aws-cdk-lib.aws_eks.ICluster

interface ICluster

LanguageType name
.NETAmazon.CDK.AWS.EKS.ICluster
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awseks#ICluster
Javasoftware.amazon.awscdk.services.eks.ICluster
Pythonaws_cdk.aws_eks.ICluster
TypeScript (source)aws-cdk-lib » aws_eks » ICluster

Implemented by Cluster, FargateCluster

Obtainable from Cluster.fromClusterAttributes()

An EKS cluster.

Properties

NameTypeDescription
clusterArnstringThe unique ARN assigned to the service by AWS in the form of arn:aws:eks:.
clusterCertificateAuthorityDatastringThe certificate-authority-data for your cluster.
clusterEncryptionConfigKeyArnstringAmazon Resource Name (ARN) or alias of the customer master key (CMK).
clusterEndpointstringThe API Server endpoint URL.
clusterNamestringThe physical name of the Cluster.
clusterSecurityGroupISecurityGroupThe cluster security group that was created by Amazon EKS for the cluster.
clusterSecurityGroupIdstringThe id of the cluster security group that was created by Amazon EKS for the cluster.
connectionsConnectionsThe network connections associated with this resource.
envResourceEnvironmentThe environment this resource belongs to.
nodeNodeThe tree node.
openIdConnectProviderIOpenIdConnectProviderThe Open ID Connect Provider of the cluster used to configure Service Accounts.
prunebooleanIndicates whether Kubernetes resources can be automatically pruned.
stackStackThe stack in which this resource is defined.
vpcIVpcThe VPC in which this Cluster was created.
awscliLayer?ILayerVersionAn AWS Lambda layer that contains the aws CLI.
clusterHandlerSecurityGroup?ISecurityGroupA security group to associate with the Cluster Handler's Lambdas.
ipFamily?IpFamilySpecify which IP family is used to assign Kubernetes pod and service IP addresses.
kubectlEnvironment?{ [string]: string }Custom environment variables when running kubectl against this cluster.
kubectlLambdaRole?IRoleAn IAM role that can perform kubectl operations against this cluster.
kubectlLayer?ILayerVersionAn AWS Lambda layer that includes kubectl and helm.
kubectlMemory?SizeAmount of memory to allocate to the provider's lambda function.
kubectlPrivateSubnets?ISubnet[]Subnets to host the kubectl compute resources.
kubectlProvider?IKubectlProviderKubectl Provider for issuing kubectl commands against it.
kubectlRole?IRoleAn IAM role that can perform kubectl operations against this cluster.
kubectlSecurityGroup?ISecurityGroupA security group to use for kubectl execution.
onEventLayer?ILayerVersionAn AWS Lambda layer that includes the NPM dependency proxy-agent.

clusterArn

Type: string

The unique ARN assigned to the service by AWS in the form of arn:aws:eks:.


clusterCertificateAuthorityData

Type: string

The certificate-authority-data for your cluster.


clusterEncryptionConfigKeyArn

Type: string

Amazon Resource Name (ARN) or alias of the customer master key (CMK).


clusterEndpoint

Type: string

The API Server endpoint URL.


clusterName

Type: string

The physical name of the Cluster.


clusterSecurityGroup

Type: ISecurityGroup

The cluster security group that was created by Amazon EKS for the cluster.


clusterSecurityGroupId

Type: string

The id of the cluster security group that was created by Amazon EKS for the cluster.


connections

Type: Connections

The network connections associated with this resource.


env

Type: ResourceEnvironment

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.


node

Type: Node

The tree node.


openIdConnectProvider

Type: IOpenIdConnectProvider

The Open ID Connect Provider of the cluster used to configure Service Accounts.


prune

Type: boolean

Indicates whether Kubernetes resources can be automatically pruned.

When this is enabled (default), prune labels will be allocated and injected to each resource. These labels will then be used when issuing the kubectl apply operation with the --prune switch.


stack

Type: Stack

The stack in which this resource is defined.


vpc

Type: IVpc

The VPC in which this Cluster was created.


awscliLayer?

Type: ILayerVersion (optional)

An AWS Lambda layer that contains the aws CLI.

If not defined, a default layer will be used containing the AWS CLI 1.x.


clusterHandlerSecurityGroup?

Type: ISecurityGroup (optional, default: No security group.)

A security group to associate with the Cluster Handler's Lambdas.

The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.

Requires placeClusterHandlerInVpc to be set to true.


ipFamily?

Type: IpFamily (optional, default: IpFamily.IP_V4)

Specify which IP family is used to assign Kubernetes pod and service IP addresses.

See also: https://docs.aws.amazon.com/eks/latest/APIReference/API_KubernetesNetworkConfigRequest.html#AmazonEKS-Type-KubernetesNetworkConfigRequest-ipFamily


kubectlEnvironment?

Type: { [string]: string } (optional)

Custom environment variables when running kubectl against this cluster.


kubectlLambdaRole?

Type: IRole (optional)

An IAM role that can perform kubectl operations against this cluster.

The role should be mapped to the system:masters Kubernetes RBAC role.

This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster.


kubectlLayer?

Type: ILayerVersion (optional)

An AWS Lambda layer that includes kubectl and helm.

If not defined, a default layer will be used containing Kubectl 1.20 and Helm 3.8


kubectlMemory?

Type: Size (optional)

Amount of memory to allocate to the provider's lambda function.


kubectlPrivateSubnets?

Type: ISubnet[] (optional)

Subnets to host the kubectl compute resources.

If this is undefined, the k8s endpoint is expected to be accessible publicly.


kubectlProvider?

Type: IKubectlProvider (optional)

Kubectl Provider for issuing kubectl commands against it.

If not defined, a default provider will be used


kubectlRole?

Type: IRole (optional)

An IAM role that can perform kubectl operations against this cluster.

The role should be mapped to the system:masters Kubernetes RBAC role.


kubectlSecurityGroup?

Type: ISecurityGroup (optional)

A security group to use for kubectl execution.

If this is undefined, the k8s endpoint is expected to be accessible publicly.


onEventLayer?

Type: ILayerVersion (optional)

An AWS Lambda layer that includes the NPM dependency proxy-agent.

If not defined, a default layer will be used.

Methods

NameDescription
addCdk8sChart(id, chart, options?)Defines a CDK8s chart in this cluster.
addHelmChart(id, options)Defines a Helm chart in this cluster.
addManifest(id, ...manifest)Defines a Kubernetes resource in this cluster.
addServiceAccount(id, options?)Creates a new service account with corresponding IAM Role (IRSA).
applyRemovalPolicy(policy)Apply the given removal policy to this resource.
connectAutoScalingGroupCapacity(autoScalingGroup, options)Connect capacity in the form of an existing AutoScalingGroup to the EKS cluster.

addCdk8sChart(id, chart, options?)

public addCdk8sChart(id: string, chart: Construct, options?: KubernetesManifestOptions): KubernetesManifest

Parameters

  • id string — logical id of this chart.
  • chart Construct — the cdk8s chart.
  • options KubernetesManifestOptions

Returns

  • KubernetesManifest

Defines a CDK8s chart in this cluster.


addHelmChart(id, options)

public addHelmChart(id: string, options: HelmChartOptions): HelmChart

Parameters

  • id string — logical id of this chart.
  • options HelmChartOptions — options of this chart.

Returns

  • HelmChart

Defines a Helm chart in this cluster.


addManifest(id, ...manifest)

public addManifest(id: string, ...manifest: { [string]: any }[]): KubernetesManifest

Parameters

  • id string — logical id of this manifest.
  • manifest { [string]: any } — a list of Kubernetes resource specifications.

Returns

  • KubernetesManifest

Defines a Kubernetes resource in this cluster.

The manifest will be applied/deleted using kubectl as needed.


addServiceAccount(id, options?)

public addServiceAccount(id: string, options?: ServiceAccountOptions): ServiceAccount

Parameters

  • id string — logical id of service account.
  • options ServiceAccountOptions — service account options.

Returns

  • ServiceAccount

Creates a new service account with corresponding IAM Role (IRSA).


applyRemovalPolicy(policy)

public applyRemovalPolicy(policy: RemovalPolicy): void

Parameters

  • policy RemovalPolicy

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).


connectAutoScalingGroupCapacity(autoScalingGroup, options)

public connectAutoScalingGroupCapacity(autoScalingGroup: AutoScalingGroup, options: AutoScalingGroupOptions): void

Parameters

  • autoScalingGroup AutoScalingGroup — [disable-awslint:ref-via-interface].
  • options AutoScalingGroupOptions — options for adding auto scaling groups, like customizing the bootstrap script.

Connect capacity in the form of an existing AutoScalingGroup to the EKS cluster.

The AutoScalingGroup must be running an EKS-optimized AMI containing the /etc/eks/bootstrap.sh script. This method will configure Security Groups, add the right policies to the instance role, apply the right tags, and add the required user data to the instance's launch configuration.

Spot instances will be labeled lifecycle=Ec2Spot and tainted with PreferNoSchedule. If kubectl is enabled, the spot interrupt handler daemon will be installed on all spot instances to handle EC2 Spot Instance Termination Notices.

Prefer to use addAutoScalingGroupCapacity if possible.

See also: https://docs.aws.amazon.com/eks/latest/userguide/launch-workers.html