@pulumi/gcp

import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * An Anthos cluster running on AWS. * * For more information, see: * * [Multicloud overview](https://cloud.google.com/kubernetes-engine/multi-cloud/docs) * ## Example Usage * * ### Basic_aws_cluster * A basic example of a containeraws cluster * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const versions = gcp.container.getAwsVersions({ * project: "my-project-name", * location: "us-west1", * }); * const primary = new gcp.container.AwsCluster("primary", { * authorization: { * adminUsers: [{ * username: "my@service-account.com", * }], * adminGroups: [{ * group: "group@domain.com", * }], * }, * awsRegion: "my-aws-region", * controlPlane: { * awsServicesAuthentication: { * roleArn: "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform", * roleSessionName: "my--1p-dev-session", * }, * configEncryption: { * kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111", * }, * databaseEncryption: { * kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111", * }, * iamInstanceProfile: "my--1p-dev-controlplane", * subnetIds: ["subnet-00000000000000000"], * version: versions.then(versions => versions.validVersions?.[0]), * instanceType: "t3.medium", * mainVolume: { * iops: 3000, * kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111", * sizeGib: 10, * volumeType: "GP3", * }, * proxyConfig: { * secretArn: "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF", * secretVersion: "12345678-ABCD-EFGH-IJKL-987654321098", * }, * rootVolume: { * iops: 3000, * kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111", * sizeGib: 10, * volumeType: "GP3", * }, * securityGroupIds: ["sg-00000000000000000"], * sshConfig: { * ec2KeyPair: "my--1p-dev-ssh", * }, * tags: { * owner: "my@service-account.com", * }, * }, * fleet: { * project: "my-project-number", * }, * location: "us-west1", * name: "name", * networking: { * podAddressCidrBlocks: ["10.2.0.0/16"], * serviceAddressCidrBlocks: ["10.1.0.0/16"], * vpcId: "vpc-00000000000000000", * }, * annotations: { * "label-one": "value-one", * }, * description: "A sample aws cluster", * project: "my-project-name", * }); * ``` * ### Basic_enum_aws_cluster * A basic example of a containeraws cluster with lowercase enums * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const versions = gcp.container.getAwsVersions({ * project: "my-project-name", * location: "us-west1", * }); * const primary = new gcp.container.AwsCluster("primary", { * authorization: { * adminUsers: [{ * username: "my@service-account.com", * }], * }, * awsRegion: "my-aws-region", * controlPlane: { * awsServicesAuthentication: { * roleArn: "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform", * roleSessionName: "my--1p-dev-session", * }, * configEncryption: { * kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111", * }, * databaseEncryption: { * kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111", * }, * iamInstanceProfile: "my--1p-dev-controlplane", * subnetIds: ["subnet-00000000000000000"], * version: versions.then(versions => versions.validVersions?.[0]), * instanceType: "t3.medium", * mainVolume: { * iops: 3000, * kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111", * sizeGib: 10, * volumeType: "gp3", * }, * proxyConfig: { * secretArn: "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF", * secretVersion: "12345678-ABCD-EFGH-IJKL-987654321098", * }, * rootVolume: { * iops: 3000, * kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111", * sizeGib: 10, * volumeType: "gp3", * }, * securityGroupIds: ["sg-00000000000000000"], * sshConfig: { * ec2KeyPair: "my--1p-dev-ssh", * }, * tags: { * owner: "my@service-account.com", * }, * }, * fleet: { * project: "my-project-number", * }, * location: "us-west1", * name: "name", * networking: { * podAddressCidrBlocks: ["10.2.0.0/16"], * serviceAddressCidrBlocks: ["10.1.0.0/16"], * vpcId: "vpc-00000000000000000", * }, * annotations: { * "label-one": "value-one", * }, * description: "A sample aws cluster", * project: "my-project-name", * }); * ``` * ### Beta_basic_enum_aws_cluster * A basic example of a containeraws cluster with lowercase enums (beta) * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const versions = gcp.container.getAwsVersions({ * project: "my-project-name", * location: "us-west1", * }); * const primary = new gcp.container.AwsCluster("primary", { * authorization: { * adminUsers: [{ * username: "my@service-account.com", * }], * }, * awsRegion: "my-aws-region", * controlPlane: { * awsServicesAuthentication: { * roleArn: "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform", * roleSessionName: "my--1p-dev-session", * }, * configEncryption: { * kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111", * }, * databaseEncryption: { * kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111", * }, * iamInstanceProfile: "my--1p-dev-controlplane", * subnetIds: ["subnet-00000000000000000"], * version: versions.then(versions => versions.validVersions?.[0]), * instanceType: "t3.medium", * mainVolume: { * iops: 3000, * kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111", * sizeGib: 10, * volumeType: "gp3", * }, * proxyConfig: { * secretArn: "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF", * secretVersion: "12345678-ABCD-EFGH-IJKL-987654321098", * }, * rootVolume: { * iops: 3000, * kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111", * sizeGib: 10, * volumeType: "gp3", * }, * securityGroupIds: ["sg-00000000000000000"], * sshConfig: { * ec2KeyPair: "my--1p-dev-ssh", * }, * tags: { * owner: "my@service-account.com", * }, * instancePlacement: { * tenancy: "dedicated", * }, * }, * fleet: { * project: "my-project-number", * }, * location: "us-west1", * name: "name", * networking: { * podAddressCidrBlocks: ["10.2.0.0/16"], * serviceAddressCidrBlocks: ["10.1.0.0/16"], * vpcId: "vpc-00000000000000000", * }, * annotations: { * "label-one": "value-one", * }, * description: "A sample aws cluster", * project: "my-project-name", * loggingConfig: { * componentConfig: { * enableComponents: [ * "system_components", * "workloads", * ], * }, * }, * }); * ``` * * ## Import * * Cluster can be imported using any of these accepted formats: * * * `projects/{{project}}/locations/{{location}}/awsClusters/{{name}}` * * * `{{project}}/{{location}}/{{name}}` * * * `{{location}}/{{name}}` * * When using the `pulumi import` command, Cluster can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:container/awsCluster:AwsCluster default projects/{{project}}/locations/{{location}}/awsClusters/{{name}} * ``` * * ```sh * $ pulumi import gcp:container/awsCluster:AwsCluster default {{project}}/{{location}}/{{name}} * ``` * * ```sh * $ pulumi import gcp:container/awsCluster:AwsCluster default {{location}}/{{name}} * ``` */ export declare class AwsCluster extends pulumi.CustomResource { /** * Get an existing AwsCluster resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AwsClusterState, opts?: pulumi.CustomResourceOptions): AwsCluster; /** * Returns true if the given object is an instance of AwsCluster. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is AwsCluster; /** * Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of * all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), * separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with * alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. **Note**: This field is * non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field * `effectiveAnnotations` for all of the annotations present on the resource. */ readonly annotations: pulumi.Output<{ [key: string]: string; } | undefined>; /** * Configuration related to the cluster RBAC settings. */ readonly authorization: pulumi.Output<outputs.container.AwsClusterAuthorization>; /** * The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region. */ readonly awsRegion: pulumi.Output<string>; /** * Configuration options for the Binary Authorization feature. */ readonly binaryAuthorization: pulumi.Output<outputs.container.AwsClusterBinaryAuthorization>; /** * Configuration related to the cluster control plane. */ readonly controlPlane: pulumi.Output<outputs.container.AwsClusterControlPlane>; /** * Output only. The time at which this cluster was created. */ readonly createTime: pulumi.Output<string>; /** * Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes. */ readonly description: pulumi.Output<string | undefined>; readonly effectiveAnnotations: pulumi.Output<{ [key: string]: string; }>; /** * Output only. The endpoint of the cluster's API server. */ readonly endpoint: pulumi.Output<string>; /** * Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. */ readonly etag: pulumi.Output<string>; /** * Fleet configuration. */ readonly fleet: pulumi.Output<outputs.container.AwsClusterFleet>; /** * The location for the resource */ readonly location: pulumi.Output<string>; /** * Logging configuration. */ readonly loggingConfig: pulumi.Output<outputs.container.AwsClusterLoggingConfig>; /** * The name of this resource. */ readonly name: pulumi.Output<string>; /** * Cluster-wide networking configuration. */ readonly networking: pulumi.Output<outputs.container.AwsClusterNetworking>; /** * The project for the resource */ readonly project: pulumi.Output<string>; /** * Output only. If set, there are currently changes in flight to the cluster. */ readonly reconciling: pulumi.Output<boolean>; /** * Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED */ readonly state: pulumi.Output<string>; /** * Output only. A globally unique identifier for the cluster. */ readonly uid: pulumi.Output<string>; /** * Output only. The time at which this cluster was last updated. */ readonly updateTime: pulumi.Output<string>; /** * Output only. Workload Identity settings. */ readonly workloadIdentityConfigs: pulumi.Output<outputs.container.AwsClusterWorkloadIdentityConfig[]>; /** * Create a AwsCluster resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: AwsClusterArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering AwsCluster resources. */ export interface AwsClusterState { /** * Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of * all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), * separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with * alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. **Note**: This field is * non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field * `effectiveAnnotations` for all of the annotations present on the resource. */ annotations?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Configuration related to the cluster RBAC settings. */ authorization?: pulumi.Input<inputs.container.AwsClusterAuthorization>; /** * The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region. */ awsRegion?: pulumi.Input<string>; /** * Configuration options for the Binary Authorization feature. */ binaryAuthorization?: pulumi.Input<inputs.container.AwsClusterBinaryAuthorization>; /** * Configuration related to the cluster control plane. */ controlPlane?: pulumi.Input<inputs.container.AwsClusterControlPlane>; /** * Output only. The time at which this cluster was created. */ createTime?: pulumi.Input<string>; /** * Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes. */ description?: pulumi.Input<string>; effectiveAnnotations?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Output only. The endpoint of the cluster's API server. */ endpoint?: pulumi.Input<string>; /** * Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. */ etag?: pulumi.Input<string>; /** * Fleet configuration. */ fleet?: pulumi.Input<inputs.container.AwsClusterFleet>; /** * The location for the resource */ location?: pulumi.Input<string>; /** * Logging configuration. */ loggingConfig?: pulumi.Input<inputs.container.AwsClusterLoggingConfig>; /** * The name of this resource. */ name?: pulumi.Input<string>; /** * Cluster-wide networking configuration. */ networking?: pulumi.Input<inputs.container.AwsClusterNetworking>; /** * The project for the resource */ project?: pulumi.Input<string>; /** * Output only. If set, there are currently changes in flight to the cluster. */ reconciling?: pulumi.Input<boolean>; /** * Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED */ state?: pulumi.Input<string>; /** * Output only. A globally unique identifier for the cluster. */ uid?: pulumi.Input<string>; /** * Output only. The time at which this cluster was last updated. */ updateTime?: pulumi.Input<string>; /** * Output only. Workload Identity settings. */ workloadIdentityConfigs?: pulumi.Input<pulumi.Input<inputs.container.AwsClusterWorkloadIdentityConfig>[]>; } /** * The set of arguments for constructing a AwsCluster resource. */ export interface AwsClusterArgs { /** * Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of * all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), * separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with * alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. **Note**: This field is * non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field * `effectiveAnnotations` for all of the annotations present on the resource. */ annotations?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Configuration related to the cluster RBAC settings. */ authorization: pulumi.Input<inputs.container.AwsClusterAuthorization>; /** * The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region. */ awsRegion: pulumi.Input<string>; /** * Configuration options for the Binary Authorization feature. */ binaryAuthorization?: pulumi.Input<inputs.container.AwsClusterBinaryAuthorization>; /** * Configuration related to the cluster control plane. */ controlPlane: pulumi.Input<inputs.container.AwsClusterControlPlane>; /** * Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes. */ description?: pulumi.Input<string>; /** * Fleet configuration. */ fleet: pulumi.Input<inputs.container.AwsClusterFleet>; /** * The location for the resource */ location: pulumi.Input<string>; /** * Logging configuration. */ loggingConfig?: pulumi.Input<inputs.container.AwsClusterLoggingConfig>; /** * The name of this resource. */ name?: pulumi.Input<string>; /** * Cluster-wide networking configuration. */ networking: pulumi.Input<inputs.container.AwsClusterNetworking>; /** * The project for the resource */ project?: pulumi.Input<string>; }