Class ClusterAttributes
Attributes for EKS clusters.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.EKS
Assembly: Amazon.CDK.AWS.EKS.dll
Syntax (csharp)
public class ClusterAttributes : Object, IClusterAttributes
Syntax (vb)
Public Class ClusterAttributes
Inherits Object
Implements IClusterAttributes
Remarks
ExampleMetadata: infused
Examples
Cluster cluster;
AutoScalingGroup asg;
var importedCluster = Cluster.FromClusterAttributes(this, "ImportedCluster", new ClusterAttributes {
ClusterName = cluster.ClusterName,
ClusterSecurityGroupId = cluster.ClusterSecurityGroupId
});
importedCluster.ConnectAutoScalingGroupCapacity(asg, new AutoScalingGroupOptions { });
Synopsis
Constructors
ClusterAttributes() |
Properties
ClusterCertificateAuthorityData | The certificate-authority-data for your cluster. |
ClusterEncryptionConfigKeyArn | Amazon Resource Name (ARN) or alias of the customer master key (CMK). |
ClusterEndpoint | The API Server endpoint URL. |
ClusterHandlerSecurityGroupId | A security group id to associate with the Cluster Handler's Lambdas. |
ClusterName | The physical name of the Cluster. |
ClusterSecurityGroupId | The cluster security group that was created by Amazon EKS for the cluster. |
KubectlEnvironment | Environment variables to use when running |
KubectlLambdaRole | An IAM role that can perform kubectl operations against this cluster. |
KubectlLayer | An AWS Lambda Layer which includes |
KubectlMemory | Amount of memory to allocate to the provider's lambda function. |
KubectlPrivateSubnetIds | Subnets to host the |
KubectlProvider | KubectlProvider for issuing kubectl commands. |
KubectlRoleArn | An IAM role with cluster administrator and "system:masters" permissions. |
KubectlSecurityGroupId | A security group to use for |
OnEventLayer | An AWS Lambda Layer which includes the NPM dependency |
OpenIdConnectProvider | An Open ID Connect provider for this cluster that can be used to configure service accounts. |
Prune | Indicates whether Kubernetes resources added through |
SecurityGroupIds | Additional security groups associated with this cluster. |
Vpc | The VPC in which this Cluster was created. |
Constructors
ClusterAttributes()
public ClusterAttributes()
Properties
ClusterCertificateAuthorityData
The certificate-authority-data for your cluster.
public string ClusterCertificateAuthorityData { get; set; }
Property Value
System.String
Remarks
Default: - if not specified cluster.clusterCertificateAuthorityData
will
throw an error
ClusterEncryptionConfigKeyArn
Amazon Resource Name (ARN) or alias of the customer master key (CMK).
public string ClusterEncryptionConfigKeyArn { get; set; }
Property Value
System.String
Remarks
Default: - if not specified cluster.clusterEncryptionConfigKeyArn
will
throw an error
ClusterEndpoint
The API Server endpoint URL.
public string ClusterEndpoint { get; set; }
Property Value
System.String
Remarks
Default: - if not specified cluster.clusterEndpoint
will throw an error.
ClusterHandlerSecurityGroupId
A security group id to associate with the Cluster Handler's Lambdas.
public string ClusterHandlerSecurityGroupId { get; set; }
Property Value
System.String
Remarks
The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.
Default: - No security group.
ClusterName
The physical name of the Cluster.
public string ClusterName { get; set; }
Property Value
System.String
ClusterSecurityGroupId
The cluster security group that was created by Amazon EKS for the cluster.
public string ClusterSecurityGroupId { get; set; }
Property Value
System.String
Remarks
Default: - if not specified cluster.clusterSecurityGroupId
will throw an
error
KubectlEnvironment
Environment variables to use when running kubectl
against this cluster.
public IDictionary<string, string> KubectlEnvironment { get; set; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.String>
Remarks
Default: - no additional variables
KubectlLambdaRole
An IAM role that can perform kubectl operations against this cluster.
public IRole KubectlLambdaRole { get; set; }
Property Value
Remarks
The role should be mapped to the system:masters
Kubernetes RBAC role.
This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster.
Default: - if not specified, the default role created by a lambda function will be used.
KubectlLayer
An AWS Lambda Layer which includes kubectl
, Helm and the AWS CLI.
public ILayerVersion KubectlLayer { get; set; }
Property Value
Remarks
This layer is used by the kubectl handler to apply manifests and install helm charts.
The handler expects the layer to include the following executables:
helm/helm
kubectl/kubectl
awscli/aws
Default: - a layer bundled with this module.
KubectlMemory
Amount of memory to allocate to the provider's lambda function.
public Size KubectlMemory { get; set; }
Property Value
Remarks
Default: Size.gibibytes(1)
KubectlPrivateSubnetIds
Subnets to host the kubectl
compute resources.
public string[] KubectlPrivateSubnetIds { get; set; }
Property Value
System.String[]
Remarks
If not specified, the k8s endpoint is expected to be accessible publicly.
Default: - k8s endpoint is expected to be accessible publicly
KubectlProvider
KubectlProvider for issuing kubectl commands.
public IKubectlProvider KubectlProvider { get; set; }
Property Value
Remarks
Default: - Default CDK provider
KubectlRoleArn
An IAM role with cluster administrator and "system:masters" permissions.
public string KubectlRoleArn { get; set; }
Property Value
System.String
Remarks
Default: - if not specified, it not be possible to issue kubectl
commands
against an imported cluster.
KubectlSecurityGroupId
A security group to use for kubectl
execution.
public string KubectlSecurityGroupId { get; set; }
Property Value
System.String
Remarks
If not specified, the k8s endpoint is expected to be accessible publicly.
Default: - k8s endpoint is expected to be accessible publicly
OnEventLayer
An AWS Lambda Layer which includes the NPM dependency proxy-agent
.
public ILayerVersion OnEventLayer { get; set; }
Property Value
Remarks
This layer is used by the onEvent handler to route AWS SDK requests through a proxy.
The handler expects the layer to include the following node_modules:
proxy-agent
Default: - a layer bundled with this module.
OpenIdConnectProvider
An Open ID Connect provider for this cluster that can be used to configure service accounts.
public IOpenIdConnectProvider OpenIdConnectProvider { get; set; }
Property Value
Remarks
You can either import an existing provider using iam.OpenIdConnectProvider.fromProviderArn
,
or create a new provider using new eks.OpenIdConnectProvider
Default: - if not specified cluster.openIdConnectProvider
and cluster.addServiceAccount
will throw an error.
Prune
Indicates whether Kubernetes resources added through addManifest()
can be automatically pruned.
public Nullable<bool> Prune { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
When this is enabled (default), prune labels will be
allocated and injected to each resource. These labels will then be used
when issuing the kubectl apply
operation with the --prune
switch.
Default: true
SecurityGroupIds
Additional security groups associated with this cluster.
public string[] SecurityGroupIds { get; set; }
Property Value
System.String[]
Remarks
Default: - if not specified, no additional security groups will be
considered in cluster.connections
.
Vpc
The VPC in which this Cluster was created.
public IVpc Vpc { get; set; }
Property Value
Remarks
Default: - if not specified cluster.vpc
will throw an error