@pulumi/aws
Version:
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
647 lines (646 loc) • 30 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
* Manages an EKS Cluster.
*
* ## Example Usage
*
* ### EKS Cluster
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const cluster = new aws.iam.Role("cluster", {
* name: "eks-cluster-example",
* assumeRolePolicy: JSON.stringify({
* Version: "2012-10-17",
* Statement: [{
* Action: [
* "sts:AssumeRole",
* "sts:TagSession",
* ],
* Effect: "Allow",
* Principal: {
* Service: "eks.amazonaws.com",
* },
* }],
* }),
* });
* const clusterAmazonEKSClusterPolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSClusterPolicy", {
* policyArn: "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy",
* role: cluster.name,
* });
* const example = new aws.eks.Cluster("example", {
* name: "example",
* accessConfig: {
* authenticationMode: "API",
* },
* roleArn: cluster.arn,
* version: "1.31",
* vpcConfig: {
* subnetIds: [
* az1.id,
* az2.id,
* az3.id,
* ],
* },
* }, {
* dependsOn: [clusterAmazonEKSClusterPolicy],
* });
* ```
*
* ### EKS Cluster with EKS Auto Mode
*
* > **NOTE:** When using EKS Auto Mode `compute_config.enabled`, `kubernetes_network_config.elastic_load_balancing.enabled`, and `storage_config.block_storage.enabled` must *ALL be set to `true`. Likewise for disabling EKS Auto Mode, all three arguments must be set to `false`. Enabling EKS Auto Mode also requires that `bootstrapSelfManagedAddons` is set to `false`.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const node = new aws.iam.Role("node", {
* name: "eks-auto-node-example",
* assumeRolePolicy: JSON.stringify({
* Version: "2012-10-17",
* Statement: [{
* Action: ["sts:AssumeRole"],
* Effect: "Allow",
* Principal: {
* Service: "ec2.amazonaws.com",
* },
* }],
* }),
* });
* const cluster = new aws.iam.Role("cluster", {
* name: "eks-cluster-example",
* assumeRolePolicy: JSON.stringify({
* Version: "2012-10-17",
* Statement: [{
* Action: [
* "sts:AssumeRole",
* "sts:TagSession",
* ],
* Effect: "Allow",
* Principal: {
* Service: "eks.amazonaws.com",
* },
* }],
* }),
* });
* const clusterAmazonEKSClusterPolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSClusterPolicy", {
* policyArn: "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy",
* role: cluster.name,
* });
* const clusterAmazonEKSComputePolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSComputePolicy", {
* policyArn: "arn:aws:iam::aws:policy/AmazonEKSComputePolicy",
* role: cluster.name,
* });
* const clusterAmazonEKSBlockStoragePolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSBlockStoragePolicy", {
* policyArn: "arn:aws:iam::aws:policy/AmazonEKSBlockStoragePolicy",
* role: cluster.name,
* });
* const clusterAmazonEKSLoadBalancingPolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSLoadBalancingPolicy", {
* policyArn: "arn:aws:iam::aws:policy/AmazonEKSLoadBalancingPolicy",
* role: cluster.name,
* });
* const clusterAmazonEKSNetworkingPolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSNetworkingPolicy", {
* policyArn: "arn:aws:iam::aws:policy/AmazonEKSNetworkingPolicy",
* role: cluster.name,
* });
* const example = new aws.eks.Cluster("example", {
* name: "example",
* accessConfig: {
* authenticationMode: "API",
* },
* roleArn: cluster.arn,
* version: "1.31",
* bootstrapSelfManagedAddons: false,
* computeConfig: {
* enabled: true,
* nodePools: ["general-purpose"],
* nodeRoleArn: node.arn,
* },
* kubernetesNetworkConfig: {
* elasticLoadBalancing: {
* enabled: true,
* },
* },
* storageConfig: {
* blockStorage: {
* enabled: true,
* },
* },
* vpcConfig: {
* endpointPrivateAccess: true,
* endpointPublicAccess: true,
* subnetIds: [
* az1.id,
* az2.id,
* az3.id,
* ],
* },
* }, {
* dependsOn: [
* clusterAmazonEKSClusterPolicy,
* clusterAmazonEKSComputePolicy,
* clusterAmazonEKSBlockStoragePolicy,
* clusterAmazonEKSLoadBalancingPolicy,
* clusterAmazonEKSNetworkingPolicy,
* ],
* });
* const nodeAmazonEKSWorkerNodeMinimalPolicy = new aws.iam.RolePolicyAttachment("node_AmazonEKSWorkerNodeMinimalPolicy", {
* policyArn: "arn:aws:iam::aws:policy/AmazonEKSWorkerNodeMinimalPolicy",
* role: node.name,
* });
* const nodeAmazonEC2ContainerRegistryPullOnly = new aws.iam.RolePolicyAttachment("node_AmazonEC2ContainerRegistryPullOnly", {
* policyArn: "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPullOnly",
* role: node.name,
* });
* ```
*
* ### EKS Cluster with EKS Hybrid Nodes
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const cluster = new aws.iam.Role("cluster", {
* name: "eks-cluster-example",
* assumeRolePolicy: JSON.stringify({
* Version: "2012-10-17",
* Statement: [{
* Action: [
* "sts:AssumeRole",
* "sts:TagSession",
* ],
* Effect: "Allow",
* Principal: {
* Service: "eks.amazonaws.com",
* },
* }],
* }),
* });
* const clusterAmazonEKSClusterPolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSClusterPolicy", {
* policyArn: "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy",
* role: cluster.name,
* });
* const example = new aws.eks.Cluster("example", {
* name: "example",
* accessConfig: {
* authenticationMode: "API",
* },
* roleArn: cluster.arn,
* version: "1.31",
* remoteNetworkConfig: {
* remoteNodeNetworks: {
* cidrs: ["172.16.0.0/18"],
* },
* remotePodNetworks: {
* cidrs: ["172.16.64.0/18"],
* },
* },
* vpcConfig: {
* endpointPrivateAccess: true,
* endpointPublicAccess: true,
* subnetIds: [
* az1.id,
* az2.id,
* az3.id,
* ],
* },
* }, {
* dependsOn: [clusterAmazonEKSClusterPolicy],
* });
* ```
*
* ### Local EKS Cluster on AWS Outpost
*
* [Creating a local Amazon EKS cluster on an AWS Outpost](https://docs.aws.amazon.com/eks/latest/userguide/create-cluster-outpost.html)
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const example = aws.outposts.getOutpost({
* name: "example",
* });
* const cluster = new aws.iam.Role("cluster", {
* name: "eks-cluster-example",
* assumeRolePolicy: JSON.stringify({
* Version: "2012-10-17",
* Statement: [{
* Action: [
* "sts:AssumeRole",
* "sts:TagSession",
* ],
* Effect: "Allow",
* Principal: {
* Service: [
* "eks.amazonaws.com",
* "ec2.amazonaws.com",
* ],
* },
* }],
* }),
* });
* const clusterAmazonEKSLocalOutpostClusterPolicy = new aws.iam.RolePolicyAttachment("cluster_AmazonEKSLocalOutpostClusterPolicy", {
* policyArn: "arn:aws:iam::aws:policy/AmazonEKSLocalOutpostClusterPolicy",
* role: cluster.name,
* });
* const exampleCluster = new aws.eks.Cluster("example", {
* name: "example",
* accessConfig: {
* authenticationMode: "CONFIG_MAP",
* },
* roleArn: cluster.arn,
* version: "1.31",
* vpcConfig: {
* endpointPrivateAccess: true,
* endpointPublicAccess: false,
* subnetIds: [
* az1.id,
* az2.id,
* az3.id,
* ],
* },
* outpostConfig: {
* controlPlaneInstanceType: "m5.large",
* outpostArns: [example.then(example => example.arn)],
* },
* }, {
* dependsOn: [clusterAmazonEKSLocalOutpostClusterPolicy],
* });
* ```
*
* ## Import
*
* Using `pulumi import`, import EKS Clusters using the `name`. For example:
*
* ```sh
* $ pulumi import aws:eks/cluster:Cluster my_cluster my_cluster
* ```
*/
export declare class Cluster extends pulumi.CustomResource {
/**
* Get an existing Cluster resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ClusterState, opts?: pulumi.CustomResourceOptions): Cluster;
/**
* Returns true if the given object is an instance of Cluster. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Cluster;
/**
* Configuration block for the access config associated with your cluster, see [Amazon EKS Access Entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html). Detailed below.
*/
readonly accessConfig: pulumi.Output<outputs.eks.ClusterAccessConfig>;
/**
* ARN of the cluster.
*/
readonly arn: pulumi.Output<string>;
/**
* Install default unmanaged add-ons, such as `aws-cni`, `kube-proxy`, and CoreDNS during cluster creation. If `false`, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to `true`.
*/
readonly bootstrapSelfManagedAddons: pulumi.Output<boolean | undefined>;
/**
* Attribute block containing `certificate-authority-data` for your cluster. Detailed below.
*/
readonly certificateAuthority: pulumi.Output<outputs.eks.ClusterCertificateAuthority>;
/**
* The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
*/
readonly clusterId: pulumi.Output<string>;
/**
* Configuration block with compute configuration for EKS Auto Mode. Detailed below.
*/
readonly computeConfig: pulumi.Output<outputs.eks.ClusterComputeConfig | undefined>;
/**
* Unix epoch timestamp in seconds for when the cluster was created.
*/
readonly createdAt: pulumi.Output<string>;
/**
* @deprecated Configure bootstrapSelfManagedAddons instead. This attribute will be removed in the next major version of the provider
*/
readonly defaultAddonsToRemoves: pulumi.Output<string[] | undefined>;
/**
* Whether to enable deletion protection for the cluster. When enabled, the cluster cannot be deleted unless deletion protection is first disabled. Default: `false`.
*/
readonly deletionProtection: pulumi.Output<boolean>;
/**
* List of the desired control plane logging to enable. For more information, see [Amazon EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html).
*/
readonly enabledClusterLogTypes: pulumi.Output<string[] | undefined>;
/**
* Configuration block with encryption configuration for the cluster. Detailed below.
*/
readonly encryptionConfig: pulumi.Output<outputs.eks.ClusterEncryptionConfig | undefined>;
/**
* Endpoint for your Kubernetes API server.
*/
readonly endpoint: pulumi.Output<string>;
/**
* Force version update by overriding upgrade-blocking readiness checks when updating a cluster.
*/
readonly forceUpdateVersion: pulumi.Output<boolean | undefined>;
/**
* Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
*/
readonly identities: pulumi.Output<outputs.eks.ClusterIdentity[]>;
/**
* Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, the provider will only perform drift detection if a configuration value is provided.
*/
readonly kubernetesNetworkConfig: pulumi.Output<outputs.eks.ClusterKubernetesNetworkConfig>;
/**
* Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (`^[0-9A-Za-z][A-Za-z0-9\-_]*$`).
*/
readonly name: pulumi.Output<string>;
/**
* Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
*/
readonly outpostConfig: pulumi.Output<outputs.eks.ClusterOutpostConfig | undefined>;
/**
* Platform version for the cluster.
*/
readonly platformVersion: pulumi.Output<string>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
readonly region: pulumi.Output<string>;
/**
* Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
*/
readonly remoteNetworkConfig: pulumi.Output<outputs.eks.ClusterRemoteNetworkConfig | undefined>;
/**
* ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding `dependsOn` if using the `aws.iam.RolePolicy` resource or `aws.iam.RolePolicyAttachment` resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
*/
readonly roleArn: pulumi.Output<string>;
/**
* Status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED`.
*/
readonly status: pulumi.Output<string>;
/**
* Configuration block with storage configuration for EKS Auto Mode. Detailed below.
*/
readonly storageConfig: pulumi.Output<outputs.eks.ClusterStorageConfig | undefined>;
/**
* Key-value map of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
readonly tags: pulumi.Output<{
[key: string]: string;
} | undefined>;
/**
* Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
*/
readonly tagsAll: pulumi.Output<{
[key: string]: string;
}>;
/**
* Configuration block for the support policy to use for the cluster. See upgradePolicy for details.
*/
readonly upgradePolicy: pulumi.Output<outputs.eks.ClusterUpgradePolicy>;
/**
* Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
*/
readonly version: pulumi.Output<string>;
/**
* Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.
*
* The following arguments are optional:
*/
readonly vpcConfig: pulumi.Output<outputs.eks.ClusterVpcConfig>;
/**
* Configuration block with zonal shift configuration for the cluster. Detailed below.
*/
readonly zonalShiftConfig: pulumi.Output<outputs.eks.ClusterZonalShiftConfig | undefined>;
/**
* Create a Cluster resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: ClusterArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Cluster resources.
*/
export interface ClusterState {
/**
* Configuration block for the access config associated with your cluster, see [Amazon EKS Access Entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html). Detailed below.
*/
accessConfig?: pulumi.Input<inputs.eks.ClusterAccessConfig>;
/**
* ARN of the cluster.
*/
arn?: pulumi.Input<string>;
/**
* Install default unmanaged add-ons, such as `aws-cni`, `kube-proxy`, and CoreDNS during cluster creation. If `false`, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to `true`.
*/
bootstrapSelfManagedAddons?: pulumi.Input<boolean>;
/**
* Attribute block containing `certificate-authority-data` for your cluster. Detailed below.
*/
certificateAuthority?: pulumi.Input<inputs.eks.ClusterCertificateAuthority>;
/**
* The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.
*/
clusterId?: pulumi.Input<string>;
/**
* Configuration block with compute configuration for EKS Auto Mode. Detailed below.
*/
computeConfig?: pulumi.Input<inputs.eks.ClusterComputeConfig>;
/**
* Unix epoch timestamp in seconds for when the cluster was created.
*/
createdAt?: pulumi.Input<string>;
/**
* @deprecated Configure bootstrapSelfManagedAddons instead. This attribute will be removed in the next major version of the provider
*/
defaultAddonsToRemoves?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Whether to enable deletion protection for the cluster. When enabled, the cluster cannot be deleted unless deletion protection is first disabled. Default: `false`.
*/
deletionProtection?: pulumi.Input<boolean>;
/**
* List of the desired control plane logging to enable. For more information, see [Amazon EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html).
*/
enabledClusterLogTypes?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Configuration block with encryption configuration for the cluster. Detailed below.
*/
encryptionConfig?: pulumi.Input<inputs.eks.ClusterEncryptionConfig>;
/**
* Endpoint for your Kubernetes API server.
*/
endpoint?: pulumi.Input<string>;
/**
* Force version update by overriding upgrade-blocking readiness checks when updating a cluster.
*/
forceUpdateVersion?: pulumi.Input<boolean>;
/**
* Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.
*/
identities?: pulumi.Input<pulumi.Input<inputs.eks.ClusterIdentity>[]>;
/**
* Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, the provider will only perform drift detection if a configuration value is provided.
*/
kubernetesNetworkConfig?: pulumi.Input<inputs.eks.ClusterKubernetesNetworkConfig>;
/**
* Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (`^[0-9A-Za-z][A-Za-z0-9\-_]*$`).
*/
name?: pulumi.Input<string>;
/**
* Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
*/
outpostConfig?: pulumi.Input<inputs.eks.ClusterOutpostConfig>;
/**
* Platform version for the cluster.
*/
platformVersion?: pulumi.Input<string>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
region?: pulumi.Input<string>;
/**
* Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
*/
remoteNetworkConfig?: pulumi.Input<inputs.eks.ClusterRemoteNetworkConfig>;
/**
* ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding `dependsOn` if using the `aws.iam.RolePolicy` resource or `aws.iam.RolePolicyAttachment` resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
*/
roleArn?: pulumi.Input<string>;
/**
* Status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED`.
*/
status?: pulumi.Input<string>;
/**
* Configuration block with storage configuration for EKS Auto Mode. Detailed below.
*/
storageConfig?: pulumi.Input<inputs.eks.ClusterStorageConfig>;
/**
* Key-value map of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
*/
tagsAll?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Configuration block for the support policy to use for the cluster. See upgradePolicy for details.
*/
upgradePolicy?: pulumi.Input<inputs.eks.ClusterUpgradePolicy>;
/**
* Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
*/
version?: pulumi.Input<string>;
/**
* Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.
*
* The following arguments are optional:
*/
vpcConfig?: pulumi.Input<inputs.eks.ClusterVpcConfig>;
/**
* Configuration block with zonal shift configuration for the cluster. Detailed below.
*/
zonalShiftConfig?: pulumi.Input<inputs.eks.ClusterZonalShiftConfig>;
}
/**
* The set of arguments for constructing a Cluster resource.
*/
export interface ClusterArgs {
/**
* Configuration block for the access config associated with your cluster, see [Amazon EKS Access Entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html). Detailed below.
*/
accessConfig?: pulumi.Input<inputs.eks.ClusterAccessConfig>;
/**
* Install default unmanaged add-ons, such as `aws-cni`, `kube-proxy`, and CoreDNS during cluster creation. If `false`, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to `true`.
*/
bootstrapSelfManagedAddons?: pulumi.Input<boolean>;
/**
* Configuration block with compute configuration for EKS Auto Mode. Detailed below.
*/
computeConfig?: pulumi.Input<inputs.eks.ClusterComputeConfig>;
/**
* @deprecated Configure bootstrapSelfManagedAddons instead. This attribute will be removed in the next major version of the provider
*/
defaultAddonsToRemoves?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Whether to enable deletion protection for the cluster. When enabled, the cluster cannot be deleted unless deletion protection is first disabled. Default: `false`.
*/
deletionProtection?: pulumi.Input<boolean>;
/**
* List of the desired control plane logging to enable. For more information, see [Amazon EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html).
*/
enabledClusterLogTypes?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Configuration block with encryption configuration for the cluster. Detailed below.
*/
encryptionConfig?: pulumi.Input<inputs.eks.ClusterEncryptionConfig>;
/**
* Force version update by overriding upgrade-blocking readiness checks when updating a cluster.
*/
forceUpdateVersion?: pulumi.Input<boolean>;
/**
* Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, the provider will only perform drift detection if a configuration value is provided.
*/
kubernetesNetworkConfig?: pulumi.Input<inputs.eks.ClusterKubernetesNetworkConfig>;
/**
* Name of the cluster. Must be between 1-100 characters in length. Must begin with an alphanumeric character, and must only contain alphanumeric characters, dashes and underscores (`^[0-9A-Za-z][A-Za-z0-9\-_]*$`).
*/
name?: pulumi.Input<string>;
/**
* Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.
*/
outpostConfig?: pulumi.Input<inputs.eks.ClusterOutpostConfig>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
region?: pulumi.Input<string>;
/**
* Configuration block with remote network configuration for EKS Hybrid Nodes. Detailed below.
*/
remoteNetworkConfig?: pulumi.Input<inputs.eks.ClusterRemoteNetworkConfig>;
/**
* ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding `dependsOn` if using the `aws.iam.RolePolicy` resource or `aws.iam.RolePolicyAttachment` resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.
*/
roleArn: pulumi.Input<string>;
/**
* Configuration block with storage configuration for EKS Auto Mode. Detailed below.
*/
storageConfig?: pulumi.Input<inputs.eks.ClusterStorageConfig>;
/**
* Key-value map of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Configuration block for the support policy to use for the cluster. See upgradePolicy for details.
*/
upgradePolicy?: pulumi.Input<inputs.eks.ClusterUpgradePolicy>;
/**
* Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.
*/
version?: pulumi.Input<string>;
/**
* Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.
*
* The following arguments are optional:
*/
vpcConfig: pulumi.Input<inputs.eks.ClusterVpcConfig>;
/**
* Configuration block with zonal shift configuration for the cluster. Detailed below.
*/
zonalShiftConfig?: pulumi.Input<inputs.eks.ClusterZonalShiftConfig>;
}