Class ClusterAttributes
Attributes for EKS clusters.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.EKS
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class ClusterAttributes : Object, IClusterAttributes
Syntax (vb)
Public Class ClusterAttributes
Inherits Object
Implements IClusterAttributes
Remarks
ExampleMetadata: infused
Examples
Cluster cluster;
AutoScalingGroup asg;
var importedCluster = Cluster.FromClusterAttributes(this, "ImportedCluster", new ClusterAttributes {
ClusterName = cluster.ClusterName,
ClusterSecurityGroupId = cluster.ClusterSecurityGroupId
});
importedCluster.ConnectAutoScalingGroupCapacity(asg, new AutoScalingGroupOptions { });
Synopsis
Constructors
ClusterAttributes() |
Properties
AwscliLayer | An AWS Lambda layer that contains the |
ClusterCertificateAuthorityData | The certificate-authority-data for your cluster. |
ClusterEncryptionConfigKeyArn | Amazon Resource Name (ARN) or alias of the customer master key (CMK). |
ClusterEndpoint | The API Server endpoint URL. |
ClusterHandlerSecurityGroupId | A security group id to associate with the Cluster Handler's Lambdas. |
ClusterName | The physical name of the Cluster. |
ClusterSecurityGroupId | The cluster security group that was created by Amazon EKS for the cluster. |
IpFamily | Specify which IP family is used to assign Kubernetes pod and service IP addresses. |
KubectlEnvironment | Environment variables to use when running |
KubectlLambdaRole | An IAM role that can perform kubectl operations against this cluster. |
KubectlLayer | An AWS Lambda Layer which includes |
KubectlMemory | Amount of memory to allocate to the provider's lambda function. |
KubectlPrivateSubnetIds | Subnets to host the |
KubectlProvider | KubectlProvider for issuing kubectl commands. |
KubectlRoleArn | An IAM role with cluster administrator and "system:masters" permissions. |
KubectlSecurityGroupId | A security group to use for |
OnEventLayer | An AWS Lambda Layer which includes the NPM dependency |
OpenIdConnectProvider | An Open ID Connect provider for this cluster that can be used to configure service accounts. |
Prune | Indicates whether Kubernetes resources added through |
SecurityGroupIds | Additional security groups associated with this cluster. |
Vpc | The VPC in which this Cluster was created. |
Constructors
ClusterAttributes()
public ClusterAttributes()
Properties
AwscliLayer
An AWS Lambda layer that contains the aws
CLI.
public ILayerVersion AwscliLayer { get; set; }
Property Value
Remarks
The handler expects the layer to include the following executables:
/opt/awscli/aws
Default: - a default layer with the AWS CLI 1.x
ClusterCertificateAuthorityData
The certificate-authority-data for your cluster.
public string ClusterCertificateAuthorityData { get; set; }
Property Value
System.String
Remarks
Default: - if not specified cluster.clusterCertificateAuthorityData
will
throw an error
ClusterEncryptionConfigKeyArn
Amazon Resource Name (ARN) or alias of the customer master key (CMK).
public string ClusterEncryptionConfigKeyArn { get; set; }
Property Value
System.String
Remarks
Default: - if not specified cluster.clusterEncryptionConfigKeyArn
will
throw an error
ClusterEndpoint
The API Server endpoint URL.
public string ClusterEndpoint { get; set; }
Property Value
System.String
Remarks
Default: - if not specified cluster.clusterEndpoint
will throw an error.
ClusterHandlerSecurityGroupId
A security group id to associate with the Cluster Handler's Lambdas.
public string ClusterHandlerSecurityGroupId { get; set; }
Property Value
System.String
Remarks
The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.
Default: - No security group.
ClusterName
The physical name of the Cluster.
public string ClusterName { get; set; }
Property Value
System.String
ClusterSecurityGroupId
The cluster security group that was created by Amazon EKS for the cluster.
public string ClusterSecurityGroupId { get; set; }
Property Value
System.String
Remarks
Default: - if not specified cluster.clusterSecurityGroupId
will throw an
error
IpFamily
Specify which IP family is used to assign Kubernetes pod and service IP addresses.
public Nullable<IpFamily> IpFamily { get; set; }
Property Value
System.Nullable<IpFamily>
Remarks
KubectlEnvironment
Environment variables to use when running kubectl
against this cluster.
public IDictionary<string, string> KubectlEnvironment { get; set; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.String>
Remarks
Default: - no additional variables
KubectlLambdaRole
An IAM role that can perform kubectl operations against this cluster.
public IRole KubectlLambdaRole { get; set; }
Property Value
Remarks
The role should be mapped to the system:masters
Kubernetes RBAC role.
This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster.
Default: - if not specified, the default role created by a lambda function will be used.
KubectlLayer
An AWS Lambda Layer which includes kubectl
and Helm.
public ILayerVersion KubectlLayer { get; set; }
Property Value
Remarks
This layer is used by the kubectl handler to apply manifests and install
helm charts. You must pick an appropriate releases of one of the
@aws-cdk/layer-kubectl-vXX
packages, that works with the version of
Kubernetes you have chosen. If you don't supply this value kubectl
1.20 will be used, but that version is most likely too old.
The handler expects the layer to include the following executables:
/opt/helm/helm
/opt/kubectl/kubectl
Default: - a default layer with Kubectl 1.20 and helm 3.8.
KubectlMemory
Amount of memory to allocate to the provider's lambda function.
public Size KubectlMemory { get; set; }
Property Value
Remarks
Default: Size.gibibytes(1)
KubectlPrivateSubnetIds
Subnets to host the kubectl
compute resources.
public string[] KubectlPrivateSubnetIds { get; set; }
Property Value
System.String[]
Remarks
If not specified, the k8s endpoint is expected to be accessible publicly.
Default: - k8s endpoint is expected to be accessible publicly
KubectlProvider
KubectlProvider for issuing kubectl commands.
public IKubectlProvider KubectlProvider { get; set; }
Property Value
Remarks
Default: - Default CDK provider
KubectlRoleArn
An IAM role with cluster administrator and "system:masters" permissions.
public string KubectlRoleArn { get; set; }
Property Value
System.String
Remarks
Default: - if not specified, it not be possible to issue kubectl
commands
against an imported cluster.
KubectlSecurityGroupId
A security group to use for kubectl
execution.
public string KubectlSecurityGroupId { get; set; }
Property Value
System.String
Remarks
If not specified, the k8s endpoint is expected to be accessible publicly.
Default: - k8s endpoint is expected to be accessible publicly
OnEventLayer
An AWS Lambda Layer which includes the NPM dependency proxy-agent
.
public ILayerVersion OnEventLayer { get; set; }
Property Value
Remarks
This layer is used by the onEvent handler to route AWS SDK requests through a proxy.
The handler expects the layer to include the following node_modules:
proxy-agent
Default: - a layer bundled with this module.
OpenIdConnectProvider
An Open ID Connect provider for this cluster that can be used to configure service accounts.
public IOpenIdConnectProvider OpenIdConnectProvider { get; set; }
Property Value
Remarks
You can either import an existing provider using iam.OpenIdConnectProvider.fromProviderArn
,
or create a new provider using new eks.OpenIdConnectProvider
Default: - if not specified cluster.openIdConnectProvider
and cluster.addServiceAccount
will throw an error.
Prune
Indicates whether Kubernetes resources added through addManifest()
can be automatically pruned.
public Nullable<bool> Prune { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
When this is enabled (default), prune labels will be
allocated and injected to each resource. These labels will then be used
when issuing the kubectl apply
operation with the --prune
switch.
Default: true
SecurityGroupIds
Additional security groups associated with this cluster.
public string[] SecurityGroupIds { get; set; }
Property Value
System.String[]
Remarks
Default: - if not specified, no additional security groups will be
considered in cluster.connections
.
Vpc
The VPC in which this Cluster was created.
public IVpc Vpc { get; set; }
Property Value
Remarks
Default: - if not specified cluster.vpc
will throw an error