software.amazon.awscdk.services.eks

Class CfnCluster

java.lang.Object

software.amazon.jsii.JsiiObject

software.constructs.Construct

software.amazon.awscdk.core.Construct

software.amazon.awscdk.core.CfnElement

software.amazon.awscdk.core.CfnRefElement

software.amazon.awscdk.core.CfnResource

software.amazon.awscdk.services.eks.CfnCluster

All Implemented Interfaces:

IDependable, IInspectable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct

@Generated(value="jsii-pacmak/1.71.0 (build f1f58ae)",
           date="2022-12-07T17:24:46.629Z")
 @Stability(value=Stable)
public class CfnCluster
extends CfnResource
implements IInspectable

A CloudFormation `AWS::EKS::Cluster`.

Creates an Amazon EKS control plane.

The Amazon EKS control plane consists of control plane instances that run the Kubernetes software, such as etcd and the API server. The control plane runs in an account managed by AWS , and the Kubernetes API is exposed by the Amazon EKS API server endpoint. Each Amazon EKS cluster control plane is single tenant and unique. It runs on its own set of Amazon EC2 instances.

The cluster control plane is provisioned across multiple Availability Zones and fronted by an Elastic Load Balancing Network Load Balancer. Amazon EKS also provisions elastic network interfaces in your VPC subnets to provide connectivity from the control plane instances to the nodes (for example, to support kubectl exec , logs , and proxy data flows).

Amazon EKS nodes run in your AWS account and connect to your cluster's control plane over the Kubernetes API server endpoint and a certificate file that is created for your cluster.

In most cases, it takes several minutes to create a cluster. After you create an Amazon EKS cluster, you must configure your Kubernetes tooling to communicate with the API server and launch nodes into your cluster. For more information, see Managing Cluster Authentication and Launching Amazon EKS nodes in the Amazon EKS User Guide .

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.eks.*;
 CfnCluster cfnCluster = CfnCluster.Builder.create(this, "MyCfnCluster")
         .resourcesVpcConfig(ResourcesVpcConfigProperty.builder()
                 .subnetIds(List.of("subnetIds"))
                 // the properties below are optional
                 .endpointPrivateAccess(false)
                 .endpointPublicAccess(false)
                 .publicAccessCidrs(List.of("publicAccessCidrs"))
                 .securityGroupIds(List.of("securityGroupIds"))
                 .build())
         .roleArn("roleArn")
         // the properties below are optional
         .encryptionConfig(List.of(EncryptionConfigProperty.builder()
                 .provider(ProviderProperty.builder()
                         .keyArn("keyArn")
                         .build())
                 .resources(List.of("resources"))
                 .build()))
         .kubernetesNetworkConfig(KubernetesNetworkConfigProperty.builder()
                 .ipFamily("ipFamily")
                 .serviceIpv4Cidr("serviceIpv4Cidr")
                 .serviceIpv6Cidr("serviceIpv6Cidr")
                 .build())
         .logging(LoggingProperty.builder()
                 .clusterLogging(ClusterLoggingProperty.builder()
                         .enabledTypes(List.of(LoggingTypeConfigProperty.builder()
                                 .type("type")
                                 .build()))
                         .build())
                 .build())
         .name("name")
         .outpostConfig(OutpostConfigProperty.builder()
                 .controlPlaneInstanceType("controlPlaneInstanceType")
                 .outpostArns(List.of("outpostArns"))
                 // the properties below are optional
                 .controlPlanePlacement(ControlPlanePlacementProperty.builder()
                         .groupName("groupName")
                         .build())
                 .build())
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .version("version")
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	CfnCluster.Builder A fluent builder for CfnCluster.
static interface	CfnCluster.ClusterLoggingProperty The cluster control plane logging configuration for your cluster.
static interface	CfnCluster.ControlPlanePlacementProperty Example:
static interface	CfnCluster.EncryptionConfigProperty The encryption configuration for the cluster.
static interface	CfnCluster.KubernetesNetworkConfigProperty The Kubernetes network configuration for the cluster.
static interface	CfnCluster.LoggingProperty Enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs.
static interface	CfnCluster.LoggingTypeConfigProperty The enabled logging type.
static interface	CfnCluster.OutpostConfigProperty The configuration of your local Amazon EKS cluster on an AWS Outpost.
static interface	CfnCluster.ProviderProperty Identifies the AWS Key Management Service ( AWS KMS ) key used to encrypt the secrets.
static interface	CfnCluster.ResourcesVpcConfigProperty An object representing the VPC configuration to use for an Amazon EKS cluster.

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IInspectable

IInspectable.Jsii$Default, IInspectable.Jsii$Proxy

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct

IConstruct.Jsii$Default

Field Summary

Fields

Modifier and Type	Field and Description
static String	CFN_RESOURCE_TYPE_NAME The CloudFormation resource type name for this resource class.

Constructor Summary

Constructors

Modifier	Constructor and Description
	CfnCluster(Construct scope, String id, CfnClusterProps props) Create a new `AWS::EKS::Cluster`.
protected	CfnCluster(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	CfnCluster(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method and Description
String	getAttrArn() The ARN of the cluster, such as `arn:aws:eks:us-west-2:666666666666:cluster/prod` .
String	getAttrCertificateAuthorityData() The `certificate-authority-data` for your cluster.
String	getAttrClusterSecurityGroupId() The cluster security group that was created by Amazon EKS for the cluster.
String	getAttrEncryptionConfigKeyArn() Amazon Resource Name (ARN) or alias of the customer master key (CMK).
String	getAttrEndpoint() The endpoint for your Kubernetes API server, such as `https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com` .
String	getAttrId() The ID of your local Amazon EKS cluster on an AWS Outpost.
String	getAttrKubernetesNetworkConfigServiceIpv6Cidr() The CIDR block that Kubernetes Service IP addresses are assigned from if you created a 1.21 or later cluster with version 1.10.1 or later of the Amazon VPC CNI add-on and specified `ipv6` for *ipFamily* when you created the cluster.
String	getAttrOpenIdConnectIssuerUrl() The issuer URL for the OIDC identity provider.
protected Map<String,Object>	getCfnProperties()
Object	getEncryptionConfig() The encryption configuration for the cluster.
Object	getKubernetesNetworkConfig() The Kubernetes network configuration for the cluster.
Object	getLogging() The logging configuration for your cluster.
String	getName() The unique name to give to your cluster.
Object	getOutpostConfig() An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost.
Object	getResourcesVpcConfig() The VPC configuration that's used by the cluster control plane.
String	getRoleArn() The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
TagManager	getTags() The metadata that you apply to the cluster to assist with categorization and organization.
String	getVersion() The desired Kubernetes version for your cluster.
void	inspect(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.
protected Map<String,Object>	renderProperties(Map<String,Object> props)
void	setEncryptionConfig(IResolvable value) The encryption configuration for the cluster.
void	setEncryptionConfig(List<Object> value) The encryption configuration for the cluster.
void	setKubernetesNetworkConfig(CfnCluster.KubernetesNetworkConfigProperty value) The Kubernetes network configuration for the cluster.
void	setKubernetesNetworkConfig(IResolvable value) The Kubernetes network configuration for the cluster.
void	setLogging(CfnCluster.LoggingProperty value) The logging configuration for your cluster.
void	setLogging(IResolvable value) The logging configuration for your cluster.
void	setName(String value) The unique name to give to your cluster.
void	setOutpostConfig(CfnCluster.OutpostConfigProperty value) An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost.
void	setOutpostConfig(IResolvable value) An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost.
void	setResourcesVpcConfig(CfnCluster.ResourcesVpcConfigProperty value) The VPC configuration that's used by the cluster control plane.
void	setResourcesVpcConfig(IResolvable value) The VPC configuration that's used by the cluster control plane.
void	setRoleArn(String value) The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
void	setVersion(String value) The desired Kubernetes version for your cluster.

Methods inherited from class software.amazon.awscdk.core.CfnResource

addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validateProperties

Methods inherited from class software.amazon.awscdk.core.CfnRefElement

getRef

Methods inherited from class software.amazon.awscdk.core.CfnElement

getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId

Methods inherited from class software.amazon.awscdk.core.Construct

getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Field Detail

CFN_RESOURCE_TYPE_NAME

@Stability(value=Stable)
public static final String CFN_RESOURCE_TYPE_NAME

The CloudFormation resource type name for this resource class.

Constructor Detail

CfnCluster

protected CfnCluster(software.amazon.jsii.JsiiObjectRef objRef)

CfnCluster

protected CfnCluster(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

CfnCluster

@Stability(value=Stable)
public CfnCluster(@NotNull
                                           Construct scope,
                                           @NotNull
                                           String id,
                                           @NotNull
                                           CfnClusterProps props)

Create a new `AWS::EKS::Cluster`.

Parameters:

scope - - scope in which this resource is defined. This parameter is required.

id - - scoped id of the resource. This parameter is required.

props - - resource properties. This parameter is required.

Method Detail

inspect

@Stability(value=Stable)
public void inspect(@NotNull
                                             TreeInspector inspector)

Examines the CloudFormation resource and discloses attributes.

Specified by:

inspect in interface IInspectable

Parameters:

inspector - - tree inspector to collect and process attributes. This parameter is required.

renderProperties

@Stability(value=Stable)
 @NotNull
protected Map<String,Object> renderProperties(@NotNull
                                                                                 Map<String,Object> props)

Overrides:

renderProperties in class CfnResource

Parameters:

props - This parameter is required.

getAttrArn

@Stability(value=Stable)
 @NotNull
public String getAttrArn()

The ARN of the cluster, such as `arn:aws:eks:us-west-2:666666666666:cluster/prod` .

getAttrCertificateAuthorityData

@Stability(value=Stable)
 @NotNull
public String getAttrCertificateAuthorityData()

The `certificate-authority-data` for your cluster.

getAttrClusterSecurityGroupId

@Stability(value=Stable)
 @NotNull
public String getAttrClusterSecurityGroupId()

The cluster security group that was created by Amazon EKS for the cluster.

Managed node groups use this security group for control plane to data plane communication.

This parameter is only returned by Amazon EKS clusters that support managed node groups. For more information, see Managed node groups in the Amazon EKS User Guide .

getAttrEncryptionConfigKeyArn

@Stability(value=Stable)
 @NotNull
public String getAttrEncryptionConfigKeyArn()

Amazon Resource Name (ARN) or alias of the customer master key (CMK).

getAttrEndpoint

@Stability(value=Stable)
 @NotNull
public String getAttrEndpoint()

The endpoint for your Kubernetes API server, such as `https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com` .

getAttrId

@Stability(value=Stable)
 @NotNull
public String getAttrId()

The ID of your local Amazon EKS cluster on an AWS Outpost.

This property isn't available for an Amazon EKS cluster on the AWS cloud.

getAttrKubernetesNetworkConfigServiceIpv6Cidr

@Stability(value=Stable)
 @NotNull
public String getAttrKubernetesNetworkConfigServiceIpv6Cidr()

The CIDR block that Kubernetes Service IP addresses are assigned from if you created a 1.21 or later cluster with version 1.10.1 or later of the Amazon VPC CNI add-on and specified `ipv6` for *ipFamily* when you created the cluster. Kubernetes assigns Service addresses from the unique local address range ( `fc00::/7` ) because you can't specify a custom IPv6 CIDR block when you create the cluster.

getAttrOpenIdConnectIssuerUrl

@Stability(value=Stable)
 @NotNull
public String getAttrOpenIdConnectIssuerUrl()

The issuer URL for the OIDC identity provider.

getCfnProperties

@Stability(value=Stable)
 @NotNull
protected Map<String,Object> getCfnProperties()

Overrides:

getCfnProperties in class CfnResource

getTags

@Stability(value=Stable)
 @NotNull
public TagManager getTags()

The metadata that you apply to the cluster to assist with categorization and organization.

Each tag consists of a key and an optional value, both of which you define. Cluster tags don't propagate to any other resources associated with the cluster.

You must have the eks:TagResource and eks:UntagResource permissions in your IAM user or IAM role used to manage the CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.

getResourcesVpcConfig

@Stability(value=Stable)
 @NotNull
public Object getResourcesVpcConfig()

The VPC configuration that's used by the cluster control plane.

Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.

Updates require replacement of the SecurityGroupIds and SubnetIds sub-properties.

setResourcesVpcConfig

@Stability(value=Stable)
public void setResourcesVpcConfig(@NotNull
                                                           CfnCluster.ResourcesVpcConfigProperty value)

The VPC configuration that's used by the cluster control plane.

Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.

Updates require replacement of the SecurityGroupIds and SubnetIds sub-properties.

setResourcesVpcConfig

@Stability(value=Stable)
public void setResourcesVpcConfig(@NotNull
                                                           IResolvable value)

The VPC configuration that's used by the cluster control plane.

Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.

Updates require replacement of the SecurityGroupIds and SubnetIds sub-properties.

getRoleArn

@Stability(value=Stable)
 @NotNull
public String getRoleArn()

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

For more information, see Amazon EKS Service IAM Role in the Amazon EKS User Guide .

setRoleArn

@Stability(value=Stable)
public void setRoleArn(@NotNull
                                                String value)

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

For more information, see Amazon EKS Service IAM Role in the Amazon EKS User Guide .

getEncryptionConfig

@Stability(value=Stable)
 @Nullable
public Object getEncryptionConfig()

The encryption configuration for the cluster.

setEncryptionConfig

@Stability(value=Stable)
public void setEncryptionConfig(@Nullable
                                                         IResolvable value)

The encryption configuration for the cluster.

setEncryptionConfig

@Stability(value=Stable)
public void setEncryptionConfig(@Nullable
                                                         List<Object> value)

The encryption configuration for the cluster.

getKubernetesNetworkConfig

@Stability(value=Stable)
 @Nullable
public Object getKubernetesNetworkConfig()

The Kubernetes network configuration for the cluster.

setKubernetesNetworkConfig

@Stability(value=Stable)
public void setKubernetesNetworkConfig(@Nullable
                                                                IResolvable value)

The Kubernetes network configuration for the cluster.

setKubernetesNetworkConfig

@Stability(value=Stable)
public void setKubernetesNetworkConfig(@Nullable
                                                                CfnCluster.KubernetesNetworkConfigProperty value)

The Kubernetes network configuration for the cluster.

getLogging

@Stability(value=Stable)
 @Nullable
public Object getLogging()

The logging configuration for your cluster.

setLogging

@Stability(value=Stable)
public void setLogging(@Nullable
                                                IResolvable value)

The logging configuration for your cluster.

setLogging

@Stability(value=Stable)
public void setLogging(@Nullable
                                                CfnCluster.LoggingProperty value)

The logging configuration for your cluster.

getName

@Stability(value=Stable)
 @Nullable
public String getName()

The unique name to give to your cluster.

setName

@Stability(value=Stable)
public void setName(@Nullable
                                             String value)

The unique name to give to your cluster.

getOutpostConfig

@Stability(value=Stable)
 @Nullable
public Object getOutpostConfig()

An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost.

This object isn't available for clusters on the AWS cloud.

setOutpostConfig

@Stability(value=Stable)
public void setOutpostConfig(@Nullable
                                                      IResolvable value)

An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost.

This object isn't available for clusters on the AWS cloud.

setOutpostConfig

@Stability(value=Stable)
public void setOutpostConfig(@Nullable
                                                      CfnCluster.OutpostConfigProperty value)

An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost.

This object isn't available for clusters on the AWS cloud.

getVersion

@Stability(value=Stable)
 @Nullable
public String getVersion()

The desired Kubernetes version for your cluster.

If you don't specify a value here, the default version available in Amazon EKS is used.

The default version might not be the latest version available.

setVersion

@Stability(value=Stable)
public void setVersion(@Nullable
                                                String value)

The desired Kubernetes version for your cluster.

If you don't specify a value here, the default version available in Amazon EKS is used.

The default version might not be the latest version available.