Cluster

eks.services.k8s.aws/v1alpha1

TypeLink
GoDoceks-controller/apis/v1alpha1#Cluster

Metadata

PropertyValue
ScopeNamespaced
KindCluster
ListKindClusterList
Pluralclusters
Singularcluster

An object representing an Amazon EKS cluster.

Spec

accessConfig: 
  authenticationMode: string
  bootstrapClusterCreatorAdminPermissions: boolean
bootstrapSelfManagedAddons: boolean
clientRequestToken: string
computeConfig: 
  enabled: boolean
  nodePools:
  - string
  nodeRoleARN: string
encryptionConfig:
  provider: 
    keyARN: string
    keyRef: 
      from: 
        name: string
        namespace: string
  resources:
  - string
kubernetesNetworkConfig: 
  elasticLoadBalancing: 
    enabled: boolean
  ipFamily: string
  serviceIPv4CIDR: string
logging: 
  clusterLogging:
  - enabled: boolean
    types:
    - string
name: string
outpostConfig: 
  controlPlaneInstanceType: string
  controlPlanePlacement: 
    groupName: string
  outpostARNs:
  - string
remoteNetworkConfig: 
  remoteNodeNetworks:
    cidrs:
    - string
  remotePodNetworks:
    cidrs:
    - string
resourcesVPCConfig: 
  endpointPrivateAccess: boolean
  endpointPublicAccess: boolean
  publicAccessCIDRs:
  - string
  securityGroupIDs:
  - string
  securityGroupRefs:
    from: 
      name: string
      namespace: string
  subnetIDs:
  - string
  subnetRefs:
    from: 
      name: string
      namespace: string
roleARN: string
roleRef: 
  from: 
    name: string
    namespace: string
storageConfig: 
  blockStorage: 
    enabled: boolean
tags: {}
upgradePolicy: 
  supportType: string
version: string
zonalShiftConfig: 
  enabled: boolean
FieldDescription
accessConfig
Optional		object
The access configuration for the cluster.
accessConfig.authenticationMode
Optional		string
accessConfig.bootstrapClusterCreatorAdminPermissions
Optional		boolean
bootstrapSelfManagedAddons
Optional		boolean
If you set this value to False when creating a cluster, the default networking
add-ons will not be installed.

The default networking addons include vpc-cni, coredns, and kube-proxy.

Use this option when you plan to install third-party alternative add-ons
or self-manage the default networking add-ons.
clientRequestToken
Optional		string
A unique, case-sensitive identifier that you provide to ensurethe idempotency
of the request.
computeConfig
Optional		object
Enable or disable the compute capability of EKS Auto Mode when creating your
EKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode
will create and delete EC2 Managed Instances in your Amazon Web Services
account
computeConfig.enabled
Optional		boolean
computeConfig.nodePools
Optional		array
computeConfig.nodePools.[]
Required		string
encryptionConfig
Optional		array
The encryption configuration for the cluster.
encryptionConfig.[]
Required		object
The encryption configuration for the cluster.
encryptionConfig.[].provider.keyARN
Optional		string
encryptionConfig.[].provider.keyRef
Optional		object
Reference field for KeyARN
encryptionConfig.[].provider.keyRef.from
Optional		object
AWSResourceReference provides all the values necessary to reference another
k8s resource for finding the identifier(Id/ARN/Name)
encryptionConfig.[].provider.keyRef.from.name
Optional		string
encryptionConfig.[].provider.keyRef.from.namespace
Optional		string
encryptionConfig.[].resources
Optional		array
encryptionConfig.[].resources.[]
Required		string
kubernetesNetworkConfig.elasticLoadBalancing
Optional		object
Indicates the current configuration of the load balancing capability on your
EKS Auto Mode cluster. For example, if the capability is enabled or disabled.
For more information, see EKS Auto Mode load balancing capability in the
Amazon EKS User Guide.
kubernetesNetworkConfig.elasticLoadBalancing.enabled
Optional		boolean
kubernetesNetworkConfig.ipFamily
Optional		string
kubernetesNetworkConfig.serviceIPv4CIDR
Optional		string
logging
Optional		object
Enable or disable exporting the Kubernetes control plane logs for your cluster
to CloudWatch Logs . By default, cluster control plane logs aren’t exported
to CloudWatch Logs . For more information, see Amazon EKS Cluster control
plane logs (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html)
in the Amazon EKS User Guide .

CloudWatch Logs ingestion, archive storage, and data scanning rates apply
to exported control plane logs. For more information, see CloudWatch Pricing
(http://aws.amazon.com/cloudwatch/pricing/).
logging.clusterLogging
Optional		array
logging.clusterLogging.[]
Required		object
An object representing the enabled or disabled Kubernetes control plane logs
for your cluster.
logging.clusterLogging.[].types
Optional		array
logging.clusterLogging.[].types.[]
Required		string
outpostConfig
Optional		object
An object representing the configuration of your local Amazon EKS cluster
on an Amazon Web Services Outpost. Before creating a local cluster on an
Outpost, review Local clusters for Amazon EKS on Amazon Web Services Outposts
(https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-local-cluster-overview.html)
in the Amazon EKS User Guide. This object isn’t available for creating Amazon
EKS clusters on the Amazon Web Services cloud.
outpostConfig.controlPlaneInstanceType
Optional		string
outpostConfig.controlPlanePlacement
Optional		object
The placement configuration for all the control plane instances of your local
Amazon EKS cluster on an Amazon Web Services Outpost. For more information,
see Capacity considerations (https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html)
in the Amazon EKS User Guide.
outpostConfig.controlPlanePlacement.groupName
Optional		string
outpostConfig.outpostARNs
Optional		array
outpostConfig.outpostARNs.[]
Required		string
remoteNetworkConfig.remoteNodeNetworks
Optional		array
remoteNetworkConfig.remoteNodeNetworks.[]
Required		object
A network CIDR that can contain hybrid nodes.

These CIDR blocks define the expected IP address range of the hybrid nodes that join the cluster. These blocks are typically determined by your network administrator.

Enter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, 10.2.0.0/16).

It must satisfy the following requirements:

  • Each block must be within an IPv4 RFC-1918 network range. Minimum allowed size is /24, maximum allowed size is /8. Publicly-routable addresses aren’t supported.

  • Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.

  • Each block must have a route to the VPC that uses the VPC CIDR blocks, not public IPs or Elastic IPs. There are many options including Transit Gateway, Site-to-Site VPN, or Direct Connect.

  • Each host must allow outbound connection to the EKS cluster control plane on TCP ports 443 and 10250.

  • Each host must allow inbound connection from the EKS cluster control plane on TCP port 10250 for logs, exec and port-forward operations.

  • Each host must allow TCP and UDP network connectivity to and from other hosts that are running CoreDNS on UDP port 53 for service and pod DNS names. || remoteNetworkConfig.remoteNodeNetworks.[].cidrs
    Optional | array
    | | remoteNetworkConfig.remoteNodeNetworks.[].cidrs.[]
    Required | string
    || remoteNetworkConfig.remotePodNetworks
    Optional | array
    | | remoteNetworkConfig.remotePodNetworks.[]
    Required | object
    A network CIDR that can contain pods that run Kubernetes webhooks on hybrid nodes.

These CIDR blocks are determined by configuring your Container Network Interface (CNI) plugin. We recommend the Calico CNI or Cilium CNI. Note that the Amazon VPC CNI plugin for Kubernetes isn’t available for on-premises and edge locations.

Enter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, 10.2.0.0/16).

It must satisfy the following requirements:

  • Each block must be within an IPv4 RFC-1918 network range. Minimum allowed size is /24, maximum allowed size is /8. Publicly-routable addresses aren’t supported.

  • Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range. || remoteNetworkConfig.remotePodNetworks.[].cidrs
    Optional | array
    | | remoteNetworkConfig.remotePodNetworks.[].cidrs.[]
    Required | string
    || resourcesVPCConfig
    Required | object
    The VPC configuration that’s used by the cluster control plane. Amazon EKS
    VPC resources have specific requirements to work properly with Kubernetes.
    For more information, see Cluster VPC Considerations (https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html)
    and Cluster Security Group Considerations (https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html)
    in the Amazon EKS User Guide. You must specify at least two subnets. You
    can specify up to five security groups. However, we recommend that you use
    a dedicated security group for your cluster control plane. | | resourcesVPCConfig.endpointPrivateAccess
    Optional | boolean
    | | resourcesVPCConfig.endpointPublicAccess
    Optional | boolean
    | | resourcesVPCConfig.publicAccessCIDRs
    Optional | array
    | | resourcesVPCConfig.publicAccessCIDRs.[]
    Required | string
    || resourcesVPCConfig.securityGroupIDs
    Optional | array
    | | resourcesVPCConfig.securityGroupIDs.[]
    Required | string
    || resourcesVPCConfig.securityGroupRefs
    Optional | array
    Reference field for SecurityGroupIDs | | resourcesVPCConfig.securityGroupRefs.[]
    Required | object
    AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using ‘from’ field Ex: APIIDRef:

from:
  name: my-api || **resourcesVPCConfig.securityGroupRefs.[].from**<br/>Optional | **object**<br/>AWSResourceReference provides all the values necessary to reference another<br/>k8s resource for finding the identifier(Id/ARN/Name) |

| resourcesVPCConfig.securityGroupRefs.[].from.name
Optional | string
| | resourcesVPCConfig.securityGroupRefs.[].from.namespace
Optional | string
| | resourcesVPCConfig.subnetIDs
Optional | array
| | resourcesVPCConfig.subnetIDs.[]
Required | string
|| resourcesVPCConfig.subnetRefs
Optional | array
Reference field for SubnetIDs | | resourcesVPCConfig.subnetRefs.[]
Required | object
AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using ‘from’ field Ex: APIIDRef:

from:
  name: my-api || **resourcesVPCConfig.subnetRefs.[].from**<br/>Optional | **object**<br/>AWSResourceReference provides all the values necessary to reference another<br/>k8s resource for finding the identifier(Id/ARN/Name) |

| resourcesVPCConfig.subnetRefs.[].from.name
Optional | string
| | resourcesVPCConfig.subnetRefs.[].from.namespace
Optional | string
| | roleARN
Optional | string
The Amazon Resource Name (ARN) of the IAM role that provides permissions
for the Kubernetes control plane to make calls to Amazon Web Services API
operations on your behalf. For more information, see Amazon EKS Service IAM
Role (https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html)
in the Amazon EKS User Guide . | | roleRef
Optional | object
AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference
type to provide more user friendly syntax for references using ‘from’ field
Ex:
APIIDRef:

from:
name: my-api | | roleRef.from
Optional | object
AWSResourceReference provides all the values necessary to reference another
k8s resource for finding the identifier(Id/ARN/Name) | | roleRef.from.name
Optional | string
| | roleRef.from.namespace
Optional | string
| | storageConfig
Optional | object
Enable or disable the block storage capability of EKS Auto Mode when creating
your EKS Auto Mode cluster. If the block storage capability is enabled, EKS
Auto Mode will create and delete EBS volumes in your Amazon Web Services
account. | | storageConfig.blockStorage
Optional | object
Indicates the current configuration of the block storage capability on your
EKS Auto Mode cluster. For example, if the capability is enabled or disabled.
If the block storage capability is enabled, EKS Auto Mode will create and
delete EBS volumes in your Amazon Web Services account. For more information,
see EKS Auto Mode block storage capability in the Amazon EKS User Guide. | | storageConfig.blockStorage.enabled
Optional | boolean
| | tags
Optional | object
Metadata that assists with categorization and organization. Each tag consists
of a key and an optional value. You define both. Tags don’t propagate to
any other cluster or Amazon Web Services resources. | | upgradePolicy
Optional | object
New clusters, by default, have extended support enabled. You can disable
extended support when creating a cluster by setting this value to STANDARD. | | upgradePolicy.supportType
Optional | string
| | version
Optional | string
The desired Kubernetes version for your cluster. If you don’t specify a value
here, the default version available in Amazon EKS is used.

The default version might not be the latest version available. | | zonalShiftConfig
Optional | object
Enable or disable ARC zonal shift for the cluster. If zonal shift is enabled,
Amazon Web Services configures zonal autoshift for the cluster.

Zonal shift is a feature of Amazon Application Recovery Controller (ARC).
ARC zonal shift is designed to be a temporary measure that allows you to
move traffic for a resource away from an impaired AZ until the zonal shift
expires or you cancel it. You can extend the zonal shift if necessary.

You can start a zonal shift for an Amazon EKS cluster, or you can allow Amazon
Web Services to do it for you by enabling zonal autoshift. This shift updates
the flow of east-to-west network traffic in your cluster to only consider
network endpoints for Pods running on worker nodes in healthy AZs. Additionally,
any ALB or NLB handling ingress traffic for applications in your Amazon EKS
cluster will automatically route traffic to targets in the healthy AZs. For
more information about zonal shift in EKS, see Learn about Amazon Application
Recovery Controller (ARC) Zonal Shift in Amazon EKS (https://docs.aws.amazon.com/eks/latest/userguide/zone-shift.html)
in the Amazon EKS User Guide . | | zonalShiftConfig.enabled
Optional | boolean
|

Status

ackResourceMetadata: 
  arn: string
  ownerAccountID: string
  region: string
certificateAuthority: 
  data: string
conditions:
- lastTransitionTime: string
  message: string
  reason: string
  status: string
  type: string
connectorConfig: 
  activationCode: string
  activationExpiry: string
  activationID: string
  provider: string
  roleARN: string
createdAt: string
endpoint: string
health: 
  issues:
  - code: string
    message: string
    resourceIDs:
    - string
id: string
identity: 
  oidc: 
    issuer: string
platformVersion: string
status: string
FieldDescription
ackResourceMetadata
Optional		object
All CRs managed by ACK have a common Status.ACKResourceMetadata member
that is used to contain resource sync state, account ownership,
constructed ARN for the resource
ackResourceMetadata.arn
Optional		string
ARN is the Amazon Resource Name for the resource. This is a
globally-unique identifier and is set only by the ACK service controller
once the controller has orchestrated the creation of the resource OR
when it has verified that an “adopted” resource (a resource where the
ARN annotation was set by the Kubernetes user on the CR) exists and
matches the supplied CR’s Spec field values.
https://github.com/aws/aws-controllers-k8s/issues/270
ackResourceMetadata.ownerAccountID
Required		string
OwnerAccountID is the AWS Account ID of the account that owns the
backend AWS service API resource.
ackResourceMetadata.region
Required		string
Region is the AWS region in which the resource exists or will exist.
certificateAuthority
Optional		object
The certificate-authority-data for your cluster.
certificateAuthority.data
Optional		string
conditions
Optional		array
All CRs managed by ACK have a common Status.Conditions member that
contains a collection of ackv1alpha1.Condition objects that describe
the various terminal states of the CR and its backend AWS service API
resource
conditions.[]
Required		object
Condition is the common struct used by all CRDs managed by ACK service
controllers to indicate terminal states of the CR and its backend AWS
service API resource
conditions.[].message
Optional		string
A human readable message indicating details about the transition.
conditions.[].reason
Optional		string
The reason for the condition’s last transition.
conditions.[].status
Optional		string
Status of the condition, one of True, False, Unknown.
conditions.[].type
Optional		string
Type is the type of the Condition
connectorConfig
Optional		object
The configuration used to connect to a cluster for registration.
connectorConfig.activationCode
Optional		string
connectorConfig.activationExpiry
Optional		string
connectorConfig.activationID
Optional		string
connectorConfig.provider
Optional		string
connectorConfig.roleARN
Optional		string
createdAt
Optional		string
The Unix epoch timestamp at object creation.
endpoint
Optional		string
The endpoint for your Kubernetes API server.
health
Optional		object
An object representing the health of your Amazon EKS cluster.
health.issues
Optional		array
health.issues.[]
Required		object
An issue with your Amazon EKS cluster.
health.issues.[].message
Optional		string
health.issues.[].resourceIDs
Optional		array
health.issues.[].resourceIDs.[]
Required		string
identity
Optional		object
The identity provider information for the cluster.
identity.oidc
Optional		object
An object representing the OpenID Connect (https://openid.net/connect/) (OIDC)
identity provider information for the cluster.
identity.oidc.issuer
Optional		string
platformVersion
Optional		string
The platform version of your Amazon EKS cluster. For more information about
clusters deployed on the Amazon Web Services Cloud, see Platform versions
(https://docs.aws.amazon.com/eks/latest/userguide/platform-versions.html)
in the Amazon EKS User Guide . For more information about local clusters
deployed on an Outpost, see Amazon EKS local cluster platform versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-platform-versions.html)
in the Amazon EKS User Guide .
status
Optional		string
The current status of the cluster.