Note: You are viewing the documentation for an older major version of the AWS SDK for JavaScript (v2).

The modular AWS SDK for JavaScript (v3) is now General Available. For more information see the Developer Guide or API Reference.

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Class: AWS.EKS

Inherits:
AWS.Service show all
Identifier:
eks
API Version:
2017-11-01
Defined in:
(unknown)

Overview

Constructs a service interface object. Each API operation is exposed as a function on service.

Service Description

Amazon Elastic Kubernetes Service (Amazon EKS) is a managed service that makes it easy for you to run Kubernetes on AWS without needing to stand up or maintain your own Kubernetes control plane. Kubernetes is an open-source system for automating the deployment, scaling, and management of containerized applications.

Amazon EKS runs up-to-date versions of the open-source Kubernetes software, so you can use all the existing plugins and tooling from the Kubernetes community. Applications running on Amazon EKS are fully compatible with applications running on any standard Kubernetes environment, whether running in on-premises data centers or public clouds. This means that you can easily migrate any standard Kubernetes application to Amazon EKS without any code modification required.

Sending a Request Using EKS

var eks = new AWS.EKS();
eks.associateEncryptionConfig(params, function (err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Locking the API Version

In order to ensure that the EKS object uses this specific API, you can construct the object by passing the apiVersion option to the constructor:

var eks = new AWS.EKS({apiVersion: '2017-11-01'});

You can also set the API version globally in AWS.config.apiVersions using the eks service identifier:

AWS.config.apiVersions = {
  eks: '2017-11-01',
  // other service API versions
};

var eks = new AWS.EKS();

Version:

  • 2017-11-01

Waiter Resource States

This service supports a list of resource states that can be polled using the waitFor() method. The resource states are:

clusterActive, clusterDeleted, nodegroupActive, nodegroupDeleted, addonActive, addonDeleted

Constructor Summary collapse

Property Summary collapse

Properties inherited from AWS.Service

apiVersions

Method Summary collapse

Methods inherited from AWS.Service

makeRequest, makeUnauthenticatedRequest, setupRequestListeners, defineService

Constructor Details

new AWS.EKS(options = {}) ⇒ Object

Constructs a service object. This object has one method for each API operation.

Examples:

Constructing a EKS object

var eks = new AWS.EKS({apiVersion: '2017-11-01'});

Options Hash (options):

  • params (map)

    An optional map of parameters to bind to every request sent by this service object. For more information on bound parameters, see "Working with Services" in the Getting Started Guide.

  • endpoint (String|AWS.Endpoint)

    The endpoint URI to send requests to. The default endpoint is built from the configured region. The endpoint should be a string like 'https://{service}.{region}.amazonaws.com' or an Endpoint object.

  • accessKeyId (String)

    your AWS access key ID.

  • secretAccessKey (String)

    your AWS secret access key.

  • sessionToken (AWS.Credentials)

    the optional AWS session token to sign requests with.

  • credentials (AWS.Credentials)

    the AWS credentials to sign requests with. You can either specify this object, or specify the accessKeyId and secretAccessKey options directly.

  • credentialProvider (AWS.CredentialProviderChain)

    the provider chain used to resolve credentials if no static credentials property is set.

  • region (String)

    the region to send service requests to. See AWS.EKS.region for more information.

  • maxRetries (Integer)

    the maximum amount of retries to attempt with a request. See AWS.EKS.maxRetries for more information.

  • maxRedirects (Integer)

    the maximum amount of redirects to follow with a request. See AWS.EKS.maxRedirects for more information.

  • sslEnabled (Boolean)

    whether to enable SSL for requests.

  • paramValidation (Boolean|map)

    whether input parameters should be validated against the operation description before sending the request. Defaults to true. Pass a map to enable any of the following specific validation features:

    • min [Boolean] — Validates that a value meets the min constraint. This is enabled by default when paramValidation is set to true.
    • max [Boolean] — Validates that a value meets the max constraint.
    • pattern [Boolean] — Validates that a string value matches a regular expression.
    • enum [Boolean] — Validates that a string value matches one of the allowable enum values.
  • computeChecksums (Boolean)

    whether to compute checksums for payload bodies when the service accepts it (currently supported in S3 only)

  • convertResponseTypes (Boolean)

    whether types are converted when parsing response data. Currently only supported for JSON based services. Turning this off may improve performance on large response payloads. Defaults to true.

  • correctClockSkew (Boolean)

    whether to apply a clock skew correction and retry requests that fail because of an skewed client clock. Defaults to false.

  • s3ForcePathStyle (Boolean)

    whether to force path style URLs for S3 objects.

  • s3BucketEndpoint (Boolean)

    whether the provided endpoint addresses an individual bucket (false if it addresses the root API endpoint). Note that setting this configuration option requires an endpoint to be provided explicitly to the service constructor.

  • s3DisableBodySigning (Boolean)

    whether S3 body signing should be disabled when using signature version v4. Body signing can only be disabled when using https. Defaults to true.

  • s3UsEast1RegionalEndpoint ('legacy'|'regional')

    when region is set to 'us-east-1', whether to send s3 request to global endpoints or 'us-east-1' regional endpoints. This config is only applicable to S3 client. Defaults to legacy

  • s3UseArnRegion (Boolean)

    whether to override the request region with the region inferred from requested resource's ARN. Only available for S3 buckets Defaults to true

  • retryDelayOptions (map)

    A set of options to configure the retry delay on retryable errors. Currently supported options are:

    • base [Integer] — The base number of milliseconds to use in the exponential backoff for operation retries. Defaults to 100 ms for all services except DynamoDB, where it defaults to 50ms.
    • customBackoff [function] — A custom function that accepts a retry count and error and returns the amount of time to delay in milliseconds. If the result is a non-zero negative value, no further retry attempts will be made. The base option will be ignored if this option is supplied. The function is only called for retryable errors.
  • httpOptions (map)

    A set of options to pass to the low-level HTTP request. Currently supported options are:

    • proxy [String] — the URL to proxy requests through
    • agent [http.Agent, https.Agent] — the Agent object to perform HTTP requests with. Used for connection pooling. Defaults to the global agent (http.globalAgent) for non-SSL connections. Note that for SSL connections, a special Agent object is used in order to enable peer certificate verification. This feature is only available in the Node.js environment.
    • connectTimeout [Integer] — Sets the socket to timeout after failing to establish a connection with the server after connectTimeout milliseconds. This timeout has no effect once a socket connection has been established.
    • timeout [Integer] — Sets the socket to timeout after timeout milliseconds of inactivity on the socket. Defaults to two minutes (120000).
    • xhrAsync [Boolean] — Whether the SDK will send asynchronous HTTP requests. Used in the browser environment only. Set to false to send requests synchronously. Defaults to true (async on).
    • xhrWithCredentials [Boolean] — Sets the "withCredentials" property of an XMLHttpRequest object. Used in the browser environment only. Defaults to false.
  • apiVersion (String, Date)

    a String in YYYY-MM-DD format (or a date) that represents the latest possible API version that can be used in all services (unless overridden by apiVersions). Specify 'latest' to use the latest possible version.

  • apiVersions (map<String, String|Date>)

    a map of service identifiers (the lowercase service class name) with the API version to use when instantiating a service. Specify 'latest' for each individual that can use the latest available version.

  • logger (#write, #log)

    an object that responds to .write() (like a stream) or .log() (like the console object) in order to log information about requests

  • systemClockOffset (Number)

    an offset value in milliseconds to apply to all signing times. Use this to compensate for clock skew when your system may be out of sync with the service time. Note that this configuration option can only be applied to the global AWS.config object and cannot be overridden in service-specific configuration. Defaults to 0 milliseconds.

  • signatureVersion (String)

    the signature version to sign requests with (overriding the API configuration). Possible values are: 'v2', 'v3', 'v4'.

  • signatureCache (Boolean)

    whether the signature to sign requests with (overriding the API configuration) is cached. Only applies to the signature version 'v4'. Defaults to true.

  • dynamoDbCrc32 (Boolean)

    whether to validate the CRC32 checksum of HTTP response bodies returned by DynamoDB. Default: true.

  • useAccelerateEndpoint (Boolean)

    Whether to use the S3 Transfer Acceleration endpoint with the S3 service. Default: false.

  • clientSideMonitoring (Boolean)

    whether to collect and publish this client's performance metrics of all its API requests.

  • endpointDiscoveryEnabled (Boolean|undefined)

    whether to call operations with endpoints given by service dynamically. Setting this

  • endpointCacheSize (Number)

    the size of the global cache storing endpoints from endpoint discovery operations. Once endpoint cache is created, updating this setting cannot change existing cache size. Defaults to 1000

  • hostPrefixEnabled (Boolean)

    whether to marshal request parameters to the prefix of hostname. Defaults to true.

  • stsRegionalEndpoints ('legacy'|'regional')

    whether to send sts request to global endpoints or regional endpoints. Defaults to 'legacy'.

Property Details

endpointAWS.Endpoint (readwrite)

Returns an Endpoint object representing the endpoint URL for service requests.

Returns:

  • (AWS.Endpoint)

    an Endpoint object representing the endpoint URL for service requests.

Method Details

associateEncryptionConfig(params = {}, callback) ⇒ AWS.Request

Associate encryption configuration to an existing cluster.

You can use this API to enable encryption on existing clusters which do not have encryption already enabled. This allows you to implement a defense-in-depth security strategy without migrating applications to new EKS clusters.

Service Reference:

Examples:

Calling the associateEncryptionConfig operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  encryptionConfig: [ /* required */
    {
      provider: {
        keyArn: 'STRING_VALUE'
      },
      resources: [
        'STRING_VALUE',
        /* more items */
      ]
    },
    /* more items */
  ],
  clientRequestToken: 'STRING_VALUE'
};
eks.associateEncryptionConfig(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the cluster that you are associating with encryption configuration.

    • encryptionConfig — (Array<map>)

      The configuration you are using for encryption.

      • resources — (Array<String>)

        Specifies the resources to be encrypted. The only supported value is "secrets".

      • provider — (map)

        AWS Key Management Service (AWS KMS) key. Either the ARN or the alias can be used.

        • keyArn — (String)

          Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key. For more information, see Allowing Users in Other Accounts to Use a KMS key in the AWS Key Management Service Developer Guide.

    • clientRequestToken — (String)

      The client request token you are using with the encryption configuration.

      If a token is not provided, the SDK will use a version 4 UUID.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • update — (map)

        An object representing an asynchronous update.

        • id — (String)

          A UUID that is used to track the update.

        • status — (String)

          The current status of the update.

          Possible values include:
          • "InProgress"
          • "Failed"
          • "Cancelled"
          • "Successful"
        • type — (String)

          The type of the update.

          Possible values include:
          • "VersionUpdate"
          • "EndpointAccessUpdate"
          • "LoggingUpdate"
          • "ConfigUpdate"
          • "AssociateIdentityProviderConfig"
          • "DisassociateIdentityProviderConfig"
          • "AssociateEncryptionConfig"
          • "AddonUpdate"
        • params — (Array<map>)

          A key-value map that contains the parameters associated with the update.

          • type — (String)

            The keys associated with an update request.

            Possible values include:
            • "Version"
            • "PlatformVersion"
            • "EndpointPrivateAccess"
            • "EndpointPublicAccess"
            • "ClusterLogging"
            • "DesiredSize"
            • "LabelsToAdd"
            • "LabelsToRemove"
            • "TaintsToAdd"
            • "TaintsToRemove"
            • "MaxSize"
            • "MinSize"
            • "ReleaseVersion"
            • "PublicAccessCidrs"
            • "LaunchTemplateName"
            • "LaunchTemplateVersion"
            • "IdentityProviderConfig"
            • "EncryptionConfig"
            • "AddonVersion"
            • "ServiceAccountRoleArn"
            • "ResolveConflicts"
            • "MaxUnavailable"
            • "MaxUnavailablePercentage"
          • value — (String)

            The value of the keys submitted as part of an update request.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the update was created.

        • errors — (Array<map>)

          Any errors associated with a Failed update.

          • errorCode — (String)

            A brief description of the error.

            • SubnetNotFound: We couldn't find one of the subnets associated with the cluster.

            • SecurityGroupNotFound: We couldn't find one of the security groups associated with the cluster.

            • EniLimitReached: You have reached the elastic network interface limit for your account.

            • IpNotAvailable: A subnet associated with the cluster doesn't have any free IP addresses.

            • AccessDenied: You don't have permissions to perform the specified operation.

            • OperationNotPermitted: The service role associated with the cluster doesn't have the required access permissions for Amazon EKS.

            • VpcIdNotFound: We couldn't find the VPC associated with the cluster.

            Possible values include:
            • "SubnetNotFound"
            • "SecurityGroupNotFound"
            • "EniLimitReached"
            • "IpNotAvailable"
            • "AccessDenied"
            • "OperationNotPermitted"
            • "VpcIdNotFound"
            • "Unknown"
            • "NodeCreationFailure"
            • "PodEvictionFailure"
            • "InsufficientFreeAddresses"
            • "ClusterUnreachable"
            • "InsufficientNumberOfReplicas"
            • "ConfigurationConflict"
            • "AdmissionRequestDenied"
          • errorMessage — (String)

            A more complete description of the error.

          • resourceIds — (Array<String>)

            An optional field that contains the resource IDs associated with the error.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

associateIdentityProviderConfig(params = {}, callback) ⇒ AWS.Request

Associate an identity provider configuration to a cluster.

If you want to authenticate identities using an identity provider, you can create an identity provider configuration and associate it to your cluster. After configuring authentication to your cluster you can create Kubernetes roles and clusterroles to assign permissions to the roles, and then bind the roles to the identities using Kubernetes rolebindings and clusterrolebindings. For more information see Using RBAC Authorization in the Kubernetes documentation.

Service Reference:

Examples:

Calling the associateIdentityProviderConfig operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  oidc: { /* required */
    clientId: 'STRING_VALUE', /* required */
    identityProviderConfigName: 'STRING_VALUE', /* required */
    issuerUrl: 'STRING_VALUE', /* required */
    groupsClaim: 'STRING_VALUE',
    groupsPrefix: 'STRING_VALUE',
    requiredClaims: {
      '<requiredClaimsKey>': 'STRING_VALUE',
      /* '<requiredClaimsKey>': ... */
    },
    usernameClaim: 'STRING_VALUE',
    usernamePrefix: 'STRING_VALUE'
  },
  clientRequestToken: 'STRING_VALUE',
  tags: {
    '<TagKey>': 'STRING_VALUE',
    /* '<TagKey>': ... */
  }
};
eks.associateIdentityProviderConfig(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the cluster to associate the configuration to.

    • oidc — (map)

      An object that represents an OpenID Connect (OIDC) identity provider configuration.

      • identityProviderConfigNamerequired — (String)

        The name of the OIDC provider configuration.

      • issuerUrlrequired — (String)

        The URL of the OpenID identity provider that allows the API server to discover public signing keys for verifying tokens. The URL must begin with https:// and should correspond to the iss claim in the provider's OIDC ID tokens. Per the OIDC standard, path components are allowed but query parameters are not. Typically the URL consists of only a hostname, like https://server.example.org or https://example.com. This URL should point to the level below .well-known/openid-configuration and must be publicly accessible over the internet.

      • clientIdrequired — (String)

        This is also known as audience. The ID for the client application that makes authentication requests to the OpenID identity provider.

      • usernameClaim — (String)

        The JSON Web Token (JWT) claim to use as the username. The default is sub, which is expected to be a unique identifier of the end user. You can choose other claims, such as email or name, depending on the OpenID identity provider. Claims other than email are prefixed with the issuer URL to prevent naming clashes with other plug-ins.

      • usernamePrefix — (String)

        The prefix that is prepended to username claims to prevent clashes with existing names. If you do not provide this field, and username is a value other than email, the prefix defaults to issuerurl#. You can use the value - to disable all prefixing.

      • groupsClaim — (String)

        The JWT claim that the provider uses to return your groups.

      • groupsPrefix — (String)

        The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.

      • requiredClaims — (map<String>)

        The key value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value. For the maximum number of claims that you can require, see Amazon EKS service quotas in the Amazon EKS User Guide.

    • tags — (map<String>)

      The metadata to apply to the configuration to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define.

    • clientRequestToken — (String)

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

      If a token is not provided, the SDK will use a version 4 UUID.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • update — (map)

        An object representing an asynchronous update.

        • id — (String)

          A UUID that is used to track the update.

        • status — (String)

          The current status of the update.

          Possible values include:
          • "InProgress"
          • "Failed"
          • "Cancelled"
          • "Successful"
        • type — (String)

          The type of the update.

          Possible values include:
          • "VersionUpdate"
          • "EndpointAccessUpdate"
          • "LoggingUpdate"
          • "ConfigUpdate"
          • "AssociateIdentityProviderConfig"
          • "DisassociateIdentityProviderConfig"
          • "AssociateEncryptionConfig"
          • "AddonUpdate"
        • params — (Array<map>)

          A key-value map that contains the parameters associated with the update.

          • type — (String)

            The keys associated with an update request.

            Possible values include:
            • "Version"
            • "PlatformVersion"
            • "EndpointPrivateAccess"
            • "EndpointPublicAccess"
            • "ClusterLogging"
            • "DesiredSize"
            • "LabelsToAdd"
            • "LabelsToRemove"
            • "TaintsToAdd"
            • "TaintsToRemove"
            • "MaxSize"
            • "MinSize"
            • "ReleaseVersion"
            • "PublicAccessCidrs"
            • "LaunchTemplateName"
            • "LaunchTemplateVersion"
            • "IdentityProviderConfig"
            • "EncryptionConfig"
            • "AddonVersion"
            • "ServiceAccountRoleArn"
            • "ResolveConflicts"
            • "MaxUnavailable"
            • "MaxUnavailablePercentage"
          • value — (String)

            The value of the keys submitted as part of an update request.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the update was created.

        • errors — (Array<map>)

          Any errors associated with a Failed update.

          • errorCode — (String)

            A brief description of the error.

            • SubnetNotFound: We couldn't find one of the subnets associated with the cluster.

            • SecurityGroupNotFound: We couldn't find one of the security groups associated with the cluster.

            • EniLimitReached: You have reached the elastic network interface limit for your account.

            • IpNotAvailable: A subnet associated with the cluster doesn't have any free IP addresses.

            • AccessDenied: You don't have permissions to perform the specified operation.

            • OperationNotPermitted: The service role associated with the cluster doesn't have the required access permissions for Amazon EKS.

            • VpcIdNotFound: We couldn't find the VPC associated with the cluster.

            Possible values include:
            • "SubnetNotFound"
            • "SecurityGroupNotFound"
            • "EniLimitReached"
            • "IpNotAvailable"
            • "AccessDenied"
            • "OperationNotPermitted"
            • "VpcIdNotFound"
            • "Unknown"
            • "NodeCreationFailure"
            • "PodEvictionFailure"
            • "InsufficientFreeAddresses"
            • "ClusterUnreachable"
            • "InsufficientNumberOfReplicas"
            • "ConfigurationConflict"
            • "AdmissionRequestDenied"
          • errorMessage — (String)

            A more complete description of the error.

          • resourceIds — (Array<String>)

            An optional field that contains the resource IDs associated with the error.

      • tags — (map<String>)

        The tags for the resource.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

createAddon(params = {}, callback) ⇒ AWS.Request

Creates an Amazon EKS add-on.

Amazon EKS add-ons help to automate the provisioning and lifecycle management of common operational software for Amazon EKS clusters. Amazon EKS add-ons can only be used with Amazon EKS clusters running version 1.18 with platform version eks.3 or later because add-ons rely on the Server-side Apply Kubernetes feature, which is only available in Kubernetes 1.18 and later.

Service Reference:

Examples:

Calling the createAddon operation

var params = {
  addonName: 'STRING_VALUE', /* required */
  clusterName: 'STRING_VALUE', /* required */
  addonVersion: 'STRING_VALUE',
  clientRequestToken: 'STRING_VALUE',
  resolveConflicts: OVERWRITE | NONE,
  serviceAccountRoleArn: 'STRING_VALUE',
  tags: {
    '<TagKey>': 'STRING_VALUE',
    /* '<TagKey>': ... */
  }
};
eks.createAddon(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the cluster to create the add-on for.

    • addonName — (String)

      The name of the add-on. The name must match one of the names returned by ListAddons .

    • addonVersion — (String)

      The version of the add-on. The version must match one of the versions returned by DescribeAddonVersions .

    • serviceAccountRoleArn — (String)

      The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see Amazon EKS node IAM role in the Amazon EKS User Guide.

      Note: To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see Enabling IAM roles for service accounts on your cluster in the Amazon EKS User Guide.
    • resolveConflicts — (String)

      How to resolve parameter value conflicts when migrating an existing add-on to an Amazon EKS add-on.

      Possible values include:
      • "OVERWRITE"
      • "NONE"
    • clientRequestToken — (String)

      A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

      If a token is not provided, the SDK will use a version 4 UUID.
    • tags — (map<String>)

      The metadata to apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • addon — (map)

        An Amazon EKS add-on.

        • addonName — (String)

          The name of the add-on.

        • clusterName — (String)

          The name of the cluster.

        • status — (String)

          The status of the add-on.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "CREATE_FAILED"
          • "UPDATING"
          • "DELETING"
          • "DELETE_FAILED"
          • "DEGRADED"
        • addonVersion — (String)

          The version of the add-on.

        • health — (map)

          An object that represents the health of the add-on.

          • issues — (Array<map>)

            An object that represents the add-on's health issues.

            • code — (String)

              A code that describes the type of issue.

              Possible values include:
              • "AccessDenied"
              • "InternalFailure"
              • "ClusterUnreachable"
              • "InsufficientNumberOfReplicas"
              • "ConfigurationConflict"
              • "AdmissionRequestDenied"
            • message — (String)

              A message that provides details about the issue and what might cause it.

            • resourceIds — (Array<String>)

              The resource IDs of the issue.

        • addonArn — (String)

          The Amazon Resource Name (ARN) of the add-on.

        • createdAt — (Date)

          The date and time that the add-on was created.

        • modifiedAt — (Date)

          The date and time that the add-on was last modified.

        • serviceAccountRoleArn — (String)

          The Amazon Resource Name (ARN) of the IAM role that is bound to the Kubernetes service account used by the add-on.

        • tags — (map<String>)

          The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

createCluster(params = {}, callback) ⇒ AWS.Request

Creates an Amazon EKS control plane.

The Amazon EKS control plane consists of control plane instances that run the Kubernetes software, such as etcd and the API server. The control plane runs in an account managed by AWS, and the Kubernetes API is exposed via the Amazon EKS API server endpoint. Each Amazon EKS cluster control plane is single-tenant and unique and runs on its own set of Amazon EC2 instances.

The cluster control plane is provisioned across multiple Availability Zones and fronted by an Elastic Load Balancing Network Load Balancer. Amazon EKS also provisions elastic network interfaces in your VPC subnets to provide connectivity from the control plane instances to the nodes (for example, to support kubectl exec, logs, and proxy data flows).

Amazon EKS nodes run in your AWS account and connect to your cluster's control plane via the Kubernetes API server endpoint and a certificate file that is created for your cluster.

Cluster creation typically takes several minutes. After you create an Amazon EKS cluster, you must configure your Kubernetes tooling to communicate with the API server and launch nodes into your cluster. For more information, see Managing Cluster Authentication and Launching Amazon EKS nodes in the Amazon EKS User Guide.

Service Reference:

Examples:

To create a new cluster


/* The following example creates an Amazon EKS cluster called prod. */

 var params = {
  version: "1.10", 
  name: "prod", 
  clientRequestToken: "1d2129a1-3d38-460a-9756-e5b91fddb951", 
  resourcesVpcConfig: {
   securityGroupIds: [
      "sg-6979fe18"
   ], 
   subnetIds: [
      "subnet-6782e71e", 
      "subnet-e7e761ac"
   ]
  }, 
  roleArn: "arn:aws:iam::012345678910:role/eks-service-role-AWSServiceRoleForAmazonEKS-J7ONKE3BQ4PI"
 };
 eks.createCluster(params, function(err, data) {
   if (err) console.log(err, err.stack); // an error occurred
   else     console.log(data);           // successful response
   /*
   data = {
   }
   */
 });

Calling the createCluster operation

var params = {
  name: 'STRING_VALUE', /* required */
  resourcesVpcConfig: { /* required */
    endpointPrivateAccess: true || false,
    endpointPublicAccess: true || false,
    publicAccessCidrs: [
      'STRING_VALUE',
      /* more items */
    ],
    securityGroupIds: [
      'STRING_VALUE',
      /* more items */
    ],
    subnetIds: [
      'STRING_VALUE',
      /* more items */
    ]
  },
  roleArn: 'STRING_VALUE', /* required */
  clientRequestToken: 'STRING_VALUE',
  encryptionConfig: [
    {
      provider: {
        keyArn: 'STRING_VALUE'
      },
      resources: [
        'STRING_VALUE',
        /* more items */
      ]
    },
    /* more items */
  ],
  kubernetesNetworkConfig: {
    serviceIpv4Cidr: 'STRING_VALUE'
  },
  logging: {
    clusterLogging: [
      {
        enabled: true || false,
        types: [
          api | audit | authenticator | controllerManager | scheduler,
          /* more items */
        ]
      },
      /* more items */
    ]
  },
  tags: {
    '<TagKey>': 'STRING_VALUE',
    /* '<TagKey>': ... */
  },
  version: 'STRING_VALUE'
};
eks.createCluster(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • name — (String)

      The unique name to give to your cluster.

    • version — (String)

      The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.

    • roleArn — (String)

      The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. For more information, see Amazon EKS Service IAM Role in the Amazon EKS User Guide .

    • resourcesVpcConfig — (map)

      The VPC configuration used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.

      • subnetIds — (Array<String>)

        Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.

      • securityGroupIds — (Array<String>)

        Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your nodes and the Kubernetes control plane. If you don't specify any security groups, then familiarize yourself with the difference between Amazon EKS defaults for clusters deployed with Kubernetes:

        • 1.14 Amazon EKS platform version eks.2 and earlier

        • 1.14 Amazon EKS platform version eks.3 and later

        For more information, see Amazon EKS security group considerations in the Amazon EKS User Guide .

      • endpointPublicAccess — (Boolean)

        Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

      • endpointPrivateAccess — (Boolean)

        Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

      • publicAccessCidrs — (Array<String>)

        The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

    • kubernetesNetworkConfig — (map)

      The Kubernetes network configuration for the cluster.

      • serviceIpv4Cidr — (String)

        The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. The block must meet the following requirements:

        • Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0.0/12, or 192.168.0.0/16.

        • Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.

        • Between /24 and /12.

        You can only specify a custom CIDR block when you create a cluster and can't change this value once the cluster is created.

    • logging — (map)

      Enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs. By default, cluster control plane logs aren't exported to CloudWatch Logs. For more information, see Amazon EKS Cluster Control Plane Logs in the Amazon EKS User Guide .

      Note: CloudWatch Logs ingestion, archive storage, and data scanning rates apply to exported control plane logs. For more information, see Amazon CloudWatch Pricing.
      • clusterLogging — (Array<map>)

        The cluster control plane logging configuration for your cluster.

        • types — (Array<String>)

          The available cluster control plane log types.

        • enabled — (Boolean)

          If a log type is enabled, that log type exports its control plane logs to CloudWatch Logs. If a log type isn't enabled, that log type doesn't export its control plane logs. Each individual log type can be enabled or disabled independently.

    • clientRequestToken — (String)

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

      If a token is not provided, the SDK will use a version 4 UUID.
    • tags — (map<String>)

      The metadata to apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define.

    • encryptionConfig — (Array<map>)

      The encryption configuration for the cluster.

      • resources — (Array<String>)

        Specifies the resources to be encrypted. The only supported value is "secrets".

      • provider — (map)

        AWS Key Management Service (AWS KMS) key. Either the ARN or the alias can be used.

        • keyArn — (String)

          Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key. For more information, see Allowing Users in Other Accounts to Use a KMS key in the AWS Key Management Service Developer Guide.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • cluster — (map)

        The full description of your new cluster.

        • name — (String)

          The name of the cluster.

        • arn — (String)

          The Amazon Resource Name (ARN) of the cluster.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the cluster was created.

        • version — (String)

          The Kubernetes server version for the cluster.

        • endpoint — (String)

          The endpoint for your Kubernetes API server.

        • roleArn — (String)

          The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

        • resourcesVpcConfig — (map)

          The VPC configuration used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide.

          • subnetIds — (Array<String>)

            The subnets associated with your cluster.

          • securityGroupIds — (Array<String>)

            The security groups associated with the cross-account elastic network interfaces that are used to allow communication between your nodes and the Kubernetes control plane.

          • clusterSecurityGroupId — (String)

            The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.

          • vpcId — (String)

            The VPC associated with your cluster.

          • endpointPublicAccess — (Boolean)

            This parameter indicates whether the Amazon EKS public API server endpoint is enabled. If the Amazon EKS public API server endpoint is disabled, your cluster's Kubernetes API server can only receive requests that originate from within the cluster VPC.

          • endpointPrivateAccess — (Boolean)

            This parameter indicates whether the Amazon EKS private API server endpoint is enabled. If the Amazon EKS private API server endpoint is enabled, Kubernetes API requests that originate from within your cluster's VPC use the private VPC endpoint instead of traversing the internet. If this value is disabled and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

          • publicAccessCidrs — (Array<String>)

            The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the listed CIDR blocks is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that the necessary CIDR blocks are listed. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

        • kubernetesNetworkConfig — (map)

          The Kubernetes network configuration for the cluster.

          • serviceIpv4Cidr — (String)

            The CIDR block that Kubernetes service IP addresses are assigned from. If you didn't specify a CIDR block when you created the cluster, then Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. If this was specified, then it was specified when the cluster was created and it cannot be changed.

        • logging — (map)

          The logging configuration for your cluster.

          • clusterLogging — (Array<map>)

            The cluster control plane logging configuration for your cluster.

            • types — (Array<String>)

              The available cluster control plane log types.

            • enabled — (Boolean)

              If a log type is enabled, that log type exports its control plane logs to CloudWatch Logs. If a log type isn't enabled, that log type doesn't export its control plane logs. Each individual log type can be enabled or disabled independently.

        • identity — (map)

          The identity provider information for the cluster.

          • oidc — (map)

            An object representing the OpenID Connect identity provider information.

            • issuer — (String)

              The issuer URL for the OIDC identity provider.

        • status — (String)

          The current status of the cluster.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "DELETING"
          • "FAILED"
          • "UPDATING"
        • certificateAuthority — (map)

          The certificate-authority-data for your cluster.

          • data — (String)

            The Base64-encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

        • clientRequestToken — (String)

          Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

        • platformVersion — (String)

          The platform version of your Amazon EKS cluster. For more information, see Platform Versions in the Amazon EKS User Guide .

        • tags — (map<String>)

          The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags do not propagate to any other resources associated with the cluster.

        • encryptionConfig — (Array<map>)

          The encryption configuration for the cluster.

          • resources — (Array<String>)

            Specifies the resources to be encrypted. The only supported value is "secrets".

          • provider — (map)

            AWS Key Management Service (AWS KMS) key. Either the ARN or the alias can be used.

            • keyArn — (String)

              Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key. For more information, see Allowing Users in Other Accounts to Use a KMS key in the AWS Key Management Service Developer Guide.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

createFargateProfile(params = {}, callback) ⇒ AWS.Request

Creates an AWS Fargate profile for your Amazon EKS cluster. You must have at least one Fargate profile in a cluster to be able to run pods on Fargate.

The Fargate profile allows an administrator to declare which pods run on Fargate and specify which pods run on which Fargate profile. This declaration is done through the profile’s selectors. Each profile can have up to five selectors that contain a namespace and labels. A namespace is required for every selector. The label field consists of multiple optional key-value pairs. Pods that match the selectors are scheduled on Fargate. If a to-be-scheduled pod matches any of the selectors in the Fargate profile, then that pod is run on Fargate.

When you create a Fargate profile, you must specify a pod execution role to use with the pods that are scheduled with the profile. This role is added to the cluster's Kubernetes Role Based Access Control (RBAC) for authorization so that the kubelet that is running on the Fargate infrastructure can register with your Amazon EKS cluster so that it can appear in your cluster as a node. The pod execution role also provides IAM permissions to the Fargate infrastructure to allow read access to Amazon ECR image repositories. For more information, see Pod Execution Role in the Amazon EKS User Guide.

Fargate profiles are immutable. However, you can create a new updated profile to replace an existing profile and then delete the original after the updated profile has finished creating.

If any Fargate profiles in a cluster are in the DELETING status, you must wait for that Fargate profile to finish deleting before you can create any other profiles in that cluster.

For more information, see AWS Fargate Profile in the Amazon EKS User Guide.

Service Reference:

Examples:

Calling the createFargateProfile operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  fargateProfileName: 'STRING_VALUE', /* required */
  podExecutionRoleArn: 'STRING_VALUE', /* required */
  clientRequestToken: 'STRING_VALUE',
  selectors: [
    {
      labels: {
        '<String>': 'STRING_VALUE',
        /* '<String>': ... */
      },
      namespace: 'STRING_VALUE'
    },
    /* more items */
  ],
  subnets: [
    'STRING_VALUE',
    /* more items */
  ],
  tags: {
    '<TagKey>': 'STRING_VALUE',
    /* '<TagKey>': ... */
  }
};
eks.createFargateProfile(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • fargateProfileName — (String)

      The name of the Fargate profile.

    • clusterName — (String)

      The name of the Amazon EKS cluster to apply the Fargate profile to.

    • podExecutionRoleArn — (String)

      The Amazon Resource Name (ARN) of the pod execution role to use for pods that match the selectors in the Fargate profile. The pod execution role allows Fargate infrastructure to register with your cluster as a node, and it provides read access to Amazon ECR image repositories. For more information, see Pod Execution Role in the Amazon EKS User Guide.

    • subnets — (Array<String>)

      The IDs of subnets to launch your pods into. At this time, pods running on Fargate are not assigned public IP addresses, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.

    • selectors — (Array<map>)

      The selectors to match for pods to use this Fargate profile. Each selector must have an associated namespace. Optionally, you can also specify labels for a namespace. You may specify up to five selectors in a Fargate profile.

      • namespace — (String)

        The Kubernetes namespace that the selector should match.

      • labels — (map<String>)

        The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match.

    • clientRequestToken — (String)

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

      If a token is not provided, the SDK will use a version 4 UUID.
    • tags — (map<String>)

      The metadata to apply to the Fargate profile to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Fargate profile tags do not propagate to any other resources associated with the Fargate profile, such as the pods that are scheduled with it.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • fargateProfile — (map)

        The full description of your new Fargate profile.

        • fargateProfileName — (String)

          The name of the Fargate profile.

        • fargateProfileArn — (String)

          The full Amazon Resource Name (ARN) of the Fargate profile.

        • clusterName — (String)

          The name of the Amazon EKS cluster that the Fargate profile belongs to.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the Fargate profile was created.

        • podExecutionRoleArn — (String)

          The Amazon Resource Name (ARN) of the pod execution role to use for pods that match the selectors in the Fargate profile. For more information, see Pod Execution Role in the Amazon EKS User Guide.

        • subnets — (Array<String>)

          The IDs of subnets to launch pods into.

        • selectors — (Array<map>)

          The selectors to match for pods to use this Fargate profile.

          • namespace — (String)

            The Kubernetes namespace that the selector should match.

          • labels — (map<String>)

            The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match.

        • status — (String)

          The current status of the Fargate profile.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "DELETING"
          • "CREATE_FAILED"
          • "DELETE_FAILED"
        • tags — (map<String>)

          The metadata applied to the Fargate profile to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Fargate profile tags do not propagate to any other resources associated with the Fargate profile, such as the pods that are scheduled with it.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

createNodegroup(params = {}, callback) ⇒ AWS.Request

Creates a managed node group for an Amazon EKS cluster. You can only create a node group for your cluster that is equal to the current Kubernetes version for the cluster. All node groups are created with the latest AMI release version for the respective minor Kubernetes version of the cluster, unless you deploy a custom AMI using a launch template. For more information about using launch templates, see Launch template support.

An Amazon EKS managed node group is an Amazon EC2 Auto Scaling group and associated Amazon EC2 instances that are managed by AWS for an Amazon EKS cluster. Each node group uses a version of the Amazon EKS optimized Amazon Linux 2 AMI. For more information, see Managed Node Groups in the Amazon EKS User Guide.

Service Reference:

Examples:

Calling the createNodegroup operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  nodeRole: 'STRING_VALUE', /* required */
  nodegroupName: 'STRING_VALUE', /* required */
  subnets: [ /* required */
    'STRING_VALUE',
    /* more items */
  ],
  amiType: AL2_x86_64 | AL2_x86_64_GPU | AL2_ARM_64 | CUSTOM,
  capacityType: ON_DEMAND | SPOT,
  clientRequestToken: 'STRING_VALUE',
  diskSize: 'NUMBER_VALUE',
  instanceTypes: [
    'STRING_VALUE',
    /* more items */
  ],
  labels: {
    '<labelKey>': 'STRING_VALUE',
    /* '<labelKey>': ... */
  },
  launchTemplate: {
    id: 'STRING_VALUE',
    name: 'STRING_VALUE',
    version: 'STRING_VALUE'
  },
  releaseVersion: 'STRING_VALUE',
  remoteAccess: {
    ec2SshKey: 'STRING_VALUE',
    sourceSecurityGroups: [
      'STRING_VALUE',
      /* more items */
    ]
  },
  scalingConfig: {
    desiredSize: 'NUMBER_VALUE',
    maxSize: 'NUMBER_VALUE',
    minSize: 'NUMBER_VALUE'
  },
  tags: {
    '<TagKey>': 'STRING_VALUE',
    /* '<TagKey>': ... */
  },
  taints: [
    {
      effect: NO_SCHEDULE | NO_EXECUTE | PREFER_NO_SCHEDULE,
      key: 'STRING_VALUE',
      value: 'STRING_VALUE'
    },
    /* more items */
  ],
  updateConfig: {
    maxUnavailable: 'NUMBER_VALUE',
    maxUnavailablePercentage: 'NUMBER_VALUE'
  },
  version: 'STRING_VALUE'
};
eks.createNodegroup(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the cluster to create the node group in.

    • nodegroupName — (String)

      The unique name to give your node group.

    • scalingConfig — (map)

      The scaling configuration details for the Auto Scaling group that is created for your node group.

      • minSize — (Integer)

        The minimum number of nodes that the managed node group can scale in to. This number must be greater than zero.

      • maxSize — (Integer)

        The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see Amazon EKS service quotas in the Amazon EKS User Guide.

      • desiredSize — (Integer)

        The current number of nodes that the managed node group should maintain.

    • diskSize — (Integer)

      The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB. If you specify launchTemplate, then don't specify diskSize, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

    • subnets — (Array<String>)

      The subnets to use for the Auto Scaling group that is created for your node group. If you specify launchTemplate, then don't specify SubnetId in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

    • instanceTypes — (Array<String>)

      Specify the instance types for a node group. If you specify a GPU instance type, be sure to specify AL2_x86_64_GPU with the amiType parameter. If you specify launchTemplate, then you can specify zero or one instance type in your launch template or you can specify 0-20 instance types for instanceTypes. If however, you specify an instance type in your launch template and specify any instanceTypes, the node group deployment will fail. If you don't specify an instance type in a launch template or for instanceTypes, then t3.medium is used, by default. If you specify Spot for capacityType, then we recommend specifying multiple values for instanceTypes. For more information, see Managed node group capacity types and Launch template support in the Amazon EKS User Guide.

    • amiType — (String)

      The AMI type for your node group. GPU instance types should use the AL2_x86_64_GPU AMI type. Non-GPU instances should use the AL2_x86_64 AMI type. Arm instances should use the AL2_ARM_64 AMI type. All types use the Amazon EKS optimized Amazon Linux 2 AMI. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify amiType, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

      Possible values include:
      • "AL2_x86_64"
      • "AL2_x86_64_GPU"
      • "AL2_ARM_64"
      • "CUSTOM"
    • remoteAccess — (map)

      The remote access (SSH) configuration to use with your node group. If you specify launchTemplate, then don't specify remoteAccess, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

      • ec2SshKey — (String)

        The Amazon EC2 SSH key that provides access for SSH communication with the nodes in the managed node group. For more information, see Amazon EC2 Key Pairs in the Amazon Elastic Compute Cloud User Guide for Linux Instances.

      • sourceSecurityGroups — (Array<String>)

        The security groups that are allowed SSH access (port 22) to the nodes. If you specify an Amazon EC2 SSH key but do not specify a source security group when you create a managed node group, then port 22 on the nodes is opened to the internet (0.0.0.0/0). For more information, see Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide.

    • nodeRole — (String)

      The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node kubelet daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see Amazon EKS node IAM role in the Amazon EKS User Guide . If you specify launchTemplate, then don't specify IamInstanceProfile in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

    • labels — (map<String>)

      The Kubernetes labels to be applied to the nodes in the node group when they are created.

    • taints — (Array<map>)

      The Kubernetes taints to be applied to the nodes in the node group.

      • key — (String)

        The key of the taint.

      • value — (String)

        The value of the taint.

      • effect — (String)

        The effect of the taint.

        Possible values include:
        • "NO_SCHEDULE"
        • "NO_EXECUTE"
        • "PREFER_NO_SCHEDULE"
    • tags — (map<String>)

      The metadata to apply to the node group to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Node group tags do not propagate to any other resources associated with the node group, such as the Amazon EC2 instances or subnets.

    • clientRequestToken — (String)

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

      If a token is not provided, the SDK will use a version 4 UUID.
    • launchTemplate — (map)

      An object representing a node group's launch template specification. If specified, then do not specify instanceTypes, diskSize, or remoteAccess and make sure that the launch template meets the requirements in launchTemplateSpecification.

      • name — (String)

        The name of the launch template.

      • version — (String)

        The version of the launch template to use. If no version is specified, then the template's default version is used.

      • id — (String)

        The ID of the launch template.

    • updateConfig — (map)
      • maxUnavailable — (Integer)
      • maxUnavailablePercentage — (Integer)
    • capacityType — (String)

      The capacity type for your node group.

      Possible values include:
      • "ON_DEMAND"
      • "SPOT"
    • version — (String)

      The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify version, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

    • releaseVersion — (String)

      The AMI version of the Amazon EKS optimized AMI to use with your node group. By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see Amazon EKS optimized Amazon Linux 2 AMI versions in the Amazon EKS User Guide. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify releaseVersion, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • nodegroup — (map)

        The full description of your new node group.

        • nodegroupName — (String)

          The name associated with an Amazon EKS managed node group.

        • nodegroupArn — (String)

          The Amazon Resource Name (ARN) associated with the managed node group.

        • clusterName — (String)

          The name of the cluster that the managed node group resides in.

        • version — (String)

          The Kubernetes version of the managed node group.

        • releaseVersion — (String)

          If the node group was deployed using a launch template with a custom AMI, then this is the AMI ID that was specified in the launch template. For node groups that weren't deployed using a launch template, this is the version of the Amazon EKS optimized AMI that the node group was deployed with.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the managed node group was created.

        • modifiedAt — (Date)

          The Unix epoch timestamp in seconds for when the managed node group was last modified.

        • status — (String)

          The current status of the managed node group.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "UPDATING"
          • "DELETING"
          • "CREATE_FAILED"
          • "DELETE_FAILED"
          • "DEGRADED"
        • capacityType — (String)

          The capacity type of your managed node group.

          Possible values include:
          • "ON_DEMAND"
          • "SPOT"
        • scalingConfig — (map)

          The scaling configuration details for the Auto Scaling group that is associated with your node group.

          • minSize — (Integer)

            The minimum number of nodes that the managed node group can scale in to. This number must be greater than zero.

          • maxSize — (Integer)

            The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see Amazon EKS service quotas in the Amazon EKS User Guide.

          • desiredSize — (Integer)

            The current number of nodes that the managed node group should maintain.

        • instanceTypes — (Array<String>)

          If the node group wasn't deployed with a launch template, then this is the instance type that is associated with the node group. If the node group was deployed with a launch template, then this is null.

        • subnets — (Array<String>)

          The subnets that were specified for the Auto Scaling group that is associated with your node group.

        • remoteAccess — (map)

          If the node group wasn't deployed with a launch template, then this is the remote access configuration that is associated with the node group. If the node group was deployed with a launch template, then this is null.

          • ec2SshKey — (String)

            The Amazon EC2 SSH key that provides access for SSH communication with the nodes in the managed node group. For more information, see Amazon EC2 Key Pairs in the Amazon Elastic Compute Cloud User Guide for Linux Instances.

          • sourceSecurityGroups — (Array<String>)

            The security groups that are allowed SSH access (port 22) to the nodes. If you specify an Amazon EC2 SSH key but do not specify a source security group when you create a managed node group, then port 22 on the nodes is opened to the internet (0.0.0.0/0). For more information, see Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide.

        • amiType — (String)

          If the node group was deployed using a launch template with a custom AMI, then this is CUSTOM. For node groups that weren't deployed using a launch template, this is the AMI type that was specified in the node group configuration.

          Possible values include:
          • "AL2_x86_64"
          • "AL2_x86_64_GPU"
          • "AL2_ARM_64"
          • "CUSTOM"
        • nodeRole — (String)

          The IAM role associated with your node group. The Amazon EKS node kubelet daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies.

        • labels — (map<String>)

          The Kubernetes labels applied to the nodes in the node group.

          Note: Only labels that are applied with the Amazon EKS API are shown here. There may be other Kubernetes labels applied to the nodes in this group.
        • taints — (Array<map>)

          The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of NoSchedule, PreferNoSchedule, or NoExecute. Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes.

          • key — (String)

            The key of the taint.

          • value — (String)

            The value of the taint.

          • effect — (String)

            The effect of the taint.

            Possible values include:
            • "NO_SCHEDULE"
            • "NO_EXECUTE"
            • "PREFER_NO_SCHEDULE"
        • resources — (map)

          The resources associated with the node group, such as Auto Scaling groups and security groups for remote access.

          • autoScalingGroups — (Array<map>)

            The Auto Scaling groups associated with the node group.

            • name — (String)

              The name of the Auto Scaling group associated with an Amazon EKS managed node group.

          • remoteAccessSecurityGroup — (String)

            The remote access security group associated with the node group. This security group controls SSH access to the nodes.

        • diskSize — (Integer)

          If the node group wasn't deployed with a launch template, then this is the disk size in the node group configuration. If the node group was deployed with a launch template, then this is null.

        • health — (map)

          The health status of the node group. If there are issues with your node group's health, they are listed here.

          • issues — (Array<map>)

            Any issues that are associated with the node group.

            • code — (String)

              A brief description of the error.

              • AccessDenied: Amazon EKS or one or more of your managed nodes is failing to authenticate or authorize with your Kubernetes cluster API server.

              • AsgInstanceLaunchFailures: Your Auto Scaling group is experiencing failures while attempting to launch instances.

              • AutoScalingGroupNotFound: We couldn't find the Auto Scaling group associated with the managed node group. You may be able to recreate an Auto Scaling group with the same settings to recover.

              • ClusterUnreachable: Amazon EKS or one or more of your managed nodes is unable to to communicate with your Kubernetes cluster API server. This can happen if there are network disruptions or if API servers are timing out processing requests.

              • Ec2LaunchTemplateNotFound: We couldn't find the Amazon EC2 launch template for your managed node group. You may be able to recreate a launch template with the same settings to recover.

              • Ec2LaunchTemplateVersionMismatch: The Amazon EC2 launch template version for your managed node group does not match the version that Amazon EKS created. You may be able to revert to the version that Amazon EKS created to recover.

              • Ec2SecurityGroupDeletionFailure: We could not delete the remote access security group for your managed node group. Remove any dependencies from the security group.

              • Ec2SecurityGroupNotFound: We couldn't find the cluster security group for the cluster. You must recreate your cluster.

              • Ec2SubnetInvalidConfiguration: One or more Amazon EC2 subnets specified for a node group do not automatically assign public IP addresses to instances launched into it. If you want your instances to be assigned a public IP address, then you need to enable the auto-assign public IP address setting for the subnet. See Modifying the public IPv4 addressing attribute for your subnet in the Amazon VPC User Guide.

              • IamInstanceProfileNotFound: We couldn't find the IAM instance profile for your managed node group. You may be able to recreate an instance profile with the same settings to recover.

              • IamNodeRoleNotFound: We couldn't find the IAM role for your managed node group. You may be able to recreate an IAM role with the same settings to recover.

              • InstanceLimitExceeded: Your AWS account is unable to launch any more instances of the specified instance type. You may be able to request an Amazon EC2 instance limit increase to recover.

              • InsufficientFreeAddresses: One or more of the subnets associated with your managed node group does not have enough available IP addresses for new nodes.

              • InternalFailure: These errors are usually caused by an Amazon EKS server-side issue.

              • NodeCreationFailure: Your launched instances are unable to register with your Amazon EKS cluster. Common causes of this failure are insufficient node IAM role permissions or lack of outbound internet access for the nodes.

              Possible values include:
              • "AutoScalingGroupNotFound"
              • "AutoScalingGroupInvalidConfiguration"
              • "Ec2SecurityGroupNotFound"
              • "Ec2SecurityGroupDeletionFailure"
              • "Ec2LaunchTemplateNotFound"
              • "Ec2LaunchTemplateVersionMismatch"
              • "Ec2SubnetNotFound"
              • "Ec2SubnetInvalidConfiguration"
              • "IamInstanceProfileNotFound"
              • "IamLimitExceeded"
              • "IamNodeRoleNotFound"
              • "NodeCreationFailure"
              • "AsgInstanceLaunchFailures"
              • "InstanceLimitExceeded"
              • "InsufficientFreeAddresses"
              • "AccessDenied"
              • "InternalFailure"
              • "ClusterUnreachable"
            • message — (String)

              The error message associated with the issue.

            • resourceIds — (Array<String>)

              The AWS resources that are afflicted by this issue.

        • updateConfig — (map)
          • maxUnavailable — (Integer)
          • maxUnavailablePercentage — (Integer)
        • launchTemplate — (map)

          If a launch template was used to create the node group, then this is the launch template that was used.

          • name — (String)

            The name of the launch template.

          • version — (String)

            The version of the launch template to use. If no version is specified, then the template's default version is used.

          • id — (String)

            The ID of the launch template.

        • tags — (map<String>)

          The metadata applied to the node group to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Node group tags do not propagate to any other resources associated with the node group, such as the Amazon EC2 instances or subnets.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

deleteAddon(params = {}, callback) ⇒ AWS.Request

Delete an Amazon EKS add-on.

When you remove the add-on, it will also be deleted from the cluster. You can always manually start an add-on on the cluster using the Kubernetes API.

Service Reference:

Examples:

Calling the deleteAddon operation

var params = {
  addonName: 'STRING_VALUE', /* required */
  clusterName: 'STRING_VALUE' /* required */
};
eks.deleteAddon(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the cluster to delete the add-on from.

    • addonName — (String)

      The name of the add-on. The name must match one of the names returned by ListAddons .

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • addon — (map)

        An Amazon EKS add-on.

        • addonName — (String)

          The name of the add-on.

        • clusterName — (String)

          The name of the cluster.

        • status — (String)

          The status of the add-on.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "CREATE_FAILED"
          • "UPDATING"
          • "DELETING"
          • "DELETE_FAILED"
          • "DEGRADED"
        • addonVersion — (String)

          The version of the add-on.

        • health — (map)

          An object that represents the health of the add-on.

          • issues — (Array<map>)

            An object that represents the add-on's health issues.

            • code — (String)

              A code that describes the type of issue.

              Possible values include:
              • "AccessDenied"
              • "InternalFailure"
              • "ClusterUnreachable"
              • "InsufficientNumberOfReplicas"
              • "ConfigurationConflict"
              • "AdmissionRequestDenied"
            • message — (String)

              A message that provides details about the issue and what might cause it.

            • resourceIds — (Array<String>)

              The resource IDs of the issue.

        • addonArn — (String)

          The Amazon Resource Name (ARN) of the add-on.

        • createdAt — (Date)

          The date and time that the add-on was created.

        • modifiedAt — (Date)

          The date and time that the add-on was last modified.

        • serviceAccountRoleArn — (String)

          The Amazon Resource Name (ARN) of the IAM role that is bound to the Kubernetes service account used by the add-on.

        • tags — (map<String>)

          The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

deleteCluster(params = {}, callback) ⇒ AWS.Request

Deletes the Amazon EKS cluster control plane.

If you have active services in your cluster that are associated with a load balancer, you must delete those services before deleting the cluster so that the load balancers are deleted properly. Otherwise, you can have orphaned resources in your VPC that prevent you from being able to delete the VPC. For more information, see Deleting a Cluster in the Amazon EKS User Guide.

If you have managed node groups or Fargate profiles attached to the cluster, you must delete them first. For more information, see DeleteNodegroup and DeleteFargateProfile.

Service Reference:

Examples:

To delete a cluster


/* This example command deletes a cluster named `devel` in your default region. */

 var params = {
  name: "devel"
 };
 eks.deleteCluster(params, function(err, data) {
   if (err) console.log(err, err.stack); // an error occurred
   else     console.log(data);           // successful response
   /*
   data = {
   }
   */
 });

Calling the deleteCluster operation

var params = {
  name: 'STRING_VALUE' /* required */
};
eks.deleteCluster(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • name — (String)

      The name of the cluster to delete.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • cluster — (map)

        The full description of the cluster to delete.

        • name — (String)

          The name of the cluster.

        • arn — (String)

          The Amazon Resource Name (ARN) of the cluster.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the cluster was created.

        • version — (String)

          The Kubernetes server version for the cluster.

        • endpoint — (String)

          The endpoint for your Kubernetes API server.

        • roleArn — (String)

          The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

        • resourcesVpcConfig — (map)

          The VPC configuration used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide.

          • subnetIds — (Array<String>)

            The subnets associated with your cluster.

          • securityGroupIds — (Array<String>)

            The security groups associated with the cross-account elastic network interfaces that are used to allow communication between your nodes and the Kubernetes control plane.

          • clusterSecurityGroupId — (String)

            The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.

          • vpcId — (String)

            The VPC associated with your cluster.

          • endpointPublicAccess — (Boolean)

            This parameter indicates whether the Amazon EKS public API server endpoint is enabled. If the Amazon EKS public API server endpoint is disabled, your cluster's Kubernetes API server can only receive requests that originate from within the cluster VPC.

          • endpointPrivateAccess — (Boolean)

            This parameter indicates whether the Amazon EKS private API server endpoint is enabled. If the Amazon EKS private API server endpoint is enabled, Kubernetes API requests that originate from within your cluster's VPC use the private VPC endpoint instead of traversing the internet. If this value is disabled and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

          • publicAccessCidrs — (Array<String>)

            The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the listed CIDR blocks is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that the necessary CIDR blocks are listed. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

        • kubernetesNetworkConfig — (map)

          The Kubernetes network configuration for the cluster.

          • serviceIpv4Cidr — (String)

            The CIDR block that Kubernetes service IP addresses are assigned from. If you didn't specify a CIDR block when you created the cluster, then Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. If this was specified, then it was specified when the cluster was created and it cannot be changed.

        • logging — (map)

          The logging configuration for your cluster.

          • clusterLogging — (Array<map>)

            The cluster control plane logging configuration for your cluster.

            • types — (Array<String>)

              The available cluster control plane log types.

            • enabled — (Boolean)

              If a log type is enabled, that log type exports its control plane logs to CloudWatch Logs. If a log type isn't enabled, that log type doesn't export its control plane logs. Each individual log type can be enabled or disabled independently.

        • identity — (map)

          The identity provider information for the cluster.

          • oidc — (map)

            An object representing the OpenID Connect identity provider information.

            • issuer — (String)

              The issuer URL for the OIDC identity provider.

        • status — (String)

          The current status of the cluster.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "DELETING"
          • "FAILED"
          • "UPDATING"
        • certificateAuthority — (map)

          The certificate-authority-data for your cluster.

          • data — (String)

            The Base64-encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

        • clientRequestToken — (String)

          Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

        • platformVersion — (String)

          The platform version of your Amazon EKS cluster. For more information, see Platform Versions in the Amazon EKS User Guide .

        • tags — (map<String>)

          The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags do not propagate to any other resources associated with the cluster.

        • encryptionConfig — (Array<map>)

          The encryption configuration for the cluster.

          • resources — (Array<String>)

            Specifies the resources to be encrypted. The only supported value is "secrets".

          • provider — (map)

            AWS Key Management Service (AWS KMS) key. Either the ARN or the alias can be used.

            • keyArn — (String)

              Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key. For more information, see Allowing Users in Other Accounts to Use a KMS key in the AWS Key Management Service Developer Guide.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

deleteFargateProfile(params = {}, callback) ⇒ AWS.Request

Deletes an AWS Fargate profile.

When you delete a Fargate profile, any pods running on Fargate that were created with the profile are deleted. If those pods match another Fargate profile, then they are scheduled on Fargate with that profile. If they no longer match any Fargate profiles, then they are not scheduled on Fargate and they may remain in a pending state.

Only one Fargate profile in a cluster can be in the DELETING status at a time. You must wait for a Fargate profile to finish deleting before you can delete any other profiles in that cluster.

Service Reference:

Examples:

Calling the deleteFargateProfile operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  fargateProfileName: 'STRING_VALUE' /* required */
};
eks.deleteFargateProfile(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the Amazon EKS cluster associated with the Fargate profile to delete.

    • fargateProfileName — (String)

      The name of the Fargate profile to delete.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • fargateProfile — (map)

        The deleted Fargate profile.

        • fargateProfileName — (String)

          The name of the Fargate profile.

        • fargateProfileArn — (String)

          The full Amazon Resource Name (ARN) of the Fargate profile.

        • clusterName — (String)

          The name of the Amazon EKS cluster that the Fargate profile belongs to.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the Fargate profile was created.

        • podExecutionRoleArn — (String)

          The Amazon Resource Name (ARN) of the pod execution role to use for pods that match the selectors in the Fargate profile. For more information, see Pod Execution Role in the Amazon EKS User Guide.

        • subnets — (Array<String>)

          The IDs of subnets to launch pods into.

        • selectors — (Array<map>)

          The selectors to match for pods to use this Fargate profile.

          • namespace — (String)

            The Kubernetes namespace that the selector should match.

          • labels — (map<String>)

            The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match.

        • status — (String)

          The current status of the Fargate profile.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "DELETING"
          • "CREATE_FAILED"
          • "DELETE_FAILED"
        • tags — (map<String>)

          The metadata applied to the Fargate profile to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Fargate profile tags do not propagate to any other resources associated with the Fargate profile, such as the pods that are scheduled with it.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

deleteNodegroup(params = {}, callback) ⇒ AWS.Request

Deletes an Amazon EKS node group for a cluster.

Service Reference:

Examples:

Calling the deleteNodegroup operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  nodegroupName: 'STRING_VALUE' /* required */
};
eks.deleteNodegroup(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the Amazon EKS cluster that is associated with your node group.

    • nodegroupName — (String)

      The name of the node group to delete.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • nodegroup — (map)

        The full description of your deleted node group.

        • nodegroupName — (String)

          The name associated with an Amazon EKS managed node group.

        • nodegroupArn — (String)

          The Amazon Resource Name (ARN) associated with the managed node group.

        • clusterName — (String)

          The name of the cluster that the managed node group resides in.

        • version — (String)

          The Kubernetes version of the managed node group.

        • releaseVersion — (String)

          If the node group was deployed using a launch template with a custom AMI, then this is the AMI ID that was specified in the launch template. For node groups that weren't deployed using a launch template, this is the version of the Amazon EKS optimized AMI that the node group was deployed with.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the managed node group was created.

        • modifiedAt — (Date)

          The Unix epoch timestamp in seconds for when the managed node group was last modified.

        • status — (String)

          The current status of the managed node group.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "UPDATING"
          • "DELETING"
          • "CREATE_FAILED"
          • "DELETE_FAILED"
          • "DEGRADED"
        • capacityType — (String)

          The capacity type of your managed node group.

          Possible values include:
          • "ON_DEMAND"
          • "SPOT"
        • scalingConfig — (map)

          The scaling configuration details for the Auto Scaling group that is associated with your node group.

          • minSize — (Integer)

            The minimum number of nodes that the managed node group can scale in to. This number must be greater than zero.

          • maxSize — (Integer)

            The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see Amazon EKS service quotas in the Amazon EKS User Guide.

          • desiredSize — (Integer)

            The current number of nodes that the managed node group should maintain.

        • instanceTypes — (Array<String>)

          If the node group wasn't deployed with a launch template, then this is the instance type that is associated with the node group. If the node group was deployed with a launch template, then this is null.

        • subnets — (Array<String>)

          The subnets that were specified for the Auto Scaling group that is associated with your node group.

        • remoteAccess — (map)

          If the node group wasn't deployed with a launch template, then this is the remote access configuration that is associated with the node group. If the node group was deployed with a launch template, then this is null.

          • ec2SshKey — (String)

            The Amazon EC2 SSH key that provides access for SSH communication with the nodes in the managed node group. For more information, see Amazon EC2 Key Pairs in the Amazon Elastic Compute Cloud User Guide for Linux Instances.

          • sourceSecurityGroups — (Array<String>)

            The security groups that are allowed SSH access (port 22) to the nodes. If you specify an Amazon EC2 SSH key but do not specify a source security group when you create a managed node group, then port 22 on the nodes is opened to the internet (0.0.0.0/0). For more information, see Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide.

        • amiType — (String)

          If the node group was deployed using a launch template with a custom AMI, then this is CUSTOM. For node groups that weren't deployed using a launch template, this is the AMI type that was specified in the node group configuration.

          Possible values include:
          • "AL2_x86_64"
          • "AL2_x86_64_GPU"
          • "AL2_ARM_64"
          • "CUSTOM"
        • nodeRole — (String)

          The IAM role associated with your node group. The Amazon EKS node kubelet daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies.

        • labels — (map<String>)

          The Kubernetes labels applied to the nodes in the node group.

          Note: Only labels that are applied with the Amazon EKS API are shown here. There may be other Kubernetes labels applied to the nodes in this group.
        • taints — (Array<map>)

          The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of NoSchedule, PreferNoSchedule, or NoExecute. Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes.

          • key — (String)

            The key of the taint.

          • value — (String)

            The value of the taint.

          • effect — (String)

            The effect of the taint.

            Possible values include:
            • "NO_SCHEDULE"
            • "NO_EXECUTE"
            • "PREFER_NO_SCHEDULE"
        • resources — (map)

          The resources associated with the node group, such as Auto Scaling groups and security groups for remote access.

          • autoScalingGroups — (Array<map>)

            The Auto Scaling groups associated with the node group.

            • name — (String)

              The name of the Auto Scaling group associated with an Amazon EKS managed node group.

          • remoteAccessSecurityGroup — (String)

            The remote access security group associated with the node group. This security group controls SSH access to the nodes.

        • diskSize — (Integer)

          If the node group wasn't deployed with a launch template, then this is the disk size in the node group configuration. If the node group was deployed with a launch template, then this is null.

        • health — (map)

          The health status of the node group. If there are issues with your node group's health, they are listed here.

          • issues — (Array<map>)

            Any issues that are associated with the node group.

            • code — (String)

              A brief description of the error.

              • AccessDenied: Amazon EKS or one or more of your managed nodes is failing to authenticate or authorize with your Kubernetes cluster API server.

              • AsgInstanceLaunchFailures: Your Auto Scaling group is experiencing failures while attempting to launch instances.

              • AutoScalingGroupNotFound: We couldn't find the Auto Scaling group associated with the managed node group. You may be able to recreate an Auto Scaling group with the same settings to recover.

              • ClusterUnreachable: Amazon EKS or one or more of your managed nodes is unable to to communicate with your Kubernetes cluster API server. This can happen if there are network disruptions or if API servers are timing out processing requests.

              • Ec2LaunchTemplateNotFound: We couldn't find the Amazon EC2 launch template for your managed node group. You may be able to recreate a launch template with the same settings to recover.

              • Ec2LaunchTemplateVersionMismatch: The Amazon EC2 launch template version for your managed node group does not match the version that Amazon EKS created. You may be able to revert to the version that Amazon EKS created to recover.

              • Ec2SecurityGroupDeletionFailure: We could not delete the remote access security group for your managed node group. Remove any dependencies from the security group.

              • Ec2SecurityGroupNotFound: We couldn't find the cluster security group for the cluster. You must recreate your cluster.

              • Ec2SubnetInvalidConfiguration: One or more Amazon EC2 subnets specified for a node group do not automatically assign public IP addresses to instances launched into it. If you want your instances to be assigned a public IP address, then you need to enable the auto-assign public IP address setting for the subnet. See Modifying the public IPv4 addressing attribute for your subnet in the Amazon VPC User Guide.

              • IamInstanceProfileNotFound: We couldn't find the IAM instance profile for your managed node group. You may be able to recreate an instance profile with the same settings to recover.

              • IamNodeRoleNotFound: We couldn't find the IAM role for your managed node group. You may be able to recreate an IAM role with the same settings to recover.

              • InstanceLimitExceeded: Your AWS account is unable to launch any more instances of the specified instance type. You may be able to request an Amazon EC2 instance limit increase to recover.

              • InsufficientFreeAddresses: One or more of the subnets associated with your managed node group does not have enough available IP addresses for new nodes.

              • InternalFailure: These errors are usually caused by an Amazon EKS server-side issue.

              • NodeCreationFailure: Your launched instances are unable to register with your Amazon EKS cluster. Common causes of this failure are insufficient node IAM role permissions or lack of outbound internet access for the nodes.

              Possible values include:
              • "AutoScalingGroupNotFound"
              • "AutoScalingGroupInvalidConfiguration"
              • "Ec2SecurityGroupNotFound"
              • "Ec2SecurityGroupDeletionFailure"
              • "Ec2LaunchTemplateNotFound"
              • "Ec2LaunchTemplateVersionMismatch"
              • "Ec2SubnetNotFound"
              • "Ec2SubnetInvalidConfiguration"
              • "IamInstanceProfileNotFound"
              • "IamLimitExceeded"
              • "IamNodeRoleNotFound"
              • "NodeCreationFailure"
              • "AsgInstanceLaunchFailures"
              • "InstanceLimitExceeded"
              • "InsufficientFreeAddresses"
              • "AccessDenied"
              • "InternalFailure"
              • "ClusterUnreachable"
            • message — (String)

              The error message associated with the issue.

            • resourceIds — (Array<String>)

              The AWS resources that are afflicted by this issue.

        • updateConfig — (map)
          • maxUnavailable — (Integer)
          • maxUnavailablePercentage — (Integer)
        • launchTemplate — (map)

          If a launch template was used to create the node group, then this is the launch template that was used.

          • name — (String)

            The name of the launch template.

          • version — (String)

            The version of the launch template to use. If no version is specified, then the template's default version is used.

          • id — (String)

            The ID of the launch template.

        • tags — (map<String>)

          The metadata applied to the node group to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Node group tags do not propagate to any other resources associated with the node group, such as the Amazon EC2 instances or subnets.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

describeAddon(params = {}, callback) ⇒ AWS.Request

Describes an Amazon EKS add-on.

Service Reference:

Examples:

Calling the describeAddon operation

var params = {
  addonName: 'STRING_VALUE', /* required */
  clusterName: 'STRING_VALUE' /* required */
};
eks.describeAddon(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the cluster.

    • addonName — (String)

      The name of the add-on. The name must match one of the names returned by ListAddons .

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • addon — (map)

        An Amazon EKS add-on.

        • addonName — (String)

          The name of the add-on.

        • clusterName — (String)

          The name of the cluster.

        • status — (String)

          The status of the add-on.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "CREATE_FAILED"
          • "UPDATING"
          • "DELETING"
          • "DELETE_FAILED"
          • "DEGRADED"
        • addonVersion — (String)

          The version of the add-on.

        • health — (map)

          An object that represents the health of the add-on.

          • issues — (Array<map>)

            An object that represents the add-on's health issues.

            • code — (String)

              A code that describes the type of issue.

              Possible values include:
              • "AccessDenied"
              • "InternalFailure"
              • "ClusterUnreachable"
              • "InsufficientNumberOfReplicas"
              • "ConfigurationConflict"
              • "AdmissionRequestDenied"
            • message — (String)

              A message that provides details about the issue and what might cause it.

            • resourceIds — (Array<String>)

              The resource IDs of the issue.

        • addonArn — (String)

          The Amazon Resource Name (ARN) of the add-on.

        • createdAt — (Date)

          The date and time that the add-on was created.

        • modifiedAt — (Date)

          The date and time that the add-on was last modified.

        • serviceAccountRoleArn — (String)

          The Amazon Resource Name (ARN) of the IAM role that is bound to the Kubernetes service account used by the add-on.

        • tags — (map<String>)

          The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

Waiter Resource States:

describeAddonVersions(params = {}, callback) ⇒ AWS.Request

Describes the Kubernetes versions that the add-on can be used with.

Service Reference:

Examples:

Calling the describeAddonVersions operation

var params = {
  addonName: 'STRING_VALUE',
  kubernetesVersion: 'STRING_VALUE',
  maxResults: 'NUMBER_VALUE',
  nextToken: 'STRING_VALUE'
};
eks.describeAddonVersions(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • kubernetesVersion — (String)

      The Kubernetes versions that the add-on can be used with.

    • maxResults — (Integer)

      The maximum number of results to return.

    • nextToken — (String)

      The nextToken value returned from a previous paginated DescribeAddonVersionsRequest where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value.

      Note: This token should be treated as an opaque identifier that is used only to retrieve the next items in a list and not for other programmatic purposes.
    • addonName — (String)

      The name of the add-on. The name must match one of the names returned by ListAddons .

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • addons — (Array<map>)

        The list of available versions with Kubernetes version compatibility.

        • addonName — (String)

          The name of the add-on.

        • type — (String)

          The type of the add-on.

        • addonVersions — (Array<map>)

          An object that represents information about available add-on versions and compatible Kubernetes versions.

          • addonVersion — (String)

            The version of the add-on.

          • architecture — (Array<String>)

            The architectures that the version supports.

          • compatibilities — (Array<map>)

            An object that represents the compatibilities of a version.

            • clusterVersion — (String)

              The supported Kubernetes version of the cluster.

            • platformVersions — (Array<String>)

              The supported compute platform.

            • defaultVersion — (Boolean)

              The supported default version.

      • nextToken — (String)

        The nextToken value returned from a previous paginated DescribeAddonVersionsResponse where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value.

        Note: This token should be treated as an opaque identifier that is used only to retrieve the next items in a list and not for other programmatic purposes.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

describeCluster(params = {}, callback) ⇒ AWS.Request

Returns descriptive information about an Amazon EKS cluster.

The API server endpoint and certificate authority data returned by this operation are required for kubelet and kubectl to communicate with your Kubernetes API server. For more information, see Create a kubeconfig for Amazon EKS.

Note: The API server endpoint and certificate authority data aren't available until the cluster reaches the ACTIVE state.

Service Reference:

Examples:

To describe a cluster


/* This example command provides a description of the specified cluster in your default region. */

 var params = {
  name: "devel"
 };
 eks.describeCluster(params, function(err, data) {
   if (err) console.log(err, err.stack); // an error occurred
   else     console.log(data);           // successful response
   /*
   data = {
    cluster: {
     version: "1.10", 
     name: "devel", 
     arn: "arn:aws:eks:us-west-2:012345678910:cluster/devel", 
     certificateAuthority: {
      data: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRFNE1EVXpNVEl6TVRFek1Wb1hEVEk0TURVeU9ESXpNVEV6TVZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTTZWCjVUaG4rdFcySm9Xa2hQMzRlVUZMNitaRXJOZGIvWVdrTmtDdWNGS2RaaXl2TjlMVmdvUmV2MjlFVFZlN1ZGbSsKUTJ3ZURyRXJiQyt0dVlibkFuN1ZLYmE3ay9hb1BHekZMdmVnb0t6b0M1N2NUdGVwZzRIazRlK2tIWHNaME10MApyb3NzcjhFM1ROeExETnNJTThGL1cwdjhsTGNCbWRPcjQyV2VuTjFHZXJnaDNSZ2wzR3JIazBnNTU0SjFWenJZCm9hTi8zODFUczlOTFF2QTBXb0xIcjBFRlZpTFdSZEoyZ3lXaC9ybDVyOFNDOHZaQXg1YW1BU0hVd01aTFpWRC8KTDBpOW4wRVM0MkpVdzQyQmxHOEdpd3NhTkJWV3lUTHZKclNhRXlDSHFtVVZaUTFDZkFXUjl0L3JleVVOVXM3TApWV1FqM3BFbk9RMitMSWJrc0RzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFNZ3RsQ1dIQ2U2YzVHMXl2YlFTS0Q4K2hUalkKSm1NSG56L2EvRGt0WG9YUjFVQzIrZUgzT1BZWmVjRVZZZHVaSlZCckNNQ2VWR0ZkeWdBYlNLc1FxWDg0S2RXbAp1MU5QaERDSmEyRHliN2pVMUV6VThTQjFGZUZ5ZFE3a0hNS1E1blpBRVFQOTY4S01hSGUrSm0yQ2x1UFJWbEJVCjF4WlhTS1gzTVZ0K1Q0SU1EV2d6c3JRSjVuQkRjdEtLcUZtM3pKdVVubHo5ZEpVckdscEltMjVJWXJDckxYUFgKWkUwRUtRNWEzMHhkVWNrTHRGQkQrOEtBdFdqSS9yZUZPNzM1YnBMdVoyOTBaNm42QlF3elRrS0p4cnhVc3QvOAppNGsxcnlsaUdWMm5SSjBUYjNORkczNHgrYWdzYTRoSTFPbU90TFM0TmgvRXJxT3lIUXNDc2hEQUtKUT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo="
     }, 
     createdAt: <Date Representation>, 
     endpoint: "https://A0DCCD80A04F01705DD065655C30CC3D.yl4.us-west-2.eks.amazonaws.com", 
     resourcesVpcConfig: {
      securityGroupIds: [
         "sg-6979fe18"
      ], 
      subnetIds: [
         "subnet-6782e71e", 
         "subnet-e7e761ac"
      ], 
      vpcId: "vpc-950809ec"
     }, 
     roleArn: "arn:aws:iam::012345678910:role/eks-service-role-AWSServiceRoleForAmazonEKS-J7ONKE3BQ4PI", 
     status: "ACTIVE"
    }
   }
   */
 });

Calling the describeCluster operation

var params = {
  name: 'STRING_VALUE' /* required */
};
eks.describeCluster(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • name — (String)

      The name of the cluster to describe.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • cluster — (map)

        The full description of your specified cluster.

        • name — (String)

          The name of the cluster.

        • arn — (String)

          The Amazon Resource Name (ARN) of the cluster.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the cluster was created.

        • version — (String)

          The Kubernetes server version for the cluster.

        • endpoint — (String)

          The endpoint for your Kubernetes API server.

        • roleArn — (String)

          The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

        • resourcesVpcConfig — (map)

          The VPC configuration used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide.

          • subnetIds — (Array<String>)

            The subnets associated with your cluster.

          • securityGroupIds — (Array<String>)

            The security groups associated with the cross-account elastic network interfaces that are used to allow communication between your nodes and the Kubernetes control plane.

          • clusterSecurityGroupId — (String)

            The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.

          • vpcId — (String)

            The VPC associated with your cluster.

          • endpointPublicAccess — (Boolean)

            This parameter indicates whether the Amazon EKS public API server endpoint is enabled. If the Amazon EKS public API server endpoint is disabled, your cluster's Kubernetes API server can only receive requests that originate from within the cluster VPC.

          • endpointPrivateAccess — (Boolean)

            This parameter indicates whether the Amazon EKS private API server endpoint is enabled. If the Amazon EKS private API server endpoint is enabled, Kubernetes API requests that originate from within your cluster's VPC use the private VPC endpoint instead of traversing the internet. If this value is disabled and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

          • publicAccessCidrs — (Array<String>)

            The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the listed CIDR blocks is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that the necessary CIDR blocks are listed. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

        • kubernetesNetworkConfig — (map)

          The Kubernetes network configuration for the cluster.

          • serviceIpv4Cidr — (String)

            The CIDR block that Kubernetes service IP addresses are assigned from. If you didn't specify a CIDR block when you created the cluster, then Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. If this was specified, then it was specified when the cluster was created and it cannot be changed.

        • logging — (map)

          The logging configuration for your cluster.

          • clusterLogging — (Array<map>)

            The cluster control plane logging configuration for your cluster.

            • types — (Array<String>)

              The available cluster control plane log types.

            • enabled — (Boolean)

              If a log type is enabled, that log type exports its control plane logs to CloudWatch Logs. If a log type isn't enabled, that log type doesn't export its control plane logs. Each individual log type can be enabled or disabled independently.

        • identity — (map)

          The identity provider information for the cluster.

          • oidc — (map)

            An object representing the OpenID Connect identity provider information.

            • issuer — (String)

              The issuer URL for the OIDC identity provider.

        • status — (String)

          The current status of the cluster.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "DELETING"
          • "FAILED"
          • "UPDATING"
        • certificateAuthority — (map)

          The certificate-authority-data for your cluster.

          • data — (String)

            The Base64-encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

        • clientRequestToken — (String)

          Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

        • platformVersion — (String)

          The platform version of your Amazon EKS cluster. For more information, see Platform Versions in the Amazon EKS User Guide .

        • tags — (map<String>)

          The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags do not propagate to any other resources associated with the cluster.

        • encryptionConfig — (Array<map>)

          The encryption configuration for the cluster.

          • resources — (Array<String>)

            Specifies the resources to be encrypted. The only supported value is "secrets".

          • provider — (map)

            AWS Key Management Service (AWS KMS) key. Either the ARN or the alias can be used.

            • keyArn — (String)

              Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key. For more information, see Allowing Users in Other Accounts to Use a KMS key in the AWS Key Management Service Developer Guide.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

Waiter Resource States:

describeFargateProfile(params = {}, callback) ⇒ AWS.Request

Returns descriptive information about an AWS Fargate profile.

Service Reference:

Examples:

Calling the describeFargateProfile operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  fargateProfileName: 'STRING_VALUE' /* required */
};
eks.describeFargateProfile(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the Amazon EKS cluster associated with the Fargate profile.

    • fargateProfileName — (String)

      The name of the Fargate profile to describe.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • fargateProfile — (map)

        The full description of your Fargate profile.

        • fargateProfileName — (String)

          The name of the Fargate profile.

        • fargateProfileArn — (String)

          The full Amazon Resource Name (ARN) of the Fargate profile.

        • clusterName — (String)

          The name of the Amazon EKS cluster that the Fargate profile belongs to.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the Fargate profile was created.

        • podExecutionRoleArn — (String)

          The Amazon Resource Name (ARN) of the pod execution role to use for pods that match the selectors in the Fargate profile. For more information, see Pod Execution Role in the Amazon EKS User Guide.

        • subnets — (Array<String>)

          The IDs of subnets to launch pods into.

        • selectors — (Array<map>)

          The selectors to match for pods to use this Fargate profile.

          • namespace — (String)

            The Kubernetes namespace that the selector should match.

          • labels — (map<String>)

            The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match.

        • status — (String)

          The current status of the Fargate profile.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "DELETING"
          • "CREATE_FAILED"
          • "DELETE_FAILED"
        • tags — (map<String>)

          The metadata applied to the Fargate profile to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Fargate profile tags do not propagate to any other resources associated with the Fargate profile, such as the pods that are scheduled with it.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

describeIdentityProviderConfig(params = {}, callback) ⇒ AWS.Request

Returns descriptive information about an identity provider configuration.

Service Reference:

Examples:

Calling the describeIdentityProviderConfig operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  identityProviderConfig: { /* required */
    name: 'STRING_VALUE', /* required */
    type: 'STRING_VALUE' /* required */
  }
};
eks.describeIdentityProviderConfig(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The cluster name that the identity provider configuration is associated to.

    • identityProviderConfig — (map)

      An object that represents an identity provider configuration.

      • typerequired — (String)

        The type of the identity provider configuration.

      • namerequired — (String)

        The name of the identity provider configuration.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • identityProviderConfig — (map)

        The object that represents an OpenID Connect (OIDC) identity provider configuration.

        • oidc — (map)

          An object that represents an OpenID Connect (OIDC) identity provider configuration.

          • identityProviderConfigName — (String)

            The name of the configuration.

          • identityProviderConfigArn — (String)

            The ARN of the configuration.

          • clusterName — (String)

            The cluster that the configuration is associated to.

          • issuerUrl — (String)

            The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.

          • clientId — (String)

            This is also known as audience. The ID of the client application that makes authentication requests to the OIDC identity provider.

          • usernameClaim — (String)

            The JSON Web token (JWT) claim that is used as the username.

          • usernamePrefix — (String)

            The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can't contain system:

          • groupsClaim — (String)

            The JSON web token (JWT) claim that the provider uses to return your groups.

          • groupsPrefix — (String)

            The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: creates group names like oidc:engineering and oidc:infra. The prefix can't contain system:

          • requiredClaims — (map<String>)

            The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.

          • tags — (map<String>)

            The metadata to apply to the provider configuration to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you defined.

          • status — (String)

            The status of the OIDC identity provider.

            Possible values include:
            • "CREATING"
            • "DELETING"
            • "ACTIVE"

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

describeNodegroup(params = {}, callback) ⇒ AWS.Request

Returns descriptive information about an Amazon EKS node group.

Service Reference:

Examples:

Calling the describeNodegroup operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  nodegroupName: 'STRING_VALUE' /* required */
};
eks.describeNodegroup(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the Amazon EKS cluster associated with the node group.

    • nodegroupName — (String)

      The name of the node group to describe.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • nodegroup — (map)

        The full description of your node group.

        • nodegroupName — (String)

          The name associated with an Amazon EKS managed node group.

        • nodegroupArn — (String)

          The Amazon Resource Name (ARN) associated with the managed node group.

        • clusterName — (String)

          The name of the cluster that the managed node group resides in.

        • version — (String)

          The Kubernetes version of the managed node group.

        • releaseVersion — (String)

          If the node group was deployed using a launch template with a custom AMI, then this is the AMI ID that was specified in the launch template. For node groups that weren't deployed using a launch template, this is the version of the Amazon EKS optimized AMI that the node group was deployed with.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the managed node group was created.

        • modifiedAt — (Date)

          The Unix epoch timestamp in seconds for when the managed node group was last modified.

        • status — (String)

          The current status of the managed node group.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "UPDATING"
          • "DELETING"
          • "CREATE_FAILED"
          • "DELETE_FAILED"
          • "DEGRADED"
        • capacityType — (String)

          The capacity type of your managed node group.

          Possible values include:
          • "ON_DEMAND"
          • "SPOT"
        • scalingConfig — (map)

          The scaling configuration details for the Auto Scaling group that is associated with your node group.

          • minSize — (Integer)

            The minimum number of nodes that the managed node group can scale in to. This number must be greater than zero.

          • maxSize — (Integer)

            The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see Amazon EKS service quotas in the Amazon EKS User Guide.

          • desiredSize — (Integer)

            The current number of nodes that the managed node group should maintain.

        • instanceTypes — (Array<String>)

          If the node group wasn't deployed with a launch template, then this is the instance type that is associated with the node group. If the node group was deployed with a launch template, then this is null.

        • subnets — (Array<String>)

          The subnets that were specified for the Auto Scaling group that is associated with your node group.

        • remoteAccess — (map)

          If the node group wasn't deployed with a launch template, then this is the remote access configuration that is associated with the node group. If the node group was deployed with a launch template, then this is null.

          • ec2SshKey — (String)

            The Amazon EC2 SSH key that provides access for SSH communication with the nodes in the managed node group. For more information, see Amazon EC2 Key Pairs in the Amazon Elastic Compute Cloud User Guide for Linux Instances.

          • sourceSecurityGroups — (Array<String>)

            The security groups that are allowed SSH access (port 22) to the nodes. If you specify an Amazon EC2 SSH key but do not specify a source security group when you create a managed node group, then port 22 on the nodes is opened to the internet (0.0.0.0/0). For more information, see Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide.

        • amiType — (String)

          If the node group was deployed using a launch template with a custom AMI, then this is CUSTOM. For node groups that weren't deployed using a launch template, this is the AMI type that was specified in the node group configuration.

          Possible values include:
          • "AL2_x86_64"
          • "AL2_x86_64_GPU"
          • "AL2_ARM_64"
          • "CUSTOM"
        • nodeRole — (String)

          The IAM role associated with your node group. The Amazon EKS node kubelet daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies.

        • labels — (map<String>)

          The Kubernetes labels applied to the nodes in the node group.

          Note: Only labels that are applied with the Amazon EKS API are shown here. There may be other Kubernetes labels applied to the nodes in this group.
        • taints — (Array<map>)

          The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of NoSchedule, PreferNoSchedule, or NoExecute. Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes.

          • key — (String)

            The key of the taint.

          • value — (String)

            The value of the taint.

          • effect — (String)

            The effect of the taint.

            Possible values include:
            • "NO_SCHEDULE"
            • "NO_EXECUTE"
            • "PREFER_NO_SCHEDULE"
        • resources — (map)

          The resources associated with the node group, such as Auto Scaling groups and security groups for remote access.

          • autoScalingGroups — (Array<map>)

            The Auto Scaling groups associated with the node group.

            • name — (String)

              The name of the Auto Scaling group associated with an Amazon EKS managed node group.

          • remoteAccessSecurityGroup — (String)

            The remote access security group associated with the node group. This security group controls SSH access to the nodes.

        • diskSize — (Integer)

          If the node group wasn't deployed with a launch template, then this is the disk size in the node group configuration. If the node group was deployed with a launch template, then this is null.

        • health — (map)

          The health status of the node group. If there are issues with your node group's health, they are listed here.

          • issues — (Array<map>)

            Any issues that are associated with the node group.

            • code — (String)

              A brief description of the error.

              • AccessDenied: Amazon EKS or one or more of your managed nodes is failing to authenticate or authorize with your Kubernetes cluster API server.

              • AsgInstanceLaunchFailures: Your Auto Scaling group is experiencing failures while attempting to launch instances.

              • AutoScalingGroupNotFound: We couldn't find the Auto Scaling group associated with the managed node group. You may be able to recreate an Auto Scaling group with the same settings to recover.

              • ClusterUnreachable: Amazon EKS or one or more of your managed nodes is unable to to communicate with your Kubernetes cluster API server. This can happen if there are network disruptions or if API servers are timing out processing requests.

              • Ec2LaunchTemplateNotFound: We couldn't find the Amazon EC2 launch template for your managed node group. You may be able to recreate a launch template with the same settings to recover.

              • Ec2LaunchTemplateVersionMismatch: The Amazon EC2 launch template version for your managed node group does not match the version that Amazon EKS created. You may be able to revert to the version that Amazon EKS created to recover.

              • Ec2SecurityGroupDeletionFailure: We could not delete the remote access security group for your managed node group. Remove any dependencies from the security group.

              • Ec2SecurityGroupNotFound: We couldn't find the cluster security group for the cluster. You must recreate your cluster.

              • Ec2SubnetInvalidConfiguration: One or more Amazon EC2 subnets specified for a node group do not automatically assign public IP addresses to instances launched into it. If you want your instances to be assigned a public IP address, then you need to enable the auto-assign public IP address setting for the subnet. See Modifying the public IPv4 addressing attribute for your subnet in the Amazon VPC User Guide.

              • IamInstanceProfileNotFound: We couldn't find the IAM instance profile for your managed node group. You may be able to recreate an instance profile with the same settings to recover.

              • IamNodeRoleNotFound: We couldn't find the IAM role for your managed node group. You may be able to recreate an IAM role with the same settings to recover.

              • InstanceLimitExceeded: Your AWS account is unable to launch any more instances of the specified instance type. You may be able to request an Amazon EC2 instance limit increase to recover.

              • InsufficientFreeAddresses: One or more of the subnets associated with your managed node group does not have enough available IP addresses for new nodes.

              • InternalFailure: These errors are usually caused by an Amazon EKS server-side issue.

              • NodeCreationFailure: Your launched instances are unable to register with your Amazon EKS cluster. Common causes of this failure are insufficient node IAM role permissions or lack of outbound internet access for the nodes.

              Possible values include:
              • "AutoScalingGroupNotFound"
              • "AutoScalingGroupInvalidConfiguration"
              • "Ec2SecurityGroupNotFound"
              • "Ec2SecurityGroupDeletionFailure"
              • "Ec2LaunchTemplateNotFound"
              • "Ec2LaunchTemplateVersionMismatch"
              • "Ec2SubnetNotFound"
              • "Ec2SubnetInvalidConfiguration"
              • "IamInstanceProfileNotFound"
              • "IamLimitExceeded"
              • "IamNodeRoleNotFound"
              • "NodeCreationFailure"
              • "AsgInstanceLaunchFailures"
              • "InstanceLimitExceeded"
              • "InsufficientFreeAddresses"
              • "AccessDenied"
              • "InternalFailure"
              • "ClusterUnreachable"
            • message — (String)

              The error message associated with the issue.

            • resourceIds — (Array<String>)

              The AWS resources that are afflicted by this issue.

        • updateConfig — (map)
          • maxUnavailable — (Integer)
          • maxUnavailablePercentage — (Integer)
        • launchTemplate — (map)

          If a launch template was used to create the node group, then this is the launch template that was used.

          • name — (String)

            The name of the launch template.

          • version — (String)

            The version of the launch template to use. If no version is specified, then the template's default version is used.

          • id — (String)

            The ID of the launch template.

        • tags — (map<String>)

          The metadata applied to the node group to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Node group tags do not propagate to any other resources associated with the node group, such as the Amazon EC2 instances or subnets.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

Waiter Resource States:

describeUpdate(params = {}, callback) ⇒ AWS.Request

Returns descriptive information about an update against your Amazon EKS cluster or associated managed node group.

When the status of the update is Succeeded, the update is complete. If an update fails, the status is Failed, and an error detail explains the reason for the failure.

Service Reference:

Examples:

Calling the describeUpdate operation

var params = {
  name: 'STRING_VALUE', /* required */
  updateId: 'STRING_VALUE', /* required */
  addonName: 'STRING_VALUE',
  nodegroupName: 'STRING_VALUE'
};
eks.describeUpdate(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • name — (String)

      The name of the Amazon EKS cluster associated with the update.

    • updateId — (String)

      The ID of the update to describe.

    • nodegroupName — (String)

      The name of the Amazon EKS node group associated with the update.

    • addonName — (String)

      The name of the add-on. The name must match one of the names returned by ListAddons .

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • update — (map)

        The full description of the specified update.

        • id — (String)

          A UUID that is used to track the update.

        • status — (String)

          The current status of the update.

          Possible values include:
          • "InProgress"
          • "Failed"
          • "Cancelled"
          • "Successful"
        • type — (String)

          The type of the update.

          Possible values include:
          • "VersionUpdate"
          • "EndpointAccessUpdate"
          • "LoggingUpdate"
          • "ConfigUpdate"
          • "AssociateIdentityProviderConfig"
          • "DisassociateIdentityProviderConfig"
          • "AssociateEncryptionConfig"
          • "AddonUpdate"
        • params — (Array<map>)

          A key-value map that contains the parameters associated with the update.

          • type — (String)

            The keys associated with an update request.

            Possible values include:
            • "Version"
            • "PlatformVersion"
            • "EndpointPrivateAccess"
            • "EndpointPublicAccess"
            • "ClusterLogging"
            • "DesiredSize"
            • "LabelsToAdd"
            • "LabelsToRemove"
            • "TaintsToAdd"
            • "TaintsToRemove"
            • "MaxSize"
            • "MinSize"
            • "ReleaseVersion"
            • "PublicAccessCidrs"
            • "LaunchTemplateName"
            • "LaunchTemplateVersion"
            • "IdentityProviderConfig"
            • "EncryptionConfig"
            • "AddonVersion"
            • "ServiceAccountRoleArn"
            • "ResolveConflicts"
            • "MaxUnavailable"
            • "MaxUnavailablePercentage"
          • value — (String)

            The value of the keys submitted as part of an update request.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the update was created.

        • errors — (Array<map>)

          Any errors associated with a Failed update.

          • errorCode — (String)

            A brief description of the error.

            • SubnetNotFound: We couldn't find one of the subnets associated with the cluster.

            • SecurityGroupNotFound: We couldn't find one of the security groups associated with the cluster.

            • EniLimitReached: You have reached the elastic network interface limit for your account.

            • IpNotAvailable: A subnet associated with the cluster doesn't have any free IP addresses.

            • AccessDenied: You don't have permissions to perform the specified operation.

            • OperationNotPermitted: The service role associated with the cluster doesn't have the required access permissions for Amazon EKS.

            • VpcIdNotFound: We couldn't find the VPC associated with the cluster.

            Possible values include:
            • "SubnetNotFound"
            • "SecurityGroupNotFound"
            • "EniLimitReached"
            • "IpNotAvailable"
            • "AccessDenied"
            • "OperationNotPermitted"
            • "VpcIdNotFound"
            • "Unknown"
            • "NodeCreationFailure"
            • "PodEvictionFailure"
            • "InsufficientFreeAddresses"
            • "ClusterUnreachable"
            • "InsufficientNumberOfReplicas"
            • "ConfigurationConflict"
            • "AdmissionRequestDenied"
          • errorMessage — (String)

            A more complete description of the error.

          • resourceIds — (Array<String>)

            An optional field that contains the resource IDs associated with the error.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

disassociateIdentityProviderConfig(params = {}, callback) ⇒ AWS.Request

Disassociates an identity provider configuration from a cluster. If you disassociate an identity provider from your cluster, users included in the provider can no longer access the cluster. However, you can still access the cluster with AWS IAM users.

Examples:

Calling the disassociateIdentityProviderConfig operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  identityProviderConfig: { /* required */
    name: 'STRING_VALUE', /* required */
    type: 'STRING_VALUE' /* required */
  },
  clientRequestToken: 'STRING_VALUE'
};
eks.disassociateIdentityProviderConfig(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the cluster to disassociate an identity provider from.

    • identityProviderConfig — (map)

      An object that represents an identity provider configuration.

      • typerequired — (String)

        The type of the identity provider configuration.

      • namerequired — (String)

        The name of the identity provider configuration.

    • clientRequestToken — (String)

      A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

      If a token is not provided, the SDK will use a version 4 UUID.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • update — (map)

        An object representing an asynchronous update.

        • id — (String)

          A UUID that is used to track the update.

        • status — (String)

          The current status of the update.

          Possible values include:
          • "InProgress"
          • "Failed"
          • "Cancelled"
          • "Successful"
        • type — (String)

          The type of the update.

          Possible values include:
          • "VersionUpdate"
          • "EndpointAccessUpdate"
          • "LoggingUpdate"
          • "ConfigUpdate"
          • "AssociateIdentityProviderConfig"
          • "DisassociateIdentityProviderConfig"
          • "AssociateEncryptionConfig"
          • "AddonUpdate"
        • params — (Array<map>)

          A key-value map that contains the parameters associated with the update.

          • type — (String)

            The keys associated with an update request.

            Possible values include:
            • "Version"
            • "PlatformVersion"
            • "EndpointPrivateAccess"
            • "EndpointPublicAccess"
            • "ClusterLogging"
            • "DesiredSize"
            • "LabelsToAdd"
            • "LabelsToRemove"
            • "TaintsToAdd"
            • "TaintsToRemove"
            • "MaxSize"
            • "MinSize"
            • "ReleaseVersion"
            • "PublicAccessCidrs"
            • "LaunchTemplateName"
            • "LaunchTemplateVersion"
            • "IdentityProviderConfig"
            • "EncryptionConfig"
            • "AddonVersion"
            • "ServiceAccountRoleArn"
            • "ResolveConflicts"
            • "MaxUnavailable"
            • "MaxUnavailablePercentage"
          • value — (String)

            The value of the keys submitted as part of an update request.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the update was created.

        • errors — (Array<map>)

          Any errors associated with a Failed update.

          • errorCode — (String)

            A brief description of the error.

            • SubnetNotFound: We couldn't find one of the subnets associated with the cluster.

            • SecurityGroupNotFound: We couldn't find one of the security groups associated with the cluster.

            • EniLimitReached: You have reached the elastic network interface limit for your account.

            • IpNotAvailable: A subnet associated with the cluster doesn't have any free IP addresses.

            • AccessDenied: You don't have permissions to perform the specified operation.

            • OperationNotPermitted: The service role associated with the cluster doesn't have the required access permissions for Amazon EKS.

            • VpcIdNotFound: We couldn't find the VPC associated with the cluster.

            Possible values include:
            • "SubnetNotFound"
            • "SecurityGroupNotFound"
            • "EniLimitReached"
            • "IpNotAvailable"
            • "AccessDenied"
            • "OperationNotPermitted"
            • "VpcIdNotFound"
            • "Unknown"
            • "NodeCreationFailure"
            • "PodEvictionFailure"
            • "InsufficientFreeAddresses"
            • "ClusterUnreachable"
            • "InsufficientNumberOfReplicas"
            • "ConfigurationConflict"
            • "AdmissionRequestDenied"
          • errorMessage — (String)

            A more complete description of the error.

          • resourceIds — (Array<String>)

            An optional field that contains the resource IDs associated with the error.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

listAddons(params = {}, callback) ⇒ AWS.Request

Lists the available add-ons.

Service Reference:

Examples:

Calling the listAddons operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  maxResults: 'NUMBER_VALUE',
  nextToken: 'STRING_VALUE'
};
eks.listAddons(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the cluster.

    • maxResults — (Integer)

      The maximum number of add-on results returned by ListAddonsRequest in paginated output. When you use this parameter, ListAddonsRequest returns only maxResults results in a single page along with a nextToken response element. You can see the remaining results of the initial request by sending another ListAddonsRequest request with the returned nextToken value. This value can be between 1 and 100. If you don't use this parameter, ListAddonsRequest returns up to 100 results and a nextToken value, if applicable.

    • nextToken — (String)

      The nextToken value returned from a previous paginated ListAddonsRequest where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value.

      Note: This token should be treated as an opaque identifier that is used only to retrieve the next items in a list and not for other programmatic purposes.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • addons — (Array<String>)

        A list of available add-ons.

      • nextToken — (String)

        The nextToken value returned from a previous paginated ListAddonsResponse where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value.

        Note: This token should be treated as an opaque identifier that is used only to retrieve the next items in a list and not for other programmatic purposes.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

listClusters(params = {}, callback) ⇒ AWS.Request

Lists the Amazon EKS clusters in your AWS account in the specified Region.

Service Reference:

Examples:

To list your available clusters


/* This example command lists all of your available clusters in your default region. */

 var params = {
 };
 eks.listClusters(params, function(err, data) {
   if (err) console.log(err, err.stack); // an error occurred
   else     console.log(data);           // successful response
   /*
   data = {
    clusters: [
       "devel", 
       "prod"
    ]
   }
   */
 });

Calling the listClusters operation

var params = {
  maxResults: 'NUMBER_VALUE',
  nextToken: 'STRING_VALUE'
};
eks.listClusters(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • maxResults — (Integer)

      The maximum number of cluster results returned by ListClusters in paginated output. When you use this parameter, ListClusters returns only maxResults results in a single page along with a nextToken response element. You can see the remaining results of the initial request by sending another ListClusters request with the returned nextToken value. This value can be between 1 and 100. If you don't use this parameter, ListClusters returns up to 100 results and a nextToken value if applicable.

    • nextToken — (String)

      The nextToken value returned from a previous paginated ListClusters request where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value.

      Note: This token should be treated as an opaque identifier that is used only to retrieve the next items in a list and not for other programmatic purposes.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • clusters — (Array<String>)

        A list of all of the clusters for your account in the specified Region.

      • nextToken — (String)

        The nextToken value to include in a future ListClusters request. When the results of a ListClusters request exceed maxResults, you can use this value to retrieve the next page of results. This value is null when there are no more results to return.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

listFargateProfiles(params = {}, callback) ⇒ AWS.Request

Lists the AWS Fargate profiles associated with the specified cluster in your AWS account in the specified Region.

Service Reference:

Examples:

Calling the listFargateProfiles operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  maxResults: 'NUMBER_VALUE',
  nextToken: 'STRING_VALUE'
};
eks.listFargateProfiles(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the Amazon EKS cluster that you would like to listFargate profiles in.

    • maxResults — (Integer)

      The maximum number of Fargate profile results returned by ListFargateProfiles in paginated output. When you use this parameter, ListFargateProfiles returns only maxResults results in a single page along with a nextToken response element. You can see the remaining results of the initial request by sending another ListFargateProfiles request with the returned nextToken value. This value can be between 1 and 100. If you don't use this parameter, ListFargateProfiles returns up to 100 results and a nextToken value if applicable.

    • nextToken — (String)

      The nextToken value returned from a previous paginated ListFargateProfiles request where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • fargateProfileNames — (Array<String>)

        A list of all of the Fargate profiles associated with the specified cluster.

      • nextToken — (String)

        The nextToken value to include in a future ListFargateProfiles request. When the results of a ListFargateProfiles request exceed maxResults, you can use this value to retrieve the next page of results. This value is null when there are no more results to return.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

listIdentityProviderConfigs(params = {}, callback) ⇒ AWS.Request

A list of identity provider configurations.

Service Reference:

Examples:

Calling the listIdentityProviderConfigs operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  maxResults: 'NUMBER_VALUE',
  nextToken: 'STRING_VALUE'
};
eks.listIdentityProviderConfigs(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The cluster name that you want to list identity provider configurations for.

    • maxResults — (Integer)

      The maximum number of identity provider configurations returned by ListIdentityProviderConfigs in paginated output. When you use this parameter, ListIdentityProviderConfigs returns only maxResults results in a single page along with a nextToken response element. You can see the remaining results of the initial request by sending another ListIdentityProviderConfigs request with the returned nextToken value. This value can be between 1 and 100. If you don't use this parameter, ListIdentityProviderConfigs returns up to 100 results and a nextToken value, if applicable.

    • nextToken — (String)

      The nextToken value returned from a previous paginated IdentityProviderConfigsRequest where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • identityProviderConfigs — (Array<map>)

        The identity provider configurations for the cluster.

        • typerequired — (String)

          The type of the identity provider configuration.

        • namerequired — (String)

          The name of the identity provider configuration.

      • nextToken — (String)

        The nextToken value returned from a previous paginated ListIdentityProviderConfigsResponse where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

listNodegroups(params = {}, callback) ⇒ AWS.Request

Lists the Amazon EKS managed node groups associated with the specified cluster in your AWS account in the specified Region. Self-managed node groups are not listed.

Service Reference:

Examples:

Calling the listNodegroups operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  maxResults: 'NUMBER_VALUE',
  nextToken: 'STRING_VALUE'
};
eks.listNodegroups(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the Amazon EKS cluster that you would like to list node groups in.

    • maxResults — (Integer)

      The maximum number of node group results returned by ListNodegroups in paginated output. When you use this parameter, ListNodegroups returns only maxResults results in a single page along with a nextToken response element. You can see the remaining results of the initial request by sending another ListNodegroups request with the returned nextToken value. This value can be between 1 and 100. If you don't use this parameter, ListNodegroups returns up to 100 results and a nextToken value if applicable.

    • nextToken — (String)

      The nextToken value returned from a previous paginated ListNodegroups request where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • nodegroups — (Array<String>)

        A list of all of the node groups associated with the specified cluster.

      • nextToken — (String)

        The nextToken value to include in a future ListNodegroups request. When the results of a ListNodegroups request exceed maxResults, you can use this value to retrieve the next page of results. This value is null when there are no more results to return.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

listTagsForResource(params = {}, callback) ⇒ AWS.Request

List the tags for an Amazon EKS resource.

Service Reference:

Examples:

To list tags for a cluster


/* This example lists all of the tags for the `beta` cluster. */

 var params = {
  resourceArn: "arn:aws:eks:us-west-2:012345678910:cluster/beta"
 };
 eks.listTagsForResource(params, function(err, data) {
   if (err) console.log(err, err.stack); // an error occurred
   else     console.log(data);           // successful response
   /*
   data = {
    tags: {
     "aws:tag:domain": "beta"
    }
   }
   */
 });

Calling the listTagsForResource operation

var params = {
  resourceArn: 'STRING_VALUE' /* required */
};
eks.listTagsForResource(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • resourceArn — (String)

      The Amazon Resource Name (ARN) that identifies the resource for which to list the tags. Currently, the supported resources are Amazon EKS clusters and managed node groups.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • tags — (map<String>)

        The tags for the resource.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

listUpdates(params = {}, callback) ⇒ AWS.Request

Lists the updates associated with an Amazon EKS cluster or managed node group in your AWS account, in the specified Region.

Service Reference:

Examples:

Calling the listUpdates operation

var params = {
  name: 'STRING_VALUE', /* required */
  addonName: 'STRING_VALUE',
  maxResults: 'NUMBER_VALUE',
  nextToken: 'STRING_VALUE',
  nodegroupName: 'STRING_VALUE'
};
eks.listUpdates(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • name — (String)

      The name of the Amazon EKS cluster to list updates for.

    • nodegroupName — (String)

      The name of the Amazon EKS managed node group to list updates for.

    • addonName — (String)

      The names of the installed add-ons that have available updates.

    • nextToken — (String)

      The nextToken value returned from a previous paginated ListUpdates request where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value.

    • maxResults — (Integer)

      The maximum number of update results returned by ListUpdates in paginated output. When you use this parameter, ListUpdates returns only maxResults results in a single page along with a nextToken response element. You can see the remaining results of the initial request by sending another ListUpdates request with the returned nextToken value. This value can be between 1 and 100. If you don't use this parameter, ListUpdates returns up to 100 results and a nextToken value if applicable.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • updateIds — (Array<String>)

        A list of all the updates for the specified cluster and Region.

      • nextToken — (String)

        The nextToken value to include in a future ListUpdates request. When the results of a ListUpdates request exceed maxResults, you can use this value to retrieve the next page of results. This value is null when there are no more results to return.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

tagResource(params = {}, callback) ⇒ AWS.Request

Associates the specified tags to a resource with the specified resourceArn. If existing tags on a resource are not specified in the request parameters, they are not changed. When a resource is deleted, the tags associated with that resource are deleted as well. Tags that you create for Amazon EKS resources do not propagate to any other resources associated with the cluster. For example, if you tag a cluster with this operation, that tag does not automatically propagate to the subnets and nodes associated with the cluster.

Service Reference:

Examples:

Calling the tagResource operation

var params = {
  resourceArn: 'STRING_VALUE', /* required */
  tags: { /* required */
    '<TagKey>': 'STRING_VALUE',
    /* '<TagKey>': ... */
  }
};
eks.tagResource(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • resourceArn — (String)

      The Amazon Resource Name (ARN) of the resource to which to add tags. Currently, the supported resources are Amazon EKS clusters and managed node groups.

    • tags — (map<String>)

      The tags to add to the resource. A tag is an array of key-value pairs.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

untagResource(params = {}, callback) ⇒ AWS.Request

Deletes specified tags from a resource.

Service Reference:

Examples:

Calling the untagResource operation

var params = {
  resourceArn: 'STRING_VALUE', /* required */
  tagKeys: [ /* required */
    'STRING_VALUE',
    /* more items */
  ]
};
eks.untagResource(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • resourceArn — (String)

      The Amazon Resource Name (ARN) of the resource from which to delete tags. Currently, the supported resources are Amazon EKS clusters and managed node groups.

    • tagKeys — (Array<String>)

      The keys of the tags to be removed.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

updateAddon(params = {}, callback) ⇒ AWS.Request

Updates an Amazon EKS add-on.

Service Reference:

Examples:

Calling the updateAddon operation

var params = {
  addonName: 'STRING_VALUE', /* required */
  clusterName: 'STRING_VALUE', /* required */
  addonVersion: 'STRING_VALUE',
  clientRequestToken: 'STRING_VALUE',
  resolveConflicts: OVERWRITE | NONE,
  serviceAccountRoleArn: 'STRING_VALUE'
};
eks.updateAddon(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the cluster.

    • addonName — (String)

      The name of the add-on. The name must match one of the names returned by ListAddons .

    • addonVersion — (String)

      The version of the add-on. The version must match one of the versions returned by DescribeAddonVersions .

    • serviceAccountRoleArn — (String)

      The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see Amazon EKS node IAM role in the Amazon EKS User Guide.

      Note: To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see Enabling IAM roles for service accounts on your cluster in the Amazon EKS User Guide.
    • resolveConflicts — (String)

      How to resolve parameter value conflicts when applying the new version of the add-on to the cluster.

      Possible values include:
      • "OVERWRITE"
      • "NONE"
    • clientRequestToken — (String)

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

      If a token is not provided, the SDK will use a version 4 UUID.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • update — (map)

        An object representing an asynchronous update.

        • id — (String)

          A UUID that is used to track the update.

        • status — (String)

          The current status of the update.

          Possible values include:
          • "InProgress"
          • "Failed"
          • "Cancelled"
          • "Successful"
        • type — (String)

          The type of the update.

          Possible values include:
          • "VersionUpdate"
          • "EndpointAccessUpdate"
          • "LoggingUpdate"
          • "ConfigUpdate"
          • "AssociateIdentityProviderConfig"
          • "DisassociateIdentityProviderConfig"
          • "AssociateEncryptionConfig"
          • "AddonUpdate"
        • params — (Array<map>)

          A key-value map that contains the parameters associated with the update.

          • type — (String)

            The keys associated with an update request.

            Possible values include:
            • "Version"
            • "PlatformVersion"
            • "EndpointPrivateAccess"
            • "EndpointPublicAccess"
            • "ClusterLogging"
            • "DesiredSize"
            • "LabelsToAdd"
            • "LabelsToRemove"
            • "TaintsToAdd"
            • "TaintsToRemove"
            • "MaxSize"
            • "MinSize"
            • "ReleaseVersion"
            • "PublicAccessCidrs"
            • "LaunchTemplateName"
            • "LaunchTemplateVersion"
            • "IdentityProviderConfig"
            • "EncryptionConfig"
            • "AddonVersion"
            • "ServiceAccountRoleArn"
            • "ResolveConflicts"
            • "MaxUnavailable"
            • "MaxUnavailablePercentage"
          • value — (String)

            The value of the keys submitted as part of an update request.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the update was created.

        • errors — (Array<map>)

          Any errors associated with a Failed update.

          • errorCode — (String)

            A brief description of the error.

            • SubnetNotFound: We couldn't find one of the subnets associated with the cluster.

            • SecurityGroupNotFound: We couldn't find one of the security groups associated with the cluster.

            • EniLimitReached: You have reached the elastic network interface limit for your account.

            • IpNotAvailable: A subnet associated with the cluster doesn't have any free IP addresses.

            • AccessDenied: You don't have permissions to perform the specified operation.

            • OperationNotPermitted: The service role associated with the cluster doesn't have the required access permissions for Amazon EKS.

            • VpcIdNotFound: We couldn't find the VPC associated with the cluster.

            Possible values include:
            • "SubnetNotFound"
            • "SecurityGroupNotFound"
            • "EniLimitReached"
            • "IpNotAvailable"
            • "AccessDenied"
            • "OperationNotPermitted"
            • "VpcIdNotFound"
            • "Unknown"
            • "NodeCreationFailure"
            • "PodEvictionFailure"
            • "InsufficientFreeAddresses"
            • "ClusterUnreachable"
            • "InsufficientNumberOfReplicas"
            • "ConfigurationConflict"
            • "AdmissionRequestDenied"
          • errorMessage — (String)

            A more complete description of the error.

          • resourceIds — (Array<String>)

            An optional field that contains the resource IDs associated with the error.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

updateClusterConfig(params = {}, callback) ⇒ AWS.Request

Updates an Amazon EKS cluster configuration. Your cluster continues to function during the update. The response output includes an update ID that you can use to track the status of your cluster update with the DescribeUpdate API operation.

You can use this API operation to enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs. By default, cluster control plane logs aren't exported to CloudWatch Logs. For more information, see Amazon EKS Cluster Control Plane Logs in the Amazon EKS User Guide .

Note: CloudWatch Logs ingestion, archive storage, and data scanning rates apply to exported control plane logs. For more information, see Amazon CloudWatch Pricing.

You can also use this API operation to enable or disable public and private access to your cluster's Kubernetes API server endpoint. By default, public access is enabled, and private access is disabled. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

You can't update the subnets or security group IDs for an existing cluster.

Cluster updates are asynchronous, and they should finish within a few minutes. During an update, the cluster status moves to UPDATING (this status transition is eventually consistent). When the update is complete (either Failed or Successful), the cluster status moves to Active.

Service Reference:

Examples:

Calling the updateClusterConfig operation

var params = {
  name: 'STRING_VALUE', /* required */
  clientRequestToken: 'STRING_VALUE',
  logging: {
    clusterLogging: [
      {
        enabled: true || false,
        types: [
          api | audit | authenticator | controllerManager | scheduler,
          /* more items */
        ]
      },
      /* more items */
    ]
  },
  resourcesVpcConfig: {
    endpointPrivateAccess: true || false,
    endpointPublicAccess: true || false,
    publicAccessCidrs: [
      'STRING_VALUE',
      /* more items */
    ],
    securityGroupIds: [
      'STRING_VALUE',
      /* more items */
    ],
    subnetIds: [
      'STRING_VALUE',
      /* more items */
    ]
  }
};
eks.updateClusterConfig(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • name — (String)

      The name of the Amazon EKS cluster to update.

    • resourcesVpcConfig — (map)

      An object representing the VPC configuration to use for an Amazon EKS cluster.

      • subnetIds — (Array<String>)

        Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.

      • securityGroupIds — (Array<String>)

        Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your nodes and the Kubernetes control plane. If you don't specify any security groups, then familiarize yourself with the difference between Amazon EKS defaults for clusters deployed with Kubernetes:

        • 1.14 Amazon EKS platform version eks.2 and earlier

        • 1.14 Amazon EKS platform version eks.3 and later

        For more information, see Amazon EKS security group considerations in the Amazon EKS User Guide .

      • endpointPublicAccess — (Boolean)

        Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

      • endpointPrivateAccess — (Boolean)

        Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

      • publicAccessCidrs — (Array<String>)

        The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

    • logging — (map)

      Enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs. By default, cluster control plane logs aren't exported to CloudWatch Logs. For more information, see Amazon EKS Cluster Control Plane Logs in the Amazon EKS User Guide .

      Note: CloudWatch Logs ingestion, archive storage, and data scanning rates apply to exported control plane logs. For more information, see Amazon CloudWatch Pricing.
      • clusterLogging — (Array<map>)

        The cluster control plane logging configuration for your cluster.

        • types — (Array<String>)

          The available cluster control plane log types.

        • enabled — (Boolean)

          If a log type is enabled, that log type exports its control plane logs to CloudWatch Logs. If a log type isn't enabled, that log type doesn't export its control plane logs. Each individual log type can be enabled or disabled independently.

    • clientRequestToken — (String)

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

      If a token is not provided, the SDK will use a version 4 UUID.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • update — (map)

        An object representing an asynchronous update.

        • id — (String)

          A UUID that is used to track the update.

        • status — (String)

          The current status of the update.

          Possible values include:
          • "InProgress"
          • "Failed"
          • "Cancelled"
          • "Successful"
        • type — (String)

          The type of the update.

          Possible values include:
          • "VersionUpdate"
          • "EndpointAccessUpdate"
          • "LoggingUpdate"
          • "ConfigUpdate"
          • "AssociateIdentityProviderConfig"
          • "DisassociateIdentityProviderConfig"
          • "AssociateEncryptionConfig"
          • "AddonUpdate"
        • params — (Array<map>)

          A key-value map that contains the parameters associated with the update.

          • type — (String)

            The keys associated with an update request.

            Possible values include:
            • "Version"
            • "PlatformVersion"
            • "EndpointPrivateAccess"
            • "EndpointPublicAccess"
            • "ClusterLogging"
            • "DesiredSize"
            • "LabelsToAdd"
            • "LabelsToRemove"
            • "TaintsToAdd"
            • "TaintsToRemove"
            • "MaxSize"
            • "MinSize"
            • "ReleaseVersion"
            • "PublicAccessCidrs"
            • "LaunchTemplateName"
            • "LaunchTemplateVersion"
            • "IdentityProviderConfig"
            • "EncryptionConfig"
            • "AddonVersion"
            • "ServiceAccountRoleArn"
            • "ResolveConflicts"
            • "MaxUnavailable"
            • "MaxUnavailablePercentage"
          • value — (String)

            The value of the keys submitted as part of an update request.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the update was created.

        • errors — (Array<map>)

          Any errors associated with a Failed update.

          • errorCode — (String)

            A brief description of the error.

            • SubnetNotFound: We couldn't find one of the subnets associated with the cluster.

            • SecurityGroupNotFound: We couldn't find one of the security groups associated with the cluster.

            • EniLimitReached: You have reached the elastic network interface limit for your account.

            • IpNotAvailable: A subnet associated with the cluster doesn't have any free IP addresses.

            • AccessDenied: You don't have permissions to perform the specified operation.

            • OperationNotPermitted: The service role associated with the cluster doesn't have the required access permissions for Amazon EKS.

            • VpcIdNotFound: We couldn't find the VPC associated with the cluster.

            Possible values include:
            • "SubnetNotFound"
            • "SecurityGroupNotFound"
            • "EniLimitReached"
            • "IpNotAvailable"
            • "AccessDenied"
            • "OperationNotPermitted"
            • "VpcIdNotFound"
            • "Unknown"
            • "NodeCreationFailure"
            • "PodEvictionFailure"
            • "InsufficientFreeAddresses"
            • "ClusterUnreachable"
            • "InsufficientNumberOfReplicas"
            • "ConfigurationConflict"
            • "AdmissionRequestDenied"
          • errorMessage — (String)

            A more complete description of the error.

          • resourceIds — (Array<String>)

            An optional field that contains the resource IDs associated with the error.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

updateClusterVersion(params = {}, callback) ⇒ AWS.Request

Updates an Amazon EKS cluster to the specified Kubernetes version. Your cluster continues to function during the update. The response output includes an update ID that you can use to track the status of your cluster update with the DescribeUpdate API operation.

Cluster updates are asynchronous, and they should finish within a few minutes. During an update, the cluster status moves to UPDATING (this status transition is eventually consistent). When the update is complete (either Failed or Successful), the cluster status moves to Active.

If your cluster has managed node groups attached to it, all of your node groups’ Kubernetes versions must match the cluster’s Kubernetes version in order to update the cluster to a new Kubernetes version.

Service Reference:

Examples:

Calling the updateClusterVersion operation

var params = {
  name: 'STRING_VALUE', /* required */
  version: 'STRING_VALUE', /* required */
  clientRequestToken: 'STRING_VALUE'
};
eks.updateClusterVersion(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • name — (String)

      The name of the Amazon EKS cluster to update.

    • version — (String)

      The desired Kubernetes version following a successful update.

    • clientRequestToken — (String)

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

      If a token is not provided, the SDK will use a version 4 UUID.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • update — (map)

        The full description of the specified update

        • id — (String)

          A UUID that is used to track the update.

        • status — (String)

          The current status of the update.

          Possible values include:
          • "InProgress"
          • "Failed"
          • "Cancelled"
          • "Successful"
        • type — (String)

          The type of the update.

          Possible values include:
          • "VersionUpdate"
          • "EndpointAccessUpdate"
          • "LoggingUpdate"
          • "ConfigUpdate"
          • "AssociateIdentityProviderConfig"
          • "DisassociateIdentityProviderConfig"
          • "AssociateEncryptionConfig"
          • "AddonUpdate"
        • params — (Array<map>)

          A key-value map that contains the parameters associated with the update.

          • type — (String)

            The keys associated with an update request.

            Possible values include:
            • "Version"
            • "PlatformVersion"
            • "EndpointPrivateAccess"
            • "EndpointPublicAccess"
            • "ClusterLogging"
            • "DesiredSize"
            • "LabelsToAdd"
            • "LabelsToRemove"
            • "TaintsToAdd"
            • "TaintsToRemove"
            • "MaxSize"
            • "MinSize"
            • "ReleaseVersion"
            • "PublicAccessCidrs"
            • "LaunchTemplateName"
            • "LaunchTemplateVersion"
            • "IdentityProviderConfig"
            • "EncryptionConfig"
            • "AddonVersion"
            • "ServiceAccountRoleArn"
            • "ResolveConflicts"
            • "MaxUnavailable"
            • "MaxUnavailablePercentage"
          • value — (String)

            The value of the keys submitted as part of an update request.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the update was created.

        • errors — (Array<map>)

          Any errors associated with a Failed update.

          • errorCode — (String)

            A brief description of the error.

            • SubnetNotFound: We couldn't find one of the subnets associated with the cluster.

            • SecurityGroupNotFound: We couldn't find one of the security groups associated with the cluster.

            • EniLimitReached: You have reached the elastic network interface limit for your account.

            • IpNotAvailable: A subnet associated with the cluster doesn't have any free IP addresses.

            • AccessDenied: You don't have permissions to perform the specified operation.

            • OperationNotPermitted: The service role associated with the cluster doesn't have the required access permissions for Amazon EKS.

            • VpcIdNotFound: We couldn't find the VPC associated with the cluster.

            Possible values include:
            • "SubnetNotFound"
            • "SecurityGroupNotFound"
            • "EniLimitReached"
            • "IpNotAvailable"
            • "AccessDenied"
            • "OperationNotPermitted"
            • "VpcIdNotFound"
            • "Unknown"
            • "NodeCreationFailure"
            • "PodEvictionFailure"
            • "InsufficientFreeAddresses"
            • "ClusterUnreachable"
            • "InsufficientNumberOfReplicas"
            • "ConfigurationConflict"
            • "AdmissionRequestDenied"
          • errorMessage — (String)

            A more complete description of the error.

          • resourceIds — (Array<String>)

            An optional field that contains the resource IDs associated with the error.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

updateNodegroupConfig(params = {}, callback) ⇒ AWS.Request

Updates an Amazon EKS managed node group configuration. Your node group continues to function during the update. The response output includes an update ID that you can use to track the status of your node group update with the DescribeUpdate API operation. Currently you can update the Kubernetes labels for a node group or the scaling configuration.

Service Reference:

Examples:

Calling the updateNodegroupConfig operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  nodegroupName: 'STRING_VALUE', /* required */
  clientRequestToken: 'STRING_VALUE',
  labels: {
    addOrUpdateLabels: {
      '<labelKey>': 'STRING_VALUE',
      /* '<labelKey>': ... */
    },
    removeLabels: [
      'STRING_VALUE',
      /* more items */
    ]
  },
  scalingConfig: {
    desiredSize: 'NUMBER_VALUE',
    maxSize: 'NUMBER_VALUE',
    minSize: 'NUMBER_VALUE'
  },
  taints: {
    addOrUpdateTaints: [
      {
        effect: NO_SCHEDULE | NO_EXECUTE | PREFER_NO_SCHEDULE,
        key: 'STRING_VALUE',
        value: 'STRING_VALUE'
      },
      /* more items */
    ],
    removeTaints: [
      {
        effect: NO_SCHEDULE | NO_EXECUTE | PREFER_NO_SCHEDULE,
        key: 'STRING_VALUE',
        value: 'STRING_VALUE'
      },
      /* more items */
    ]
  },
  updateConfig: {
    maxUnavailable: 'NUMBER_VALUE',
    maxUnavailablePercentage: 'NUMBER_VALUE'
  }
};
eks.updateNodegroupConfig(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the Amazon EKS cluster that the managed node group resides in.

    • nodegroupName — (String)

      The name of the managed node group to update.

    • labels — (map)

      The Kubernetes labels to be applied to the nodes in the node group after the update.

      • addOrUpdateLabels — (map<String>)

        Kubernetes labels to be added or updated.

      • removeLabels — (Array<String>)

        Kubernetes labels to be removed.

    • taints — (map)

      The Kubernetes taints to be applied to the nodes in the node group after the update.

      • addOrUpdateTaints — (Array<map>)

        Kubernetes taints to be added or updated.

        • key — (String)

          The key of the taint.

        • value — (String)

          The value of the taint.

        • effect — (String)

          The effect of the taint.

          Possible values include:
          • "NO_SCHEDULE"
          • "NO_EXECUTE"
          • "PREFER_NO_SCHEDULE"
      • removeTaints — (Array<map>)

        Kubernetes taints to be removed.

        • key — (String)

          The key of the taint.

        • value — (String)

          The value of the taint.

        • effect — (String)

          The effect of the taint.

          Possible values include:
          • "NO_SCHEDULE"
          • "NO_EXECUTE"
          • "PREFER_NO_SCHEDULE"
    • scalingConfig — (map)

      The scaling configuration details for the Auto Scaling group after the update.

      • minSize — (Integer)

        The minimum number of nodes that the managed node group can scale in to. This number must be greater than zero.

      • maxSize — (Integer)

        The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see Amazon EKS service quotas in the Amazon EKS User Guide.

      • desiredSize — (Integer)

        The current number of nodes that the managed node group should maintain.

    • updateConfig — (map)
      • maxUnavailable — (Integer)
      • maxUnavailablePercentage — (Integer)
    • clientRequestToken — (String)

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

      If a token is not provided, the SDK will use a version 4 UUID.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • update — (map)

        An object representing an asynchronous update.

        • id — (String)

          A UUID that is used to track the update.

        • status — (String)

          The current status of the update.

          Possible values include:
          • "InProgress"
          • "Failed"
          • "Cancelled"
          • "Successful"
        • type — (String)

          The type of the update.

          Possible values include:
          • "VersionUpdate"
          • "EndpointAccessUpdate"
          • "LoggingUpdate"
          • "ConfigUpdate"
          • "AssociateIdentityProviderConfig"
          • "DisassociateIdentityProviderConfig"
          • "AssociateEncryptionConfig"
          • "AddonUpdate"
        • params — (Array<map>)

          A key-value map that contains the parameters associated with the update.

          • type — (String)

            The keys associated with an update request.

            Possible values include:
            • "Version"
            • "PlatformVersion"
            • "EndpointPrivateAccess"
            • "EndpointPublicAccess"
            • "ClusterLogging"
            • "DesiredSize"
            • "LabelsToAdd"
            • "LabelsToRemove"
            • "TaintsToAdd"
            • "TaintsToRemove"
            • "MaxSize"
            • "MinSize"
            • "ReleaseVersion"
            • "PublicAccessCidrs"
            • "LaunchTemplateName"
            • "LaunchTemplateVersion"
            • "IdentityProviderConfig"
            • "EncryptionConfig"
            • "AddonVersion"
            • "ServiceAccountRoleArn"
            • "ResolveConflicts"
            • "MaxUnavailable"
            • "MaxUnavailablePercentage"
          • value — (String)

            The value of the keys submitted as part of an update request.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the update was created.

        • errors — (Array<map>)

          Any errors associated with a Failed update.

          • errorCode — (String)

            A brief description of the error.

            • SubnetNotFound: We couldn't find one of the subnets associated with the cluster.

            • SecurityGroupNotFound: We couldn't find one of the security groups associated with the cluster.

            • EniLimitReached: You have reached the elastic network interface limit for your account.

            • IpNotAvailable: A subnet associated with the cluster doesn't have any free IP addresses.

            • AccessDenied: You don't have permissions to perform the specified operation.

            • OperationNotPermitted: The service role associated with the cluster doesn't have the required access permissions for Amazon EKS.

            • VpcIdNotFound: We couldn't find the VPC associated with the cluster.

            Possible values include:
            • "SubnetNotFound"
            • "SecurityGroupNotFound"
            • "EniLimitReached"
            • "IpNotAvailable"
            • "AccessDenied"
            • "OperationNotPermitted"
            • "VpcIdNotFound"
            • "Unknown"
            • "NodeCreationFailure"
            • "PodEvictionFailure"
            • "InsufficientFreeAddresses"
            • "ClusterUnreachable"
            • "InsufficientNumberOfReplicas"
            • "ConfigurationConflict"
            • "AdmissionRequestDenied"
          • errorMessage — (String)

            A more complete description of the error.

          • resourceIds — (Array<String>)

            An optional field that contains the resource IDs associated with the error.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

updateNodegroupVersion(params = {}, callback) ⇒ AWS.Request

Updates the Kubernetes version or AMI version of an Amazon EKS managed node group.

You can update a node group using a launch template only if the node group was originally deployed with a launch template. If you need to update a custom AMI in a node group that was deployed with a launch template, then update your custom AMI, specify the new ID in a new version of the launch template, and then update the node group to the new version of the launch template.

If you update without a launch template, then you can update to the latest available AMI version of a node group's current Kubernetes version by not specifying a Kubernetes version in the request. You can update to the latest AMI version of your cluster's current Kubernetes version by specifying your cluster's Kubernetes version in the request. For more information, see Amazon EKS optimized Amazon Linux 2 AMI versions in the Amazon EKS User Guide.

You cannot roll back a node group to an earlier Kubernetes version or AMI version.

When a node in a managed node group is terminated due to a scaling action or update, the pods in that node are drained first. Amazon EKS attempts to drain the nodes gracefully and will fail if it is unable to do so. You can force the update if Amazon EKS is unable to drain the nodes as a result of a pod disruption budget issue.

Service Reference:

Examples:

Calling the updateNodegroupVersion operation

var params = {
  clusterName: 'STRING_VALUE', /* required */
  nodegroupName: 'STRING_VALUE', /* required */
  clientRequestToken: 'STRING_VALUE',
  force: true || false,
  launchTemplate: {
    id: 'STRING_VALUE',
    name: 'STRING_VALUE',
    version: 'STRING_VALUE'
  },
  releaseVersion: 'STRING_VALUE',
  version: 'STRING_VALUE'
};
eks.updateNodegroupVersion(params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object) (defaults to: {})
    • clusterName — (String)

      The name of the Amazon EKS cluster that is associated with the managed node group to update.

    • nodegroupName — (String)

      The name of the managed node group to update.

    • version — (String)

      The Kubernetes version to update to. If no version is specified, then the Kubernetes version of the node group does not change. You can specify the Kubernetes version of the cluster to update the node group to the latest AMI version of the cluster's Kubernetes version. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify version, or the node group update will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

    • releaseVersion — (String)

      The AMI version of the Amazon EKS optimized AMI to use for the update. By default, the latest available AMI version for the node group's Kubernetes version is used. For more information, see Amazon EKS optimized Amazon Linux 2 AMI versions in the Amazon EKS User Guide. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify releaseVersion, or the node group update will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

    • launchTemplate — (map)

      An object representing a node group's launch template specification. You can only update a node group using a launch template if the node group was originally deployed with a launch template.

      • name — (String)

        The name of the launch template.

      • version — (String)

        The version of the launch template to use. If no version is specified, then the template's default version is used.

      • id — (String)

        The ID of the launch template.

    • force — (Boolean)

      Force the update if the existing node group's pods are unable to be drained due to a pod disruption budget issue. If an update fails because pods could not be drained, you can force the update after it fails to terminate the old node whether or not any pods are running on the node.

    • clientRequestToken — (String)

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

      If a token is not provided, the SDK will use a version 4 UUID.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • update — (map)

        An object representing an asynchronous update.

        • id — (String)

          A UUID that is used to track the update.

        • status — (String)

          The current status of the update.

          Possible values include:
          • "InProgress"
          • "Failed"
          • "Cancelled"
          • "Successful"
        • type — (String)

          The type of the update.

          Possible values include:
          • "VersionUpdate"
          • "EndpointAccessUpdate"
          • "LoggingUpdate"
          • "ConfigUpdate"
          • "AssociateIdentityProviderConfig"
          • "DisassociateIdentityProviderConfig"
          • "AssociateEncryptionConfig"
          • "AddonUpdate"
        • params — (Array<map>)

          A key-value map that contains the parameters associated with the update.

          • type — (String)

            The keys associated with an update request.

            Possible values include:
            • "Version"
            • "PlatformVersion"
            • "EndpointPrivateAccess"
            • "EndpointPublicAccess"
            • "ClusterLogging"
            • "DesiredSize"
            • "LabelsToAdd"
            • "LabelsToRemove"
            • "TaintsToAdd"
            • "TaintsToRemove"
            • "MaxSize"
            • "MinSize"
            • "ReleaseVersion"
            • "PublicAccessCidrs"
            • "LaunchTemplateName"
            • "LaunchTemplateVersion"
            • "IdentityProviderConfig"
            • "EncryptionConfig"
            • "AddonVersion"
            • "ServiceAccountRoleArn"
            • "ResolveConflicts"
            • "MaxUnavailable"
            • "MaxUnavailablePercentage"
          • value — (String)

            The value of the keys submitted as part of an update request.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the update was created.

        • errors — (Array<map>)

          Any errors associated with a Failed update.

          • errorCode — (String)

            A brief description of the error.

            • SubnetNotFound: We couldn't find one of the subnets associated with the cluster.

            • SecurityGroupNotFound: We couldn't find one of the security groups associated with the cluster.

            • EniLimitReached: You have reached the elastic network interface limit for your account.

            • IpNotAvailable: A subnet associated with the cluster doesn't have any free IP addresses.

            • AccessDenied: You don't have permissions to perform the specified operation.

            • OperationNotPermitted: The service role associated with the cluster doesn't have the required access permissions for Amazon EKS.

            • VpcIdNotFound: We couldn't find the VPC associated with the cluster.

            Possible values include:
            • "SubnetNotFound"
            • "SecurityGroupNotFound"
            • "EniLimitReached"
            • "IpNotAvailable"
            • "AccessDenied"
            • "OperationNotPermitted"
            • "VpcIdNotFound"
            • "Unknown"
            • "NodeCreationFailure"
            • "PodEvictionFailure"
            • "InsufficientFreeAddresses"
            • "ClusterUnreachable"
            • "InsufficientNumberOfReplicas"
            • "ConfigurationConflict"
            • "AdmissionRequestDenied"
          • errorMessage — (String)

            A more complete description of the error.

          • resourceIds — (Array<String>)

            An optional field that contains the resource IDs associated with the error.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

waitFor(state, params = {}, callback) ⇒ AWS.Request

Waits for a given EKS resource. The final callback or 'complete' event will be fired only when the resource is either in its final state or the waiter has timed out and stopped polling for the final state.

Examples:

Waiting for the clusterActive state

var params = {
  name: 'STRING_VALUE' /* required */
};
eks.waitFor('clusterActive', params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • state (String)

    the resource state to wait for. Available states for this service are listed in "Waiter Resource States" below.

  • params (map) (defaults to: {})

    a list of parameters for the given state. See each waiter resource state for required parameters.

Callback (callback):

  • function(err, data) { ... }

    Callback containing error and data information. See the respective resource state for the expected error or data information.

    If the waiter times out its requests, it will return a ResourceNotReady error.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

Waiter Resource States:

Waiter Resource Details

eks.waitFor('clusterActive', params = {}, [callback]) ⇒ AWS.Request

Waits for the clusterActive state by periodically calling the underlying EKS.describeCluster() operation every 30 seconds (at most 40 times).

Examples:

Waiting for the clusterActive state

var params = {
  name: 'STRING_VALUE' /* required */
};
eks.waitFor('clusterActive', params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object)
    • name — (String)

      The name of the cluster to describe.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • cluster — (map)

        The full description of your specified cluster.

        • name — (String)

          The name of the cluster.

        • arn — (String)

          The Amazon Resource Name (ARN) of the cluster.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the cluster was created.

        • version — (String)

          The Kubernetes server version for the cluster.

        • endpoint — (String)

          The endpoint for your Kubernetes API server.

        • roleArn — (String)

          The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

        • resourcesVpcConfig — (map)

          The VPC configuration used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide.

          • subnetIds — (Array<String>)

            The subnets associated with your cluster.

          • securityGroupIds — (Array<String>)

            The security groups associated with the cross-account elastic network interfaces that are used to allow communication between your nodes and the Kubernetes control plane.

          • clusterSecurityGroupId — (String)

            The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.

          • vpcId — (String)

            The VPC associated with your cluster.

          • endpointPublicAccess — (Boolean)

            This parameter indicates whether the Amazon EKS public API server endpoint is enabled. If the Amazon EKS public API server endpoint is disabled, your cluster's Kubernetes API server can only receive requests that originate from within the cluster VPC.

          • endpointPrivateAccess — (Boolean)

            This parameter indicates whether the Amazon EKS private API server endpoint is enabled. If the Amazon EKS private API server endpoint is enabled, Kubernetes API requests that originate from within your cluster's VPC use the private VPC endpoint instead of traversing the internet. If this value is disabled and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

          • publicAccessCidrs — (Array<String>)

            The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the listed CIDR blocks is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that the necessary CIDR blocks are listed. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

        • kubernetesNetworkConfig — (map)

          The Kubernetes network configuration for the cluster.

          • serviceIpv4Cidr — (String)

            The CIDR block that Kubernetes service IP addresses are assigned from. If you didn't specify a CIDR block when you created the cluster, then Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. If this was specified, then it was specified when the cluster was created and it cannot be changed.

        • logging — (map)

          The logging configuration for your cluster.

          • clusterLogging — (Array<map>)

            The cluster control plane logging configuration for your cluster.

            • types — (Array<String>)

              The available cluster control plane log types.

            • enabled — (Boolean)

              If a log type is enabled, that log type exports its control plane logs to CloudWatch Logs. If a log type isn't enabled, that log type doesn't export its control plane logs. Each individual log type can be enabled or disabled independently.

        • identity — (map)

          The identity provider information for the cluster.

          • oidc — (map)

            An object representing the OpenID Connect identity provider information.

            • issuer — (String)

              The issuer URL for the OIDC identity provider.

        • status — (String)

          The current status of the cluster.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "DELETING"
          • "FAILED"
          • "UPDATING"
        • certificateAuthority — (map)

          The certificate-authority-data for your cluster.

          • data — (String)

            The Base64-encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

        • clientRequestToken — (String)

          Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

        • platformVersion — (String)

          The platform version of your Amazon EKS cluster. For more information, see Platform Versions in the Amazon EKS User Guide .

        • tags — (map<String>)

          The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags do not propagate to any other resources associated with the cluster.

        • encryptionConfig — (Array<map>)

          The encryption configuration for the cluster.

          • resources — (Array<String>)

            Specifies the resources to be encrypted. The only supported value is "secrets".

          • provider — (map)

            AWS Key Management Service (AWS KMS) key. Either the ARN or the alias can be used.

            • keyArn — (String)

              Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key. For more information, see Allowing Users in Other Accounts to Use a KMS key in the AWS Key Management Service Developer Guide.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

See Also:

eks.waitFor('clusterDeleted', params = {}, [callback]) ⇒ AWS.Request

Waits for the clusterDeleted state by periodically calling the underlying EKS.describeCluster() operation every 30 seconds (at most 40 times).

Examples:

Waiting for the clusterDeleted state

var params = {
  name: 'STRING_VALUE' /* required */
};
eks.waitFor('clusterDeleted', params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object)
    • name — (String)

      The name of the cluster to describe.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • cluster — (map)

        The full description of your specified cluster.

        • name — (String)

          The name of the cluster.

        • arn — (String)

          The Amazon Resource Name (ARN) of the cluster.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the cluster was created.

        • version — (String)

          The Kubernetes server version for the cluster.

        • endpoint — (String)

          The endpoint for your Kubernetes API server.

        • roleArn — (String)

          The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.

        • resourcesVpcConfig — (map)

          The VPC configuration used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide.

          • subnetIds — (Array<String>)

            The subnets associated with your cluster.

          • securityGroupIds — (Array<String>)

            The security groups associated with the cross-account elastic network interfaces that are used to allow communication between your nodes and the Kubernetes control plane.

          • clusterSecurityGroupId — (String)

            The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.

          • vpcId — (String)

            The VPC associated with your cluster.

          • endpointPublicAccess — (Boolean)

            This parameter indicates whether the Amazon EKS public API server endpoint is enabled. If the Amazon EKS public API server endpoint is disabled, your cluster's Kubernetes API server can only receive requests that originate from within the cluster VPC.

          • endpointPrivateAccess — (Boolean)

            This parameter indicates whether the Amazon EKS private API server endpoint is enabled. If the Amazon EKS private API server endpoint is enabled, Kubernetes API requests that originate from within your cluster's VPC use the private VPC endpoint instead of traversing the internet. If this value is disabled and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

          • publicAccessCidrs — (Array<String>)

            The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the listed CIDR blocks is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that the necessary CIDR blocks are listed. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

        • kubernetesNetworkConfig — (map)

          The Kubernetes network configuration for the cluster.

          • serviceIpv4Cidr — (String)

            The CIDR block that Kubernetes service IP addresses are assigned from. If you didn't specify a CIDR block when you created the cluster, then Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. If this was specified, then it was specified when the cluster was created and it cannot be changed.

        • logging — (map)

          The logging configuration for your cluster.

          • clusterLogging — (Array<map>)

            The cluster control plane logging configuration for your cluster.

            • types — (Array<String>)

              The available cluster control plane log types.

            • enabled — (Boolean)

              If a log type is enabled, that log type exports its control plane logs to CloudWatch Logs. If a log type isn't enabled, that log type doesn't export its control plane logs. Each individual log type can be enabled or disabled independently.

        • identity — (map)

          The identity provider information for the cluster.

          • oidc — (map)

            An object representing the OpenID Connect identity provider information.

            • issuer — (String)

              The issuer URL for the OIDC identity provider.

        • status — (String)

          The current status of the cluster.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "DELETING"
          • "FAILED"
          • "UPDATING"
        • certificateAuthority — (map)

          The certificate-authority-data for your cluster.

          • data — (String)

            The Base64-encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

        • clientRequestToken — (String)

          Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

        • platformVersion — (String)

          The platform version of your Amazon EKS cluster. For more information, see Platform Versions in the Amazon EKS User Guide .

        • tags — (map<String>)

          The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags do not propagate to any other resources associated with the cluster.

        • encryptionConfig — (Array<map>)

          The encryption configuration for the cluster.

          • resources — (Array<String>)

            Specifies the resources to be encrypted. The only supported value is "secrets".

          • provider — (map)

            AWS Key Management Service (AWS KMS) key. Either the ARN or the alias can be used.

            • keyArn — (String)

              Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key. For more information, see Allowing Users in Other Accounts to Use a KMS key in the AWS Key Management Service Developer Guide.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

See Also:

eks.waitFor('nodegroupActive', params = {}, [callback]) ⇒ AWS.Request

Waits for the nodegroupActive state by periodically calling the underlying EKS.describeNodegroup() operation every 30 seconds (at most 80 times).

Examples:

Waiting for the nodegroupActive state

var params = {
  clusterName: 'STRING_VALUE', /* required */
  nodegroupName: 'STRING_VALUE' /* required */
};
eks.waitFor('nodegroupActive', params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object)
    • clusterName — (String)

      The name of the Amazon EKS cluster associated with the node group.

    • nodegroupName — (String)

      The name of the node group to describe.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • nodegroup — (map)

        The full description of your node group.

        • nodegroupName — (String)

          The name associated with an Amazon EKS managed node group.

        • nodegroupArn — (String)

          The Amazon Resource Name (ARN) associated with the managed node group.

        • clusterName — (String)

          The name of the cluster that the managed node group resides in.

        • version — (String)

          The Kubernetes version of the managed node group.

        • releaseVersion — (String)

          If the node group was deployed using a launch template with a custom AMI, then this is the AMI ID that was specified in the launch template. For node groups that weren't deployed using a launch template, this is the version of the Amazon EKS optimized AMI that the node group was deployed with.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the managed node group was created.

        • modifiedAt — (Date)

          The Unix epoch timestamp in seconds for when the managed node group was last modified.

        • status — (String)

          The current status of the managed node group.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "UPDATING"
          • "DELETING"
          • "CREATE_FAILED"
          • "DELETE_FAILED"
          • "DEGRADED"
        • capacityType — (String)

          The capacity type of your managed node group.

          Possible values include:
          • "ON_DEMAND"
          • "SPOT"
        • scalingConfig — (map)

          The scaling configuration details for the Auto Scaling group that is associated with your node group.

          • minSize — (Integer)

            The minimum number of nodes that the managed node group can scale in to. This number must be greater than zero.

          • maxSize — (Integer)

            The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see Amazon EKS service quotas in the Amazon EKS User Guide.

          • desiredSize — (Integer)

            The current number of nodes that the managed node group should maintain.

        • instanceTypes — (Array<String>)

          If the node group wasn't deployed with a launch template, then this is the instance type that is associated with the node group. If the node group was deployed with a launch template, then this is null.

        • subnets — (Array<String>)

          The subnets that were specified for the Auto Scaling group that is associated with your node group.

        • remoteAccess — (map)

          If the node group wasn't deployed with a launch template, then this is the remote access configuration that is associated with the node group. If the node group was deployed with a launch template, then this is null.

          • ec2SshKey — (String)

            The Amazon EC2 SSH key that provides access for SSH communication with the nodes in the managed node group. For more information, see Amazon EC2 Key Pairs in the Amazon Elastic Compute Cloud User Guide for Linux Instances.

          • sourceSecurityGroups — (Array<String>)

            The security groups that are allowed SSH access (port 22) to the nodes. If you specify an Amazon EC2 SSH key but do not specify a source security group when you create a managed node group, then port 22 on the nodes is opened to the internet (0.0.0.0/0). For more information, see Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide.

        • amiType — (String)

          If the node group was deployed using a launch template with a custom AMI, then this is CUSTOM. For node groups that weren't deployed using a launch template, this is the AMI type that was specified in the node group configuration.

          Possible values include:
          • "AL2_x86_64"
          • "AL2_x86_64_GPU"
          • "AL2_ARM_64"
          • "CUSTOM"
        • nodeRole — (String)

          The IAM role associated with your node group. The Amazon EKS node kubelet daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies.

        • labels — (map<String>)

          The Kubernetes labels applied to the nodes in the node group.

          Note: Only labels that are applied with the Amazon EKS API are shown here. There may be other Kubernetes labels applied to the nodes in this group.
        • taints — (Array<map>)

          The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of NoSchedule, PreferNoSchedule, or NoExecute. Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes.

          • key — (String)

            The key of the taint.

          • value — (String)

            The value of the taint.

          • effect — (String)

            The effect of the taint.

            Possible values include:
            • "NO_SCHEDULE"
            • "NO_EXECUTE"
            • "PREFER_NO_SCHEDULE"
        • resources — (map)

          The resources associated with the node group, such as Auto Scaling groups and security groups for remote access.

          • autoScalingGroups — (Array<map>)

            The Auto Scaling groups associated with the node group.

            • name — (String)

              The name of the Auto Scaling group associated with an Amazon EKS managed node group.

          • remoteAccessSecurityGroup — (String)

            The remote access security group associated with the node group. This security group controls SSH access to the nodes.

        • diskSize — (Integer)

          If the node group wasn't deployed with a launch template, then this is the disk size in the node group configuration. If the node group was deployed with a launch template, then this is null.

        • health — (map)

          The health status of the node group. If there are issues with your node group's health, they are listed here.

          • issues — (Array<map>)

            Any issues that are associated with the node group.

            • code — (String)

              A brief description of the error.

              • AccessDenied: Amazon EKS or one or more of your managed nodes is failing to authenticate or authorize with your Kubernetes cluster API server.

              • AsgInstanceLaunchFailures: Your Auto Scaling group is experiencing failures while attempting to launch instances.

              • AutoScalingGroupNotFound: We couldn't find the Auto Scaling group associated with the managed node group. You may be able to recreate an Auto Scaling group with the same settings to recover.

              • ClusterUnreachable: Amazon EKS or one or more of your managed nodes is unable to to communicate with your Kubernetes cluster API server. This can happen if there are network disruptions or if API servers are timing out processing requests.

              • Ec2LaunchTemplateNotFound: We couldn't find the Amazon EC2 launch template for your managed node group. You may be able to recreate a launch template with the same settings to recover.

              • Ec2LaunchTemplateVersionMismatch: The Amazon EC2 launch template version for your managed node group does not match the version that Amazon EKS created. You may be able to revert to the version that Amazon EKS created to recover.

              • Ec2SecurityGroupDeletionFailure: We could not delete the remote access security group for your managed node group. Remove any dependencies from the security group.

              • Ec2SecurityGroupNotFound: We couldn't find the cluster security group for the cluster. You must recreate your cluster.

              • Ec2SubnetInvalidConfiguration: One or more Amazon EC2 subnets specified for a node group do not automatically assign public IP addresses to instances launched into it. If you want your instances to be assigned a public IP address, then you need to enable the auto-assign public IP address setting for the subnet. See Modifying the public IPv4 addressing attribute for your subnet in the Amazon VPC User Guide.

              • IamInstanceProfileNotFound: We couldn't find the IAM instance profile for your managed node group. You may be able to recreate an instance profile with the same settings to recover.

              • IamNodeRoleNotFound: We couldn't find the IAM role for your managed node group. You may be able to recreate an IAM role with the same settings to recover.

              • InstanceLimitExceeded: Your AWS account is unable to launch any more instances of the specified instance type. You may be able to request an Amazon EC2 instance limit increase to recover.

              • InsufficientFreeAddresses: One or more of the subnets associated with your managed node group does not have enough available IP addresses for new nodes.

              • InternalFailure: These errors are usually caused by an Amazon EKS server-side issue.

              • NodeCreationFailure: Your launched instances are unable to register with your Amazon EKS cluster. Common causes of this failure are insufficient node IAM role permissions or lack of outbound internet access for the nodes.

              Possible values include:
              • "AutoScalingGroupNotFound"
              • "AutoScalingGroupInvalidConfiguration"
              • "Ec2SecurityGroupNotFound"
              • "Ec2SecurityGroupDeletionFailure"
              • "Ec2LaunchTemplateNotFound"
              • "Ec2LaunchTemplateVersionMismatch"
              • "Ec2SubnetNotFound"
              • "Ec2SubnetInvalidConfiguration"
              • "IamInstanceProfileNotFound"
              • "IamLimitExceeded"
              • "IamNodeRoleNotFound"
              • "NodeCreationFailure"
              • "AsgInstanceLaunchFailures"
              • "InstanceLimitExceeded"
              • "InsufficientFreeAddresses"
              • "AccessDenied"
              • "InternalFailure"
              • "ClusterUnreachable"
            • message — (String)

              The error message associated with the issue.

            • resourceIds — (Array<String>)

              The AWS resources that are afflicted by this issue.

        • updateConfig — (map)
          • maxUnavailable — (Integer)
          • maxUnavailablePercentage — (Integer)
        • launchTemplate — (map)

          If a launch template was used to create the node group, then this is the launch template that was used.

          • name — (String)

            The name of the launch template.

          • version — (String)

            The version of the launch template to use. If no version is specified, then the template's default version is used.

          • id — (String)

            The ID of the launch template.

        • tags — (map<String>)

          The metadata applied to the node group to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Node group tags do not propagate to any other resources associated with the node group, such as the Amazon EC2 instances or subnets.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

See Also:

eks.waitFor('nodegroupDeleted', params = {}, [callback]) ⇒ AWS.Request

Waits for the nodegroupDeleted state by periodically calling the underlying EKS.describeNodegroup() operation every 30 seconds (at most 40 times).

Examples:

Waiting for the nodegroupDeleted state

var params = {
  clusterName: 'STRING_VALUE', /* required */
  nodegroupName: 'STRING_VALUE' /* required */
};
eks.waitFor('nodegroupDeleted', params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object)
    • clusterName — (String)

      The name of the Amazon EKS cluster associated with the node group.

    • nodegroupName — (String)

      The name of the node group to describe.

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • nodegroup — (map)

        The full description of your node group.

        • nodegroupName — (String)

          The name associated with an Amazon EKS managed node group.

        • nodegroupArn — (String)

          The Amazon Resource Name (ARN) associated with the managed node group.

        • clusterName — (String)

          The name of the cluster that the managed node group resides in.

        • version — (String)

          The Kubernetes version of the managed node group.

        • releaseVersion — (String)

          If the node group was deployed using a launch template with a custom AMI, then this is the AMI ID that was specified in the launch template. For node groups that weren't deployed using a launch template, this is the version of the Amazon EKS optimized AMI that the node group was deployed with.

        • createdAt — (Date)

          The Unix epoch timestamp in seconds for when the managed node group was created.

        • modifiedAt — (Date)

          The Unix epoch timestamp in seconds for when the managed node group was last modified.

        • status — (String)

          The current status of the managed node group.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "UPDATING"
          • "DELETING"
          • "CREATE_FAILED"
          • "DELETE_FAILED"
          • "DEGRADED"
        • capacityType — (String)

          The capacity type of your managed node group.

          Possible values include:
          • "ON_DEMAND"
          • "SPOT"
        • scalingConfig — (map)

          The scaling configuration details for the Auto Scaling group that is associated with your node group.

          • minSize — (Integer)

            The minimum number of nodes that the managed node group can scale in to. This number must be greater than zero.

          • maxSize — (Integer)

            The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see Amazon EKS service quotas in the Amazon EKS User Guide.

          • desiredSize — (Integer)

            The current number of nodes that the managed node group should maintain.

        • instanceTypes — (Array<String>)

          If the node group wasn't deployed with a launch template, then this is the instance type that is associated with the node group. If the node group was deployed with a launch template, then this is null.

        • subnets — (Array<String>)

          The subnets that were specified for the Auto Scaling group that is associated with your node group.

        • remoteAccess — (map)

          If the node group wasn't deployed with a launch template, then this is the remote access configuration that is associated with the node group. If the node group was deployed with a launch template, then this is null.

          • ec2SshKey — (String)

            The Amazon EC2 SSH key that provides access for SSH communication with the nodes in the managed node group. For more information, see Amazon EC2 Key Pairs in the Amazon Elastic Compute Cloud User Guide for Linux Instances.

          • sourceSecurityGroups — (Array<String>)

            The security groups that are allowed SSH access (port 22) to the nodes. If you specify an Amazon EC2 SSH key but do not specify a source security group when you create a managed node group, then port 22 on the nodes is opened to the internet (0.0.0.0/0). For more information, see Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide.

        • amiType — (String)

          If the node group was deployed using a launch template with a custom AMI, then this is CUSTOM. For node groups that weren't deployed using a launch template, this is the AMI type that was specified in the node group configuration.

          Possible values include:
          • "AL2_x86_64"
          • "AL2_x86_64_GPU"
          • "AL2_ARM_64"
          • "CUSTOM"
        • nodeRole — (String)

          The IAM role associated with your node group. The Amazon EKS node kubelet daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies.

        • labels — (map<String>)

          The Kubernetes labels applied to the nodes in the node group.

          Note: Only labels that are applied with the Amazon EKS API are shown here. There may be other Kubernetes labels applied to the nodes in this group.
        • taints — (Array<map>)

          The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of NoSchedule, PreferNoSchedule, or NoExecute. Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes.

          • key — (String)

            The key of the taint.

          • value — (String)

            The value of the taint.

          • effect — (String)

            The effect of the taint.

            Possible values include:
            • "NO_SCHEDULE"
            • "NO_EXECUTE"
            • "PREFER_NO_SCHEDULE"
        • resources — (map)

          The resources associated with the node group, such as Auto Scaling groups and security groups for remote access.

          • autoScalingGroups — (Array<map>)

            The Auto Scaling groups associated with the node group.

            • name — (String)

              The name of the Auto Scaling group associated with an Amazon EKS managed node group.

          • remoteAccessSecurityGroup — (String)

            The remote access security group associated with the node group. This security group controls SSH access to the nodes.

        • diskSize — (Integer)

          If the node group wasn't deployed with a launch template, then this is the disk size in the node group configuration. If the node group was deployed with a launch template, then this is null.

        • health — (map)

          The health status of the node group. If there are issues with your node group's health, they are listed here.

          • issues — (Array<map>)

            Any issues that are associated with the node group.

            • code — (String)

              A brief description of the error.

              • AccessDenied: Amazon EKS or one or more of your managed nodes is failing to authenticate or authorize with your Kubernetes cluster API server.

              • AsgInstanceLaunchFailures: Your Auto Scaling group is experiencing failures while attempting to launch instances.

              • AutoScalingGroupNotFound: We couldn't find the Auto Scaling group associated with the managed node group. You may be able to recreate an Auto Scaling group with the same settings to recover.

              • ClusterUnreachable: Amazon EKS or one or more of your managed nodes is unable to to communicate with your Kubernetes cluster API server. This can happen if there are network disruptions or if API servers are timing out processing requests.

              • Ec2LaunchTemplateNotFound: We couldn't find the Amazon EC2 launch template for your managed node group. You may be able to recreate a launch template with the same settings to recover.

              • Ec2LaunchTemplateVersionMismatch: The Amazon EC2 launch template version for your managed node group does not match the version that Amazon EKS created. You may be able to revert to the version that Amazon EKS created to recover.

              • Ec2SecurityGroupDeletionFailure: We could not delete the remote access security group for your managed node group. Remove any dependencies from the security group.

              • Ec2SecurityGroupNotFound: We couldn't find the cluster security group for the cluster. You must recreate your cluster.

              • Ec2SubnetInvalidConfiguration: One or more Amazon EC2 subnets specified for a node group do not automatically assign public IP addresses to instances launched into it. If you want your instances to be assigned a public IP address, then you need to enable the auto-assign public IP address setting for the subnet. See Modifying the public IPv4 addressing attribute for your subnet in the Amazon VPC User Guide.

              • IamInstanceProfileNotFound: We couldn't find the IAM instance profile for your managed node group. You may be able to recreate an instance profile with the same settings to recover.

              • IamNodeRoleNotFound: We couldn't find the IAM role for your managed node group. You may be able to recreate an IAM role with the same settings to recover.

              • InstanceLimitExceeded: Your AWS account is unable to launch any more instances of the specified instance type. You may be able to request an Amazon EC2 instance limit increase to recover.

              • InsufficientFreeAddresses: One or more of the subnets associated with your managed node group does not have enough available IP addresses for new nodes.

              • InternalFailure: These errors are usually caused by an Amazon EKS server-side issue.

              • NodeCreationFailure: Your launched instances are unable to register with your Amazon EKS cluster. Common causes of this failure are insufficient node IAM role permissions or lack of outbound internet access for the nodes.

              Possible values include:
              • "AutoScalingGroupNotFound"
              • "AutoScalingGroupInvalidConfiguration"
              • "Ec2SecurityGroupNotFound"
              • "Ec2SecurityGroupDeletionFailure"
              • "Ec2LaunchTemplateNotFound"
              • "Ec2LaunchTemplateVersionMismatch"
              • "Ec2SubnetNotFound"
              • "Ec2SubnetInvalidConfiguration"
              • "IamInstanceProfileNotFound"
              • "IamLimitExceeded"
              • "IamNodeRoleNotFound"
              • "NodeCreationFailure"
              • "AsgInstanceLaunchFailures"
              • "InstanceLimitExceeded"
              • "InsufficientFreeAddresses"
              • "AccessDenied"
              • "InternalFailure"
              • "ClusterUnreachable"
            • message — (String)

              The error message associated with the issue.

            • resourceIds — (Array<String>)

              The AWS resources that are afflicted by this issue.

        • updateConfig — (map)
          • maxUnavailable — (Integer)
          • maxUnavailablePercentage — (Integer)
        • launchTemplate — (map)

          If a launch template was used to create the node group, then this is the launch template that was used.

          • name — (String)

            The name of the launch template.

          • version — (String)

            The version of the launch template to use. If no version is specified, then the template's default version is used.

          • id — (String)

            The ID of the launch template.

        • tags — (map<String>)

          The metadata applied to the node group to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Node group tags do not propagate to any other resources associated with the node group, such as the Amazon EC2 instances or subnets.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

See Also:

eks.waitFor('addonActive', params = {}, [callback]) ⇒ AWS.Request

Waits for the addonActive state by periodically calling the underlying EKS.describeAddon() operation every 10 seconds (at most 60 times).

Examples:

Waiting for the addonActive state

var params = {
  addonName: 'STRING_VALUE', /* required */
  clusterName: 'STRING_VALUE' /* required */
};
eks.waitFor('addonActive', params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object)
    • clusterName — (String)

      The name of the cluster.

    • addonName — (String)

      The name of the add-on. The name must match one of the names returned by ListAddons .

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • addon — (map)

        An Amazon EKS add-on.

        • addonName — (String)

          The name of the add-on.

        • clusterName — (String)

          The name of the cluster.

        • status — (String)

          The status of the add-on.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "CREATE_FAILED"
          • "UPDATING"
          • "DELETING"
          • "DELETE_FAILED"
          • "DEGRADED"
        • addonVersion — (String)

          The version of the add-on.

        • health — (map)

          An object that represents the health of the add-on.

          • issues — (Array<map>)

            An object that represents the add-on's health issues.

            • code — (String)

              A code that describes the type of issue.

              Possible values include:
              • "AccessDenied"
              • "InternalFailure"
              • "ClusterUnreachable"
              • "InsufficientNumberOfReplicas"
              • "ConfigurationConflict"
              • "AdmissionRequestDenied"
            • message — (String)

              A message that provides details about the issue and what might cause it.

            • resourceIds — (Array<String>)

              The resource IDs of the issue.

        • addonArn — (String)

          The Amazon Resource Name (ARN) of the add-on.

        • createdAt — (Date)

          The date and time that the add-on was created.

        • modifiedAt — (Date)

          The date and time that the add-on was last modified.

        • serviceAccountRoleArn — (String)

          The Amazon Resource Name (ARN) of the IAM role that is bound to the Kubernetes service account used by the add-on.

        • tags — (map<String>)

          The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

See Also:

eks.waitFor('addonDeleted', params = {}, [callback]) ⇒ AWS.Request

Waits for the addonDeleted state by periodically calling the underlying EKS.describeAddon() operation every 10 seconds (at most 60 times).

Examples:

Waiting for the addonDeleted state

var params = {
  addonName: 'STRING_VALUE', /* required */
  clusterName: 'STRING_VALUE' /* required */
};
eks.waitFor('addonDeleted', params, function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Parameters:

  • params (Object)
    • clusterName — (String)

      The name of the cluster.

    • addonName — (String)

      The name of the add-on. The name must match one of the names returned by ListAddons .

Callback (callback):

  • function(err, data) { ... }

    Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.

    Context (this):

    • (AWS.Response)

      the response object containing error, data properties, and the original request object.

    Parameters:

    • err (Error)

      the error object returned from the request. Set to null if the request is successful.

    • data (Object)

      the de-serialized data returned from the request. Set to null if a request error occurs. The data object has the following properties:

      • addon — (map)

        An Amazon EKS add-on.

        • addonName — (String)

          The name of the add-on.

        • clusterName — (String)

          The name of the cluster.

        • status — (String)

          The status of the add-on.

          Possible values include:
          • "CREATING"
          • "ACTIVE"
          • "CREATE_FAILED"
          • "UPDATING"
          • "DELETING"
          • "DELETE_FAILED"
          • "DEGRADED"
        • addonVersion — (String)

          The version of the add-on.

        • health — (map)

          An object that represents the health of the add-on.

          • issues — (Array<map>)

            An object that represents the add-on's health issues.

            • code — (String)

              A code that describes the type of issue.

              Possible values include:
              • "AccessDenied"
              • "InternalFailure"
              • "ClusterUnreachable"
              • "InsufficientNumberOfReplicas"
              • "ConfigurationConflict"
              • "AdmissionRequestDenied"
            • message — (String)

              A message that provides details about the issue and what might cause it.

            • resourceIds — (Array<String>)

              The resource IDs of the issue.

        • addonArn — (String)

          The Amazon Resource Name (ARN) of the add-on.

        • createdAt — (Date)

          The date and time that the add-on was created.

        • modifiedAt — (Date)

          The date and time that the add-on was last modified.

        • serviceAccountRoleArn — (String)

          The Amazon Resource Name (ARN) of the IAM role that is bound to the Kubernetes service account used by the add-on.

        • tags — (map<String>)

          The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.

Returns:

  • (AWS.Request)

    a handle to the operation request for subsequent event callback registration.

See Also: