RegisterCluster
Connects a Kubernetes cluster to the Amazon EKS control plane.
Any Kubernetes cluster can be connected to the Amazon EKS control plane to view current information about the cluster and its nodes.
Cluster connection requires two steps. First, send a
RegisterClusterRequest
to add it to the Amazon EKS
control plane.
Second, a ManifestactivationID and
activationCode must be applied to the Kubernetes cluster through it's
native provider to provide visibility.
After the Manifest is updated and applied, then the connected cluster is visible to the Amazon EKS control plane. If the Manifest is not applied within three days, then the connected cluster will no longer be visible and must be deregistered. See DeregisterCluster.
Request Syntax
POST /cluster-registrations HTTP/1.1
Content-type: application/json
{
"clientRequestToken": "string",
"connectorConfig": {
"provider": "string",
"roleArn": "string"
},
"name": "string",
"tags": {
"string" : "string"
}
}URI Request Parameters
The request does not use any URI parameters.
Request Body
The request accepts the following data in JSON format.
- clientRequestToken
-
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
Type: String
Required: No
- connectorConfig
-
The configuration settings required to connect the Kubernetes cluster to the Amazon EKS control plane.
Type: ConnectorConfigRequest object
Required: Yes
- name
-
Define a unique name for this cluster for your Region.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 100.
Pattern:
^[0-9A-Za-z][A-Za-z0-9\-_]*Required: Yes
- tags
-
The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags do not propagate to any other resources associated with the cluster.
Type: String to string map
Map Entries: Maximum number of 50 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Maximum length of 256.
Required: No
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"cluster": {
"arn": "string",
"certificateAuthority": {
"data": "string"
},
"clientRequestToken": "string",
"connectorConfig": {
"activationCode": "string",
"activationExpiry": number,
"activationId": "string",
"provider": "string",
"roleArn": "string"
},
"createdAt": number,
"encryptionConfig": [
{
"provider": {
"keyArn": "string"
},
"resources": [ "string" ]
}
],
"endpoint": "string",
"health": {
"issues": [
{
"code": "string",
"message": "string",
"resourceIds": [ "string" ]
}
]
},
"id": "string",
"identity": {
"oidc": {
"issuer": "string"
}
},
"kubernetesNetworkConfig": {
"ipFamily": "string",
"serviceIpv4Cidr": "string",
"serviceIpv6Cidr": "string"
},
"logging": {
"clusterLogging": [
{
"enabled": boolean,
"types": [ "string" ]
}
]
},
"name": "string",
"outpostConfig": {
"controlPlaneInstanceType": "string",
"controlPlanePlacement": {
"groupName": "string"
},
"outpostArns": [ "string" ]
},
"platformVersion": "string",
"resourcesVpcConfig": {
"clusterSecurityGroupId": "string",
"endpointPrivateAccess": boolean,
"endpointPublicAccess": boolean,
"publicAccessCidrs": [ "string" ],
"securityGroupIds": [ "string" ],
"subnetIds": [ "string" ],
"vpcId": "string"
},
"roleArn": "string",
"status": "string",
"tags": {
"string" : "string"
},
"version": "string"
}
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
You don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access Management in the IAM User Guide.
HTTP Status Code: 403
- ClientException
-
These errors are usually caused by a client action. Actions can include using an action or resource on behalf of a user that doesn't have permissions to use the action or resource or specifying an identifier that is not valid.
HTTP Status Code: 400
- InvalidParameterException
-
The specified parameter is invalid. Review the available parameters for the API request.
HTTP Status Code: 400
- ResourceInUseException
-
The specified resource is in use.
HTTP Status Code: 409
- ResourceLimitExceededException
-
You have encountered a service limit on the specified resource.
HTTP Status Code: 400
- ResourcePropagationDelayException
-
Required resources (such as service-linked roles) were created and are still propagating. Retry later.
HTTP Status Code: 428
- ServerException
-
These errors are usually caused by a server-side issue.
HTTP Status Code: 500
- ServiceUnavailableException
-
The service is unavailable. Back off and retry the operation.
HTTP Status Code: 503
Examples
In the following example or examples, the Authorization header contents
(AUTHPARAMS) must be replaced with an Amazon Signature Version 4
signature. For more information about creating these signatures, see Signature
Version 4 Signing Process in the Amazon EKS General
Reference.
You need to learn how to sign HTTP requests only if you intend to manually
create them. When you use the Amazon Command Line
Interface (Amazon CLI)
Example
The following example connects a Kubernetes cluster named
my-api-created-external-cluster.
Sample Request
POST /clusters HTTP/1.1
Host: eks.us-west-2.amazonaws.com
Accept-Encoding: identity
User-Agent: aws-cli/1.16.120 Python/3.7.0 Darwin/18.2.0 botocore/1.12.110
X-Amz-Date: 20190322T160158Z
Authorization: AUTHPARAMS
Content-Length: 368
{
"name": "my-api-created-external-cluster",
"connectorConfig": {
"roleArn": "arn:aws:iam::ACCOUNT_ID:role/eks-connector-agent",
"provider" : "OTHER"
}
}See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: