UNPKG

@aws-cdk/aws-eks-v2-alpha

Version:

The CDK Construct Library for AWS::EKS

github.com/aws/aws-cdk

aws/aws-cdk

120 lines (119 loc) 3.72 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
import { Construct, IConstruct } from 'constructs'; import { ICluster } from './cluster'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; import * as iam from 'aws-cdk-lib/aws-iam'; import * as lambda from 'aws-cdk-lib/aws-lambda'; import { Size } from 'aws-cdk-lib/core'; export interface KubectlProviderOptions { /** * An IAM role that can perform kubectl operations against this cluster. * * The role should be mapped to the `system:masters` Kubernetes RBAC role. * * This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster. * @default - if not specified, the default role created by a lambda function will * be used. */ readonly role?: iam.IRole; /** * An AWS Lambda layer that contains the `aws` CLI. * * If not defined, a default layer will be used containing the AWS CLI 2.x. */ readonly awscliLayer?: lambda.ILayerVersion; /** * * Custom environment variables when running `kubectl` against this cluster. */ readonly environment?: { [key: string]: string; }; /** * A security group to use for `kubectl` execution. * * @default - If not specified, the k8s endpoint is expected to be accessible * publicly. */ readonly securityGroup?: ec2.ISecurityGroup; /** * The amount of memory allocated to the kubectl provider's lambda function. */ readonly memory?: Size; /** * An AWS Lambda layer that includes `kubectl` and `helm` */ readonly kubectlLayer: lambda.ILayerVersion; /** * Subnets to host the `kubectl` compute resources. If not specified, the k8s * endpoint is expected to be accessible publicly. */ readonly privateSubnets?: ec2.ISubnet[]; } /** * Properties for a KubectlProvider */ export interface KubectlProviderProps extends KubectlProviderOptions { /** * The cluster to control. */ readonly cluster: ICluster; } /** * Kubectl Provider Attributes */ export interface KubectlProviderAttributes { /** * The kubectl provider lambda arn */ readonly serviceToken: string; /** * The role of the provider lambda function. * Only required if you deploy helm charts using this imported provider. * * @default - no role. */ readonly role?: iam.IRole; } /** * Imported KubectlProvider that can be used in place of the default one created by CDK */ export interface IKubectlProvider extends IConstruct { /** * The custom resource provider's service token. */ readonly serviceToken: string; /** * The role of the provider lambda function. If undefined, * you cannot use this provider to deploy helm charts. */ readonly role?: iam.IRole; } /** * Implementation of Kubectl Lambda */ export declare class KubectlProvider extends Construct implements IKubectlProvider { /** * Take existing provider on cluster * * @param scope Construct * @param cluster k8s cluster */ static getKubectlProvider(scope: Construct, cluster: ICluster): IKubectlProvider | undefined; /** * Import an existing provider * * @param scope Construct * @param id an id of resource * @param attrs attributes for the provider */ static fromKubectlProviderAttributes(scope: Construct, id: string, attrs: KubectlProviderAttributes): IKubectlProvider; /** * The custom resource provider's service token. */ readonly serviceToken: string; /** * The IAM execution role of the handler. */ readonly role?: iam.IRole; constructor(scope: Construct, id: string, props: KubectlProviderProps); }