awseks

package
v2.0.0-rc.33 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 26, 2021 License: Apache-2.0 Imports: 11 Imported by: 7

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AlbController_IsConstruct

func AlbController_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func AwsAuth_IsConstruct

func AwsAuth_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnAddon_CFN_RESOURCE_TYPE_NAME

func CfnAddon_CFN_RESOURCE_TYPE_NAME() *string

func CfnAddon_IsCfnElement

func CfnAddon_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnAddon_IsCfnResource

func CfnAddon_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnAddon_IsConstruct

func CfnAddon_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnCluster_CFN_RESOURCE_TYPE_NAME

func CfnCluster_CFN_RESOURCE_TYPE_NAME() *string

func CfnCluster_IsCfnElement

func CfnCluster_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnCluster_IsCfnResource

func CfnCluster_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnCluster_IsConstruct

func CfnCluster_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnFargateProfile_CFN_RESOURCE_TYPE_NAME

func CfnFargateProfile_CFN_RESOURCE_TYPE_NAME() *string

func CfnFargateProfile_IsCfnElement

func CfnFargateProfile_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnFargateProfile_IsCfnResource

func CfnFargateProfile_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnFargateProfile_IsConstruct

func CfnFargateProfile_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnNodegroup_CFN_RESOURCE_TYPE_NAME

func CfnNodegroup_CFN_RESOURCE_TYPE_NAME() *string

func CfnNodegroup_IsCfnElement

func CfnNodegroup_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnNodegroup_IsCfnResource

func CfnNodegroup_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnNodegroup_IsConstruct

func CfnNodegroup_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func Cluster_IsConstruct

func Cluster_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func Cluster_IsResource

func Cluster_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func FargateCluster_IsConstruct

func FargateCluster_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func FargateCluster_IsResource

func FargateCluster_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func FargateProfile_IsConstruct

func FargateProfile_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func HelmChart_IsConstruct

func HelmChart_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func HelmChart_RESOURCE_TYPE

func HelmChart_RESOURCE_TYPE() *string

func KubernetesManifest_IsConstruct

func KubernetesManifest_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func KubernetesManifest_RESOURCE_TYPE

func KubernetesManifest_RESOURCE_TYPE() *string

func KubernetesObjectValue_IsConstruct

func KubernetesObjectValue_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func KubernetesObjectValue_RESOURCE_TYPE

func KubernetesObjectValue_RESOURCE_TYPE() *string

func KubernetesPatch_IsConstruct

func KubernetesPatch_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func NewAlbController_Override

func NewAlbController_Override(a AlbController, scope constructs.Construct, id *string, props *AlbControllerProps)

Experimental.

func NewAwsAuth_Override

func NewAwsAuth_Override(a AwsAuth, scope constructs.Construct, id *string, props *AwsAuthProps)

Experimental.

func NewCfnAddon_Override

func NewCfnAddon_Override(c CfnAddon, scope constructs.Construct, id *string, props *CfnAddonProps)

Create a new `AWS::EKS::Addon`.

func NewCfnCluster_Override

func NewCfnCluster_Override(c CfnCluster, scope constructs.Construct, id *string, props *CfnClusterProps)

Create a new `AWS::EKS::Cluster`.

func NewCfnFargateProfile_Override

func NewCfnFargateProfile_Override(c CfnFargateProfile, scope constructs.Construct, id *string, props *CfnFargateProfileProps)

Create a new `AWS::EKS::FargateProfile`.

func NewCfnNodegroup_Override

func NewCfnNodegroup_Override(c CfnNodegroup, scope constructs.Construct, id *string, props *CfnNodegroupProps)

Create a new `AWS::EKS::Nodegroup`.

func NewCluster_Override

func NewCluster_Override(c Cluster, scope constructs.Construct, id *string, props *ClusterProps)

Initiates an EKS Cluster with the supplied arguments. Experimental.

func NewEksOptimizedImage_Override

func NewEksOptimizedImage_Override(e EksOptimizedImage, props *EksOptimizedImageProps)

Constructs a new instance of the EcsOptimizedAmi class. Experimental.

func NewFargateCluster_Override

func NewFargateCluster_Override(f FargateCluster, scope constructs.Construct, id *string, props *FargateClusterProps)

Experimental.

func NewFargateProfile_Override

func NewFargateProfile_Override(f FargateProfile, scope constructs.Construct, id *string, props *FargateProfileProps)

Experimental.

func NewHelmChart_Override

func NewHelmChart_Override(h HelmChart, scope constructs.Construct, id *string, props *HelmChartProps)

Experimental.

func NewKubernetesManifest_Override

func NewKubernetesManifest_Override(k KubernetesManifest, scope constructs.Construct, id *string, props *KubernetesManifestProps)

Experimental.

func NewKubernetesObjectValue_Override

func NewKubernetesObjectValue_Override(k KubernetesObjectValue, scope constructs.Construct, id *string, props *KubernetesObjectValueProps)

Experimental.

func NewKubernetesPatch_Override

func NewKubernetesPatch_Override(k KubernetesPatch, scope constructs.Construct, id *string, props *KubernetesPatchProps)

Experimental.

func NewNodegroup_Override

func NewNodegroup_Override(n Nodegroup, scope constructs.Construct, id *string, props *NodegroupProps)

Experimental.

func NewOpenIdConnectProvider_Override

func NewOpenIdConnectProvider_Override(o OpenIdConnectProvider, scope constructs.Construct, id *string, props *OpenIdConnectProviderProps)

Defines an OpenID Connect provider. Experimental.

func NewServiceAccount_Override

func NewServiceAccount_Override(s ServiceAccount, scope constructs.Construct, id *string, props *ServiceAccountProps)

Experimental.

func Nodegroup_IsConstruct

func Nodegroup_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func Nodegroup_IsResource

func Nodegroup_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func OpenIdConnectProvider_FromOpenIdConnectProviderArn

func OpenIdConnectProvider_FromOpenIdConnectProviderArn(scope constructs.Construct, id *string, openIdConnectProviderArn *string) awsiam.IOpenIdConnectProvider

Imports an Open ID connect provider from an ARN. Experimental.

func OpenIdConnectProvider_IsConstruct

func OpenIdConnectProvider_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func OpenIdConnectProvider_IsResource

func OpenIdConnectProvider_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func ServiceAccount_IsConstruct

func ServiceAccount_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

Types

type AlbController

type AlbController interface {
	constructs.Construct
	Node() constructs.Node
	ToString() *string
}

Construct for installing the AWS ALB Contoller on EKS clusters.

Use the factory functions `get` and `getOrCreate` to obtain/create instances of this controller.

TODO: EXAMPLE

See: https://kubernetes-sigs.github.io/aws-load-balancer-controller

Experimental.

func AlbController_Create

func AlbController_Create(scope constructs.Construct, props *AlbControllerProps) AlbController

Create the controller construct associated with this cluster and scope.

Singleton per stack/cluster. Experimental.

func NewAlbController

func NewAlbController(scope constructs.Construct, id *string, props *AlbControllerProps) AlbController

Experimental.

type AlbControllerOptions

type AlbControllerOptions struct {
	// The IAM policy to apply to the service account.
	//
	// If you're using one of the built-in versions, this is not required since
	// CDK ships with the appropriate policies for those versions.
	//
	// However, if you are using a custom version, this is required (and validated).
	// Experimental.
	Policy interface{} `json:"policy"`
	// The repository to pull the controller image from.
	//
	// Note that the default repository works for most regions, but not all.
	// If the repository is not applicable to your region, use a custom repository
	// according to the information here: https://github.com/kubernetes-sigs/aws-load-balancer-controller/releases.
	// Experimental.
	Repository *string `json:"repository"`
	// Version of the controller.
	// Experimental.
	Version AlbControllerVersion `json:"version"`
}

Options for `AlbController`.

TODO: EXAMPLE

Experimental.

type AlbControllerProps

type AlbControllerProps struct {
	// The IAM policy to apply to the service account.
	//
	// If you're using one of the built-in versions, this is not required since
	// CDK ships with the appropriate policies for those versions.
	//
	// However, if you are using a custom version, this is required (and validated).
	// Experimental.
	Policy interface{} `json:"policy"`
	// The repository to pull the controller image from.
	//
	// Note that the default repository works for most regions, but not all.
	// If the repository is not applicable to your region, use a custom repository
	// according to the information here: https://github.com/kubernetes-sigs/aws-load-balancer-controller/releases.
	// Experimental.
	Repository *string `json:"repository"`
	// Version of the controller.
	// Experimental.
	Version AlbControllerVersion `json:"version"`
	// [disable-awslint:ref-via-interface] Cluster to install the controller onto.
	// Experimental.
	Cluster Cluster `json:"cluster"`
}

Properties for `AlbController`.

TODO: EXAMPLE

Experimental.

type AlbControllerVersion

type AlbControllerVersion interface {
	Custom() *bool
	Version() *string
}

Controller version.

Corresponds to the image tag of 'amazon/aws-load-balancer-controller' image.

TODO: EXAMPLE

Experimental.

func AlbControllerVersion_Of

func AlbControllerVersion_Of(version *string) AlbControllerVersion

Specify a custom version.

Use this if the version you need is not available in one of the predefined versions. Note that in this case, you will also need to provide an IAM policy in the controller options. Experimental.

func AlbControllerVersion_V2_0_0

func AlbControllerVersion_V2_0_0() AlbControllerVersion

func AlbControllerVersion_V2_0_1

func AlbControllerVersion_V2_0_1() AlbControllerVersion

func AlbControllerVersion_V2_1_0

func AlbControllerVersion_V2_1_0() AlbControllerVersion

func AlbControllerVersion_V2_1_1

func AlbControllerVersion_V2_1_1() AlbControllerVersion

func AlbControllerVersion_V2_1_2

func AlbControllerVersion_V2_1_2() AlbControllerVersion

func AlbControllerVersion_V2_1_3

func AlbControllerVersion_V2_1_3() AlbControllerVersion

func AlbControllerVersion_V2_2_0

func AlbControllerVersion_V2_2_0() AlbControllerVersion

func AlbControllerVersion_V2_2_1

func AlbControllerVersion_V2_2_1() AlbControllerVersion

func AlbControllerVersion_V2_2_2

func AlbControllerVersion_V2_2_2() AlbControllerVersion

func AlbControllerVersion_V2_2_3

func AlbControllerVersion_V2_2_3() AlbControllerVersion

func AlbControllerVersion_V2_2_4

func AlbControllerVersion_V2_2_4() AlbControllerVersion

func AlbControllerVersion_V2_3_0

func AlbControllerVersion_V2_3_0() AlbControllerVersion

type AlbScheme

type AlbScheme string

ALB Scheme. See: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.3/guide/ingress/annotations/#scheme

Experimental.

const (
	AlbScheme_INTERNAL        AlbScheme = "INTERNAL"
	AlbScheme_INTERNET_FACING AlbScheme = "INTERNET_FACING"
)

type AutoScalingGroupCapacityOptions

type AutoScalingGroupCapacityOptions struct {
	// Whether the instances can initiate connections to anywhere by default.
	// Experimental.
	AllowAllOutbound *bool `json:"allowAllOutbound"`
	// Whether instances in the Auto Scaling Group should have public IP addresses associated with them.
	// Experimental.
	AssociatePublicIpAddress *bool `json:"associatePublicIpAddress"`
	// The name of the Auto Scaling group.
	//
	// This name must be unique per Region per account.
	// Experimental.
	AutoScalingGroupName *string `json:"autoScalingGroupName"`
	// Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes.
	//
	// Each instance that is launched has an associated root device volume,
	// either an Amazon EBS volume or an instance store volume.
	// You can use block device mappings to specify additional EBS volumes or
	// instance store volumes to attach to an instance when it is launched.
	// See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html
	//
	// Experimental.
	BlockDevices *[]*awsautoscaling.BlockDevice `json:"blockDevices"`
	// Default scaling cooldown for this AutoScalingGroup.
	// Experimental.
	Cooldown awscdk.Duration `json:"cooldown"`
	// Initial amount of instances in the fleet.
	//
	// If this is set to a number, every deployment will reset the amount of
	// instances to this number. It is recommended to leave this value blank.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-group.html#cfn-as-group-desiredcapacity
	//
	// Experimental.
	DesiredCapacity *float64 `json:"desiredCapacity"`
	// Enable monitoring for group metrics, these metrics describe the group rather than any of its instances.
	//
	// To report all group metrics use `GroupMetrics.all()`
	// Group metrics are reported in a granularity of 1 minute at no additional charge.
	// Experimental.
	GroupMetrics *[]awsautoscaling.GroupMetrics `json:"groupMetrics"`
	// Configuration for health checks.
	// Experimental.
	HealthCheck awsautoscaling.HealthCheck `json:"healthCheck"`
	// If the ASG has scheduled actions, don't reset unchanged group sizes.
	//
	// Only used if the ASG has scheduled actions (which may scale your ASG up
	// or down regardless of cdk deployments). If true, the size of the group
	// will only be reset if it has been changed in the CDK app. If false, the
	// sizes will always be changed back to what they were in the CDK app
	// on deployment.
	// Experimental.
	IgnoreUnmodifiedSizeProperties *bool `json:"ignoreUnmodifiedSizeProperties"`
	// Controls whether instances in this group are launched with detailed or basic monitoring.
	//
	// When detailed monitoring is enabled, Amazon CloudWatch generates metrics every minute and your account
	// is charged a fee. When you disable detailed monitoring, CloudWatch generates metrics every 5 minutes.
	// See: https://docs.aws.amazon.com/autoscaling/latest/userguide/as-instance-monitoring.html#enable-as-instance-metrics
	//
	// Experimental.
	InstanceMonitoring awsautoscaling.Monitoring `json:"instanceMonitoring"`
	// Name of SSH keypair to grant access to instances.
	// Experimental.
	KeyName *string `json:"keyName"`
	// Maximum number of instances in the fleet.
	// Experimental.
	MaxCapacity *float64 `json:"maxCapacity"`
	// The maximum amount of time that an instance can be in service.
	//
	// The maximum duration applies
	// to all current and future instances in the group. As an instance approaches its maximum duration,
	// it is terminated and replaced, and cannot be used again.
	//
	// You must specify a value of at least 604,800 seconds (7 days). To clear a previously set value,
	// leave this property undefined.
	// See: https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-max-instance-lifetime.html
	//
	// Experimental.
	MaxInstanceLifetime awscdk.Duration `json:"maxInstanceLifetime"`
	// Minimum number of instances in the fleet.
	// Experimental.
	MinCapacity *float64 `json:"minCapacity"`
	// Whether newly-launched instances are protected from termination by Amazon EC2 Auto Scaling when scaling in.
	//
	// By default, Auto Scaling can terminate an instance at any time after launch
	// when scaling in an Auto Scaling Group, subject to the group's termination
	// policy. However, you may wish to protect newly-launched instances from
	// being scaled in if they are going to run critical applications that should
	// not be prematurely terminated.
	//
	// This flag must be enabled if the Auto Scaling Group will be associated with
	// an ECS Capacity Provider with managed termination protection.
	// Experimental.
	NewInstancesProtectedFromScaleIn *bool `json:"newInstancesProtectedFromScaleIn"`
	// Configure autoscaling group to send notifications about fleet changes to an SNS topic(s).
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-group.html#cfn-as-group-notificationconfigurations
	//
	// Experimental.
	Notifications *[]*awsautoscaling.NotificationConfiguration `json:"notifications"`
	// Configure waiting for signals during deployment.
	//
	// Use this to pause the CloudFormation deployment to wait for the instances
	// in the AutoScalingGroup to report successful startup during
	// creation and updates. The UserData script needs to invoke `cfn-signal`
	// with a success or failure code after it is done setting up the instance.
	//
	// Without waiting for signals, the CloudFormation deployment will proceed as
	// soon as the AutoScalingGroup has been created or updated but before the
	// instances in the group have been started.
	//
	// For example, to have instances wait for an Elastic Load Balancing health check before
	// they signal success, add a health-check verification by using the
	// cfn-init helper script. For an example, see the verify_instance_health
	// command in the Auto Scaling rolling updates sample template:
	//
	// https://github.com/awslabs/aws-cloudformation-templates/blob/master/aws/services/AutoScaling/AutoScalingRollingUpdates.yaml
	// Experimental.
	Signals awsautoscaling.Signals `json:"signals"`
	// The maximum hourly price (in USD) to be paid for any Spot Instance launched to fulfill the request.
	//
	// Spot Instances are
	// launched when the price you specify exceeds the current Spot market price.
	// Experimental.
	SpotPrice *string `json:"spotPrice"`
	// What to do when an AutoScalingGroup's instance configuration is changed.
	//
	// This is applied when any of the settings on the ASG are changed that
	// affect how the instances should be created (VPC, instance type, startup
	// scripts, etc.). It indicates how the existing instances should be
	// replaced with new instances matching the new config. By default, nothing
	// is done and only new instances are launched with the new config.
	// Experimental.
	UpdatePolicy awsautoscaling.UpdatePolicy `json:"updatePolicy"`
	// Where to place instances within the VPC.
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `json:"vpcSubnets"`
	// Configures the EC2 user-data script for instances in this autoscaling group to bootstrap the node (invoke `/etc/eks/bootstrap.sh`) and associate it with the EKS cluster.
	//
	// If you wish to provide a custom user data script, set this to `false` and
	// manually invoke `autoscalingGroup.addUserData()`.
	// Experimental.
	BootstrapEnabled *bool `json:"bootstrapEnabled"`
	// EKS node bootstrapping options.
	// Experimental.
	BootstrapOptions *BootstrapOptions `json:"bootstrapOptions"`
	// Instance type of the instances to start.
	// Experimental.
	InstanceType awsec2.InstanceType `json:"instanceType"`
	// Machine image type.
	// Experimental.
	MachineImageType MachineImageType `json:"machineImageType"`
	// Will automatically update the aws-auth ConfigMap to map the IAM instance role to RBAC.
	//
	// This cannot be explicitly set to `true` if the cluster has kubectl disabled.
	// Experimental.
	MapRole *bool `json:"mapRole"`
	// Installs the AWS spot instance interrupt handler on the cluster if it's not already added.
	//
	// Only relevant if `spotPrice` is used.
	// Experimental.
	SpotInterruptHandler *bool `json:"spotInterruptHandler"`
}

Options for adding worker nodes.

TODO: EXAMPLE

Experimental.

type AutoScalingGroupOptions

type AutoScalingGroupOptions struct {
	// Configures the EC2 user-data script for instances in this autoscaling group to bootstrap the node (invoke `/etc/eks/bootstrap.sh`) and associate it with the EKS cluster.
	//
	// If you wish to provide a custom user data script, set this to `false` and
	// manually invoke `autoscalingGroup.addUserData()`.
	// Experimental.
	BootstrapEnabled *bool `json:"bootstrapEnabled"`
	// Allows options for node bootstrapping through EC2 user data.
	// Experimental.
	BootstrapOptions *BootstrapOptions `json:"bootstrapOptions"`
	// Allow options to specify different machine image type.
	// Experimental.
	MachineImageType MachineImageType `json:"machineImageType"`
	// Will automatically update the aws-auth ConfigMap to map the IAM instance role to RBAC.
	//
	// This cannot be explicitly set to `true` if the cluster has kubectl disabled.
	// Experimental.
	MapRole *bool `json:"mapRole"`
	// Installs the AWS spot instance interrupt handler on the cluster if it's not already added.
	//
	// Only relevant if `spotPrice` is configured on the auto-scaling group.
	// Experimental.
	SpotInterruptHandler *bool `json:"spotInterruptHandler"`
}

Options for adding an AutoScalingGroup as capacity.

TODO: EXAMPLE

Experimental.

type AwsAuth

type AwsAuth interface {
	constructs.Construct
	Node() constructs.Node
	AddAccount(accountId *string)
	AddMastersRole(role awsiam.IRole, username *string)
	AddRoleMapping(role awsiam.IRole, mapping *AwsAuthMapping)
	AddUserMapping(user awsiam.IUser, mapping *AwsAuthMapping)
	ToString() *string
}

Manages mapping between IAM users and roles to Kubernetes RBAC configuration.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/en_us/eks/latest/userguide/add-user-role.html

Experimental.

func NewAwsAuth

func NewAwsAuth(scope constructs.Construct, id *string, props *AwsAuthProps) AwsAuth

Experimental.

type AwsAuthMapping

type AwsAuthMapping struct {
	// A list of groups within Kubernetes to which the role is mapped.
	// See: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#default-roles-and-role-bindings
	//
	// Experimental.
	Groups *[]*string `json:"groups"`
	// The user name within Kubernetes to map to the IAM role.
	// Experimental.
	Username *string `json:"username"`
}

AwsAuth mapping.

TODO: EXAMPLE

Experimental.

type AwsAuthProps

type AwsAuthProps struct {
	// The EKS cluster to apply this configuration to.
	//
	// [disable-awslint:ref-via-interface]
	// Experimental.
	Cluster Cluster `json:"cluster"`
}

Configuration props for the AwsAuth construct.

TODO: EXAMPLE

Experimental.

type BootstrapOptions

type BootstrapOptions struct {
	// Additional command line arguments to pass to the `/etc/eks/bootstrap.sh` command.
	// See: https://github.com/awslabs/amazon-eks-ami/blob/master/files/bootstrap.sh
	//
	// Experimental.
	AdditionalArgs *string `json:"additionalArgs"`
	// Number of retry attempts for AWS API call (DescribeCluster).
	// Experimental.
	AwsApiRetryAttempts *float64 `json:"awsApiRetryAttempts"`
	// Overrides the IP address to use for DNS queries within the cluster.
	// Experimental.
	DnsClusterIp *string `json:"dnsClusterIp"`
	// The contents of the `/etc/docker/daemon.json` file. Useful if you want a custom config differing from the default one in the EKS AMI.
	// Experimental.
	DockerConfigJson *string `json:"dockerConfigJson"`
	// Restores the docker default bridge network.
	// Experimental.
	EnableDockerBridge *bool `json:"enableDockerBridge"`
	// Extra arguments to add to the kubelet. Useful for adding labels or taints.
	//
	// For example, `--node-labels foo=bar,goo=far`.
	// Experimental.
	KubeletExtraArgs *string `json:"kubeletExtraArgs"`
	// Sets `--max-pods` for the kubelet based on the capacity of the EC2 instance.
	// Experimental.
	UseMaxPods *bool `json:"useMaxPods"`
}

EKS node bootstrapping options.

TODO: EXAMPLE

Experimental.

type CapacityType

type CapacityType string

Capacity type of the managed node group.

TODO: EXAMPLE

Experimental.

const (
	CapacityType_ON_DEMAND CapacityType = "ON_DEMAND"
	CapacityType_SPOT      CapacityType = "SPOT"
)

type CfnAddon

type CfnAddon interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AddonName() *string
	SetAddonName(val *string)
	AddonVersion() *string
	SetAddonVersion(val *string)
	AttrArn() *string
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ClusterName() *string
	SetClusterName(val *string)
	CreationStack() *[]*string
	LogicalId() *string
	Node() constructs.Node
	Ref() *string
	ResolveConflicts() *string
	SetResolveConflicts(val *string)
	ServiceAccountRoleArn() *string
	SetServiceAccountRoleArn(val *string)
	Stack() awscdk.Stack
	Tags() awscdk.TagManager
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::EKS::Addon`.

TODO: EXAMPLE

func NewCfnAddon

func NewCfnAddon(scope constructs.Construct, id *string, props *CfnAddonProps) CfnAddon

Create a new `AWS::EKS::Addon`.

type CfnAddonProps

type CfnAddonProps struct {
	// `AWS::EKS::Addon.AddonName`.
	AddonName *string `json:"addonName"`
	// `AWS::EKS::Addon.AddonVersion`.
	AddonVersion *string `json:"addonVersion"`
	// `AWS::EKS::Addon.ClusterName`.
	ClusterName *string `json:"clusterName"`
	// `AWS::EKS::Addon.ResolveConflicts`.
	ResolveConflicts *string `json:"resolveConflicts"`
	// `AWS::EKS::Addon.ServiceAccountRoleArn`.
	ServiceAccountRoleArn *string `json:"serviceAccountRoleArn"`
	// `AWS::EKS::Addon.Tags`.
	Tags *[]*awscdk.CfnTag `json:"tags"`
}

Properties for defining a `AWS::EKS::Addon`.

TODO: EXAMPLE

type CfnCluster

type CfnCluster interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AttrArn() *string
	AttrCertificateAuthorityData() *string
	AttrClusterSecurityGroupId() *string
	AttrEncryptionConfigKeyArn() *string
	AttrEndpoint() *string
	AttrOpenIdConnectIssuerUrl() *string
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	EncryptionConfig() interface{}
	SetEncryptionConfig(val interface{})
	KubernetesNetworkConfig() interface{}
	SetKubernetesNetworkConfig(val interface{})
	Logging() interface{}
	SetLogging(val interface{})
	LogicalId() *string
	Name() *string
	SetName(val *string)
	Node() constructs.Node
	Ref() *string
	ResourcesVpcConfig() interface{}
	SetResourcesVpcConfig(val interface{})
	RoleArn() *string
	SetRoleArn(val *string)
	Stack() awscdk.Stack
	Tags() awscdk.TagManager
	UpdatedProperites() *map[string]interface{}
	Version() *string
	SetVersion(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::EKS::Cluster`.

TODO: EXAMPLE

func NewCfnCluster

func NewCfnCluster(scope constructs.Construct, id *string, props *CfnClusterProps) CfnCluster

Create a new `AWS::EKS::Cluster`.

type CfnClusterProps

type CfnClusterProps struct {
	// `AWS::EKS::Cluster.EncryptionConfig`.
	EncryptionConfig interface{} `json:"encryptionConfig"`
	// `AWS::EKS::Cluster.KubernetesNetworkConfig`.
	KubernetesNetworkConfig interface{} `json:"kubernetesNetworkConfig"`
	// `AWS::EKS::Cluster.Logging`.
	Logging interface{} `json:"logging"`
	// `AWS::EKS::Cluster.Name`.
	Name *string `json:"name"`
	// `AWS::EKS::Cluster.ResourcesVpcConfig`.
	ResourcesVpcConfig interface{} `json:"resourcesVpcConfig"`
	// `AWS::EKS::Cluster.RoleArn`.
	RoleArn *string `json:"roleArn"`
	// `AWS::EKS::Cluster.Tags`.
	Tags *[]*awscdk.CfnTag `json:"tags"`
	// `AWS::EKS::Cluster.Version`.
	Version *string `json:"version"`
}

Properties for defining a `AWS::EKS::Cluster`.

TODO: EXAMPLE

type CfnCluster_ClusterLoggingProperty

type CfnCluster_ClusterLoggingProperty struct {
	// `CfnCluster.ClusterLoggingProperty.EnabledTypes`.
	EnabledTypes interface{} `json:"enabledTypes"`
}

TODO: EXAMPLE

type CfnCluster_EncryptionConfigProperty

type CfnCluster_EncryptionConfigProperty struct {
	// `CfnCluster.EncryptionConfigProperty.Provider`.
	Provider interface{} `json:"provider"`
	// `CfnCluster.EncryptionConfigProperty.Resources`.
	Resources *[]*string `json:"resources"`
}

TODO: EXAMPLE

type CfnCluster_KubernetesNetworkConfigProperty

type CfnCluster_KubernetesNetworkConfigProperty struct {
	// `CfnCluster.KubernetesNetworkConfigProperty.ServiceIpv4Cidr`.
	ServiceIpv4Cidr *string `json:"serviceIpv4Cidr"`
}

TODO: EXAMPLE

type CfnCluster_LoggingProperty

type CfnCluster_LoggingProperty struct {
	// `CfnCluster.LoggingProperty.ClusterLogging`.
	ClusterLogging interface{} `json:"clusterLogging"`
}

TODO: EXAMPLE

type CfnCluster_LoggingTypeConfigProperty

type CfnCluster_LoggingTypeConfigProperty struct {
	// `CfnCluster.LoggingTypeConfigProperty.Type`.
	Type *string `json:"type"`
}

TODO: EXAMPLE

type CfnCluster_ResourcesVpcConfigProperty

type CfnCluster_ResourcesVpcConfigProperty struct {
	// `CfnCluster.ResourcesVpcConfigProperty.EndpointPrivateAccess`.
	EndpointPrivateAccess interface{} `json:"endpointPrivateAccess"`
	// `CfnCluster.ResourcesVpcConfigProperty.EndpointPublicAccess`.
	EndpointPublicAccess interface{} `json:"endpointPublicAccess"`
	// `CfnCluster.ResourcesVpcConfigProperty.PublicAccessCidrs`.
	PublicAccessCidrs *[]*string `json:"publicAccessCidrs"`
	// `CfnCluster.ResourcesVpcConfigProperty.SecurityGroupIds`.
	SecurityGroupIds *[]*string `json:"securityGroupIds"`
	// `CfnCluster.ResourcesVpcConfigProperty.SubnetIds`.
	SubnetIds *[]*string `json:"subnetIds"`
}

TODO: EXAMPLE

type CfnFargateProfile

type CfnFargateProfile interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AttrArn() *string
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ClusterName() *string
	SetClusterName(val *string)
	CreationStack() *[]*string
	FargateProfileName() *string
	SetFargateProfileName(val *string)
	LogicalId() *string
	Node() constructs.Node
	PodExecutionRoleArn() *string
	SetPodExecutionRoleArn(val *string)
	Ref() *string
	Selectors() interface{}
	SetSelectors(val interface{})
	Stack() awscdk.Stack
	Subnets() *[]*string
	SetSubnets(val *[]*string)
	Tags() awscdk.TagManager
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::EKS::FargateProfile`.

TODO: EXAMPLE

func NewCfnFargateProfile

func NewCfnFargateProfile(scope constructs.Construct, id *string, props *CfnFargateProfileProps) CfnFargateProfile

Create a new `AWS::EKS::FargateProfile`.

type CfnFargateProfileProps

type CfnFargateProfileProps struct {
	// `AWS::EKS::FargateProfile.ClusterName`.
	ClusterName *string `json:"clusterName"`
	// `AWS::EKS::FargateProfile.FargateProfileName`.
	FargateProfileName *string `json:"fargateProfileName"`
	// `AWS::EKS::FargateProfile.PodExecutionRoleArn`.
	PodExecutionRoleArn *string `json:"podExecutionRoleArn"`
	// `AWS::EKS::FargateProfile.Selectors`.
	Selectors interface{} `json:"selectors"`
	// `AWS::EKS::FargateProfile.Subnets`.
	Subnets *[]*string `json:"subnets"`
	// `AWS::EKS::FargateProfile.Tags`.
	Tags *[]*awscdk.CfnTag `json:"tags"`
}

Properties for defining a `AWS::EKS::FargateProfile`.

TODO: EXAMPLE

type CfnFargateProfile_LabelProperty

type CfnFargateProfile_LabelProperty struct {
	// `CfnFargateProfile.LabelProperty.Key`.
	Key *string `json:"key"`
	// `CfnFargateProfile.LabelProperty.Value`.
	Value *string `json:"value"`
}

TODO: EXAMPLE

type CfnFargateProfile_SelectorProperty

type CfnFargateProfile_SelectorProperty struct {
	// `CfnFargateProfile.SelectorProperty.Labels`.
	Labels interface{} `json:"labels"`
	// `CfnFargateProfile.SelectorProperty.Namespace`.
	Namespace *string `json:"namespace"`
}

TODO: EXAMPLE

type CfnNodegroup

type CfnNodegroup interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AmiType() *string
	SetAmiType(val *string)
	AttrArn() *string
	AttrClusterName() *string
	AttrNodegroupName() *string
	CapacityType() *string
	SetCapacityType(val *string)
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ClusterName() *string
	SetClusterName(val *string)
	CreationStack() *[]*string
	DiskSize() *float64
	SetDiskSize(val *float64)
	ForceUpdateEnabled() interface{}
	SetForceUpdateEnabled(val interface{})
	InstanceTypes() *[]*string
	SetInstanceTypes(val *[]*string)
	Labels() interface{}
	SetLabels(val interface{})
	LaunchTemplate() interface{}
	SetLaunchTemplate(val interface{})
	LogicalId() *string
	Node() constructs.Node
	NodegroupName() *string
	SetNodegroupName(val *string)
	NodeRole() *string
	SetNodeRole(val *string)
	Ref() *string
	ReleaseVersion() *string
	SetReleaseVersion(val *string)
	RemoteAccess() interface{}
	SetRemoteAccess(val interface{})
	ScalingConfig() interface{}
	SetScalingConfig(val interface{})
	Stack() awscdk.Stack
	Subnets() *[]*string
	SetSubnets(val *[]*string)
	Tags() awscdk.TagManager
	Taints() interface{}
	SetTaints(val interface{})
	UpdateConfig() interface{}
	SetUpdateConfig(val interface{})
	UpdatedProperites() *map[string]interface{}
	Version() *string
	SetVersion(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::EKS::Nodegroup`.

TODO: EXAMPLE

func NewCfnNodegroup

func NewCfnNodegroup(scope constructs.Construct, id *string, props *CfnNodegroupProps) CfnNodegroup

Create a new `AWS::EKS::Nodegroup`.

type CfnNodegroupProps

type CfnNodegroupProps struct {
	// `AWS::EKS::Nodegroup.AmiType`.
	AmiType *string `json:"amiType"`
	// `AWS::EKS::Nodegroup.CapacityType`.
	CapacityType *string `json:"capacityType"`
	// `AWS::EKS::Nodegroup.ClusterName`.
	ClusterName *string `json:"clusterName"`
	// `AWS::EKS::Nodegroup.DiskSize`.
	DiskSize *float64 `json:"diskSize"`
	// `AWS::EKS::Nodegroup.ForceUpdateEnabled`.
	ForceUpdateEnabled interface{} `json:"forceUpdateEnabled"`
	// `AWS::EKS::Nodegroup.InstanceTypes`.
	InstanceTypes *[]*string `json:"instanceTypes"`
	// `AWS::EKS::Nodegroup.Labels`.
	Labels interface{} `json:"labels"`
	// `AWS::EKS::Nodegroup.LaunchTemplate`.
	LaunchTemplate interface{} `json:"launchTemplate"`
	// `AWS::EKS::Nodegroup.NodegroupName`.
	NodegroupName *string `json:"nodegroupName"`
	// `AWS::EKS::Nodegroup.NodeRole`.
	NodeRole *string `json:"nodeRole"`
	// `AWS::EKS::Nodegroup.ReleaseVersion`.
	ReleaseVersion *string `json:"releaseVersion"`
	// `AWS::EKS::Nodegroup.RemoteAccess`.
	RemoteAccess interface{} `json:"remoteAccess"`
	// `AWS::EKS::Nodegroup.ScalingConfig`.
	ScalingConfig interface{} `json:"scalingConfig"`
	// `AWS::EKS::Nodegroup.Subnets`.
	Subnets *[]*string `json:"subnets"`
	// `AWS::EKS::Nodegroup.Tags`.
	Tags interface{} `json:"tags"`
	// `AWS::EKS::Nodegroup.Taints`.
	Taints interface{} `json:"taints"`
	// `AWS::EKS::Nodegroup.UpdateConfig`.
	UpdateConfig interface{} `json:"updateConfig"`
	// `AWS::EKS::Nodegroup.Version`.
	Version *string `json:"version"`
}

Properties for defining a `AWS::EKS::Nodegroup`.

TODO: EXAMPLE

type CfnNodegroup_LaunchTemplateSpecificationProperty

type CfnNodegroup_LaunchTemplateSpecificationProperty struct {
	// `CfnNodegroup.LaunchTemplateSpecificationProperty.Id`.
	Id *string `json:"id"`
	// `CfnNodegroup.LaunchTemplateSpecificationProperty.Name`.
	Name *string `json:"name"`
	// `CfnNodegroup.LaunchTemplateSpecificationProperty.Version`.
	Version *string `json:"version"`
}

TODO: EXAMPLE

type CfnNodegroup_RemoteAccessProperty

type CfnNodegroup_RemoteAccessProperty struct {
	// `CfnNodegroup.RemoteAccessProperty.Ec2SshKey`.
	Ec2SshKey *string `json:"ec2SshKey"`
	// `CfnNodegroup.RemoteAccessProperty.SourceSecurityGroups`.
	SourceSecurityGroups *[]*string `json:"sourceSecurityGroups"`
}

TODO: EXAMPLE

type CfnNodegroup_ScalingConfigProperty

type CfnNodegroup_ScalingConfigProperty struct {
	// `CfnNodegroup.ScalingConfigProperty.DesiredSize`.
	DesiredSize *float64 `json:"desiredSize"`
	// `CfnNodegroup.ScalingConfigProperty.MaxSize`.
	MaxSize *float64 `json:"maxSize"`
	// `CfnNodegroup.ScalingConfigProperty.MinSize`.
	MinSize *float64 `json:"minSize"`
}

TODO: EXAMPLE

type CfnNodegroup_TaintProperty

type CfnNodegroup_TaintProperty struct {
	// `CfnNodegroup.TaintProperty.Effect`.
	Effect *string `json:"effect"`
	// `CfnNodegroup.TaintProperty.Key`.
	Key *string `json:"key"`
	// `CfnNodegroup.TaintProperty.Value`.
	Value *string `json:"value"`
}

TODO: EXAMPLE

type CfnNodegroup_UpdateConfigProperty

type CfnNodegroup_UpdateConfigProperty struct {
	// `CfnNodegroup.UpdateConfigProperty.MaxUnavailable`.
	MaxUnavailable *float64 `json:"maxUnavailable"`
	// `CfnNodegroup.UpdateConfigProperty.MaxUnavailablePercentage`.
	MaxUnavailablePercentage *float64 `json:"maxUnavailablePercentage"`
}

TODO: EXAMPLE

type Cluster

type Cluster interface {
	awscdk.Resource
	ICluster
	AdminRole() awsiam.Role
	AlbController() AlbController
	AwsAuth() AwsAuth
	ClusterArn() *string
	ClusterCertificateAuthorityData() *string
	ClusterEncryptionConfigKeyArn() *string
	ClusterEndpoint() *string
	ClusterHandlerSecurityGroup() awsec2.ISecurityGroup
	ClusterName() *string
	ClusterOpenIdConnectIssuer() *string
	ClusterOpenIdConnectIssuerUrl() *string
	ClusterSecurityGroup() awsec2.ISecurityGroup
	ClusterSecurityGroupId() *string
	Connections() awsec2.Connections
	DefaultCapacity() awsautoscaling.AutoScalingGroup
	DefaultNodegroup() Nodegroup
	Env() *awscdk.ResourceEnvironment
	KubectlEnvironment() *map[string]*string
	KubectlLambdaRole() awsiam.IRole
	KubectlLayer() awslambda.ILayerVersion
	KubectlMemory() awscdk.Size
	KubectlPrivateSubnets() *[]awsec2.ISubnet
	KubectlRole() awsiam.IRole
	KubectlSecurityGroup() awsec2.ISecurityGroup
	Node() constructs.Node
	OnEventLayer() awslambda.ILayerVersion
	OpenIdConnectProvider() awsiam.IOpenIdConnectProvider
	PhysicalName() *string
	Prune() *bool
	Role() awsiam.IRole
	Stack() awscdk.Stack
	Vpc() awsec2.IVpc
	AddAutoScalingGroupCapacity(id *string, options *AutoScalingGroupCapacityOptions) awsautoscaling.AutoScalingGroup
	AddCdk8sChart(id *string, chart constructs.Construct, options *KubernetesManifestOptions) KubernetesManifest
	AddFargateProfile(id *string, options *FargateProfileOptions) FargateProfile
	AddHelmChart(id *string, options *HelmChartOptions) HelmChart
	AddManifest(id *string, manifest ...*map[string]interface{}) KubernetesManifest
	AddNodegroupCapacity(id *string, options *NodegroupOptions) Nodegroup
	AddServiceAccount(id *string, options *ServiceAccountOptions) ServiceAccount
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	ConnectAutoScalingGroupCapacity(autoScalingGroup awsautoscaling.AutoScalingGroup, options *AutoScalingGroupOptions)
	GeneratePhysicalName() *string
	GetIngressLoadBalancerAddress(ingressName *string, options *IngressLoadBalancerAddressOptions) *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	GetServiceLoadBalancerAddress(serviceName *string, options *ServiceLoadBalancerAddressOptions) *string
	ToString() *string
}

A Cluster represents a managed Kubernetes Service (EKS).

This is a fully managed cluster of API Servers (control-plane) The user is still required to create the worker nodes.

TODO: EXAMPLE

Experimental.

func NewCluster

func NewCluster(scope constructs.Construct, id *string, props *ClusterProps) Cluster

Initiates an EKS Cluster with the supplied arguments. Experimental.

type ClusterAttributes

type ClusterAttributes struct {
	// The certificate-authority-data for your cluster.
	// Experimental.
	ClusterCertificateAuthorityData *string `json:"clusterCertificateAuthorityData"`
	// Amazon Resource Name (ARN) or alias of the customer master key (CMK).
	// Experimental.
	ClusterEncryptionConfigKeyArn *string `json:"clusterEncryptionConfigKeyArn"`
	// The API Server endpoint URL.
	// Experimental.
	ClusterEndpoint *string `json:"clusterEndpoint"`
	// A security group id to associate with the Cluster Handler's Lambdas.
	//
	// The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.
	// Experimental.
	ClusterHandlerSecurityGroupId *string `json:"clusterHandlerSecurityGroupId"`
	// The physical name of the Cluster.
	// Experimental.
	ClusterName *string `json:"clusterName"`
	// The cluster security group that was created by Amazon EKS for the cluster.
	// Experimental.
	ClusterSecurityGroupId *string `json:"clusterSecurityGroupId"`
	// Environment variables to use when running `kubectl` against this cluster.
	// Experimental.
	KubectlEnvironment *map[string]*string `json:"kubectlEnvironment"`
	// An IAM role that can perform kubectl operations against this cluster.
	//
	// The role should be mapped to the `system:masters` Kubernetes RBAC role.
	//
	// This role is directly passed to the lambda handler that sends Kube Ctl commands
	// to the cluster.
	// Experimental.
	KubectlLambdaRole awsiam.IRole `json:"kubectlLambdaRole"`
	// An AWS Lambda Layer which includes `kubectl`, Helm and the AWS CLI.
	//
	// This layer
	// is used by the kubectl handler to apply manifests and install helm charts.
	//
	// The handler expects the layer to include the following executables:
	//
	//     helm/helm
	//     kubectl/kubectl
	//     awscli/aws
	// Experimental.
	KubectlLayer awslambda.ILayerVersion `json:"kubectlLayer"`
	// Amount of memory to allocate to the provider's lambda function.
	// Experimental.
	KubectlMemory awscdk.Size `json:"kubectlMemory"`
	// Subnets to host the `kubectl` compute resources.
	//
	// If not specified, the k8s
	// endpoint is expected to be accessible publicly.
	// Experimental.
	KubectlPrivateSubnetIds *[]*string `json:"kubectlPrivateSubnetIds"`
	// An IAM role with cluster administrator and "system:masters" permissions.
	// Experimental.
	KubectlRoleArn *string `json:"kubectlRoleArn"`
	// A security group to use for `kubectl` execution.
	//
	// If not specified, the k8s
	// endpoint is expected to be accessible publicly.
	// Experimental.
	KubectlSecurityGroupId *string `json:"kubectlSecurityGroupId"`
	// An AWS Lambda Layer which includes the NPM dependency `proxy-agent`.
	//
	// This layer
	// is used by the onEvent handler to route AWS SDK requests through a proxy.
	//
	// The handler expects the layer to include the following node_modules:
	//
	//     proxy-agent
	// Experimental.
	OnEventLayer awslambda.ILayerVersion `json:"onEventLayer"`
	// An Open ID Connect provider for this cluster that can be used to configure service accounts.
	//
	// You can either import an existing provider using `iam.OpenIdConnectProvider.fromProviderArn`,
	// or create a new provider using `new eks.OpenIdConnectProvider`
	// Experimental.
	OpenIdConnectProvider awsiam.IOpenIdConnectProvider `json:"openIdConnectProvider"`
	// Indicates whether Kubernetes resources added through `addManifest()` can be automatically pruned.
	//
	// When this is enabled (default), prune labels will be
	// allocated and injected to each resource. These labels will then be used
	// when issuing the `kubectl apply` operation with the `--prune` switch.
	// Experimental.
	Prune *bool `json:"prune"`
	// Additional security groups associated with this cluster.
	// Experimental.
	SecurityGroupIds *[]*string `json:"securityGroupIds"`
	// The VPC in which this Cluster was created.
	// Experimental.
	Vpc awsec2.IVpc `json:"vpc"`
}

Attributes for EKS clusters.

TODO: EXAMPLE

Experimental.

type ClusterOptions

type ClusterOptions struct {
	// Name for the cluster.
	// Experimental.
	ClusterName *string `json:"clusterName"`
	// Determines whether a CloudFormation output with the name of the cluster will be synthesized.
	// Experimental.
	OutputClusterName *bool `json:"outputClusterName"`
	// Determines whether a CloudFormation output with the `aws eks update-kubeconfig` command will be synthesized.
	//
	// This command will include
	// the cluster name and, if applicable, the ARN of the masters IAM role.
	// Experimental.
	OutputConfigCommand *bool `json:"outputConfigCommand"`
	// Role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
	// Experimental.
	Role awsiam.IRole `json:"role"`
	// Security Group to use for Control Plane ENIs.
	// Experimental.
	SecurityGroup awsec2.ISecurityGroup `json:"securityGroup"`
	// The Kubernetes version to run in the cluster.
	// Experimental.
	Version KubernetesVersion `json:"version"`
	// The VPC in which to create the Cluster.
	// Experimental.
	Vpc awsec2.IVpc `json:"vpc"`
	// Where to place EKS Control Plane ENIs.
	//
	// If you want to create public load balancers, this must include public subnets.
	//
	// For example, to only select private subnets, supply the following:
	//
	// `vpcSubnets: [{ subnetType: ec2.SubnetType.PRIVATE }]`
	// Experimental.
	VpcSubnets *[]*awsec2.SubnetSelection `json:"vpcSubnets"`
	// Install the AWS Load Balancer Controller onto the cluster.
	// See: https://kubernetes-sigs.github.io/aws-load-balancer-controller
	//
	// Experimental.
	AlbController *AlbControllerOptions `json:"albController"`
	// Custom environment variables when interacting with the EKS endpoint to manage the cluster lifecycle.
	// Experimental.
	ClusterHandlerEnvironment *map[string]*string `json:"clusterHandlerEnvironment"`
	// A security group to associate with the Cluster Handler's Lambdas.
	//
	// The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.
	//
	// Requires `placeClusterHandlerInVpc` to be set to true.
	// Experimental.
	ClusterHandlerSecurityGroup awsec2.ISecurityGroup `json:"clusterHandlerSecurityGroup"`
	// Controls the "eks.amazonaws.com/compute-type" annotation in the CoreDNS configuration on your cluster to determine which compute type to use for CoreDNS.
	// Experimental.
	CoreDnsComputeType CoreDnsComputeType `json:"coreDnsComputeType"`
	// Configure access to the Kubernetes API server endpoint..
	// See: https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html
	//
	// Experimental.
	EndpointAccess EndpointAccess `json:"endpointAccess"`
	// Environment variables for the kubectl execution.
	//
	// Only relevant for kubectl enabled clusters.
	// Experimental.
	KubectlEnvironment *map[string]*string `json:"kubectlEnvironment"`
	// An AWS Lambda Layer which includes `kubectl`, Helm and the AWS CLI.
	//
	// By default, the provider will use the layer included in the
	// "aws-lambda-layer-kubectl" SAR application which is available in all
	// commercial regions.
	//
	// To deploy the layer locally, visit
	// https://github.com/aws-samples/aws-lambda-layer-kubectl/blob/master/cdk/README.md
	// for instructions on how to prepare the .zip file and then define it in your
	// app as follows:
	//
	// “`ts
	// const layer = new lambda.LayerVersion(this, 'kubectl-layer', {
	//    code: lambda.Code.fromAsset(`${__dirname}/layer.zip`),
	//    compatibleRuntimes: [lambda.Runtime.PROVIDED],
	// });
	// “`
	// See: https://github.com/aws-samples/aws-lambda-layer-kubectl
	//
	// Experimental.
	KubectlLayer awslambda.ILayerVersion `json:"kubectlLayer"`
	// Amount of memory to allocate to the provider's lambda function.
	// Experimental.
	KubectlMemory awscdk.Size `json:"kubectlMemory"`
	// An IAM role that will be added to the `system:masters` Kubernetes RBAC group.
	// See: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#default-roles-and-role-bindings
	//
	// Experimental.
	MastersRole awsiam.IRole `json:"mastersRole"`
	// An AWS Lambda Layer which includes the NPM dependency `proxy-agent`.
	//
	// This layer
	// is used by the onEvent handler to route AWS SDK requests through a proxy.
	//
	// By default, the provider will use the layer included in the
	// "aws-lambda-layer-node-proxy-agent" SAR application which is available in all
	// commercial regions.
	//
	// To deploy the layer locally define it in your app as follows:
	//
	// “`ts
	// const layer = new lambda.LayerVersion(this, 'proxy-agent-layer', {
	//    code: lambda.Code.fromAsset(`${__dirname}/layer.zip`),
	//    compatibleRuntimes: [lambda.Runtime.NODEJS_12_X],
	// });
	// “`
	// Experimental.
	OnEventLayer awslambda.ILayerVersion `json:"onEventLayer"`
	// Determines whether a CloudFormation output with the ARN of the "masters" IAM role will be synthesized (if `mastersRole` is specified).
	// Experimental.
	OutputMastersRoleArn *bool `json:"outputMastersRoleArn"`
	// If set to true, the cluster handler functions will be placed in the private subnets of the cluster vpc, subject to the `vpcSubnets` selection strategy.
	// Experimental.
	PlaceClusterHandlerInVpc *bool `json:"placeClusterHandlerInVpc"`
	// Indicates whether Kubernetes resources added through `addManifest()` can be automatically pruned.
	//
	// When this is enabled (default), prune labels will be
	// allocated and injected to each resource. These labels will then be used
	// when issuing the `kubectl apply` operation with the `--prune` switch.
	// Experimental.
	Prune *bool `json:"prune"`
	// KMS secret for envelope encryption for Kubernetes secrets.
	// Experimental.
	SecretsEncryptionKey awskms.IKey `json:"secretsEncryptionKey"`
	// The CIDR block to assign Kubernetes service IP addresses from.
	// See: https://docs.aws.amazon.com/eks/latest/APIReference/API_KubernetesNetworkConfigRequest.html#AmazonEKS-Type-KubernetesNetworkConfigRequest-serviceIpv4Cidr
	//
	// Experimental.
	ServiceIpv4Cidr *string `json:"serviceIpv4Cidr"`
}

Options for EKS clusters.

TODO: EXAMPLE

Experimental.

type ClusterProps

type ClusterProps struct {
	// Name for the cluster.
	// Experimental.
	ClusterName *string `json:"clusterName"`
	// Determines whether a CloudFormation output with the name of the cluster will be synthesized.
	// Experimental.
	OutputClusterName *bool `json:"outputClusterName"`
	// Determines whether a CloudFormation output with the `aws eks update-kubeconfig` command will be synthesized.
	//
	// This command will include
	// the cluster name and, if applicable, the ARN of the masters IAM role.
	// Experimental.
	OutputConfigCommand *bool `json:"outputConfigCommand"`
	// Role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
	// Experimental.
	Role awsiam.IRole `json:"role"`
	// Security Group to use for Control Plane ENIs.
	// Experimental.
	SecurityGroup awsec2.ISecurityGroup `json:"securityGroup"`
	// The Kubernetes version to run in the cluster.
	// Experimental.
	Version KubernetesVersion `json:"version"`
	// The VPC in which to create the Cluster.
	// Experimental.
	Vpc awsec2.IVpc `json:"vpc"`
	// Where to place EKS Control Plane ENIs.
	//
	// If you want to create public load balancers, this must include public subnets.
	//
	// For example, to only select private subnets, supply the following:
	//
	// `vpcSubnets: [{ subnetType: ec2.SubnetType.PRIVATE }]`
	// Experimental.
	VpcSubnets *[]*awsec2.SubnetSelection `json:"vpcSubnets"`
	// Install the AWS Load Balancer Controller onto the cluster.
	// See: https://kubernetes-sigs.github.io/aws-load-balancer-controller
	//
	// Experimental.
	AlbController *AlbControllerOptions `json:"albController"`
	// Custom environment variables when interacting with the EKS endpoint to manage the cluster lifecycle.
	// Experimental.
	ClusterHandlerEnvironment *map[string]*string `json:"clusterHandlerEnvironment"`
	// A security group to associate with the Cluster Handler's Lambdas.
	//
	// The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.
	//
	// Requires `placeClusterHandlerInVpc` to be set to true.
	// Experimental.
	ClusterHandlerSecurityGroup awsec2.ISecurityGroup `json:"clusterHandlerSecurityGroup"`
	// Controls the "eks.amazonaws.com/compute-type" annotation in the CoreDNS configuration on your cluster to determine which compute type to use for CoreDNS.
	// Experimental.
	CoreDnsComputeType CoreDnsComputeType `json:"coreDnsComputeType"`
	// Configure access to the Kubernetes API server endpoint..
	// See: https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html
	//
	// Experimental.
	EndpointAccess EndpointAccess `json:"endpointAccess"`
	// Environment variables for the kubectl execution.
	//
	// Only relevant for kubectl enabled clusters.
	// Experimental.
	KubectlEnvironment *map[string]*string `json:"kubectlEnvironment"`
	// An AWS Lambda Layer which includes `kubectl`, Helm and the AWS CLI.
	//
	// By default, the provider will use the layer included in the
	// "aws-lambda-layer-kubectl" SAR application which is available in all
	// commercial regions.
	//
	// To deploy the layer locally, visit
	// https://github.com/aws-samples/aws-lambda-layer-kubectl/blob/master/cdk/README.md
	// for instructions on how to prepare the .zip file and then define it in your
	// app as follows:
	//
	// “`ts
	// const layer = new lambda.LayerVersion(this, 'kubectl-layer', {
	//    code: lambda.Code.fromAsset(`${__dirname}/layer.zip`),
	//    compatibleRuntimes: [lambda.Runtime.PROVIDED],
	// });
	// “`
	// See: https://github.com/aws-samples/aws-lambda-layer-kubectl
	//
	// Experimental.
	KubectlLayer awslambda.ILayerVersion `json:"kubectlLayer"`
	// Amount of memory to allocate to the provider's lambda function.
	// Experimental.
	KubectlMemory awscdk.Size `json:"kubectlMemory"`
	// An IAM role that will be added to the `system:masters` Kubernetes RBAC group.
	// See: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#default-roles-and-role-bindings
	//
	// Experimental.
	MastersRole awsiam.IRole `json:"mastersRole"`
	// An AWS Lambda Layer which includes the NPM dependency `proxy-agent`.
	//
	// This layer
	// is used by the onEvent handler to route AWS SDK requests through a proxy.
	//
	// By default, the provider will use the layer included in the
	// "aws-lambda-layer-node-proxy-agent" SAR application which is available in all
	// commercial regions.
	//
	// To deploy the layer locally define it in your app as follows:
	//
	// “`ts
	// const layer = new lambda.LayerVersion(this, 'proxy-agent-layer', {
	//    code: lambda.Code.fromAsset(`${__dirname}/layer.zip`),
	//    compatibleRuntimes: [lambda.Runtime.NODEJS_12_X],
	// });
	// “`
	// Experimental.
	OnEventLayer awslambda.ILayerVersion `json:"onEventLayer"`
	// Determines whether a CloudFormation output with the ARN of the "masters" IAM role will be synthesized (if `mastersRole` is specified).
	// Experimental.
	OutputMastersRoleArn *bool `json:"outputMastersRoleArn"`
	// If set to true, the cluster handler functions will be placed in the private subnets of the cluster vpc, subject to the `vpcSubnets` selection strategy.
	// Experimental.
	PlaceClusterHandlerInVpc *bool `json:"placeClusterHandlerInVpc"`
	// Indicates whether Kubernetes resources added through `addManifest()` can be automatically pruned.
	//
	// When this is enabled (default), prune labels will be
	// allocated and injected to each resource. These labels will then be used
	// when issuing the `kubectl apply` operation with the `--prune` switch.
	// Experimental.
	Prune *bool `json:"prune"`
	// KMS secret for envelope encryption for Kubernetes secrets.
	// Experimental.
	SecretsEncryptionKey awskms.IKey `json:"secretsEncryptionKey"`
	// The CIDR block to assign Kubernetes service IP addresses from.
	// See: https://docs.aws.amazon.com/eks/latest/APIReference/API_KubernetesNetworkConfigRequest.html#AmazonEKS-Type-KubernetesNetworkConfigRequest-serviceIpv4Cidr
	//
	// Experimental.
	ServiceIpv4Cidr *string `json:"serviceIpv4Cidr"`
	// Number of instances to allocate as an initial capacity for this cluster.
	//
	// Instance type can be configured through `defaultCapacityInstanceType`,
	// which defaults to `m5.large`.
	//
	// Use `cluster.addAutoScalingGroupCapacity` to add additional customized capacity. Set this
	// to `0` is you wish to avoid the initial capacity allocation.
	// Experimental.
	DefaultCapacity *float64 `json:"defaultCapacity"`
	// The instance type to use for the default capacity.
	//
	// This will only be taken
	// into account if `defaultCapacity` is > 0.
	// Experimental.
	DefaultCapacityInstance awsec2.InstanceType `json:"defaultCapacityInstance"`
	// The default capacity type for the cluster.
	// Experimental.
	DefaultCapacityType DefaultCapacityType `json:"defaultCapacityType"`
	// The IAM role to pass to the Kubectl Lambda Handler.
	// Experimental.
	KubectlLambdaRole awsiam.IRole `json:"kubectlLambdaRole"`
}

Common configuration props for EKS clusters.

TODO: EXAMPLE

Experimental.

type CommonClusterOptions

type CommonClusterOptions struct {
	// Name for the cluster.
	// Experimental.
	ClusterName *string `json:"clusterName"`
	// Determines whether a CloudFormation output with the name of the cluster will be synthesized.
	// Experimental.
	OutputClusterName *bool `json:"outputClusterName"`
	// Determines whether a CloudFormation output with the `aws eks update-kubeconfig` command will be synthesized.
	//
	// This command will include
	// the cluster name and, if applicable, the ARN of the masters IAM role.
	// Experimental.
	OutputConfigCommand *bool `json:"outputConfigCommand"`
	// Role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
	// Experimental.
	Role awsiam.IRole `json:"role"`
	// Security Group to use for Control Plane ENIs.
	// Experimental.
	SecurityGroup awsec2.ISecurityGroup `json:"securityGroup"`
	// The Kubernetes version to run in the cluster.
	// Experimental.
	Version KubernetesVersion `json:"version"`
	// The VPC in which to create the Cluster.
	// Experimental.
	Vpc awsec2.IVpc `json:"vpc"`
	// Where to place EKS Control Plane ENIs.
	//
	// If you want to create public load balancers, this must include public subnets.
	//
	// For example, to only select private subnets, supply the following:
	//
	// `vpcSubnets: [{ subnetType: ec2.SubnetType.PRIVATE }]`
	// Experimental.
	VpcSubnets *[]*awsec2.SubnetSelection `json:"vpcSubnets"`
}

Options for configuring an EKS cluster.

TODO: EXAMPLE

Experimental.

type CoreDnsComputeType

type CoreDnsComputeType string

The type of compute resources to use for CoreDNS. Experimental.

const (
	CoreDnsComputeType_EC2     CoreDnsComputeType = "EC2"
	CoreDnsComputeType_FARGATE CoreDnsComputeType = "FARGATE"
)

type CpuArch

type CpuArch string

CPU architecture. Experimental.

const (
	CpuArch_ARM_64 CpuArch = "ARM_64"
	CpuArch_X86_64 CpuArch = "X86_64"
)

type DefaultCapacityType

type DefaultCapacityType string

The default capacity type for the cluster.

TODO: EXAMPLE

Experimental.

const (
	DefaultCapacityType_EC2       DefaultCapacityType = "EC2"
	DefaultCapacityType_NODEGROUP DefaultCapacityType = "NODEGROUP"
)

type EksOptimizedImage

type EksOptimizedImage interface {
	awsec2.IMachineImage
	GetImage(scope constructs.Construct) *awsec2.MachineImageConfig
}

Construct an Amazon Linux 2 image from the latest EKS Optimized AMI published in SSM.

TODO: EXAMPLE

Experimental.

func NewEksOptimizedImage

func NewEksOptimizedImage(props *EksOptimizedImageProps) EksOptimizedImage

Constructs a new instance of the EcsOptimizedAmi class. Experimental.

type EksOptimizedImageProps

type EksOptimizedImageProps struct {
	// What cpu architecture to retrieve the image for (arm64 or x86_64).
	// Experimental.
	CpuArch CpuArch `json:"cpuArch"`
	// The Kubernetes version to use.
	// Experimental.
	KubernetesVersion *string `json:"kubernetesVersion"`
	// What instance type to retrieve the image for (standard or GPU-optimized).
	// Experimental.
	NodeType NodeType `json:"nodeType"`
}

Properties for EksOptimizedImage.

TODO: EXAMPLE

Experimental.

type EndpointAccess

type EndpointAccess interface {
	OnlyFrom(cidr ...*string) EndpointAccess
}

Endpoint access characteristics.

TODO: EXAMPLE

Experimental.

func EndpointAccess_PRIVATE

func EndpointAccess_PRIVATE() EndpointAccess

func EndpointAccess_PUBLIC

func EndpointAccess_PUBLIC() EndpointAccess

func EndpointAccess_PUBLIC_AND_PRIVATE

func EndpointAccess_PUBLIC_AND_PRIVATE() EndpointAccess

type FargateCluster

type FargateCluster interface {
	Cluster
	AdminRole() awsiam.Role
	AlbController() AlbController
	AwsAuth() AwsAuth
	ClusterArn() *string
	ClusterCertificateAuthorityData() *string
	ClusterEncryptionConfigKeyArn() *string
	ClusterEndpoint() *string
	ClusterHandlerSecurityGroup() awsec2.ISecurityGroup
	ClusterName() *string
	ClusterOpenIdConnectIssuer() *string
	ClusterOpenIdConnectIssuerUrl() *string
	ClusterSecurityGroup() awsec2.ISecurityGroup
	ClusterSecurityGroupId() *string
	Connections() awsec2.Connections
	DefaultCapacity() awsautoscaling.AutoScalingGroup
	DefaultNodegroup() Nodegroup
	DefaultProfile() FargateProfile
	Env() *awscdk.ResourceEnvironment
	KubectlEnvironment() *map[string]*string
	KubectlLambdaRole() awsiam.IRole
	KubectlLayer() awslambda.ILayerVersion
	KubectlMemory() awscdk.Size
	KubectlPrivateSubnets() *[]awsec2.ISubnet
	KubectlRole() awsiam.IRole
	KubectlSecurityGroup() awsec2.ISecurityGroup
	Node() constructs.Node
	OnEventLayer() awslambda.ILayerVersion
	OpenIdConnectProvider() awsiam.IOpenIdConnectProvider
	PhysicalName() *string
	Prune() *bool
	Role() awsiam.IRole
	Stack() awscdk.Stack
	Vpc() awsec2.IVpc
	AddAutoScalingGroupCapacity(id *string, options *AutoScalingGroupCapacityOptions) awsautoscaling.AutoScalingGroup
	AddCdk8sChart(id *string, chart constructs.Construct, options *KubernetesManifestOptions) KubernetesManifest
	AddFargateProfile(id *string, options *FargateProfileOptions) FargateProfile
	AddHelmChart(id *string, options *HelmChartOptions) HelmChart
	AddManifest(id *string, manifest ...*map[string]interface{}) KubernetesManifest
	AddNodegroupCapacity(id *string, options *NodegroupOptions) Nodegroup
	AddServiceAccount(id *string, options *ServiceAccountOptions) ServiceAccount
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	ConnectAutoScalingGroupCapacity(autoScalingGroup awsautoscaling.AutoScalingGroup, options *AutoScalingGroupOptions)
	GeneratePhysicalName() *string
	GetIngressLoadBalancerAddress(ingressName *string, options *IngressLoadBalancerAddressOptions) *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	GetServiceLoadBalancerAddress(serviceName *string, options *ServiceLoadBalancerAddressOptions) *string
	ToString() *string
}

Defines an EKS cluster that runs entirely on AWS Fargate.

The cluster is created with a default Fargate Profile that matches the "default" and "kube-system" namespaces. You can add additional profiles using `addFargateProfile`.

TODO: EXAMPLE

Experimental.

func NewFargateCluster

func NewFargateCluster(scope constructs.Construct, id *string, props *FargateClusterProps) FargateCluster

Experimental.

type FargateClusterProps

type FargateClusterProps struct {
	// Name for the cluster.
	// Experimental.
	ClusterName *string `json:"clusterName"`
	// Determines whether a CloudFormation output with the name of the cluster will be synthesized.
	// Experimental.
	OutputClusterName *bool `json:"outputClusterName"`
	// Determines whether a CloudFormation output with the `aws eks update-kubeconfig` command will be synthesized.
	//
	// This command will include
	// the cluster name and, if applicable, the ARN of the masters IAM role.
	// Experimental.
	OutputConfigCommand *bool `json:"outputConfigCommand"`
	// Role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
	// Experimental.
	Role awsiam.IRole `json:"role"`
	// Security Group to use for Control Plane ENIs.
	// Experimental.
	SecurityGroup awsec2.ISecurityGroup `json:"securityGroup"`
	// The Kubernetes version to run in the cluster.
	// Experimental.
	Version KubernetesVersion `json:"version"`
	// The VPC in which to create the Cluster.
	// Experimental.
	Vpc awsec2.IVpc `json:"vpc"`
	// Where to place EKS Control Plane ENIs.
	//
	// If you want to create public load balancers, this must include public subnets.
	//
	// For example, to only select private subnets, supply the following:
	//
	// `vpcSubnets: [{ subnetType: ec2.SubnetType.PRIVATE }]`
	// Experimental.
	VpcSubnets *[]*awsec2.SubnetSelection `json:"vpcSubnets"`
	// Install the AWS Load Balancer Controller onto the cluster.
	// See: https://kubernetes-sigs.github.io/aws-load-balancer-controller
	//
	// Experimental.
	AlbController *AlbControllerOptions `json:"albController"`
	// Custom environment variables when interacting with the EKS endpoint to manage the cluster lifecycle.
	// Experimental.
	ClusterHandlerEnvironment *map[string]*string `json:"clusterHandlerEnvironment"`
	// A security group to associate with the Cluster Handler's Lambdas.
	//
	// The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.
	//
	// Requires `placeClusterHandlerInVpc` to be set to true.
	// Experimental.
	ClusterHandlerSecurityGroup awsec2.ISecurityGroup `json:"clusterHandlerSecurityGroup"`
	// Controls the "eks.amazonaws.com/compute-type" annotation in the CoreDNS configuration on your cluster to determine which compute type to use for CoreDNS.
	// Experimental.
	CoreDnsComputeType CoreDnsComputeType `json:"coreDnsComputeType"`
	// Configure access to the Kubernetes API server endpoint..
	// See: https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html
	//
	// Experimental.
	EndpointAccess EndpointAccess `json:"endpointAccess"`
	// Environment variables for the kubectl execution.
	//
	// Only relevant for kubectl enabled clusters.
	// Experimental.
	KubectlEnvironment *map[string]*string `json:"kubectlEnvironment"`
	// An AWS Lambda Layer which includes `kubectl`, Helm and the AWS CLI.
	//
	// By default, the provider will use the layer included in the
	// "aws-lambda-layer-kubectl" SAR application which is available in all
	// commercial regions.
	//
	// To deploy the layer locally, visit
	// https://github.com/aws-samples/aws-lambda-layer-kubectl/blob/master/cdk/README.md
	// for instructions on how to prepare the .zip file and then define it in your
	// app as follows:
	//
	// “`ts
	// const layer = new lambda.LayerVersion(this, 'kubectl-layer', {
	//    code: lambda.Code.fromAsset(`${__dirname}/layer.zip`),
	//    compatibleRuntimes: [lambda.Runtime.PROVIDED],
	// });
	// “`
	// See: https://github.com/aws-samples/aws-lambda-layer-kubectl
	//
	// Experimental.
	KubectlLayer awslambda.ILayerVersion `json:"kubectlLayer"`
	// Amount of memory to allocate to the provider's lambda function.
	// Experimental.
	KubectlMemory awscdk.Size `json:"kubectlMemory"`
	// An IAM role that will be added to the `system:masters` Kubernetes RBAC group.
	// See: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#default-roles-and-role-bindings
	//
	// Experimental.
	MastersRole awsiam.IRole `json:"mastersRole"`
	// An AWS Lambda Layer which includes the NPM dependency `proxy-agent`.
	//
	// This layer
	// is used by the onEvent handler to route AWS SDK requests through a proxy.
	//
	// By default, the provider will use the layer included in the
	// "aws-lambda-layer-node-proxy-agent" SAR application which is available in all
	// commercial regions.
	//
	// To deploy the layer locally define it in your app as follows:
	//
	// “`ts
	// const layer = new lambda.LayerVersion(this, 'proxy-agent-layer', {
	//    code: lambda.Code.fromAsset(`${__dirname}/layer.zip`),
	//    compatibleRuntimes: [lambda.Runtime.NODEJS_12_X],
	// });
	// “`
	// Experimental.
	OnEventLayer awslambda.ILayerVersion `json:"onEventLayer"`
	// Determines whether a CloudFormation output with the ARN of the "masters" IAM role will be synthesized (if `mastersRole` is specified).
	// Experimental.
	OutputMastersRoleArn *bool `json:"outputMastersRoleArn"`
	// If set to true, the cluster handler functions will be placed in the private subnets of the cluster vpc, subject to the `vpcSubnets` selection strategy.
	// Experimental.
	PlaceClusterHandlerInVpc *bool `json:"placeClusterHandlerInVpc"`
	// Indicates whether Kubernetes resources added through `addManifest()` can be automatically pruned.
	//
	// When this is enabled (default), prune labels will be
	// allocated and injected to each resource. These labels will then be used
	// when issuing the `kubectl apply` operation with the `--prune` switch.
	// Experimental.
	Prune *bool `json:"prune"`
	// KMS secret for envelope encryption for Kubernetes secrets.
	// Experimental.
	SecretsEncryptionKey awskms.IKey `json:"secretsEncryptionKey"`
	// The CIDR block to assign Kubernetes service IP addresses from.
	// See: https://docs.aws.amazon.com/eks/latest/APIReference/API_KubernetesNetworkConfigRequest.html#AmazonEKS-Type-KubernetesNetworkConfigRequest-serviceIpv4Cidr
	//
	// Experimental.
	ServiceIpv4Cidr *string `json:"serviceIpv4Cidr"`
	// Fargate Profile to create along with the cluster.
	// Experimental.
	DefaultProfile *FargateProfileOptions `json:"defaultProfile"`
}

Configuration props for EKS Fargate.

TODO: EXAMPLE

Experimental.

type FargateProfile

type FargateProfile interface {
	constructs.Construct
	awscdk.ITaggable
	FargateProfileArn() *string
	FargateProfileName() *string
	Node() constructs.Node
	PodExecutionRole() awsiam.IRole
	Tags() awscdk.TagManager
	ToString() *string
}

Fargate profiles allows an administrator to declare which pods run on Fargate.

This declaration is done through the profile’s selectors. Each profile can have up to five selectors that contain a namespace and optional labels. You must define a namespace for every selector. The label field consists of multiple optional key-value pairs. Pods that match a selector (by matching a namespace for the selector and all of the labels specified in the selector) are scheduled on Fargate. If a namespace selector is defined without any labels, Amazon EKS will attempt to schedule all pods that run in that namespace onto Fargate using the profile. If a to-be-scheduled pod matches any of the selectors in the Fargate profile, then that pod is scheduled on Fargate.

If a pod matches multiple Fargate profiles, Amazon EKS picks one of the matches at random. In this case, you can specify which profile a pod should use by adding the following Kubernetes label to the pod specification: eks.amazonaws.com/fargate-profile: profile_name. However, the pod must still match a selector in that profile in order to be scheduled onto Fargate.

TODO: EXAMPLE

Experimental.

func NewFargateProfile

func NewFargateProfile(scope constructs.Construct, id *string, props *FargateProfileProps) FargateProfile

Experimental.

type FargateProfileOptions

type FargateProfileOptions struct {
	// The name of the Fargate profile.
	// Experimental.
	FargateProfileName *string `json:"fargateProfileName"`
	// The pod execution role to use for pods that match the selectors in the Fargate profile.
	//
	// The pod execution role allows Fargate infrastructure to
	// register with your cluster as a node, and it provides read access to Amazon
	// ECR image repositories.
	// See: https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html
	//
	// Experimental.
	PodExecutionRole awsiam.IRole `json:"podExecutionRole"`
	// The selectors to match for pods to use this Fargate profile.
	//
	// Each selector
	// must have an associated namespace. Optionally, you can also specify labels
	// for a namespace.
	//
	// At least one selector is required and you may specify up to five selectors.
	// Experimental.
	Selectors *[]*Selector `json:"selectors"`
	// Select which subnets to launch your pods into.
	//
	// At this time, pods running
	// on Fargate are not assigned public IP addresses, so only private subnets
	// (with no direct route to an Internet Gateway) are allowed.
	//
	// You must specify the VPC to customize the subnet selection
	// Experimental.
	SubnetSelection *awsec2.SubnetSelection `json:"subnetSelection"`
	// The VPC from which to select subnets to launch your pods into.
	//
	// By default, all private subnets are selected. You can customize this using
	// `subnetSelection`.
	// Experimental.
	Vpc awsec2.IVpc `json:"vpc"`
}

Options for defining EKS Fargate Profiles.

TODO: EXAMPLE

Experimental.

type FargateProfileProps

type FargateProfileProps struct {
	// The name of the Fargate profile.
	// Experimental.
	FargateProfileName *string `json:"fargateProfileName"`
	// The pod execution role to use for pods that match the selectors in the Fargate profile.
	//
	// The pod execution role allows Fargate infrastructure to
	// register with your cluster as a node, and it provides read access to Amazon
	// ECR image repositories.
	// See: https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html
	//
	// Experimental.
	PodExecutionRole awsiam.IRole `json:"podExecutionRole"`
	// The selectors to match for pods to use this Fargate profile.
	//
	// Each selector
	// must have an associated namespace. Optionally, you can also specify labels
	// for a namespace.
	//
	// At least one selector is required and you may specify up to five selectors.
	// Experimental.
	Selectors *[]*Selector `json:"selectors"`
	// Select which subnets to launch your pods into.
	//
	// At this time, pods running
	// on Fargate are not assigned public IP addresses, so only private subnets
	// (with no direct route to an Internet Gateway) are allowed.
	//
	// You must specify the VPC to customize the subnet selection
	// Experimental.
	SubnetSelection *awsec2.SubnetSelection `json:"subnetSelection"`
	// The VPC from which to select subnets to launch your pods into.
	//
	// By default, all private subnets are selected. You can customize this using
	// `subnetSelection`.
	// Experimental.
	Vpc awsec2.IVpc `json:"vpc"`
	// The EKS cluster to apply the Fargate profile to.
	//
	// [disable-awslint:ref-via-interface]
	// Experimental.
	Cluster Cluster `json:"cluster"`
}

Configuration props for EKS Fargate Profiles.

TODO: EXAMPLE

Experimental.

type HelmChart

type HelmChart interface {
	constructs.Construct
	Node() constructs.Node
	ToString() *string
}

Represents a helm chart within the Kubernetes system.

Applies/deletes the resources using `kubectl` in sync with the resource.

TODO: EXAMPLE

Experimental.

func NewHelmChart

func NewHelmChart(scope constructs.Construct, id *string, props *HelmChartProps) HelmChart

Experimental.

type HelmChartOptions

type HelmChartOptions struct {
	// The name of the chart.
	// Experimental.
	Chart *string `json:"chart"`
	// create namespace if not exist.
	// Experimental.
	CreateNamespace *bool `json:"createNamespace"`
	// The Kubernetes namespace scope of the requests.
	// Experimental.
	Namespace *string `json:"namespace"`
	// The name of the release.
	// Experimental.
	Release *string `json:"release"`
	// The repository which contains the chart.
	//
	// For example: https://kubernetes-charts.storage.googleapis.com/
	// Experimental.
	Repository *string `json:"repository"`
	// Amount of time to wait for any individual Kubernetes operation.
	//
	// Maximum 15 minutes.
	// Experimental.
	Timeout awscdk.Duration `json:"timeout"`
	// The values to be used by the chart.
	// Experimental.
	Values *map[string]interface{} `json:"values"`
	// The chart version to install.
	// Experimental.
	Version *string `json:"version"`
	// Whether or not Helm should wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment, StatefulSet, or ReplicaSet are in a ready state before marking the release as successful.
	// Experimental.
	Wait *bool `json:"wait"`
}

Helm Chart options.

TODO: EXAMPLE

Experimental.

type HelmChartProps

type HelmChartProps struct {
	// The name of the chart.
	// Experimental.
	Chart *string `json:"chart"`
	// create namespace if not exist.
	// Experimental.
	CreateNamespace *bool `json:"createNamespace"`
	// The Kubernetes namespace scope of the requests.
	// Experimental.
	Namespace *string `json:"namespace"`
	// The name of the release.
	// Experimental.
	Release *string `json:"release"`
	// The repository which contains the chart.
	//
	// For example: https://kubernetes-charts.storage.googleapis.com/
	// Experimental.
	Repository *string `json:"repository"`
	// Amount of time to wait for any individual Kubernetes operation.
	//
	// Maximum 15 minutes.
	// Experimental.
	Timeout awscdk.Duration `json:"timeout"`
	// The values to be used by the chart.
	// Experimental.
	Values *map[string]interface{} `json:"values"`
	// The chart version to install.
	// Experimental.
	Version *string `json:"version"`
	// Whether or not Helm should wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment, StatefulSet, or ReplicaSet are in a ready state before marking the release as successful.
	// Experimental.
	Wait *bool `json:"wait"`
	// The EKS cluster to apply this configuration to.
	//
	// [disable-awslint:ref-via-interface]
	// Experimental.
	Cluster ICluster `json:"cluster"`
}

Helm Chart properties.

TODO: EXAMPLE

Experimental.

type ICluster

type ICluster interface {
	awsec2.IConnectable
	awscdk.IResource
	// Defines a CDK8s chart in this cluster.
	//
	// Returns: a `KubernetesManifest` construct representing the chart.
	// Experimental.
	AddCdk8sChart(id *string, chart constructs.Construct, options *KubernetesManifestOptions) KubernetesManifest
	// Defines a Helm chart in this cluster.
	//
	// Returns: a `HelmChart` construct
	// Experimental.
	AddHelmChart(id *string, options *HelmChartOptions) HelmChart
	// Defines a Kubernetes resource in this cluster.
	//
	// The manifest will be applied/deleted using kubectl as needed.
	//
	// Returns: a `KubernetesManifest` object.
	// Experimental.
	AddManifest(id *string, manifest ...*map[string]interface{}) KubernetesManifest
	// Creates a new service account with corresponding IAM Role (IRSA).
	// Experimental.
	AddServiceAccount(id *string, options *ServiceAccountOptions) ServiceAccount
	// Connect capacity in the form of an existing AutoScalingGroup to the EKS cluster.
	//
	// The AutoScalingGroup must be running an EKS-optimized AMI containing the
	// /etc/eks/bootstrap.sh script. This method will configure Security Groups,
	// add the right policies to the instance role, apply the right tags, and add
	// the required user data to the instance's launch configuration.
	//
	// Spot instances will be labeled `lifecycle=Ec2Spot` and tainted with `PreferNoSchedule`.
	// If kubectl is enabled, the
	// [spot interrupt handler](https://github.com/awslabs/ec2-spot-labs/tree/master/ec2-spot-eks-solution/spot-termination-handler)
	// daemon will be installed on all spot instances to handle
	// [EC2 Spot Instance Termination Notices](https://aws.amazon.com/blogs/aws/new-ec2-spot-instance-termination-notices/).
	//
	// Prefer to use `addAutoScalingGroupCapacity` if possible.
	// See: https://docs.aws.amazon.com/eks/latest/userguide/launch-workers.html
	//
	// Experimental.
	ConnectAutoScalingGroupCapacity(autoScalingGroup awsautoscaling.AutoScalingGroup, options *AutoScalingGroupOptions)
	// The unique ARN assigned to the service by AWS in the form of arn:aws:eks:.
	// Experimental.
	ClusterArn() *string
	// The certificate-authority-data for your cluster.
	// Experimental.
	ClusterCertificateAuthorityData() *string
	// Amazon Resource Name (ARN) or alias of the customer master key (CMK).
	// Experimental.
	ClusterEncryptionConfigKeyArn() *string
	// The API Server endpoint URL.
	// Experimental.
	ClusterEndpoint() *string
	// A security group to associate with the Cluster Handler's Lambdas.
	//
	// The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.
	//
	// Requires `placeClusterHandlerInVpc` to be set to true.
	// Experimental.
	ClusterHandlerSecurityGroup() awsec2.ISecurityGroup
	// The physical name of the Cluster.
	// Experimental.
	ClusterName() *string
	// The cluster security group that was created by Amazon EKS for the cluster.
	// Experimental.
	ClusterSecurityGroup() awsec2.ISecurityGroup
	// The id of the cluster security group that was created by Amazon EKS for the cluster.
	// Experimental.
	ClusterSecurityGroupId() *string
	// Custom environment variables when running `kubectl` against this cluster.
	// Experimental.
	KubectlEnvironment() *map[string]*string
	// An IAM role that can perform kubectl operations against this cluster.
	//
	// The role should be mapped to the `system:masters` Kubernetes RBAC role.
	//
	// This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster.
	// Experimental.
	KubectlLambdaRole() awsiam.IRole
	// An AWS Lambda layer that includes `kubectl`, `helm` and the `aws` CLI.
	//
	// If not defined, a default layer will be used.
	// Experimental.
	KubectlLayer() awslambda.ILayerVersion
	// Amount of memory to allocate to the provider's lambda function.
	// Experimental.
	KubectlMemory() awscdk.Size
	// Subnets to host the `kubectl` compute resources.
	//
	// If this is undefined, the k8s endpoint is expected to be accessible
	// publicly.
	// Experimental.
	KubectlPrivateSubnets() *[]awsec2.ISubnet
	// An IAM role that can perform kubectl operations against this cluster.
	//
	// The role should be mapped to the `system:masters` Kubernetes RBAC role.
	// Experimental.
	KubectlRole() awsiam.IRole
	// A security group to use for `kubectl` execution.
	//
	// If this is undefined, the k8s endpoint is expected to be accessible
	// publicly.
	// Experimental.
	KubectlSecurityGroup() awsec2.ISecurityGroup
	// An AWS Lambda layer that includes the NPM dependency `proxy-agent`.
	//
	// If not defined, a default layer will be used.
	// Experimental.
	OnEventLayer() awslambda.ILayerVersion
	// The Open ID Connect Provider of the cluster used to configure Service Accounts.
	// Experimental.
	OpenIdConnectProvider() awsiam.IOpenIdConnectProvider
	// Indicates whether Kubernetes resources can be automatically pruned.
	//
	// When
	// this is enabled (default), prune labels will be allocated and injected to
	// each resource. These labels will then be used when issuing the `kubectl
	// apply` operation with the `--prune` switch.
	// Experimental.
	Prune() *bool
	// The VPC in which this Cluster was created.
	// Experimental.
	Vpc() awsec2.IVpc
}

An EKS cluster. Experimental.

func Cluster_FromClusterAttributes

func Cluster_FromClusterAttributes(scope constructs.Construct, id *string, attrs *ClusterAttributes) ICluster

Import an existing cluster. Experimental.

func FargateCluster_FromClusterAttributes

func FargateCluster_FromClusterAttributes(scope constructs.Construct, id *string, attrs *ClusterAttributes) ICluster

Import an existing cluster. Experimental.

type INodegroup

type INodegroup interface {
	awscdk.IResource
	// Name of the nodegroup.
	// Experimental.
	NodegroupName() *string
}

NodeGroup interface. Experimental.

func Nodegroup_FromNodegroupName

func Nodegroup_FromNodegroupName(scope constructs.Construct, id *string, nodegroupName *string) INodegroup

Import the Nodegroup from attributes. Experimental.

type IngressLoadBalancerAddressOptions

type IngressLoadBalancerAddressOptions struct {
	// The namespace the service belongs to.
	// Experimental.
	Namespace *string `json:"namespace"`
	// Timeout for waiting on the load balancer address.
	// Experimental.
	Timeout awscdk.Duration `json:"timeout"`
}

Options for fetching an IngressLoadBalancerAddress.

TODO: EXAMPLE

Experimental.

type KubernetesManifest

type KubernetesManifest interface {
	constructs.Construct
	Node() constructs.Node
	ToString() *string
}

Represents a manifest within the Kubernetes system.

Alternatively, you can use `cluster.addManifest(resource[, resource, ...])` to define resources on this cluster.

Applies/deletes the manifest using `kubectl`.

TODO: EXAMPLE

Experimental.

func NewKubernetesManifest

func NewKubernetesManifest(scope constructs.Construct, id *string, props *KubernetesManifestProps) KubernetesManifest

Experimental.

type KubernetesManifestOptions

type KubernetesManifestOptions struct {
	// Automatically detect `Ingress` resources in the manifest and annotate them so they are picked up by an ALB Ingress Controller.
	// Experimental.
	IngressAlb *bool `json:"ingressAlb"`
	// Specify the ALB scheme that should be applied to `Ingress` resources.
	//
	// Only applicable if `ingressAlb` is set to `true`.
	// Experimental.
	IngressAlbScheme AlbScheme `json:"ingressAlbScheme"`
	// When a resource is removed from a Kubernetes manifest, it no longer appears in the manifest, and there is no way to know that this resource needs to be deleted.
	//
	// To address this, `kubectl apply` has a `--prune` option which will
	// query the cluster for all resources with a specific label and will remove
	// all the labeld resources that are not part of the applied manifest. If this
	// option is disabled and a resource is removed, it will become "orphaned" and
	// will not be deleted from the cluster.
	//
	// When this option is enabled (default), the construct will inject a label to
	// all Kubernetes resources included in this manifest which will be used to
	// prune resources when the manifest changes via `kubectl apply --prune`.
	//
	// The label name will be `aws.cdk.eks/prune-<ADDR>` where `<ADDR>` is the
	// 42-char unique address of this construct in the construct tree. Value is
	// empty.
	// See: https://kubernetes.io/docs/tasks/manage-kubernetes-objects/declarative-config/#alternative-kubectl-apply-f-directory-prune-l-your-label
	//
	// Experimental.
	Prune *bool `json:"prune"`
	// A flag to signify if the manifest validation should be skipped.
	// Experimental.
	SkipValidation *bool `json:"skipValidation"`
}

Options for `KubernetesManifest`.

TODO: EXAMPLE

Experimental.

type KubernetesManifestProps

type KubernetesManifestProps struct {
	// Automatically detect `Ingress` resources in the manifest and annotate them so they are picked up by an ALB Ingress Controller.
	// Experimental.
	IngressAlb *bool `json:"ingressAlb"`
	// Specify the ALB scheme that should be applied to `Ingress` resources.
	//
	// Only applicable if `ingressAlb` is set to `true`.
	// Experimental.
	IngressAlbScheme AlbScheme `json:"ingressAlbScheme"`
	// When a resource is removed from a Kubernetes manifest, it no longer appears in the manifest, and there is no way to know that this resource needs to be deleted.
	//
	// To address this, `kubectl apply` has a `--prune` option which will
	// query the cluster for all resources with a specific label and will remove
	// all the labeld resources that are not part of the applied manifest. If this
	// option is disabled and a resource is removed, it will become "orphaned" and
	// will not be deleted from the cluster.
	//
	// When this option is enabled (default), the construct will inject a label to
	// all Kubernetes resources included in this manifest which will be used to
	// prune resources when the manifest changes via `kubectl apply --prune`.
	//
	// The label name will be `aws.cdk.eks/prune-<ADDR>` where `<ADDR>` is the
	// 42-char unique address of this construct in the construct tree. Value is
	// empty.
	// See: https://kubernetes.io/docs/tasks/manage-kubernetes-objects/declarative-config/#alternative-kubectl-apply-f-directory-prune-l-your-label
	//
	// Experimental.
	Prune *bool `json:"prune"`
	// A flag to signify if the manifest validation should be skipped.
	// Experimental.
	SkipValidation *bool `json:"skipValidation"`
	// The EKS cluster to apply this manifest to.
	//
	// [disable-awslint:ref-via-interface]
	// Experimental.
	Cluster ICluster `json:"cluster"`
	// The manifest to apply.
	//
	// Consists of any number of child resources.
	//
	// When the resources are created/updated, this manifest will be applied to the
	// cluster through `kubectl apply` and when the resources or the stack is
	// deleted, the resources in the manifest will be deleted through `kubectl delete`.
	//
	// TODO: EXAMPLE
	//
	// Experimental.
	Manifest *[]*map[string]interface{} `json:"manifest"`
	// Overwrite any existing resources.
	//
	// If this is set, we will use `kubectl apply` instead of `kubectl create`
	// when the resource is created. Otherwise, if there is already a resource
	// in the cluster with the same name, the operation will fail.
	// Experimental.
	Overwrite *bool `json:"overwrite"`
}

Properties for KubernetesManifest.

TODO: EXAMPLE

Experimental.

type KubernetesObjectValue

type KubernetesObjectValue interface {
	constructs.Construct
	Node() constructs.Node
	Value() *string
	ToString() *string
}

Represents a value of a specific object deployed in the cluster.

Use this to fetch any information available by the `kubectl get` command.

TODO: EXAMPLE

Experimental.

func NewKubernetesObjectValue

func NewKubernetesObjectValue(scope constructs.Construct, id *string, props *KubernetesObjectValueProps) KubernetesObjectValue

Experimental.

type KubernetesObjectValueProps

type KubernetesObjectValueProps struct {
	// The EKS cluster to fetch attributes from.
	//
	// [disable-awslint:ref-via-interface]
	// Experimental.
	Cluster ICluster `json:"cluster"`
	// JSONPath to the specific value.
	// See: https://kubernetes.io/docs/reference/kubectl/jsonpath/
	//
	// Experimental.
	JsonPath *string `json:"jsonPath"`
	// The name of the object to query.
	// Experimental.
	ObjectName *string `json:"objectName"`
	// The object type to query.
	//
	// (e.g 'service', 'pod'...)
	// Experimental.
	ObjectType *string `json:"objectType"`
	// The namespace the object belongs to.
	// Experimental.
	ObjectNamespace *string `json:"objectNamespace"`
	// Timeout for waiting on a value.
	// Experimental.
	Timeout awscdk.Duration `json:"timeout"`
}

Properties for KubernetesObjectValue.

TODO: EXAMPLE

Experimental.

type KubernetesPatch

type KubernetesPatch interface {
	constructs.Construct
	Node() constructs.Node
	ToString() *string
}

A CloudFormation resource which applies/restores a JSON patch into a Kubernetes resource.

TODO: EXAMPLE

See: https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/

Experimental.

func NewKubernetesPatch

func NewKubernetesPatch(scope constructs.Construct, id *string, props *KubernetesPatchProps) KubernetesPatch

Experimental.

type KubernetesPatchProps

type KubernetesPatchProps struct {
	// The JSON object to pass to `kubectl patch` when the resource is created/updated.
	// Experimental.
	ApplyPatch *map[string]interface{} `json:"applyPatch"`
	// The cluster to apply the patch to.
	//
	// [disable-awslint:ref-via-interface]
	// Experimental.
	Cluster ICluster `json:"cluster"`
	// The full name of the resource to patch (e.g. `deployment/coredns`).
	// Experimental.
	ResourceName *string `json:"resourceName"`
	// The JSON object to pass to `kubectl patch` when the resource is removed.
	// Experimental.
	RestorePatch *map[string]interface{} `json:"restorePatch"`
	// The patch type to pass to `kubectl patch`.
	//
	// The default type used by `kubectl patch` is "strategic".
	// Experimental.
	PatchType PatchType `json:"patchType"`
	// The kubernetes API namespace.
	// Experimental.
	ResourceNamespace *string `json:"resourceNamespace"`
}

Properties for KubernetesPatch.

TODO: EXAMPLE

Experimental.

type KubernetesVersion

type KubernetesVersion interface {
	Version() *string
}

Kubernetes cluster version.

TODO: EXAMPLE

Experimental.

func KubernetesVersion_Of

func KubernetesVersion_Of(version *string) KubernetesVersion

Custom cluster version. Experimental.

func KubernetesVersion_V1_14

func KubernetesVersion_V1_14() KubernetesVersion

func KubernetesVersion_V1_15

func KubernetesVersion_V1_15() KubernetesVersion

func KubernetesVersion_V1_16

func KubernetesVersion_V1_16() KubernetesVersion

func KubernetesVersion_V1_17

func KubernetesVersion_V1_17() KubernetesVersion

func KubernetesVersion_V1_18

func KubernetesVersion_V1_18() KubernetesVersion

func KubernetesVersion_V1_19

func KubernetesVersion_V1_19() KubernetesVersion

func KubernetesVersion_V1_20

func KubernetesVersion_V1_20() KubernetesVersion

func KubernetesVersion_V1_21

func KubernetesVersion_V1_21() KubernetesVersion

type LaunchTemplateSpec

type LaunchTemplateSpec struct {
	// The Launch template ID.
	// Experimental.
	Id *string `json:"id"`
	// The launch template version to be used (optional).
	// Experimental.
	Version *string `json:"version"`
}

Launch template property specification.

TODO: EXAMPLE

Experimental.

type MachineImageType

type MachineImageType string

The machine image type.

TODO: EXAMPLE

Experimental.

const (
	MachineImageType_AMAZON_LINUX_2 MachineImageType = "AMAZON_LINUX_2"
	MachineImageType_BOTTLEROCKET   MachineImageType = "BOTTLEROCKET"
)

type NodeType

type NodeType string

Whether the worker nodes should support GPU or just standard instances. Experimental.

const (
	NodeType_GPU        NodeType = "GPU"
	NodeType_INFERENTIA NodeType = "INFERENTIA"
	NodeType_STANDARD   NodeType = "STANDARD"
)

type Nodegroup

type Nodegroup interface {
	awscdk.Resource
	INodegroup
	Cluster() ICluster
	Env() *awscdk.ResourceEnvironment
	Node() constructs.Node
	NodegroupArn() *string
	NodegroupName() *string
	PhysicalName() *string
	Role() awsiam.IRole
	Stack() awscdk.Stack
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	ToString() *string
}

The Nodegroup resource class.

TODO: EXAMPLE

Experimental.

func NewNodegroup

func NewNodegroup(scope constructs.Construct, id *string, props *NodegroupProps) Nodegroup

Experimental.

type NodegroupAmiType

type NodegroupAmiType string

The AMI type for your node group.

GPU instance types should use the `AL2_x86_64_GPU` AMI type, which uses the Amazon EKS-optimized Linux AMI with GPU support. Non-GPU instances should use the `AL2_x86_64` AMI type, which uses the Amazon EKS-optimized Linux AMI.

TODO: EXAMPLE

Experimental.

const (
	NodegroupAmiType_AL2_ARM_64          NodegroupAmiType = "AL2_ARM_64"
	NodegroupAmiType_AL2_X86_64          NodegroupAmiType = "AL2_X86_64"
	NodegroupAmiType_AL2_X86_64_GPU      NodegroupAmiType = "AL2_X86_64_GPU"
	NodegroupAmiType_BOTTLEROCKET_ARM_64 NodegroupAmiType = "BOTTLEROCKET_ARM_64"
	NodegroupAmiType_BOTTLEROCKET_X86_64 NodegroupAmiType = "BOTTLEROCKET_X86_64"
)

type NodegroupOptions

type NodegroupOptions struct {
	// The AMI type for your node group.
	// Experimental.
	AmiType NodegroupAmiType `json:"amiType"`
	// The capacity type of the nodegroup.
	// Experimental.
	CapacityType CapacityType `json:"capacityType"`
	// The current number of worker nodes that the managed node group should maintain.
	//
	// If not specified,
	// the nodewgroup will initially create `minSize` instances.
	// Experimental.
	DesiredSize *float64 `json:"desiredSize"`
	// The root device disk size (in GiB) for your node group instances.
	// Experimental.
	DiskSize *float64 `json:"diskSize"`
	// Force the update if the existing node group's pods are unable to be drained due to a pod disruption budget issue.
	//
	// If an update fails because pods could not be drained, you can force the update after it fails to terminate the old
	// node whether or not any pods are
	// running on the node.
	// Experimental.
	ForceUpdate *bool `json:"forceUpdate"`
	// The instance types to use for your node group.
	// See: - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-nodegroup.html#cfn-eks-nodegroup-instancetypes
	//
	// Experimental.
	InstanceTypes *[]awsec2.InstanceType `json:"instanceTypes"`
	// The Kubernetes labels to be applied to the nodes in the node group when they are created.
	// Experimental.
	Labels *map[string]*string `json:"labels"`
	// Launch template specification used for the nodegroup.
	// See: - https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html
	//
	// Experimental.
	LaunchTemplateSpec *LaunchTemplateSpec `json:"launchTemplateSpec"`
	// The maximum number of worker nodes that the managed node group can scale out to.
	//
	// Managed node groups can support up to 100 nodes by default.
	// Experimental.
	MaxSize *float64 `json:"maxSize"`
	// The minimum number of worker nodes that the managed node group can scale in to.
	//
	// This number must be greater than or equal to zero.
	// Experimental.
	MinSize *float64 `json:"minSize"`
	// Name of the Nodegroup.
	// Experimental.
	NodegroupName *string `json:"nodegroupName"`
	// The IAM role to associate with your node group.
	//
	// The Amazon EKS worker node kubelet daemon
	// makes calls to AWS APIs on your behalf. Worker nodes receive permissions for these API calls through
	// an IAM instance profile and associated policies. Before you can launch worker nodes and register them
	// into a cluster, you must create an IAM role for those worker nodes to use when they are launched.
	// Experimental.
	NodeRole awsiam.IRole `json:"nodeRole"`
	// The AMI version of the Amazon EKS-optimized AMI to use with your node group (for example, `1.14.7-YYYYMMDD`).
	// Experimental.
	ReleaseVersion *string `json:"releaseVersion"`
	// The remote access (SSH) configuration to use with your node group.
	//
	// Disabled by default, however, if you
	// specify an Amazon EC2 SSH key but do not specify a source security group when you create a managed node group,
	// then port 22 on the worker nodes is opened to the internet (0.0.0.0/0)
	// Experimental.
	RemoteAccess *NodegroupRemoteAccess `json:"remoteAccess"`
	// The subnets to use for the Auto Scaling group that is created for your node group.
	//
	// By specifying the
	// SubnetSelection, the selected subnets will automatically apply required tags i.e.
	// `kubernetes.io/cluster/CLUSTER_NAME` with a value of `shared`, where `CLUSTER_NAME` is replaced with
	// the name of your cluster.
	// Experimental.
	Subnets *awsec2.SubnetSelection `json:"subnets"`
	// The metadata to apply to the node group to assist with categorization and organization.
	//
	// Each tag consists of
	// a key and an optional value, both of which you define. Node group tags do not propagate to any other resources
	// associated with the node group, such as the Amazon EC2 instances or subnets.
	// Experimental.
	Tags *map[string]*string `json:"tags"`
	// The Kubernetes taints to be applied to the nodes in the node group when they are created.
	// Experimental.
	Taints *[]*TaintSpec `json:"taints"`
}

The Nodegroup Options for addNodeGroup() method.

TODO: EXAMPLE

Experimental.

type NodegroupProps

type NodegroupProps struct {
	// The AMI type for your node group.
	// Experimental.
	AmiType NodegroupAmiType `json:"amiType"`
	// The capacity type of the nodegroup.
	// Experimental.
	CapacityType CapacityType `json:"capacityType"`
	// The current number of worker nodes that the managed node group should maintain.
	//
	// If not specified,
	// the nodewgroup will initially create `minSize` instances.
	// Experimental.
	DesiredSize *float64 `json:"desiredSize"`
	// The root device disk size (in GiB) for your node group instances.
	// Experimental.
	DiskSize *float64 `json:"diskSize"`
	// Force the update if the existing node group's pods are unable to be drained due to a pod disruption budget issue.
	//
	// If an update fails because pods could not be drained, you can force the update after it fails to terminate the old
	// node whether or not any pods are
	// running on the node.
	// Experimental.
	ForceUpdate *bool `json:"forceUpdate"`
	// The instance types to use for your node group.
	// See: - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-nodegroup.html#cfn-eks-nodegroup-instancetypes
	//
	// Experimental.
	InstanceTypes *[]awsec2.InstanceType `json:"instanceTypes"`
	// The Kubernetes labels to be applied to the nodes in the node group when they are created.
	// Experimental.
	Labels *map[string]*string `json:"labels"`
	// Launch template specification used for the nodegroup.
	// See: - https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html
	//
	// Experimental.
	LaunchTemplateSpec *LaunchTemplateSpec `json:"launchTemplateSpec"`
	// The maximum number of worker nodes that the managed node group can scale out to.
	//
	// Managed node groups can support up to 100 nodes by default.
	// Experimental.
	MaxSize *float64 `json:"maxSize"`
	// The minimum number of worker nodes that the managed node group can scale in to.
	//
	// This number must be greater than or equal to zero.
	// Experimental.
	MinSize *float64 `json:"minSize"`
	// Name of the Nodegroup.
	// Experimental.
	NodegroupName *string `json:"nodegroupName"`
	// The IAM role to associate with your node group.
	//
	// The Amazon EKS worker node kubelet daemon
	// makes calls to AWS APIs on your behalf. Worker nodes receive permissions for these API calls through
	// an IAM instance profile and associated policies. Before you can launch worker nodes and register them
	// into a cluster, you must create an IAM role for those worker nodes to use when they are launched.
	// Experimental.
	NodeRole awsiam.IRole `json:"nodeRole"`
	// The AMI version of the Amazon EKS-optimized AMI to use with your node group (for example, `1.14.7-YYYYMMDD`).
	// Experimental.
	ReleaseVersion *string `json:"releaseVersion"`
	// The remote access (SSH) configuration to use with your node group.
	//
	// Disabled by default, however, if you
	// specify an Amazon EC2 SSH key but do not specify a source security group when you create a managed node group,
	// then port 22 on the worker nodes is opened to the internet (0.0.0.0/0)
	// Experimental.
	RemoteAccess *NodegroupRemoteAccess `json:"remoteAccess"`
	// The subnets to use for the Auto Scaling group that is created for your node group.
	//
	// By specifying the
	// SubnetSelection, the selected subnets will automatically apply required tags i.e.
	// `kubernetes.io/cluster/CLUSTER_NAME` with a value of `shared`, where `CLUSTER_NAME` is replaced with
	// the name of your cluster.
	// Experimental.
	Subnets *awsec2.SubnetSelection `json:"subnets"`
	// The metadata to apply to the node group to assist with categorization and organization.
	//
	// Each tag consists of
	// a key and an optional value, both of which you define. Node group tags do not propagate to any other resources
	// associated with the node group, such as the Amazon EC2 instances or subnets.
	// Experimental.
	Tags *map[string]*string `json:"tags"`
	// The Kubernetes taints to be applied to the nodes in the node group when they are created.
	// Experimental.
	Taints *[]*TaintSpec `json:"taints"`
	// Cluster resource.
	// Experimental.
	Cluster ICluster `json:"cluster"`
}

NodeGroup properties interface.

TODO: EXAMPLE

Experimental.

type NodegroupRemoteAccess

type NodegroupRemoteAccess struct {
	// The security groups that are allowed SSH access (port 22) to the worker nodes.
	//
	// If you specify an Amazon EC2 SSH
	// key but do not specify a source security group when you create a managed node group, then port 22 on the worker
	// nodes is opened to the internet (0.0.0.0/0).
	// Experimental.
	SourceSecurityGroups *[]awsec2.ISecurityGroup `json:"sourceSecurityGroups"`
	// The Amazon EC2 SSH key that provides access for SSH communication with the worker nodes in the managed node group.
	// Experimental.
	SshKeyName *string `json:"sshKeyName"`
}

The remote access (SSH) configuration to use with your node group.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-nodegroup-remoteaccess.html

Experimental.

type OpenIdConnectProvider

type OpenIdConnectProvider interface {
	awsiam.OpenIdConnectProvider
	Env() *awscdk.ResourceEnvironment
	Node() constructs.Node
	OpenIdConnectProviderArn() *string
	OpenIdConnectProviderIssuer() *string
	PhysicalName() *string
	Stack() awscdk.Stack
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	ToString() *string
}

IAM OIDC identity providers are entities in IAM that describe an external identity provider (IdP) service that supports the OpenID Connect (OIDC) standard, such as Google or Salesforce.

You use an IAM OIDC identity provider when you want to establish trust between an OIDC-compatible IdP and your AWS account.

This implementation has default values for thumbprints and clientIds props that will be compatible with the eks cluster

TODO: EXAMPLE

See: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html

Experimental.

func NewOpenIdConnectProvider

func NewOpenIdConnectProvider(scope constructs.Construct, id *string, props *OpenIdConnectProviderProps) OpenIdConnectProvider

Defines an OpenID Connect provider. Experimental.

type OpenIdConnectProviderProps

type OpenIdConnectProviderProps struct {
	// The URL of the identity provider.
	//
	// The URL must begin with https:// and
	// should correspond to the iss claim in the provider's OpenID Connect ID
	// tokens. Per the OIDC standard, path components are allowed but query
	// parameters are not. Typically the URL consists of only a hostname, like
	// https://server.example.org or https://example.com.
	//
	// You can find your OIDC Issuer URL by:
	// aws eks describe-cluster --name %cluster_name% --query "cluster.identity.oidc.issuer" --output text
	// Experimental.
	Url *string `json:"url"`
}

Initialization properties for `OpenIdConnectProvider`.

TODO: EXAMPLE

Experimental.

type PatchType

type PatchType string

Values for `kubectl patch` --type argument. Experimental.

const (
	PatchType_JSON      PatchType = "JSON"
	PatchType_MERGE     PatchType = "MERGE"
	PatchType_STRATEGIC PatchType = "STRATEGIC"
)

type Selector

type Selector struct {
	// The Kubernetes labels that the selector should match.
	//
	// A pod must contain
	// all of the labels that are specified in the selector for it to be
	// considered a match.
	// Experimental.
	Labels *map[string]*string `json:"labels"`
	// The Kubernetes namespace that the selector should match.
	//
	// You must specify a namespace for a selector. The selector only matches pods
	// that are created in this namespace, but you can create multiple selectors
	// to target multiple namespaces.
	// Experimental.
	Namespace *string `json:"namespace"`
}

Fargate profile selector.

TODO: EXAMPLE

Experimental.

type ServiceAccount

type ServiceAccount interface {
	constructs.Construct
	awsiam.IPrincipal
	AssumeRoleAction() *string
	GrantPrincipal() awsiam.IPrincipal
	Node() constructs.Node
	PolicyFragment() awsiam.PrincipalPolicyFragment
	Role() awsiam.IRole
	ServiceAccountName() *string
	ServiceAccountNamespace() *string
	AddToPrincipalPolicy(statement awsiam.PolicyStatement) *awsiam.AddToPrincipalPolicyResult
	ToString() *string
}

Service Account.

TODO: EXAMPLE

Experimental.

func NewServiceAccount

func NewServiceAccount(scope constructs.Construct, id *string, props *ServiceAccountProps) ServiceAccount

Experimental.

type ServiceAccountOptions

type ServiceAccountOptions struct {
	// The name of the service account.
	// Experimental.
	Name *string `json:"name"`
	// The namespace of the service account.
	// Experimental.
	Namespace *string `json:"namespace"`
}

Options for `ServiceAccount`.

TODO: EXAMPLE

Experimental.

type ServiceAccountProps

type ServiceAccountProps struct {
	// The name of the service account.
	// Experimental.
	Name *string `json:"name"`
	// The namespace of the service account.
	// Experimental.
	Namespace *string `json:"namespace"`
	// The cluster to apply the patch to.
	// Experimental.
	Cluster ICluster `json:"cluster"`
}

Properties for defining service accounts.

TODO: EXAMPLE

Experimental.

type ServiceLoadBalancerAddressOptions

type ServiceLoadBalancerAddressOptions struct {
	// The namespace the service belongs to.
	// Experimental.
	Namespace *string `json:"namespace"`
	// Timeout for waiting on the load balancer address.
	// Experimental.
	Timeout awscdk.Duration `json:"timeout"`
}

Options for fetching a ServiceLoadBalancerAddress.

TODO: EXAMPLE

Experimental.

type TaintEffect

type TaintEffect string

Effect types of kubernetes node taint.

TODO: EXAMPLE

Experimental.

const (
	TaintEffect_NO_EXECUTE         TaintEffect = "NO_EXECUTE"
	TaintEffect_NO_SCHEDULE        TaintEffect = "NO_SCHEDULE"
	TaintEffect_PREFER_NO_SCHEDULE TaintEffect = "PREFER_NO_SCHEDULE"
)

type TaintSpec

type TaintSpec struct {
	// Effect type.
	// Experimental.
	Effect TaintEffect `json:"effect"`
	// Taint key.
	// Experimental.
	Key *string `json:"key"`
	// Taint value.
	// Experimental.
	Value *string `json:"value"`
}

Taint interface.

TODO: EXAMPLE

Experimental.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL