Optional ReadonlyawscliAn AWS Lambda layer that contains the aws CLI.
The handler expects the layer to include the following executables:
/opt/awscli/aws
Optional ReadonlyclusterThe certificate-authority-data for your cluster.
Optional ReadonlyclusterAmazon Resource Name (ARN) or alias of the customer master key (CMK).
Optional ReadonlyclusterThe API Server endpoint URL
Optional ReadonlyclusterA security group id to associate with the Cluster Handler's Lambdas. The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.
ReadonlyclusterThe physical name of the Cluster
Optional ReadonlyclusterThe cluster security group that was created by Amazon EKS for the cluster.
OptionalidUsed for the CDK construct id for the imported cluster. Useful when passing tokens for cluster name.
Optional ReadonlyipSpecify which IP family is used to assign Kubernetes pod and service IP addresses.
Optional ReadonlykubectlEnvironment variables to use when running kubectl against this cluster.
Optional ReadonlykubectlAn IAM role that can perform kubectl operations against this cluster.
The role should be mapped to the system:masters Kubernetes RBAC role.
This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster.
Optional ReadonlykubectlAn AWS Lambda Layer which includes kubectl and Helm.
This layer is used by the kubectl handler to apply manifests and install
helm charts. You must pick an appropriate releases of one of the
@aws-cdk/layer-kubectl-vXX packages, that works with the version of
Kubernetes you have chosen.
The handler expects the layer to include the following executables:
/opt/helm/helm
/opt/kubectl/kubectl
Optional ReadonlykubectlAmount of memory to allocate to the provider's lambda function.
Optional ReadonlykubectlSubnets to host the kubectl compute resources. If not specified, the k8s
endpoint is expected to be accessible publicly.
Optional ReadonlykubectlKubectlProvider for issuing kubectl commands.
Optional ReadonlykubectlAn IAM role with cluster administrator and "system:masters" permissions.
Optional ReadonlykubectlA security group to use for kubectl execution. If not specified, the k8s
endpoint is expected to be accessible publicly.
Optional ReadonlyonAn AWS Lambda Layer which includes the NPM dependency proxy-agent. This layer
is used by the onEvent handler to route AWS SDK requests through a proxy.
The handler expects the layer to include the following node_modules:
proxy-agent
Optional ReadonlyopenAn Open ID Connect provider for this cluster that can be used to configure service accounts.
You can either import an existing provider using iam.OpenIdConnectProvider.fromProviderArn,
or create a new provider using new eks.OpenIdConnectProvider
Optional ReadonlypruneIndicates whether Kubernetes resources added through addManifest() can be
automatically pruned. When this is enabled (default), prune labels will be
allocated and injected to each resource. These labels will then be used
when issuing the kubectl apply operation with the --prune switch.
Optional ReadonlysecurityAdditional security groups associated with this cluster.
This property is needed as it drives selection of certain add-on versions as well as kubectl layer.
Properties object for the ImportClusterProvider.