A Cluster is a managed resource that represents an AWS Elastic Kubernetes Service cluster.
Type
CRD
Group
eks.aws.crossplane.io
Version
v1beta1
apiVersion: eks.aws.crossplane.io/v1beta1
kind: Cluster
A ClusterSpec defines the desired state of an EKS Cluster.
ClusterParameters define the desired state of an AWS Elastic Kubernetes Service cluster.
The encryption configuration for the cluster.
Enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs. By default, cluster control plane logs aren't exported to CloudWatch Logs. For more information, see Amazon EKS Cluster Control Plane Logs (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html) in the Amazon EKS User Guide . CloudWatch Logs ingestion, archive storage, and data scanning rates apply to exported control plane logs. For more information, see Amazon CloudWatch Pricing (http://aws.amazon.com/cloudwatch/pricing/).
The VPC configuration used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations (https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and Cluster Security Group Considerations (https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide. You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane. ResourcesVpcConfig is a required field
The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have worker nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks. For more information, see Amazon EKS Cluster Endpoint Access Control (https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the Amazon EKS User Guide.
SecurityGroupIDRefs are references to SecurityGroups used to set the SecurityGroupIDs.
Policies for referencing.
SecurityGroupIDSelector selects references to SecurityGroups used to set the SecurityGroupIDs.
Policies for selection.
Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.
SubnetIDRefs are references to Subnets used to set the SubnetIDs.
Policies for referencing.
SubnetIDSelector selects references to Subnets used to set the SubnetIDs.
Policies for selection.
Specify subnets for your Amazon EKS worker nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.
RoleArnRef is a reference to an IAMRole used to set the RoleArn.
Policies for referencing.
RoleArnSelector selects references to IAMRole used to set the RoleArn.
Policies for selection.
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
Policies for referencing.
ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. providerConfigRef
Policies for referencing.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
A ClusterStatus represents the observed state of an EKS Cluster.
ClusterObservation is the observed state of a cluster.
The identity provider information for the cluster.
The OpenID Connect (https://openid.net/connect/) identity provider information for the cluster.
The VPC configuration used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations (https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and Cluster Security Group Considerations (https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide.
Conditions of the resource.
sample-cluster
apiVersion: eks.aws.crossplane.io/v1beta1
kind: Cluster
metadata:
labels:
example: "true"
name: sample-cluster
spec:
forProvider:
region: us-east-1
resourcesVpcConfig:
endpointPrivateAccess: true
endpointPublicAccess: true
securityGroupIdRefs:
- name: sample-cluster-sg
subnetIdRefs:
- name: sample-subnet1
- name: sample-subnet2
roleArnRef:
name: somerole
version: "1.16"
providerConfigRef:
name: example
writeConnectionSecretToRef:
name: cluster-conn
namespace: default