIA`
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)
`CapacityType`
The capacity type of your managed node group.
*Required*: No
*Type*: String
*Allowed values*: `ON_DEMAND | SPOT | CAPACITY_BLOCK`
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)
`ClusterName`
The name of your cluster.
*Required*: Yes
*Type*: String
*Minimum*: `1`
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)
`DiskSize`
The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify `launchTemplate`, then don't specify `diskSize`, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide*.
*Required*: No
*Type*: Integer
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)
`ForceUpdateEnabled`
Force the update if any `Pod` on the existing node group can't be drained due to a `Pod` disruption budget issue. If an update fails because all Pods can't be drained, you can force the update after it fails to terminate the old node whether or not any `Pod` is running on the node.
*Required*: No
*Type*: Boolean
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
`InstanceTypes`
Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the `amiType` parameter. If you specify `launchTemplate`, then you can specify zero or one instance type in your launch template *or* you can specify 0-20 instance types for `instanceTypes`. If however, you specify an instance type in your launch template *and* specify any `instanceTypes`, the node group deployment will fail. If you don't specify an instance type in a launch template or for `instanceTypes`, then `t3.medium` is used, by default. If you specify `Spot` for `capacityType`, then we recommend specifying multiple values for `instanceTypes`. For more information, see [Managed node group capacity types](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide*.
*Required*: No
*Type*: Array of String
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)
`Labels`
The Kubernetes `labels` applied to the nodes in the node group.
Only `labels` that are applied with the Amazon EKS API are shown here. There may be other Kubernetes `labels` applied to the nodes in this group.
*Required*: No
*Type*: Object of String
*Pattern*: `^.+$`
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
`LaunchTemplate`
An object representing a node group's launch template specification. When using this object, don't directly specify `instanceTypes`, `diskSize`, or `remoteAccess`. You cannot later specify a different launch template ID or name than what was used to create the node group.
Make sure that the launch template meets the requirements in `launchTemplateSpecification`. Also refer to [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide*.
*Required*: No
*Type*: [LaunchTemplateSpecification](aws-properties-eks-nodegroup-launchtemplatespecification.md)
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
`NodegroupName`
The unique name to give your node group.
*Required*: No
*Type*: String
*Minimum*: `1`
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)
`NodeRepairConfig`
The node auto repair configuration for the node group.
*Required*: No
*Type*: [NodeRepairConfig](aws-properties-eks-nodegroup-noderepairconfig.md)
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
`NodeRole`
The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node `kubelet` daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the * *Amazon EKS User Guide* *. If you specify `launchTemplate`, then don't specify ` [IamInstanceProfile](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html) ` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide*.
*Required*: Yes
*Type*: String
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)
`ReleaseVersion`
The AMI version of the Amazon EKS optimized AMI to use with your node group (for example, `1.14.7-YYYYMMDD`). By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see [Amazon EKS optimized Linux AMI Versions](https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the *Amazon EKS User Guide*.
Changing this value triggers an update of the node group if one is available. You can't update other properties at the same time as updating `Release Version`.
*Required*: No
*Type*: String
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
`RemoteAccess`
The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify `launchTemplate`, then don't specify `remoteAccess`, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide*.
*Required*: No
*Type*: [RemoteAccess](aws-properties-eks-nodegroup-remoteaccess.md)
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)
`ScalingConfig`
The scaling configuration details for the Auto Scaling group that is created for your node group.
*Required*: No
*Type*: [ScalingConfig](aws-properties-eks-nodegroup-scalingconfig.md)
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
`Subnets`
The subnets to use for the Auto Scaling group that is created for your node group. If you specify `launchTemplate`, then don't specify ` [SubnetId](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html) ` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide*.
*Required*: Yes
*Type*: Array of String
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)
`Tags`
Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.
*Required*: No
*Type*: Object of String
*Pattern*: `^.+$`
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
`Taints`
The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of `No_Schedule`, `Prefer_No_Schedule`, or `No_Execute`. Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes. For more information, see [Node taints on managed node groups](https://docs.aws.amazon.com/eks/latest/userguide/node-taints-managed-node-groups.html).
*Required*: No
*Type*: Array of [Taint](aws-properties-eks-nodegroup-taint.md)
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
`UpdateConfig`
The node group update configuration.
*Required*: No
*Type*: [UpdateConfig](aws-properties-eks-nodegroup-updateconfig.md)
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
`Version`
The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify `launchTemplate`, and your launch template uses a custom AMI, then don't specify `version`, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Launch template support](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide*.
You can't update other properties at the same time as updating `Version`.
*Required*: No
*Type*: String
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
`WarmPoolConfig`
Property description not available.
*Required*: No
*Type*: [WarmPoolConfig](aws-properties-eks-nodegroup-warmpoolconfig.md)
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
## Return values
### Ref
When you pass the logical ID of this resource to the intrinsic `Ref` function, `Ref` returns the resource name. For example:
`{ "Ref": "myNodegroup" }`
For the Amazon EKS node group `myNodegroup`, Ref returns the physical resource ID of the node group. For example, `cluster-name/nodegroup_name`.
For more information about using the `Ref` function, see [https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-ref.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-ref.html).
### Fn::GetAtt
The `Fn::GetAtt` intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the `Fn::GetAtt` intrinsic function, see [https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-getatt.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-getatt.html).
####
`Arn`
The Amazon Resource Name (ARN) associated with the managed node group.
`ClusterName`
The name of your cluster.
`NodegroupName`
The name associated with an Amazon EKS managed node group.
## Examples
### Create a managed node group
The following example creates an Amazon EKS managed node group named `standard` in the `prod` cluster.
#### JSON
```
{
"Resources": {
"EKSNodegroup": {
"Type": "AWS::EKS::Nodegroup",
"Properties": {
"ClusterName": "prod",
"NodeRole": "arn:aws:iam::012345678910:role/eksInstanceRole",
"ScalingConfig": {
"MinSize": 3,
"DesiredSize": 5,
"MaxSize": 7
},
"Labels": {
"Key1": "Value1",
"Key2": "Value2"
},
"Subnets": [
"subnet-6782e71e",
"subnet-e7e761ac"
]
}
}
}
}
```
#### YAML
```
Resources:
EKSNodegroup:
Type: 'AWS::EKS::Nodegroup'
Properties:
ClusterName: prod
NodeRole: 'arn:aws:iam::012345678910:role/eksInstanceRole'
ScalingConfig:
MinSize: 3
DesiredSize: 5
MaxSize: 7
Labels:
Key1: Value1
Key2: Value2
Subnets:
- subnet-6782e71e
- subnet-e7e761ac
```
## See also
+ [Managed node groups](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html) in the *Amazon EKS User Guide *.
+ [CreateNodegroup](https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateNodegroup.html) in the *Amazon EKS API Reference *.