aws-cdk-lib.aws_eks.EndpointAccess

class EndpointAccess

LanguageType name
.NETAmazon.CDK.AWS.EKS.EndpointAccess
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awseks#EndpointAccess
Javasoftware.amazon.awscdk.services.eks.EndpointAccess
Pythonaws_cdk.aws_eks.EndpointAccess
TypeScript (source)aws-cdk-lib » aws_eks » EndpointAccess

Endpoint access characteristics.

Example

const cluster = new eks.Cluster(this, 'hello-eks', {
  version: eks.KubernetesVersion.V1_26,
  endpointAccess: eks.EndpointAccess.PRIVATE, // No access outside of your VPC.
});

Properties

NameTypeDescription
static PRIVATEEndpointAccessThe cluster endpoint is only accessible through your VPC.
static PUBLICEndpointAccessThe cluster endpoint is accessible from outside of your VPC.
static PUBLIC_AND_PRIVATEEndpointAccessThe cluster endpoint is accessible from outside of your VPC.

static PRIVATE

Type: EndpointAccess

The cluster endpoint is only accessible through your VPC.

Worker node traffic to the endpoint will stay within your VPC.


static PUBLIC

Type: EndpointAccess

The cluster endpoint is accessible from outside of your VPC.

Worker node traffic will leave your VPC to connect to the endpoint.

By default, the endpoint is exposed to all adresses. You can optionally limit the CIDR blocks that can access the public endpoint using the PUBLIC.onlyFrom method. If you limit access to specific CIDR blocks, you must ensure that the CIDR blocks that you specify include the addresses that worker nodes and Fargate pods (if you use them) access the public endpoint from.


static PUBLIC_AND_PRIVATE

Type: EndpointAccess

The cluster endpoint is accessible from outside of your VPC.

Worker node traffic to the endpoint will stay within your VPC.

By default, the endpoint is exposed to all adresses. You can optionally limit the CIDR blocks that can access the public endpoint using the PUBLIC_AND_PRIVATE.onlyFrom method. If you limit access to specific CIDR blocks, you must ensure that the CIDR blocks that you specify include the addresses that worker nodes and Fargate pods (if you use them) access the public endpoint from.

Methods

NameDescription
onlyFrom(...cidr)Restrict public access to specific CIDR blocks.

onlyFrom(...cidr)

public onlyFrom(...cidr: string[]): EndpointAccess

Parameters

  • cidr string — CIDR blocks.

Returns

  • EndpointAccess

Restrict public access to specific CIDR blocks.

If public access is disabled, this method will result in an error.