A Cluster is a managed resource that represents an AWS Elastic Kubernetes Service cluster.
Type
CRD
Group
eks.aws.crossplane.io
Version
v1beta1
apiVersion: eks.aws.crossplane.io/v1beta1
kind: Cluster
A ClusterSpec defines the desired state of an EKS Cluster.
ClusterParameters define the desired state of an AWS Elastic Kubernetes Service cluster.
The access configuration for the cluster.
The encryption configuration for the cluster.
The Kubernetes network configuration for the cluster.
Enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs. By default, cluster control plane logs aren't exported to CloudWatch Logs. For more information, see Amazon EKS Cluster Control Plane Logs (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html) in the Amazon EKS User Guide .
CloudWatch Logs ingestion, archive storage, and data scanning rates apply to exported control plane logs. For more information, see Amazon CloudWatch Pricing (http://aws.amazon.com/cloudwatch/pricing/).
An object representing the configuration of your local Amazon EKS cluster on an Amazon Web Services Outpost. Before creating a local cluster on an Outpost, review Creating an Amazon EKS cluster on an Amazon Web Services Outpost (https://docs.aws.amazon.com/eks/latest/userguide/create-cluster-outpost.html) in the Amazon EKS User Guide. This object isn't available for creating Amazon EKS clusters on the Amazon Web Services cloud.
The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. Only a single Outpost ARN is supported.
This member is required.
The VPC configuration used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations (https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and Cluster Security Group Considerations (https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide. You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.
ResourcesVpcConfig is a required field
The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have worker nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks. For more information, see Amazon EKS Cluster Endpoint Access Control (https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the Amazon EKS User Guide.
SecurityGroupIDRefs are references to SecurityGroups used to set the SecurityGroupIDs.
Policies for referencing.
SecurityGroupIDSelector selects references to SecurityGroups used to set the SecurityGroupIDs.
Policies for selection.
Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.
SubnetIDRefs are references to Subnets used to set the SubnetIDs.
Policies for referencing.
SubnetIDSelector selects references to Subnets used to set the SubnetIDs.
Policies for selection.
Specify subnets for your Amazon EKS worker nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.
RoleArnRef is a reference to an IAMRole used to set the RoleArn.
Policies for referencing.
RoleArnSelector selects references to IAMRole used to set the RoleArn.
Policies for selection.
THIS IS A BETA FIELD. It is on by default but can be opted out through a Crossplane feature flag. ManagementPolicies specify the array of actions Crossplane is allowed to take on the managed and external resources. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. If both are custom, the DeletionPolicy field will be ignored. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
Policies for referencing.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
A ClusterStatus represents the observed state of an EKS Cluster.
ClusterObservation is the observed state of a cluster.
The access configuration for the cluster.
The identity provider information for the cluster.
The OpenID Connect (https://openid.net/connect/) identity provider information for the cluster.
The Kubernetes network configuration for the cluster.
An object representing the configuration of your local Amazon EKS cluster on an Amazon Web Services Outpost. This object isn't available for clusters on the Amazon Web Services cloud.
The ARN of the Outpost that you specified for use with your local Amazon EKS cluster on Outposts.
This member is required.
The VPC configuration used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations (https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and Cluster Security Group Considerations (https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide.
Conditions of the resource.
sample-cluster
apiVersion: eks.aws.crossplane.io/v1beta1
kind: Cluster
metadata:
labels:
example: "true"
name: sample-cluster
spec:
forProvider:
region: us-east-1
resourcesVpcConfig:
endpointPrivateAccess: true
endpointPublicAccess: true
securityGroupIdRefs:
- name: sample-cluster-sg
subnetIdRefs:
- name: sample-subnet1
- name: sample-subnet2
roleArnRef:
name: somerole
version: "1.21"
providerConfigRef:
name: example
writeConnectionSecretToRef:
name: cluster-conn
namespace: default