aws-sdk-eks 1.43.0 → 1.48.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aws-sdk-eks.rb +2 -2
- data/lib/aws-sdk-eks/client.rb +786 -69
- data/lib/aws-sdk-eks/client_api.rb +376 -0
- data/lib/aws-sdk-eks/errors.rb +30 -0
- data/lib/aws-sdk-eks/types.rb +1257 -115
- data/lib/aws-sdk-eks/waiters.rb +89 -0
- metadata +4 -4
data/lib/aws-sdk-eks/errors.rb
CHANGED
@@ -79,6 +79,11 @@ module Aws::EKS
|
|
79
79
|
@data[:nodegroup_name]
|
80
80
|
end
|
81
81
|
|
82
|
+
# @return [String]
|
83
|
+
def addon_name
|
84
|
+
@data[:addon_name]
|
85
|
+
end
|
86
|
+
|
82
87
|
# @return [String]
|
83
88
|
def message
|
84
89
|
@message || @data[:message]
|
@@ -109,6 +114,11 @@ module Aws::EKS
|
|
109
114
|
@data[:fargate_profile_name]
|
110
115
|
end
|
111
116
|
|
117
|
+
# @return [String]
|
118
|
+
def addon_name
|
119
|
+
@data[:addon_name]
|
120
|
+
end
|
121
|
+
|
112
122
|
# @return [String]
|
113
123
|
def message
|
114
124
|
@message || @data[:message]
|
@@ -134,6 +144,11 @@ module Aws::EKS
|
|
134
144
|
@data[:nodegroup_name]
|
135
145
|
end
|
136
146
|
|
147
|
+
# @return [String]
|
148
|
+
def addon_name
|
149
|
+
@data[:addon_name]
|
150
|
+
end
|
151
|
+
|
137
152
|
# @return [String]
|
138
153
|
def message
|
139
154
|
@message || @data[:message]
|
@@ -174,6 +189,11 @@ module Aws::EKS
|
|
174
189
|
@data[:nodegroup_name]
|
175
190
|
end
|
176
191
|
|
192
|
+
# @return [String]
|
193
|
+
def addon_name
|
194
|
+
@data[:addon_name]
|
195
|
+
end
|
196
|
+
|
177
197
|
# @return [String]
|
178
198
|
def message
|
179
199
|
@message || @data[:message]
|
@@ -229,6 +249,11 @@ module Aws::EKS
|
|
229
249
|
@data[:fargate_profile_name]
|
230
250
|
end
|
231
251
|
|
252
|
+
# @return [String]
|
253
|
+
def addon_name
|
254
|
+
@data[:addon_name]
|
255
|
+
end
|
256
|
+
|
232
257
|
# @return [String]
|
233
258
|
def message
|
234
259
|
@message || @data[:message]
|
@@ -254,6 +279,11 @@ module Aws::EKS
|
|
254
279
|
@data[:nodegroup_name]
|
255
280
|
end
|
256
281
|
|
282
|
+
# @return [String]
|
283
|
+
def addon_name
|
284
|
+
@data[:addon_name]
|
285
|
+
end
|
286
|
+
|
257
287
|
# @return [String]
|
258
288
|
def message
|
259
289
|
@message || @data[:message]
|
data/lib/aws-sdk-eks/types.rb
CHANGED
@@ -10,6 +10,231 @@
|
|
10
10
|
module Aws::EKS
|
11
11
|
module Types
|
12
12
|
|
13
|
+
# An Amazon EKS add-on.
|
14
|
+
#
|
15
|
+
# @!attribute [rw] addon_name
|
16
|
+
# The name of the add-on.
|
17
|
+
# @return [String]
|
18
|
+
#
|
19
|
+
# @!attribute [rw] cluster_name
|
20
|
+
# The name of the cluster.
|
21
|
+
# @return [String]
|
22
|
+
#
|
23
|
+
# @!attribute [rw] status
|
24
|
+
# The status of the add-on.
|
25
|
+
# @return [String]
|
26
|
+
#
|
27
|
+
# @!attribute [rw] addon_version
|
28
|
+
# The version of the add-on.
|
29
|
+
# @return [String]
|
30
|
+
#
|
31
|
+
# @!attribute [rw] health
|
32
|
+
# An object that represents the health of the add-on.
|
33
|
+
# @return [Types::AddonHealth]
|
34
|
+
#
|
35
|
+
# @!attribute [rw] addon_arn
|
36
|
+
# The Amazon Resource Name (ARN) of the add-on.
|
37
|
+
# @return [String]
|
38
|
+
#
|
39
|
+
# @!attribute [rw] created_at
|
40
|
+
# The date and time that the add-on was created.
|
41
|
+
# @return [Time]
|
42
|
+
#
|
43
|
+
# @!attribute [rw] modified_at
|
44
|
+
# The date and time that the add-on was last modified.
|
45
|
+
# @return [Time]
|
46
|
+
#
|
47
|
+
# @!attribute [rw] service_account_role_arn
|
48
|
+
# The Amazon Resource Name (ARN) of the IAM role that is bound to the
|
49
|
+
# Kubernetes service account used by the add-on.
|
50
|
+
# @return [String]
|
51
|
+
#
|
52
|
+
# @!attribute [rw] tags
|
53
|
+
# The metadata that you apply to the cluster to assist with
|
54
|
+
# categorization and organization. Each tag consists of a key and an
|
55
|
+
# optional value, both of which you define. Cluster tags do not
|
56
|
+
# propagate to any other resources associated with the cluster.
|
57
|
+
# @return [Hash<String,String>]
|
58
|
+
#
|
59
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/Addon AWS API Documentation
|
60
|
+
#
|
61
|
+
class Addon < Struct.new(
|
62
|
+
:addon_name,
|
63
|
+
:cluster_name,
|
64
|
+
:status,
|
65
|
+
:addon_version,
|
66
|
+
:health,
|
67
|
+
:addon_arn,
|
68
|
+
:created_at,
|
69
|
+
:modified_at,
|
70
|
+
:service_account_role_arn,
|
71
|
+
:tags)
|
72
|
+
SENSITIVE = []
|
73
|
+
include Aws::Structure
|
74
|
+
end
|
75
|
+
|
76
|
+
# The health of the add-on.
|
77
|
+
#
|
78
|
+
# @!attribute [rw] issues
|
79
|
+
# An object that represents the add-on's health issues.
|
80
|
+
# @return [Array<Types::AddonIssue>]
|
81
|
+
#
|
82
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AddonHealth AWS API Documentation
|
83
|
+
#
|
84
|
+
class AddonHealth < Struct.new(
|
85
|
+
:issues)
|
86
|
+
SENSITIVE = []
|
87
|
+
include Aws::Structure
|
88
|
+
end
|
89
|
+
|
90
|
+
# Information about an add-on.
|
91
|
+
#
|
92
|
+
# @!attribute [rw] addon_name
|
93
|
+
# The name of the add-on.
|
94
|
+
# @return [String]
|
95
|
+
#
|
96
|
+
# @!attribute [rw] type
|
97
|
+
# The type of the add-on.
|
98
|
+
# @return [String]
|
99
|
+
#
|
100
|
+
# @!attribute [rw] addon_versions
|
101
|
+
# An object that represents information about available add-on
|
102
|
+
# versions and compatible Kubernetes versions.
|
103
|
+
# @return [Array<Types::AddonVersionInfo>]
|
104
|
+
#
|
105
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AddonInfo AWS API Documentation
|
106
|
+
#
|
107
|
+
class AddonInfo < Struct.new(
|
108
|
+
:addon_name,
|
109
|
+
:type,
|
110
|
+
:addon_versions)
|
111
|
+
SENSITIVE = []
|
112
|
+
include Aws::Structure
|
113
|
+
end
|
114
|
+
|
115
|
+
# An issue related to an add-on.
|
116
|
+
#
|
117
|
+
# @!attribute [rw] code
|
118
|
+
# A code that describes the type of issue.
|
119
|
+
# @return [String]
|
120
|
+
#
|
121
|
+
# @!attribute [rw] message
|
122
|
+
# A message that provides details about the issue and what might cause
|
123
|
+
# it.
|
124
|
+
# @return [String]
|
125
|
+
#
|
126
|
+
# @!attribute [rw] resource_ids
|
127
|
+
# The resource IDs of the issue.
|
128
|
+
# @return [Array<String>]
|
129
|
+
#
|
130
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AddonIssue AWS API Documentation
|
131
|
+
#
|
132
|
+
class AddonIssue < Struct.new(
|
133
|
+
:code,
|
134
|
+
:message,
|
135
|
+
:resource_ids)
|
136
|
+
SENSITIVE = []
|
137
|
+
include Aws::Structure
|
138
|
+
end
|
139
|
+
|
140
|
+
# Information about an add-on version.
|
141
|
+
#
|
142
|
+
# @!attribute [rw] addon_version
|
143
|
+
# The version of the add-on.
|
144
|
+
# @return [String]
|
145
|
+
#
|
146
|
+
# @!attribute [rw] architecture
|
147
|
+
# The architectures that the version supports.
|
148
|
+
# @return [Array<String>]
|
149
|
+
#
|
150
|
+
# @!attribute [rw] compatibilities
|
151
|
+
# An object that represents the compatibilities of a version.
|
152
|
+
# @return [Array<Types::Compatibility>]
|
153
|
+
#
|
154
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AddonVersionInfo AWS API Documentation
|
155
|
+
#
|
156
|
+
class AddonVersionInfo < Struct.new(
|
157
|
+
:addon_version,
|
158
|
+
:architecture,
|
159
|
+
:compatibilities)
|
160
|
+
SENSITIVE = []
|
161
|
+
include Aws::Structure
|
162
|
+
end
|
163
|
+
|
164
|
+
# @note When making an API call, you may pass AssociateIdentityProviderConfigRequest
|
165
|
+
# data as a hash:
|
166
|
+
#
|
167
|
+
# {
|
168
|
+
# cluster_name: "String", # required
|
169
|
+
# oidc: { # required
|
170
|
+
# identity_provider_config_name: "String", # required
|
171
|
+
# issuer_url: "String", # required
|
172
|
+
# client_id: "String", # required
|
173
|
+
# username_claim: "String",
|
174
|
+
# username_prefix: "String",
|
175
|
+
# groups_claim: "String",
|
176
|
+
# groups_prefix: "String",
|
177
|
+
# required_claims: {
|
178
|
+
# "requiredClaimsKey" => "requiredClaimsValue",
|
179
|
+
# },
|
180
|
+
# },
|
181
|
+
# tags: {
|
182
|
+
# "TagKey" => "TagValue",
|
183
|
+
# },
|
184
|
+
# client_request_token: "String",
|
185
|
+
# }
|
186
|
+
#
|
187
|
+
# @!attribute [rw] cluster_name
|
188
|
+
# The name of the cluster to associate the configuration to.
|
189
|
+
# @return [String]
|
190
|
+
#
|
191
|
+
# @!attribute [rw] oidc
|
192
|
+
# An object that represents an OpenID Connect (OIDC) identity provider
|
193
|
+
# configuration.
|
194
|
+
# @return [Types::OidcIdentityProviderConfigRequest]
|
195
|
+
#
|
196
|
+
# @!attribute [rw] tags
|
197
|
+
# The metadata to apply to the configuration to assist with
|
198
|
+
# categorization and organization. Each tag consists of a key and an
|
199
|
+
# optional value, both of which you define.
|
200
|
+
# @return [Hash<String,String>]
|
201
|
+
#
|
202
|
+
# @!attribute [rw] client_request_token
|
203
|
+
# Unique, case-sensitive identifier that you provide to ensure the
|
204
|
+
# idempotency of the request.
|
205
|
+
#
|
206
|
+
# **A suitable default value is auto-generated.** You should normally
|
207
|
+
# not need to pass this option.
|
208
|
+
# @return [String]
|
209
|
+
#
|
210
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AssociateIdentityProviderConfigRequest AWS API Documentation
|
211
|
+
#
|
212
|
+
class AssociateIdentityProviderConfigRequest < Struct.new(
|
213
|
+
:cluster_name,
|
214
|
+
:oidc,
|
215
|
+
:tags,
|
216
|
+
:client_request_token)
|
217
|
+
SENSITIVE = []
|
218
|
+
include Aws::Structure
|
219
|
+
end
|
220
|
+
|
221
|
+
# @!attribute [rw] update
|
222
|
+
# An object representing an asynchronous update.
|
223
|
+
# @return [Types::Update]
|
224
|
+
#
|
225
|
+
# @!attribute [rw] tags
|
226
|
+
# The tags for the resource.
|
227
|
+
# @return [Hash<String,String>]
|
228
|
+
#
|
229
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AssociateIdentityProviderConfigResponse AWS API Documentation
|
230
|
+
#
|
231
|
+
class AssociateIdentityProviderConfigResponse < Struct.new(
|
232
|
+
:update,
|
233
|
+
:tags)
|
234
|
+
SENSITIVE = []
|
235
|
+
include Aws::Structure
|
236
|
+
end
|
237
|
+
|
13
238
|
# An Auto Scaling group that is associated with an Amazon EKS managed
|
14
239
|
# node group.
|
15
240
|
#
|
@@ -71,6 +296,9 @@ module Aws::EKS
|
|
71
296
|
# The Amazon EKS managed node group associated with the exception.
|
72
297
|
# @return [String]
|
73
298
|
#
|
299
|
+
# @!attribute [rw] addon_name
|
300
|
+
# @return [String]
|
301
|
+
#
|
74
302
|
# @!attribute [rw] message
|
75
303
|
# @return [String]
|
76
304
|
#
|
@@ -79,6 +307,7 @@ module Aws::EKS
|
|
79
307
|
class ClientException < Struct.new(
|
80
308
|
:cluster_name,
|
81
309
|
:nodegroup_name,
|
310
|
+
:addon_name,
|
82
311
|
:message)
|
83
312
|
SENSITIVE = []
|
84
313
|
include Aws::Structure
|
@@ -127,7 +356,7 @@ module Aws::EKS
|
|
127
356
|
# @return [Types::VpcConfigResponse]
|
128
357
|
#
|
129
358
|
# @!attribute [rw] kubernetes_network_config
|
130
|
-
#
|
359
|
+
# The Kubernetes network configuration for the cluster.
|
131
360
|
# @return [Types::KubernetesNetworkConfigResponse]
|
132
361
|
#
|
133
362
|
# @!attribute [rw] logging
|
@@ -195,6 +424,133 @@ module Aws::EKS
|
|
195
424
|
include Aws::Structure
|
196
425
|
end
|
197
426
|
|
427
|
+
# Compatibility information.
|
428
|
+
#
|
429
|
+
# @!attribute [rw] cluster_version
|
430
|
+
# The supported Kubernetes version of the cluster.
|
431
|
+
# @return [String]
|
432
|
+
#
|
433
|
+
# @!attribute [rw] platform_versions
|
434
|
+
# The supported compute platform.
|
435
|
+
# @return [Array<String>]
|
436
|
+
#
|
437
|
+
# @!attribute [rw] default_version
|
438
|
+
# The supported default version.
|
439
|
+
# @return [Boolean]
|
440
|
+
#
|
441
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/Compatibility AWS API Documentation
|
442
|
+
#
|
443
|
+
class Compatibility < Struct.new(
|
444
|
+
:cluster_version,
|
445
|
+
:platform_versions,
|
446
|
+
:default_version)
|
447
|
+
SENSITIVE = []
|
448
|
+
include Aws::Structure
|
449
|
+
end
|
450
|
+
|
451
|
+
# @note When making an API call, you may pass CreateAddonRequest
|
452
|
+
# data as a hash:
|
453
|
+
#
|
454
|
+
# {
|
455
|
+
# cluster_name: "ClusterName", # required
|
456
|
+
# addon_name: "String", # required
|
457
|
+
# addon_version: "String",
|
458
|
+
# service_account_role_arn: "RoleArn",
|
459
|
+
# resolve_conflicts: "OVERWRITE", # accepts OVERWRITE, NONE
|
460
|
+
# client_request_token: "String",
|
461
|
+
# tags: {
|
462
|
+
# "TagKey" => "TagValue",
|
463
|
+
# },
|
464
|
+
# }
|
465
|
+
#
|
466
|
+
# @!attribute [rw] cluster_name
|
467
|
+
# The name of the cluster to create the add-on for.
|
468
|
+
# @return [String]
|
469
|
+
#
|
470
|
+
# @!attribute [rw] addon_name
|
471
|
+
# The name of the add-on. The name must match one of the names
|
472
|
+
# returned by [ `ListAddons` ][1].
|
473
|
+
#
|
474
|
+
#
|
475
|
+
#
|
476
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
|
477
|
+
# @return [String]
|
478
|
+
#
|
479
|
+
# @!attribute [rw] addon_version
|
480
|
+
# The version of the add-on. The version must match one of the
|
481
|
+
# versions returned by [ `DescribeAddonVersions` ][1].
|
482
|
+
#
|
483
|
+
#
|
484
|
+
#
|
485
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonVersions.html
|
486
|
+
# @return [String]
|
487
|
+
#
|
488
|
+
# @!attribute [rw] service_account_role_arn
|
489
|
+
# The Amazon Resource Name (ARN) of an existing IAM role to bind to
|
490
|
+
# the add-on's service account. The role must be assigned the IAM
|
491
|
+
# permissions required by the add-on. If you don't specify an
|
492
|
+
# existing IAM role, then the add-on uses the permissions assigned to
|
493
|
+
# the node IAM role. For more information, see [Amazon EKS node IAM
|
494
|
+
# role][1] in the *Amazon EKS User Guide*.
|
495
|
+
#
|
496
|
+
# <note markdown="1"> To specify an existing IAM role, you must have an IAM OpenID Connect
|
497
|
+
# (OIDC) provider created for your cluster. For more information, see
|
498
|
+
# [Enabling IAM roles for service accounts on your cluster][2] in the
|
499
|
+
# *Amazon EKS User Guide*.
|
500
|
+
#
|
501
|
+
# </note>
|
502
|
+
#
|
503
|
+
#
|
504
|
+
#
|
505
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html
|
506
|
+
# [2]: https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html
|
507
|
+
# @return [String]
|
508
|
+
#
|
509
|
+
# @!attribute [rw] resolve_conflicts
|
510
|
+
# How to resolve parameter value conflicts when migrating an existing
|
511
|
+
# add-on to an Amazon EKS add-on.
|
512
|
+
# @return [String]
|
513
|
+
#
|
514
|
+
# @!attribute [rw] client_request_token
|
515
|
+
# A unique, case-sensitive identifier that you provide to ensure the
|
516
|
+
# idempotency of the request.
|
517
|
+
#
|
518
|
+
# **A suitable default value is auto-generated.** You should normally
|
519
|
+
# not need to pass this option.
|
520
|
+
# @return [String]
|
521
|
+
#
|
522
|
+
# @!attribute [rw] tags
|
523
|
+
# The metadata to apply to the cluster to assist with categorization
|
524
|
+
# and organization. Each tag consists of a key and an optional value,
|
525
|
+
# both of which you define.
|
526
|
+
# @return [Hash<String,String>]
|
527
|
+
#
|
528
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/CreateAddonRequest AWS API Documentation
|
529
|
+
#
|
530
|
+
class CreateAddonRequest < Struct.new(
|
531
|
+
:cluster_name,
|
532
|
+
:addon_name,
|
533
|
+
:addon_version,
|
534
|
+
:service_account_role_arn,
|
535
|
+
:resolve_conflicts,
|
536
|
+
:client_request_token,
|
537
|
+
:tags)
|
538
|
+
SENSITIVE = []
|
539
|
+
include Aws::Structure
|
540
|
+
end
|
541
|
+
|
542
|
+
# @!attribute [rw] addon
|
543
|
+
# An Amazon EKS add-on.
|
544
|
+
# @return [Types::Addon]
|
545
|
+
#
|
546
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/CreateAddonResponse AWS API Documentation
|
547
|
+
#
|
548
|
+
class CreateAddonResponse < Struct.new(
|
549
|
+
:addon)
|
550
|
+
SENSITIVE = []
|
551
|
+
include Aws::Structure
|
552
|
+
end
|
553
|
+
|
198
554
|
# @note When making an API call, you may pass CreateClusterRequest
|
199
555
|
# data as a hash:
|
200
556
|
#
|
@@ -470,6 +826,7 @@ module Aws::EKS
|
|
470
826
|
# version: "String",
|
471
827
|
# id: "String",
|
472
828
|
# },
|
829
|
+
# capacity_type: "ON_DEMAND", # accepts ON_DEMAND, SPOT
|
473
830
|
# version: "String",
|
474
831
|
# release_version: "String",
|
475
832
|
# }
|
@@ -516,25 +873,31 @@ module Aws::EKS
|
|
516
873
|
# @return [Array<String>]
|
517
874
|
#
|
518
875
|
# @!attribute [rw] instance_types
|
519
|
-
#
|
520
|
-
#
|
521
|
-
# `
|
522
|
-
#
|
523
|
-
#
|
524
|
-
#
|
525
|
-
#
|
526
|
-
#
|
527
|
-
#
|
528
|
-
#
|
529
|
-
#
|
530
|
-
# [1]
|
876
|
+
# Specify the instance types for a node group. If you specify a GPU
|
877
|
+
# instance type, be sure to specify `AL2_x86_64_GPU` with the
|
878
|
+
# `amiType` parameter. If you specify `launchTemplate`, then you can
|
879
|
+
# specify zero or one instance type in your launch template *or* you
|
880
|
+
# can specify 0-20 instance types for `instanceTypes`. If however, you
|
881
|
+
# specify an instance type in your launch template *and* specify any
|
882
|
+
# `instanceTypes`, the node group deployment will fail. If you don't
|
883
|
+
# specify an instance type in a launch template or for
|
884
|
+
# `instanceTypes`, then `t3.medium` is used, by default. If you
|
885
|
+
# specify `Spot` for `capacityType`, then we recommend specifying
|
886
|
+
# multiple values for `instanceTypes`. For more information, see
|
887
|
+
# [Managed node group capacity types][1] and [Launch template
|
888
|
+
# support][2] in the *Amazon EKS User Guide*.
|
889
|
+
#
|
890
|
+
#
|
891
|
+
#
|
892
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types
|
893
|
+
# [2]: https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html
|
531
894
|
# @return [Array<String>]
|
532
895
|
#
|
533
896
|
# @!attribute [rw] ami_type
|
534
897
|
# The AMI type for your node group. GPU instance types should use the
|
535
898
|
# `AL2_x86_64_GPU` AMI type. Non-GPU instances should use the
|
536
899
|
# `AL2_x86_64` AMI type. Arm instances should use the `AL2_ARM_64` AMI
|
537
|
-
# type. All types use the Amazon EKS
|
900
|
+
# type. All types use the Amazon EKS optimized Amazon Linux 2 AMI. If
|
538
901
|
# you specify `launchTemplate`, and your launch template uses a custom
|
539
902
|
# AMI, then don't specify `amiType`, or the node group deployment
|
540
903
|
# will fail. For more information about using launch templates with
|
@@ -561,17 +924,16 @@ module Aws::EKS
|
|
561
924
|
# @!attribute [rw] node_role
|
562
925
|
# The Amazon Resource Name (ARN) of the IAM role to associate with
|
563
926
|
# your node group. The Amazon EKS worker node `kubelet` daemon makes
|
564
|
-
# calls to AWS APIs on your behalf.
|
565
|
-
#
|
566
|
-
# policies. Before you can launch
|
567
|
-
#
|
568
|
-
#
|
569
|
-
#
|
570
|
-
#
|
571
|
-
#
|
572
|
-
#
|
573
|
-
#
|
574
|
-
# Amazon EKS User Guide.
|
927
|
+
# calls to AWS APIs on your behalf. Nodes receive permissions for
|
928
|
+
# these API calls through an IAM instance profile and associated
|
929
|
+
# policies. Before you can launch nodes and register them into a
|
930
|
+
# cluster, you must create an IAM role for those nodes to use when
|
931
|
+
# they are launched. For more information, see [Amazon EKS node IAM
|
932
|
+
# role][1] in the <i> <i>Amazon EKS User Guide</i> </i>. If you
|
933
|
+
# specify `launchTemplate`, then don't specify [ `IamInstanceProfile`
|
934
|
+
# ][2] in your launch template, or the node group deployment will
|
935
|
+
# fail. For more information about using launch templates with Amazon
|
936
|
+
# EKS, see [Launch template support][3] in the Amazon EKS User Guide.
|
575
937
|
#
|
576
938
|
#
|
577
939
|
#
|
@@ -608,6 +970,10 @@ module Aws::EKS
|
|
608
970
|
# meets the requirements in `launchTemplateSpecification`.
|
609
971
|
# @return [Types::LaunchTemplateSpecification]
|
610
972
|
#
|
973
|
+
# @!attribute [rw] capacity_type
|
974
|
+
# The capacity type for your node group.
|
975
|
+
# @return [String]
|
976
|
+
#
|
611
977
|
# @!attribute [rw] version
|
612
978
|
# The Kubernetes version to use for your managed nodes. By default,
|
613
979
|
# the Kubernetes version of the cluster is used, and this is the only
|
@@ -623,15 +989,15 @@ module Aws::EKS
|
|
623
989
|
# @return [String]
|
624
990
|
#
|
625
991
|
# @!attribute [rw] release_version
|
626
|
-
# The AMI version of the Amazon EKS
|
992
|
+
# The AMI version of the Amazon EKS optimized AMI to use with your
|
627
993
|
# node group. By default, the latest available AMI version for the
|
628
994
|
# node group's current Kubernetes version is used. For more
|
629
|
-
# information, see [Amazon EKS
|
630
|
-
# *Amazon EKS User Guide*. If you specify
|
631
|
-
# launch template uses a custom AMI, then
|
632
|
-
# `releaseVersion`, or the node group deployment will
|
633
|
-
# information about using launch templates with Amazon
|
634
|
-
# [Launch template support][2] in the Amazon EKS User Guide.
|
995
|
+
# information, see [Amazon EKS optimized Amazon Linux 2 AMI
|
996
|
+
# versions][1] in the *Amazon EKS User Guide*. If you specify
|
997
|
+
# `launchTemplate`, and your launch template uses a custom AMI, then
|
998
|
+
# don't specify `releaseVersion`, or the node group deployment will
|
999
|
+
# fail. For more information about using launch templates with Amazon
|
1000
|
+
# EKS, see [Launch template support][2] in the Amazon EKS User Guide.
|
635
1001
|
#
|
636
1002
|
#
|
637
1003
|
#
|
@@ -655,6 +1021,7 @@ module Aws::EKS
|
|
655
1021
|
:tags,
|
656
1022
|
:client_request_token,
|
657
1023
|
:launch_template,
|
1024
|
+
:capacity_type,
|
658
1025
|
:version,
|
659
1026
|
:release_version)
|
660
1027
|
SENSITIVE = []
|
@@ -673,6 +1040,48 @@ module Aws::EKS
|
|
673
1040
|
include Aws::Structure
|
674
1041
|
end
|
675
1042
|
|
1043
|
+
# @note When making an API call, you may pass DeleteAddonRequest
|
1044
|
+
# data as a hash:
|
1045
|
+
#
|
1046
|
+
# {
|
1047
|
+
# cluster_name: "ClusterName", # required
|
1048
|
+
# addon_name: "String", # required
|
1049
|
+
# }
|
1050
|
+
#
|
1051
|
+
# @!attribute [rw] cluster_name
|
1052
|
+
# The name of the cluster to delete the add-on from.
|
1053
|
+
# @return [String]
|
1054
|
+
#
|
1055
|
+
# @!attribute [rw] addon_name
|
1056
|
+
# The name of the add-on. The name must match one of the names
|
1057
|
+
# returned by [ `ListAddons` ][1].
|
1058
|
+
#
|
1059
|
+
#
|
1060
|
+
#
|
1061
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
|
1062
|
+
# @return [String]
|
1063
|
+
#
|
1064
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DeleteAddonRequest AWS API Documentation
|
1065
|
+
#
|
1066
|
+
class DeleteAddonRequest < Struct.new(
|
1067
|
+
:cluster_name,
|
1068
|
+
:addon_name)
|
1069
|
+
SENSITIVE = []
|
1070
|
+
include Aws::Structure
|
1071
|
+
end
|
1072
|
+
|
1073
|
+
# @!attribute [rw] addon
|
1074
|
+
# An Amazon EKS add-on.
|
1075
|
+
# @return [Types::Addon]
|
1076
|
+
#
|
1077
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DeleteAddonResponse AWS API Documentation
|
1078
|
+
#
|
1079
|
+
class DeleteAddonResponse < Struct.new(
|
1080
|
+
:addon)
|
1081
|
+
SENSITIVE = []
|
1082
|
+
include Aws::Structure
|
1083
|
+
end
|
1084
|
+
|
676
1085
|
# @note When making an API call, you may pass DeleteClusterRequest
|
677
1086
|
# data as a hash:
|
678
1087
|
#
|
@@ -780,6 +1189,128 @@ module Aws::EKS
|
|
780
1189
|
include Aws::Structure
|
781
1190
|
end
|
782
1191
|
|
1192
|
+
# @note When making an API call, you may pass DescribeAddonRequest
|
1193
|
+
# data as a hash:
|
1194
|
+
#
|
1195
|
+
# {
|
1196
|
+
# cluster_name: "ClusterName", # required
|
1197
|
+
# addon_name: "String", # required
|
1198
|
+
# }
|
1199
|
+
#
|
1200
|
+
# @!attribute [rw] cluster_name
|
1201
|
+
# The name of the cluster.
|
1202
|
+
# @return [String]
|
1203
|
+
#
|
1204
|
+
# @!attribute [rw] addon_name
|
1205
|
+
# The name of the add-on. The name must match one of the names
|
1206
|
+
# returned by [ `ListAddons` ][1].
|
1207
|
+
#
|
1208
|
+
#
|
1209
|
+
#
|
1210
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
|
1211
|
+
# @return [String]
|
1212
|
+
#
|
1213
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeAddonRequest AWS API Documentation
|
1214
|
+
#
|
1215
|
+
class DescribeAddonRequest < Struct.new(
|
1216
|
+
:cluster_name,
|
1217
|
+
:addon_name)
|
1218
|
+
SENSITIVE = []
|
1219
|
+
include Aws::Structure
|
1220
|
+
end
|
1221
|
+
|
1222
|
+
# @!attribute [rw] addon
|
1223
|
+
# An Amazon EKS add-on.
|
1224
|
+
# @return [Types::Addon]
|
1225
|
+
#
|
1226
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeAddonResponse AWS API Documentation
|
1227
|
+
#
|
1228
|
+
class DescribeAddonResponse < Struct.new(
|
1229
|
+
:addon)
|
1230
|
+
SENSITIVE = []
|
1231
|
+
include Aws::Structure
|
1232
|
+
end
|
1233
|
+
|
1234
|
+
# @note When making an API call, you may pass DescribeAddonVersionsRequest
|
1235
|
+
# data as a hash:
|
1236
|
+
#
|
1237
|
+
# {
|
1238
|
+
# kubernetes_version: "String",
|
1239
|
+
# max_results: 1,
|
1240
|
+
# next_token: "String",
|
1241
|
+
# addon_name: "String",
|
1242
|
+
# }
|
1243
|
+
#
|
1244
|
+
# @!attribute [rw] kubernetes_version
|
1245
|
+
# The Kubernetes versions that the add-on can be used with.
|
1246
|
+
# @return [String]
|
1247
|
+
#
|
1248
|
+
# @!attribute [rw] max_results
|
1249
|
+
# The maximum number of results to return.
|
1250
|
+
# @return [Integer]
|
1251
|
+
#
|
1252
|
+
# @!attribute [rw] next_token
|
1253
|
+
# The `nextToken` value returned from a previous paginated
|
1254
|
+
# `DescribeAddonVersionsRequest` where `maxResults` was used and the
|
1255
|
+
# results exceeded the value of that parameter. Pagination continues
|
1256
|
+
# from the end of the previous results that returned the `nextToken`
|
1257
|
+
# value.
|
1258
|
+
#
|
1259
|
+
# <note markdown="1"> This token should be treated as an opaque identifier that is used
|
1260
|
+
# only to retrieve the next items in a list and not for other
|
1261
|
+
# programmatic purposes.
|
1262
|
+
#
|
1263
|
+
# </note>
|
1264
|
+
# @return [String]
|
1265
|
+
#
|
1266
|
+
# @!attribute [rw] addon_name
|
1267
|
+
# The name of the add-on. The name must match one of the names
|
1268
|
+
# returned by [ `ListAddons` ][1].
|
1269
|
+
#
|
1270
|
+
#
|
1271
|
+
#
|
1272
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
|
1273
|
+
# @return [String]
|
1274
|
+
#
|
1275
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeAddonVersionsRequest AWS API Documentation
|
1276
|
+
#
|
1277
|
+
class DescribeAddonVersionsRequest < Struct.new(
|
1278
|
+
:kubernetes_version,
|
1279
|
+
:max_results,
|
1280
|
+
:next_token,
|
1281
|
+
:addon_name)
|
1282
|
+
SENSITIVE = []
|
1283
|
+
include Aws::Structure
|
1284
|
+
end
|
1285
|
+
|
1286
|
+
# @!attribute [rw] addons
|
1287
|
+
# The list of available versions with Kubernetes version
|
1288
|
+
# compatibility.
|
1289
|
+
# @return [Array<Types::AddonInfo>]
|
1290
|
+
#
|
1291
|
+
# @!attribute [rw] next_token
|
1292
|
+
# The `nextToken` value returned from a previous paginated
|
1293
|
+
# `DescribeAddonVersionsResponse` where `maxResults` was used and the
|
1294
|
+
# results exceeded the value of that parameter. Pagination continues
|
1295
|
+
# from the end of the previous results that returned the `nextToken`
|
1296
|
+
# value.
|
1297
|
+
#
|
1298
|
+
# <note markdown="1"> This token should be treated as an opaque identifier that is used
|
1299
|
+
# only to retrieve the next items in a list and not for other
|
1300
|
+
# programmatic purposes.
|
1301
|
+
#
|
1302
|
+
# </note>
|
1303
|
+
# @return [String]
|
1304
|
+
#
|
1305
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeAddonVersionsResponse AWS API Documentation
|
1306
|
+
#
|
1307
|
+
class DescribeAddonVersionsResponse < Struct.new(
|
1308
|
+
:addons,
|
1309
|
+
:next_token)
|
1310
|
+
SENSITIVE = []
|
1311
|
+
include Aws::Structure
|
1312
|
+
end
|
1313
|
+
|
783
1314
|
# @note When making an API call, you may pass DescribeClusterRequest
|
784
1315
|
# data as a hash:
|
785
1316
|
#
|
@@ -849,6 +1380,48 @@ module Aws::EKS
|
|
849
1380
|
include Aws::Structure
|
850
1381
|
end
|
851
1382
|
|
1383
|
+
# @note When making an API call, you may pass DescribeIdentityProviderConfigRequest
|
1384
|
+
# data as a hash:
|
1385
|
+
#
|
1386
|
+
# {
|
1387
|
+
# cluster_name: "String", # required
|
1388
|
+
# identity_provider_config: { # required
|
1389
|
+
# type: "String", # required
|
1390
|
+
# name: "String", # required
|
1391
|
+
# },
|
1392
|
+
# }
|
1393
|
+
#
|
1394
|
+
# @!attribute [rw] cluster_name
|
1395
|
+
# The cluster name that the identity provider configuration is
|
1396
|
+
# associated to.
|
1397
|
+
# @return [String]
|
1398
|
+
#
|
1399
|
+
# @!attribute [rw] identity_provider_config
|
1400
|
+
# An object that represents an identity provider configuration.
|
1401
|
+
# @return [Types::IdentityProviderConfig]
|
1402
|
+
#
|
1403
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeIdentityProviderConfigRequest AWS API Documentation
|
1404
|
+
#
|
1405
|
+
class DescribeIdentityProviderConfigRequest < Struct.new(
|
1406
|
+
:cluster_name,
|
1407
|
+
:identity_provider_config)
|
1408
|
+
SENSITIVE = []
|
1409
|
+
include Aws::Structure
|
1410
|
+
end
|
1411
|
+
|
1412
|
+
# @!attribute [rw] identity_provider_config
|
1413
|
+
# The object that represents an OpenID Connect (OIDC) identity
|
1414
|
+
# provider configuration.
|
1415
|
+
# @return [Types::IdentityProviderConfigResponse]
|
1416
|
+
#
|
1417
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeIdentityProviderConfigResponse AWS API Documentation
|
1418
|
+
#
|
1419
|
+
class DescribeIdentityProviderConfigResponse < Struct.new(
|
1420
|
+
:identity_provider_config)
|
1421
|
+
SENSITIVE = []
|
1422
|
+
include Aws::Structure
|
1423
|
+
end
|
1424
|
+
|
852
1425
|
# @note When making an API call, you may pass DescribeNodegroupRequest
|
853
1426
|
# data as a hash:
|
854
1427
|
#
|
@@ -893,6 +1466,7 @@ module Aws::EKS
|
|
893
1466
|
# name: "String", # required
|
894
1467
|
# update_id: "String", # required
|
895
1468
|
# nodegroup_name: "String",
|
1469
|
+
# addon_name: "String",
|
896
1470
|
# }
|
897
1471
|
#
|
898
1472
|
# @!attribute [rw] name
|
@@ -907,12 +1481,22 @@ module Aws::EKS
|
|
907
1481
|
# The name of the Amazon EKS node group associated with the update.
|
908
1482
|
# @return [String]
|
909
1483
|
#
|
1484
|
+
# @!attribute [rw] addon_name
|
1485
|
+
# The name of the add-on. The name must match one of the names
|
1486
|
+
# returned by [ `ListAddons` ][1].
|
1487
|
+
#
|
1488
|
+
#
|
1489
|
+
#
|
1490
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
|
1491
|
+
# @return [String]
|
1492
|
+
#
|
910
1493
|
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeUpdateRequest AWS API Documentation
|
911
1494
|
#
|
912
1495
|
class DescribeUpdateRequest < Struct.new(
|
913
1496
|
:name,
|
914
1497
|
:update_id,
|
915
|
-
:nodegroup_name
|
1498
|
+
:nodegroup_name,
|
1499
|
+
:addon_name)
|
916
1500
|
SENSITIVE = []
|
917
1501
|
include Aws::Structure
|
918
1502
|
end
|
@@ -929,6 +1513,56 @@ module Aws::EKS
|
|
929
1513
|
include Aws::Structure
|
930
1514
|
end
|
931
1515
|
|
1516
|
+
# @note When making an API call, you may pass DisassociateIdentityProviderConfigRequest
|
1517
|
+
# data as a hash:
|
1518
|
+
#
|
1519
|
+
# {
|
1520
|
+
# cluster_name: "String", # required
|
1521
|
+
# identity_provider_config: { # required
|
1522
|
+
# type: "String", # required
|
1523
|
+
# name: "String", # required
|
1524
|
+
# },
|
1525
|
+
# client_request_token: "String",
|
1526
|
+
# }
|
1527
|
+
#
|
1528
|
+
# @!attribute [rw] cluster_name
|
1529
|
+
# The name of the cluster to disassociate an identity provider from.
|
1530
|
+
# @return [String]
|
1531
|
+
#
|
1532
|
+
# @!attribute [rw] identity_provider_config
|
1533
|
+
# An object that represents an identity provider configuration.
|
1534
|
+
# @return [Types::IdentityProviderConfig]
|
1535
|
+
#
|
1536
|
+
# @!attribute [rw] client_request_token
|
1537
|
+
# A unique, case-sensitive identifier that you provide to ensure the
|
1538
|
+
# idempotency of the request.
|
1539
|
+
#
|
1540
|
+
# **A suitable default value is auto-generated.** You should normally
|
1541
|
+
# not need to pass this option.
|
1542
|
+
# @return [String]
|
1543
|
+
#
|
1544
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DisassociateIdentityProviderConfigRequest AWS API Documentation
|
1545
|
+
#
|
1546
|
+
class DisassociateIdentityProviderConfigRequest < Struct.new(
|
1547
|
+
:cluster_name,
|
1548
|
+
:identity_provider_config,
|
1549
|
+
:client_request_token)
|
1550
|
+
SENSITIVE = []
|
1551
|
+
include Aws::Structure
|
1552
|
+
end
|
1553
|
+
|
1554
|
+
# @!attribute [rw] update
|
1555
|
+
# An object representing an asynchronous update.
|
1556
|
+
# @return [Types::Update]
|
1557
|
+
#
|
1558
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DisassociateIdentityProviderConfigResponse AWS API Documentation
|
1559
|
+
#
|
1560
|
+
class DisassociateIdentityProviderConfigResponse < Struct.new(
|
1561
|
+
:update)
|
1562
|
+
SENSITIVE = []
|
1563
|
+
include Aws::Structure
|
1564
|
+
end
|
1565
|
+
|
932
1566
|
# The encryption configuration for the cluster.
|
933
1567
|
#
|
934
1568
|
# @note When making an API call, you may pass EncryptionConfig
|
@@ -1105,12 +1739,11 @@ module Aws::EKS
|
|
1105
1739
|
include Aws::Structure
|
1106
1740
|
end
|
1107
1741
|
|
1108
|
-
# An object representing an identity provider
|
1109
|
-
# credentials.
|
1742
|
+
# An object representing an identity provider.
|
1110
1743
|
#
|
1111
1744
|
# @!attribute [rw] oidc
|
1112
|
-
#
|
1113
|
-
#
|
1745
|
+
# An object representing the [OpenID Connect][1] identity provider
|
1746
|
+
# information.
|
1114
1747
|
#
|
1115
1748
|
#
|
1116
1749
|
#
|
@@ -1125,6 +1758,48 @@ module Aws::EKS
|
|
1125
1758
|
include Aws::Structure
|
1126
1759
|
end
|
1127
1760
|
|
1761
|
+
# An object representing an identity provider configuration.
|
1762
|
+
#
|
1763
|
+
# @note When making an API call, you may pass IdentityProviderConfig
|
1764
|
+
# data as a hash:
|
1765
|
+
#
|
1766
|
+
# {
|
1767
|
+
# type: "String", # required
|
1768
|
+
# name: "String", # required
|
1769
|
+
# }
|
1770
|
+
#
|
1771
|
+
# @!attribute [rw] type
|
1772
|
+
# The type of the identity provider configuration.
|
1773
|
+
# @return [String]
|
1774
|
+
#
|
1775
|
+
# @!attribute [rw] name
|
1776
|
+
# The name of the identity provider configuration.
|
1777
|
+
# @return [String]
|
1778
|
+
#
|
1779
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/IdentityProviderConfig AWS API Documentation
|
1780
|
+
#
|
1781
|
+
class IdentityProviderConfig < Struct.new(
|
1782
|
+
:type,
|
1783
|
+
:name)
|
1784
|
+
SENSITIVE = []
|
1785
|
+
include Aws::Structure
|
1786
|
+
end
|
1787
|
+
|
1788
|
+
# An object that represents an identity configuration.
|
1789
|
+
#
|
1790
|
+
# @!attribute [rw] oidc
|
1791
|
+
# An object that represents an OpenID Connect (OIDC) identity provider
|
1792
|
+
# configuration.
|
1793
|
+
# @return [Types::OidcIdentityProviderConfig]
|
1794
|
+
#
|
1795
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/IdentityProviderConfigResponse AWS API Documentation
|
1796
|
+
#
|
1797
|
+
class IdentityProviderConfigResponse < Struct.new(
|
1798
|
+
:oidc)
|
1799
|
+
SENSITIVE = []
|
1800
|
+
include Aws::Structure
|
1801
|
+
end
|
1802
|
+
|
1128
1803
|
# The specified parameter is invalid. Review the available parameters
|
1129
1804
|
# for the API request.
|
1130
1805
|
#
|
@@ -1140,6 +1815,9 @@ module Aws::EKS
|
|
1140
1815
|
# The Fargate profile associated with the exception.
|
1141
1816
|
# @return [String]
|
1142
1817
|
#
|
1818
|
+
# @!attribute [rw] addon_name
|
1819
|
+
# @return [String]
|
1820
|
+
#
|
1143
1821
|
# @!attribute [rw] message
|
1144
1822
|
# @return [String]
|
1145
1823
|
#
|
@@ -1149,6 +1827,7 @@ module Aws::EKS
|
|
1149
1827
|
:cluster_name,
|
1150
1828
|
:nodegroup_name,
|
1151
1829
|
:fargate_profile_name,
|
1830
|
+
:addon_name,
|
1152
1831
|
:message)
|
1153
1832
|
SENSITIVE = []
|
1154
1833
|
include Aws::Structure
|
@@ -1165,6 +1844,9 @@ module Aws::EKS
|
|
1165
1844
|
# The Amazon EKS managed node group associated with the exception.
|
1166
1845
|
# @return [String]
|
1167
1846
|
#
|
1847
|
+
# @!attribute [rw] addon_name
|
1848
|
+
# @return [String]
|
1849
|
+
#
|
1168
1850
|
# @!attribute [rw] message
|
1169
1851
|
# @return [String]
|
1170
1852
|
#
|
@@ -1173,6 +1855,7 @@ module Aws::EKS
|
|
1173
1855
|
class InvalidRequestException < Struct.new(
|
1174
1856
|
:cluster_name,
|
1175
1857
|
:nodegroup_name,
|
1858
|
+
:addon_name,
|
1176
1859
|
:message)
|
1177
1860
|
SENSITIVE = []
|
1178
1861
|
include Aws::Structure
|
@@ -1183,16 +1866,21 @@ module Aws::EKS
|
|
1183
1866
|
# @!attribute [rw] code
|
1184
1867
|
# A brief description of the error.
|
1185
1868
|
#
|
1869
|
+
# * **AccessDenied**\: Amazon EKS or one or more of your managed nodes
|
1870
|
+
# is failing to authenticate or authorize with your Kubernetes
|
1871
|
+
# cluster API server.
|
1872
|
+
#
|
1873
|
+
# * **AsgInstanceLaunchFailures**\: Your Auto Scaling group is
|
1874
|
+
# experiencing failures while attempting to launch instances.
|
1875
|
+
#
|
1186
1876
|
# * **AutoScalingGroupNotFound**\: We couldn't find the Auto Scaling
|
1187
1877
|
# group associated with the managed node group. You may be able to
|
1188
1878
|
# recreate an Auto Scaling group with the same settings to recover.
|
1189
1879
|
#
|
1190
|
-
# * **
|
1191
|
-
#
|
1192
|
-
#
|
1193
|
-
#
|
1194
|
-
# remote access security group for your managed node group. Remove
|
1195
|
-
# any dependencies from the security group.
|
1880
|
+
# * **ClusterUnreachable**\: Amazon EKS or one or more of your managed
|
1881
|
+
# nodes is unable to to communicate with your Kubernetes cluster API
|
1882
|
+
# server. This can happen if there are network disruptions or if API
|
1883
|
+
# servers are timing out processing requests.
|
1196
1884
|
#
|
1197
1885
|
# * **Ec2LaunchTemplateNotFound**\: We couldn't find the Amazon EC2
|
1198
1886
|
# launch template for your managed node group. You may be able to
|
@@ -1203,6 +1891,13 @@ module Aws::EKS
|
|
1203
1891
|
# version that Amazon EKS created. You may be able to revert to the
|
1204
1892
|
# version that Amazon EKS created to recover.
|
1205
1893
|
#
|
1894
|
+
# * **Ec2SecurityGroupDeletionFailure**\: We could not delete the
|
1895
|
+
# remote access security group for your managed node group. Remove
|
1896
|
+
# any dependencies from the security group.
|
1897
|
+
#
|
1898
|
+
# * **Ec2SecurityGroupNotFound**\: We couldn't find the cluster
|
1899
|
+
# security group for the cluster. You must recreate your cluster.
|
1900
|
+
#
|
1206
1901
|
# * **Ec2SubnetInvalidConfiguration**\: One or more Amazon EC2 subnets
|
1207
1902
|
# specified for a node group do not automatically assign public IP
|
1208
1903
|
# addresses to instances launched into it. If you want your
|
@@ -1219,28 +1914,22 @@ module Aws::EKS
|
|
1219
1914
|
# managed node group. You may be able to recreate an IAM role with
|
1220
1915
|
# the same settings to recover.
|
1221
1916
|
#
|
1222
|
-
# * **AsgInstanceLaunchFailures**\: Your Auto Scaling group is
|
1223
|
-
# experiencing failures while attempting to launch instances.
|
1224
|
-
#
|
1225
|
-
# * **NodeCreationFailure**\: Your launched instances are unable to
|
1226
|
-
# register with your Amazon EKS cluster. Common causes of this
|
1227
|
-
# failure are insufficient [worker node IAM role][2] permissions or
|
1228
|
-
# lack of outbound internet access for the nodes.
|
1229
|
-
#
|
1230
1917
|
# * **InstanceLimitExceeded**\: Your AWS account is unable to launch
|
1231
1918
|
# any more instances of the specified instance type. You may be able
|
1232
1919
|
# to request an Amazon EC2 instance limit increase to recover.
|
1233
1920
|
#
|
1234
1921
|
# * **InsufficientFreeAddresses**\: One or more of the subnets
|
1235
1922
|
# associated with your managed node group does not have enough
|
1236
|
-
# available IP addresses for new nodes.
|
1237
|
-
#
|
1238
|
-
# * **AccessDenied**\: Amazon EKS or one or more of your managed nodes
|
1239
|
-
# is unable to communicate with your cluster API server.
|
1923
|
+
# available IP addresses for new nodes.
|
1240
1924
|
#
|
1241
1925
|
# * **InternalFailure**\: These errors are usually caused by an Amazon
|
1242
1926
|
# EKS server-side issue.
|
1243
1927
|
#
|
1928
|
+
# * **NodeCreationFailure**\: Your launched instances are unable to
|
1929
|
+
# register with your Amazon EKS cluster. Common causes of this
|
1930
|
+
# failure are insufficient [node IAM role][2] permissions or lack of
|
1931
|
+
# outbound internet access for the nodes.
|
1932
|
+
#
|
1244
1933
|
#
|
1245
1934
|
#
|
1246
1935
|
# [1]: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html#subnet-public-ip
|
@@ -1306,10 +1995,11 @@ module Aws::EKS
|
|
1306
1995
|
#
|
1307
1996
|
# @!attribute [rw] service_ipv_4_cidr
|
1308
1997
|
# The CIDR block that Kubernetes service IP addresses are assigned
|
1309
|
-
# from. If you didn't specify a CIDR block
|
1310
|
-
# addresses from either the
|
1311
|
-
# blocks. If this was specified,
|
1312
|
-
# cluster was created and it cannot be
|
1998
|
+
# from. If you didn't specify a CIDR block when you created the
|
1999
|
+
# cluster, then Kubernetes assigns addresses from either the
|
2000
|
+
# 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. If this was specified,
|
2001
|
+
# then it was specified when the cluster was created and it cannot be
|
2002
|
+
# changed.
|
1313
2003
|
# @return [String]
|
1314
2004
|
#
|
1315
2005
|
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/KubernetesNetworkConfigResponse AWS API Documentation
|
@@ -1374,6 +2064,80 @@ module Aws::EKS
|
|
1374
2064
|
include Aws::Structure
|
1375
2065
|
end
|
1376
2066
|
|
2067
|
+
# @note When making an API call, you may pass ListAddonsRequest
|
2068
|
+
# data as a hash:
|
2069
|
+
#
|
2070
|
+
# {
|
2071
|
+
# cluster_name: "ClusterName", # required
|
2072
|
+
# max_results: 1,
|
2073
|
+
# next_token: "String",
|
2074
|
+
# }
|
2075
|
+
#
|
2076
|
+
# @!attribute [rw] cluster_name
|
2077
|
+
# The name of the cluster.
|
2078
|
+
# @return [String]
|
2079
|
+
#
|
2080
|
+
# @!attribute [rw] max_results
|
2081
|
+
# The maximum number of add-on results returned by `ListAddonsRequest`
|
2082
|
+
# in paginated output. When you use this parameter,
|
2083
|
+
# `ListAddonsRequest` returns only `maxResults` results in a single
|
2084
|
+
# page along with a `nextToken` response element. You can see the
|
2085
|
+
# remaining results of the initial request by sending another
|
2086
|
+
# `ListAddonsRequest` request with the returned `nextToken` value.
|
2087
|
+
# This value can be between 1 and 100. If you don't use this
|
2088
|
+
# parameter, `ListAddonsRequest` returns up to 100 results and a
|
2089
|
+
# `nextToken` value, if applicable.
|
2090
|
+
# @return [Integer]
|
2091
|
+
#
|
2092
|
+
# @!attribute [rw] next_token
|
2093
|
+
# The `nextToken` value returned from a previous paginated
|
2094
|
+
# `ListAddonsRequest` where `maxResults` was used and the results
|
2095
|
+
# exceeded the value of that parameter. Pagination continues from the
|
2096
|
+
# end of the previous results that returned the `nextToken` value.
|
2097
|
+
#
|
2098
|
+
# <note markdown="1"> This token should be treated as an opaque identifier that is used
|
2099
|
+
# only to retrieve the next items in a list and not for other
|
2100
|
+
# programmatic purposes.
|
2101
|
+
#
|
2102
|
+
# </note>
|
2103
|
+
# @return [String]
|
2104
|
+
#
|
2105
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/ListAddonsRequest AWS API Documentation
|
2106
|
+
#
|
2107
|
+
class ListAddonsRequest < Struct.new(
|
2108
|
+
:cluster_name,
|
2109
|
+
:max_results,
|
2110
|
+
:next_token)
|
2111
|
+
SENSITIVE = []
|
2112
|
+
include Aws::Structure
|
2113
|
+
end
|
2114
|
+
|
2115
|
+
# @!attribute [rw] addons
|
2116
|
+
# A list of available add-ons.
|
2117
|
+
# @return [Array<String>]
|
2118
|
+
#
|
2119
|
+
# @!attribute [rw] next_token
|
2120
|
+
# The `nextToken` value returned from a previous paginated
|
2121
|
+
# `ListAddonsResponse` where `maxResults` was used and the results
|
2122
|
+
# exceeded the value of that parameter. Pagination continues from the
|
2123
|
+
# end of the previous results that returned the `nextToken` value.
|
2124
|
+
#
|
2125
|
+
# <note markdown="1"> This token should be treated as an opaque identifier that is used
|
2126
|
+
# only to retrieve the next items in a list and not for other
|
2127
|
+
# programmatic purposes.
|
2128
|
+
#
|
2129
|
+
# </note>
|
2130
|
+
# @return [String]
|
2131
|
+
#
|
2132
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/ListAddonsResponse AWS API Documentation
|
2133
|
+
#
|
2134
|
+
class ListAddonsResponse < Struct.new(
|
2135
|
+
:addons,
|
2136
|
+
:next_token)
|
2137
|
+
SENSITIVE = []
|
2138
|
+
include Aws::Structure
|
2139
|
+
end
|
2140
|
+
|
1377
2141
|
# @note When making an API call, you may pass ListClustersRequest
|
1378
2142
|
# data as a hash:
|
1379
2143
|
#
|
@@ -1502,6 +2266,71 @@ module Aws::EKS
|
|
1502
2266
|
include Aws::Structure
|
1503
2267
|
end
|
1504
2268
|
|
2269
|
+
# @note When making an API call, you may pass ListIdentityProviderConfigsRequest
|
2270
|
+
# data as a hash:
|
2271
|
+
#
|
2272
|
+
# {
|
2273
|
+
# cluster_name: "String", # required
|
2274
|
+
# max_results: 1,
|
2275
|
+
# next_token: "String",
|
2276
|
+
# }
|
2277
|
+
#
|
2278
|
+
# @!attribute [rw] cluster_name
|
2279
|
+
# The cluster name that you want to list identity provider
|
2280
|
+
# configurations for.
|
2281
|
+
# @return [String]
|
2282
|
+
#
|
2283
|
+
# @!attribute [rw] max_results
|
2284
|
+
# The maximum number of identity provider configurations returned by
|
2285
|
+
# `ListIdentityProviderConfigs` in paginated output. When you use this
|
2286
|
+
# parameter, `ListIdentityProviderConfigs` returns only `maxResults`
|
2287
|
+
# results in a single page along with a `nextToken` response element.
|
2288
|
+
# You can see the remaining results of the initial request by sending
|
2289
|
+
# another `ListIdentityProviderConfigs` request with the returned
|
2290
|
+
# `nextToken` value. This value can be between 1 and 100. If you
|
2291
|
+
# don't use this parameter, `ListIdentityProviderConfigs` returns up
|
2292
|
+
# to 100 results and a `nextToken` value, if applicable.
|
2293
|
+
# @return [Integer]
|
2294
|
+
#
|
2295
|
+
# @!attribute [rw] next_token
|
2296
|
+
# The `nextToken` value returned from a previous paginated
|
2297
|
+
# `IdentityProviderConfigsRequest` where `maxResults` was used and the
|
2298
|
+
# results exceeded the value of that parameter. Pagination continues
|
2299
|
+
# from the end of the previous results that returned the `nextToken`
|
2300
|
+
# value.
|
2301
|
+
# @return [String]
|
2302
|
+
#
|
2303
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/ListIdentityProviderConfigsRequest AWS API Documentation
|
2304
|
+
#
|
2305
|
+
class ListIdentityProviderConfigsRequest < Struct.new(
|
2306
|
+
:cluster_name,
|
2307
|
+
:max_results,
|
2308
|
+
:next_token)
|
2309
|
+
SENSITIVE = []
|
2310
|
+
include Aws::Structure
|
2311
|
+
end
|
2312
|
+
|
2313
|
+
# @!attribute [rw] identity_provider_configs
|
2314
|
+
# The identity provider configurations for the cluster.
|
2315
|
+
# @return [Array<Types::IdentityProviderConfig>]
|
2316
|
+
#
|
2317
|
+
# @!attribute [rw] next_token
|
2318
|
+
# The `nextToken` value returned from a previous paginated
|
2319
|
+
# `ListIdentityProviderConfigsResponse` where `maxResults` was used
|
2320
|
+
# and the results exceeded the value of that parameter. Pagination
|
2321
|
+
# continues from the end of the previous results that returned the
|
2322
|
+
# `nextToken` value.
|
2323
|
+
# @return [String]
|
2324
|
+
#
|
2325
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/ListIdentityProviderConfigsResponse AWS API Documentation
|
2326
|
+
#
|
2327
|
+
class ListIdentityProviderConfigsResponse < Struct.new(
|
2328
|
+
:identity_provider_configs,
|
2329
|
+
:next_token)
|
2330
|
+
SENSITIVE = []
|
2331
|
+
include Aws::Structure
|
2332
|
+
end
|
2333
|
+
|
1505
2334
|
# @note When making an API call, you may pass ListNodegroupsRequest
|
1506
2335
|
# data as a hash:
|
1507
2336
|
#
|
@@ -1606,6 +2435,7 @@ module Aws::EKS
|
|
1606
2435
|
# {
|
1607
2436
|
# name: "String", # required
|
1608
2437
|
# nodegroup_name: "String",
|
2438
|
+
# addon_name: "String",
|
1609
2439
|
# next_token: "String",
|
1610
2440
|
# max_results: 1,
|
1611
2441
|
# }
|
@@ -1618,6 +2448,10 @@ module Aws::EKS
|
|
1618
2448
|
# The name of the Amazon EKS managed node group to list updates for.
|
1619
2449
|
# @return [String]
|
1620
2450
|
#
|
2451
|
+
# @!attribute [rw] addon_name
|
2452
|
+
# The names of the installed add-ons that have available updates.
|
2453
|
+
# @return [String]
|
2454
|
+
#
|
1621
2455
|
# @!attribute [rw] next_token
|
1622
2456
|
# The `nextToken` value returned from a previous paginated
|
1623
2457
|
# `ListUpdates` request where `maxResults` was used and the results
|
@@ -1641,6 +2475,7 @@ module Aws::EKS
|
|
1641
2475
|
class ListUpdatesRequest < Struct.new(
|
1642
2476
|
:name,
|
1643
2477
|
:nodegroup_name,
|
2478
|
+
:addon_name,
|
1644
2479
|
:next_token,
|
1645
2480
|
:max_results)
|
1646
2481
|
SENSITIVE = []
|
@@ -1748,7 +2583,7 @@ module Aws::EKS
|
|
1748
2583
|
# If the node group was deployed using a launch template with a custom
|
1749
2584
|
# AMI, then this is the AMI ID that was specified in the launch
|
1750
2585
|
# template. For node groups that weren't deployed using a launch
|
1751
|
-
# template, this is the version of the Amazon EKS
|
2586
|
+
# template, this is the version of the Amazon EKS optimized AMI that
|
1752
2587
|
# the node group was deployed with.
|
1753
2588
|
# @return [String]
|
1754
2589
|
#
|
@@ -1766,6 +2601,10 @@ module Aws::EKS
|
|
1766
2601
|
# The current status of the managed node group.
|
1767
2602
|
# @return [String]
|
1768
2603
|
#
|
2604
|
+
# @!attribute [rw] capacity_type
|
2605
|
+
# The capacity type of your managed node group.
|
2606
|
+
# @return [String]
|
2607
|
+
#
|
1769
2608
|
# @!attribute [rw] scaling_config
|
1770
2609
|
# The scaling configuration details for the Auto Scaling group that is
|
1771
2610
|
# associated with your node group.
|
@@ -1797,10 +2636,10 @@ module Aws::EKS
|
|
1797
2636
|
# @return [String]
|
1798
2637
|
#
|
1799
2638
|
# @!attribute [rw] node_role
|
1800
|
-
# The IAM role associated with your node group. The Amazon EKS
|
1801
|
-
#
|
1802
|
-
#
|
1803
|
-
#
|
2639
|
+
# The IAM role associated with your node group. The Amazon EKS node
|
2640
|
+
# `kubelet` daemon makes calls to AWS APIs on your behalf. Nodes
|
2641
|
+
# receive permissions for these API calls through an IAM instance
|
2642
|
+
# profile and associated policies.
|
1804
2643
|
# @return [String]
|
1805
2644
|
#
|
1806
2645
|
# @!attribute [rw] labels
|
@@ -1853,6 +2692,7 @@ module Aws::EKS
|
|
1853
2692
|
:created_at,
|
1854
2693
|
:modified_at,
|
1855
2694
|
:status,
|
2695
|
+
:capacity_type,
|
1856
2696
|
:scaling_config,
|
1857
2697
|
:instance_types,
|
1858
2698
|
:subnets,
|
@@ -1892,7 +2732,7 @@ module Aws::EKS
|
|
1892
2732
|
#
|
1893
2733
|
# @!attribute [rw] remote_access_security_group
|
1894
2734
|
# The remote access security group associated with the node group.
|
1895
|
-
# This security group controls SSH access to the
|
2735
|
+
# This security group controls SSH access to the nodes.
|
1896
2736
|
# @return [String]
|
1897
2737
|
#
|
1898
2738
|
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/NodegroupResources AWS API Documentation
|
@@ -1919,19 +2759,24 @@ module Aws::EKS
|
|
1919
2759
|
# }
|
1920
2760
|
#
|
1921
2761
|
# @!attribute [rw] min_size
|
1922
|
-
# The minimum number of
|
1923
|
-
#
|
2762
|
+
# The minimum number of nodes that the managed node group can scale in
|
2763
|
+
# to. This number must be greater than zero.
|
1924
2764
|
# @return [Integer]
|
1925
2765
|
#
|
1926
2766
|
# @!attribute [rw] max_size
|
1927
|
-
# The maximum number of
|
1928
|
-
#
|
1929
|
-
#
|
2767
|
+
# The maximum number of nodes that the managed node group can scale
|
2768
|
+
# out to. For information about the maximum number that you can
|
2769
|
+
# specify, see [Amazon EKS service quotas][1] in the *Amazon EKS User
|
2770
|
+
# Guide*.
|
2771
|
+
#
|
2772
|
+
#
|
2773
|
+
#
|
2774
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html
|
1930
2775
|
# @return [Integer]
|
1931
2776
|
#
|
1932
2777
|
# @!attribute [rw] desired_size
|
1933
|
-
# The current number of
|
1934
|
-
#
|
2778
|
+
# The current number of nodes that the managed node group should
|
2779
|
+
# maintain.
|
1935
2780
|
# @return [Integer]
|
1936
2781
|
#
|
1937
2782
|
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/NodegroupScalingConfig AWS API Documentation
|
@@ -1958,15 +2803,15 @@ module Aws::EKS
|
|
1958
2803
|
include Aws::Structure
|
1959
2804
|
end
|
1960
2805
|
|
1961
|
-
# An object representing the [OpenID Connect][1] identity
|
1962
|
-
# information for the cluster.
|
2806
|
+
# An object representing the [OpenID Connect][1] (OIDC) identity
|
2807
|
+
# provider information for the cluster.
|
1963
2808
|
#
|
1964
2809
|
#
|
1965
2810
|
#
|
1966
2811
|
# [1]: https://openid.net/connect/
|
1967
2812
|
#
|
1968
2813
|
# @!attribute [rw] issuer
|
1969
|
-
# The issuer URL for the
|
2814
|
+
# The issuer URL for the OIDC identity provider.
|
1970
2815
|
# @return [String]
|
1971
2816
|
#
|
1972
2817
|
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/OIDC AWS API Documentation
|
@@ -1977,6 +2822,187 @@ module Aws::EKS
|
|
1977
2822
|
include Aws::Structure
|
1978
2823
|
end
|
1979
2824
|
|
2825
|
+
# An object that represents the configuration for an OpenID Connect
|
2826
|
+
# (OIDC) identity provider.
|
2827
|
+
#
|
2828
|
+
# @!attribute [rw] identity_provider_config_name
|
2829
|
+
# The name of the configuration.
|
2830
|
+
# @return [String]
|
2831
|
+
#
|
2832
|
+
# @!attribute [rw] identity_provider_config_arn
|
2833
|
+
# The ARN of the configuration.
|
2834
|
+
# @return [String]
|
2835
|
+
#
|
2836
|
+
# @!attribute [rw] cluster_name
|
2837
|
+
# The cluster that the configuration is associated to.
|
2838
|
+
# @return [String]
|
2839
|
+
#
|
2840
|
+
# @!attribute [rw] issuer_url
|
2841
|
+
# The URL of the OIDC identity provider that allows the API server to
|
2842
|
+
# discover public signing keys for verifying tokens.
|
2843
|
+
# @return [String]
|
2844
|
+
#
|
2845
|
+
# @!attribute [rw] client_id
|
2846
|
+
# This is also known as *audience*. The ID of the client application
|
2847
|
+
# that makes authentication requests to the OIDC identity provider.
|
2848
|
+
# @return [String]
|
2849
|
+
#
|
2850
|
+
# @!attribute [rw] username_claim
|
2851
|
+
# The JSON Web token (JWT) claim that is used as the username.
|
2852
|
+
# @return [String]
|
2853
|
+
#
|
2854
|
+
# @!attribute [rw] username_prefix
|
2855
|
+
# The prefix that is prepended to username claims to prevent clashes
|
2856
|
+
# with existing names. The prefix can't contain `system:`
|
2857
|
+
# @return [String]
|
2858
|
+
#
|
2859
|
+
# @!attribute [rw] groups_claim
|
2860
|
+
# The JSON web token (JWT) claim that the provider uses to return your
|
2861
|
+
# groups.
|
2862
|
+
# @return [String]
|
2863
|
+
#
|
2864
|
+
# @!attribute [rw] groups_prefix
|
2865
|
+
# The prefix that is prepended to group claims to prevent clashes with
|
2866
|
+
# existing names (such as `system:` groups). For example, the value`
|
2867
|
+
# oidc:` creates group names like `oidc:engineering` and `oidc:infra`.
|
2868
|
+
# The prefix can't contain `system:`
|
2869
|
+
# @return [String]
|
2870
|
+
#
|
2871
|
+
# @!attribute [rw] required_claims
|
2872
|
+
# The key-value pairs that describe required claims in the identity
|
2873
|
+
# token. If set, each claim is verified to be present in the token
|
2874
|
+
# with a matching value.
|
2875
|
+
# @return [Hash<String,String>]
|
2876
|
+
#
|
2877
|
+
# @!attribute [rw] tags
|
2878
|
+
# The metadata to apply to the provider configuration to assist with
|
2879
|
+
# categorization and organization. Each tag consists of a key and an
|
2880
|
+
# optional value, both of which you defined.
|
2881
|
+
# @return [Hash<String,String>]
|
2882
|
+
#
|
2883
|
+
# @!attribute [rw] status
|
2884
|
+
# The status of the OIDC identity provider.
|
2885
|
+
# @return [String]
|
2886
|
+
#
|
2887
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/OidcIdentityProviderConfig AWS API Documentation
|
2888
|
+
#
|
2889
|
+
class OidcIdentityProviderConfig < Struct.new(
|
2890
|
+
:identity_provider_config_name,
|
2891
|
+
:identity_provider_config_arn,
|
2892
|
+
:cluster_name,
|
2893
|
+
:issuer_url,
|
2894
|
+
:client_id,
|
2895
|
+
:username_claim,
|
2896
|
+
:username_prefix,
|
2897
|
+
:groups_claim,
|
2898
|
+
:groups_prefix,
|
2899
|
+
:required_claims,
|
2900
|
+
:tags,
|
2901
|
+
:status)
|
2902
|
+
SENSITIVE = []
|
2903
|
+
include Aws::Structure
|
2904
|
+
end
|
2905
|
+
|
2906
|
+
# An object representing an OpenID Connect (OIDC) configuration. Before
|
2907
|
+
# associating an OIDC identity provider to your cluster, review the
|
2908
|
+
# considerations in [Authenticating users for your cluster from an
|
2909
|
+
# OpenID Connect identity provider][1] in the *Amazon EKS User Guide*.
|
2910
|
+
#
|
2911
|
+
#
|
2912
|
+
#
|
2913
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/userguide/authenticate-oidc-identity-provider.html
|
2914
|
+
#
|
2915
|
+
# @note When making an API call, you may pass OidcIdentityProviderConfigRequest
|
2916
|
+
# data as a hash:
|
2917
|
+
#
|
2918
|
+
# {
|
2919
|
+
# identity_provider_config_name: "String", # required
|
2920
|
+
# issuer_url: "String", # required
|
2921
|
+
# client_id: "String", # required
|
2922
|
+
# username_claim: "String",
|
2923
|
+
# username_prefix: "String",
|
2924
|
+
# groups_claim: "String",
|
2925
|
+
# groups_prefix: "String",
|
2926
|
+
# required_claims: {
|
2927
|
+
# "requiredClaimsKey" => "requiredClaimsValue",
|
2928
|
+
# },
|
2929
|
+
# }
|
2930
|
+
#
|
2931
|
+
# @!attribute [rw] identity_provider_config_name
|
2932
|
+
# The name of the OIDC provider configuration.
|
2933
|
+
# @return [String]
|
2934
|
+
#
|
2935
|
+
# @!attribute [rw] issuer_url
|
2936
|
+
# The URL of the OpenID identity provider that allows the API server
|
2937
|
+
# to discover public signing keys for verifying tokens. The URL must
|
2938
|
+
# begin with `https://` and should correspond to the `iss` claim in
|
2939
|
+
# the provider's OIDC ID tokens. Per the OIDC standard, path
|
2940
|
+
# components are allowed but query parameters are not. Typically the
|
2941
|
+
# URL consists of only a hostname, like `https://server.example.org`
|
2942
|
+
# or `https://example.com`. This URL should point to the level below
|
2943
|
+
# `.well-known/openid-configuration` and must be publicly accessible
|
2944
|
+
# over the internet.
|
2945
|
+
# @return [String]
|
2946
|
+
#
|
2947
|
+
# @!attribute [rw] client_id
|
2948
|
+
# This is also known as *audience*. The ID for the client application
|
2949
|
+
# that makes authentication requests to the OpenID identity provider.
|
2950
|
+
# @return [String]
|
2951
|
+
#
|
2952
|
+
# @!attribute [rw] username_claim
|
2953
|
+
# The JSON Web Token (JWT) claim to use as the username. The default
|
2954
|
+
# is `sub`, which is expected to be a unique identifier of the end
|
2955
|
+
# user. You can choose other claims, such as `email` or `name`,
|
2956
|
+
# depending on the OpenID identity provider. Claims other than `email`
|
2957
|
+
# are prefixed with the issuer URL to prevent naming clashes with
|
2958
|
+
# other plug-ins.
|
2959
|
+
# @return [String]
|
2960
|
+
#
|
2961
|
+
# @!attribute [rw] username_prefix
|
2962
|
+
# The prefix that is prepended to username claims to prevent clashes
|
2963
|
+
# with existing names. If you do not provide this field, and
|
2964
|
+
# `username` is a value other than `email`, the prefix defaults to
|
2965
|
+
# `issuerurl#`. You can use the value `-` to disable all prefixing.
|
2966
|
+
# @return [String]
|
2967
|
+
#
|
2968
|
+
# @!attribute [rw] groups_claim
|
2969
|
+
# The JWT claim that the provider uses to return your groups.
|
2970
|
+
# @return [String]
|
2971
|
+
#
|
2972
|
+
# @!attribute [rw] groups_prefix
|
2973
|
+
# The prefix that is prepended to group claims to prevent clashes with
|
2974
|
+
# existing names (such as `system:` groups). For example, the value`
|
2975
|
+
# oidc:` will create group names like `oidc:engineering` and
|
2976
|
+
# `oidc:infra`.
|
2977
|
+
# @return [String]
|
2978
|
+
#
|
2979
|
+
# @!attribute [rw] required_claims
|
2980
|
+
# The key value pairs that describe required claims in the identity
|
2981
|
+
# token. If set, each claim is verified to be present in the token
|
2982
|
+
# with a matching value. For the maximum number of claims that you can
|
2983
|
+
# require, see [Amazon EKS service quotas][1] in the *Amazon EKS User
|
2984
|
+
# Guide*.
|
2985
|
+
#
|
2986
|
+
#
|
2987
|
+
#
|
2988
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html
|
2989
|
+
# @return [Hash<String,String>]
|
2990
|
+
#
|
2991
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/OidcIdentityProviderConfigRequest AWS API Documentation
|
2992
|
+
#
|
2993
|
+
class OidcIdentityProviderConfigRequest < Struct.new(
|
2994
|
+
:identity_provider_config_name,
|
2995
|
+
:issuer_url,
|
2996
|
+
:client_id,
|
2997
|
+
:username_claim,
|
2998
|
+
:username_prefix,
|
2999
|
+
:groups_claim,
|
3000
|
+
:groups_prefix,
|
3001
|
+
:required_claims)
|
3002
|
+
SENSITIVE = []
|
3003
|
+
include Aws::Structure
|
3004
|
+
end
|
3005
|
+
|
1980
3006
|
# Identifies the AWS Key Management Service (AWS KMS) customer master
|
1981
3007
|
# key (CMK) used to encrypt the secrets.
|
1982
3008
|
#
|
@@ -2021,9 +3047,9 @@ module Aws::EKS
|
|
2021
3047
|
#
|
2022
3048
|
# @!attribute [rw] ec2_ssh_key
|
2023
3049
|
# The Amazon EC2 SSH key that provides access for SSH communication
|
2024
|
-
# with the
|
2025
|
-
#
|
2026
|
-
#
|
3050
|
+
# with the nodes in the managed node group. For more information, see
|
3051
|
+
# [Amazon EC2 Key Pairs][1] in the *Amazon Elastic Compute Cloud User
|
3052
|
+
# Guide for Linux Instances*.
|
2027
3053
|
#
|
2028
3054
|
#
|
2029
3055
|
#
|
@@ -2032,11 +3058,11 @@ module Aws::EKS
|
|
2032
3058
|
#
|
2033
3059
|
# @!attribute [rw] source_security_groups
|
2034
3060
|
# The security groups that are allowed SSH access (port 22) to the
|
2035
|
-
#
|
2036
|
-
#
|
2037
|
-
#
|
2038
|
-
#
|
2039
|
-
#
|
3061
|
+
# nodes. If you specify an Amazon EC2 SSH key but do not specify a
|
3062
|
+
# source security group when you create a managed node group, then
|
3063
|
+
# port 22 on the nodes is opened to the internet (0.0.0.0/0). For more
|
3064
|
+
# information, see [Security Groups for Your VPC][1] in the *Amazon
|
3065
|
+
# Virtual Private Cloud User Guide*.
|
2040
3066
|
#
|
2041
3067
|
#
|
2042
3068
|
#
|
@@ -2062,6 +3088,9 @@ module Aws::EKS
|
|
2062
3088
|
# The Amazon EKS managed node group associated with the exception.
|
2063
3089
|
# @return [String]
|
2064
3090
|
#
|
3091
|
+
# @!attribute [rw] addon_name
|
3092
|
+
# @return [String]
|
3093
|
+
#
|
2065
3094
|
# @!attribute [rw] message
|
2066
3095
|
# @return [String]
|
2067
3096
|
#
|
@@ -2070,6 +3099,7 @@ module Aws::EKS
|
|
2070
3099
|
class ResourceInUseException < Struct.new(
|
2071
3100
|
:cluster_name,
|
2072
3101
|
:nodegroup_name,
|
3102
|
+
:addon_name,
|
2073
3103
|
:message)
|
2074
3104
|
SENSITIVE = []
|
2075
3105
|
include Aws::Structure
|
@@ -2115,6 +3145,9 @@ module Aws::EKS
|
|
2115
3145
|
# The Fargate profile associated with the exception.
|
2116
3146
|
# @return [String]
|
2117
3147
|
#
|
3148
|
+
# @!attribute [rw] addon_name
|
3149
|
+
# @return [String]
|
3150
|
+
#
|
2118
3151
|
# @!attribute [rw] message
|
2119
3152
|
# @return [String]
|
2120
3153
|
#
|
@@ -2124,6 +3157,7 @@ module Aws::EKS
|
|
2124
3157
|
:cluster_name,
|
2125
3158
|
:nodegroup_name,
|
2126
3159
|
:fargate_profile_name,
|
3160
|
+
:addon_name,
|
2127
3161
|
:message)
|
2128
3162
|
SENSITIVE = []
|
2129
3163
|
include Aws::Structure
|
@@ -2139,6 +3173,9 @@ module Aws::EKS
|
|
2139
3173
|
# The Amazon EKS managed node group associated with the exception.
|
2140
3174
|
# @return [String]
|
2141
3175
|
#
|
3176
|
+
# @!attribute [rw] addon_name
|
3177
|
+
# @return [String]
|
3178
|
+
#
|
2142
3179
|
# @!attribute [rw] message
|
2143
3180
|
# @return [String]
|
2144
3181
|
#
|
@@ -2147,6 +3184,7 @@ module Aws::EKS
|
|
2147
3184
|
class ServerException < Struct.new(
|
2148
3185
|
:cluster_name,
|
2149
3186
|
:nodegroup_name,
|
3187
|
+
:addon_name,
|
2150
3188
|
:message)
|
2151
3189
|
SENSITIVE = []
|
2152
3190
|
include Aws::Structure
|
@@ -2302,6 +3340,99 @@ module Aws::EKS
|
|
2302
3340
|
include Aws::Structure
|
2303
3341
|
end
|
2304
3342
|
|
3343
|
+
# @note When making an API call, you may pass UpdateAddonRequest
|
3344
|
+
# data as a hash:
|
3345
|
+
#
|
3346
|
+
# {
|
3347
|
+
# cluster_name: "ClusterName", # required
|
3348
|
+
# addon_name: "String", # required
|
3349
|
+
# addon_version: "String",
|
3350
|
+
# service_account_role_arn: "RoleArn",
|
3351
|
+
# resolve_conflicts: "OVERWRITE", # accepts OVERWRITE, NONE
|
3352
|
+
# client_request_token: "String",
|
3353
|
+
# }
|
3354
|
+
#
|
3355
|
+
# @!attribute [rw] cluster_name
|
3356
|
+
# The name of the cluster.
|
3357
|
+
# @return [String]
|
3358
|
+
#
|
3359
|
+
# @!attribute [rw] addon_name
|
3360
|
+
# The name of the add-on. The name must match one of the names
|
3361
|
+
# returned by [ `ListAddons` ][1].
|
3362
|
+
#
|
3363
|
+
#
|
3364
|
+
#
|
3365
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
|
3366
|
+
# @return [String]
|
3367
|
+
#
|
3368
|
+
# @!attribute [rw] addon_version
|
3369
|
+
# The version of the add-on. The version must match one of the
|
3370
|
+
# versions returned by [ `DescribeAddonVersions` ][1].
|
3371
|
+
#
|
3372
|
+
#
|
3373
|
+
#
|
3374
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonVersions.html
|
3375
|
+
# @return [String]
|
3376
|
+
#
|
3377
|
+
# @!attribute [rw] service_account_role_arn
|
3378
|
+
# The Amazon Resource Name (ARN) of an existing IAM role to bind to
|
3379
|
+
# the add-on's service account. The role must be assigned the IAM
|
3380
|
+
# permissions required by the add-on. If you don't specify an
|
3381
|
+
# existing IAM role, then the add-on uses the permissions assigned to
|
3382
|
+
# the node IAM role. For more information, see [Amazon EKS node IAM
|
3383
|
+
# role][1] in the *Amazon EKS User Guide*.
|
3384
|
+
#
|
3385
|
+
# <note markdown="1"> To specify an existing IAM role, you must have an IAM OpenID Connect
|
3386
|
+
# (OIDC) provider created for your cluster. For more information, see
|
3387
|
+
# [Enabling IAM roles for service accounts on your cluster][2] in the
|
3388
|
+
# *Amazon EKS User Guide*.
|
3389
|
+
#
|
3390
|
+
# </note>
|
3391
|
+
#
|
3392
|
+
#
|
3393
|
+
#
|
3394
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html
|
3395
|
+
# [2]: https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html
|
3396
|
+
# @return [String]
|
3397
|
+
#
|
3398
|
+
# @!attribute [rw] resolve_conflicts
|
3399
|
+
# How to resolve parameter value conflicts when applying the new
|
3400
|
+
# version of the add-on to the cluster.
|
3401
|
+
# @return [String]
|
3402
|
+
#
|
3403
|
+
# @!attribute [rw] client_request_token
|
3404
|
+
# Unique, case-sensitive identifier that you provide to ensure the
|
3405
|
+
# idempotency of the request.
|
3406
|
+
#
|
3407
|
+
# **A suitable default value is auto-generated.** You should normally
|
3408
|
+
# not need to pass this option.
|
3409
|
+
# @return [String]
|
3410
|
+
#
|
3411
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/UpdateAddonRequest AWS API Documentation
|
3412
|
+
#
|
3413
|
+
class UpdateAddonRequest < Struct.new(
|
3414
|
+
:cluster_name,
|
3415
|
+
:addon_name,
|
3416
|
+
:addon_version,
|
3417
|
+
:service_account_role_arn,
|
3418
|
+
:resolve_conflicts,
|
3419
|
+
:client_request_token)
|
3420
|
+
SENSITIVE = []
|
3421
|
+
include Aws::Structure
|
3422
|
+
end
|
3423
|
+
|
3424
|
+
# @!attribute [rw] update
|
3425
|
+
# An object representing an asynchronous update.
|
3426
|
+
# @return [Types::Update]
|
3427
|
+
#
|
3428
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/UpdateAddonResponse AWS API Documentation
|
3429
|
+
#
|
3430
|
+
class UpdateAddonResponse < Struct.new(
|
3431
|
+
:update)
|
3432
|
+
SENSITIVE = []
|
3433
|
+
include Aws::Structure
|
3434
|
+
end
|
3435
|
+
|
2305
3436
|
# @note When making an API call, you may pass UpdateClusterConfigRequest
|
2306
3437
|
# data as a hash:
|
2307
3438
|
#
|
@@ -2575,15 +3706,15 @@ module Aws::EKS
|
|
2575
3706
|
# @return [String]
|
2576
3707
|
#
|
2577
3708
|
# @!attribute [rw] release_version
|
2578
|
-
# The AMI version of the Amazon EKS
|
3709
|
+
# The AMI version of the Amazon EKS optimized AMI to use for the
|
2579
3710
|
# update. By default, the latest available AMI version for the node
|
2580
3711
|
# group's Kubernetes version is used. For more information, see
|
2581
|
-
# [Amazon EKS
|
2582
|
-
# User Guide*. If you specify `launchTemplate`, and your
|
2583
|
-
# template uses a custom AMI, then don't specify
|
2584
|
-
# the node group update will fail. For more
|
2585
|
-
# launch templates with Amazon EKS, see
|
2586
|
-
# in the Amazon EKS User Guide.
|
3712
|
+
# [Amazon EKS optimized Amazon Linux 2 AMI versions ][1] in the
|
3713
|
+
# *Amazon EKS User Guide*. If you specify `launchTemplate`, and your
|
3714
|
+
# launch template uses a custom AMI, then don't specify
|
3715
|
+
# `releaseVersion`, or the node group update will fail. For more
|
3716
|
+
# information about using launch templates with Amazon EKS, see
|
3717
|
+
# [Launch template support][2] in the Amazon EKS User Guide.
|
2587
3718
|
#
|
2588
3719
|
#
|
2589
3720
|
#
|
@@ -2674,18 +3805,29 @@ module Aws::EKS
|
|
2674
3805
|
# }
|
2675
3806
|
#
|
2676
3807
|
# @!attribute [rw] subnet_ids
|
2677
|
-
# Specify subnets for your Amazon EKS
|
3808
|
+
# Specify subnets for your Amazon EKS nodes. Amazon EKS creates
|
2678
3809
|
# cross-account elastic network interfaces in these subnets to allow
|
2679
|
-
# communication between your
|
2680
|
-
# plane.
|
3810
|
+
# communication between your nodes and the Kubernetes control plane.
|
2681
3811
|
# @return [Array<String>]
|
2682
3812
|
#
|
2683
3813
|
# @!attribute [rw] security_group_ids
|
2684
3814
|
# Specify one or more security groups for the cross-account elastic
|
2685
3815
|
# network interfaces that Amazon EKS creates to use to allow
|
2686
|
-
# communication between your
|
2687
|
-
#
|
2688
|
-
#
|
3816
|
+
# communication between your nodes and the Kubernetes control plane.
|
3817
|
+
# If you don't specify any security groups, then familiarize yourself
|
3818
|
+
# with the difference between Amazon EKS defaults for clusters
|
3819
|
+
# deployed with Kubernetes:
|
3820
|
+
#
|
3821
|
+
# * 1\.14 Amazon EKS platform version `eks.2` and earlier
|
3822
|
+
#
|
3823
|
+
# * 1\.14 Amazon EKS platform version `eks.3` and later
|
3824
|
+
#
|
3825
|
+
# For more information, see [Amazon EKS security group
|
3826
|
+
# considerations][1] in the <i> <i>Amazon EKS User Guide</i> </i>.
|
3827
|
+
#
|
3828
|
+
#
|
3829
|
+
#
|
3830
|
+
# [1]: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html
|
2689
3831
|
# @return [Array<String>]
|
2690
3832
|
#
|
2691
3833
|
# @!attribute [rw] endpoint_public_access
|
@@ -2708,12 +3850,12 @@ module Aws::EKS
|
|
2708
3850
|
# access, Kubernetes API requests from within your cluster's VPC use
|
2709
3851
|
# the private VPC endpoint. The default value for this parameter is
|
2710
3852
|
# `false`, which disables private access for your Kubernetes API
|
2711
|
-
# server. If you disable private access and you have
|
2712
|
-
#
|
2713
|
-
#
|
2714
|
-
#
|
2715
|
-
#
|
2716
|
-
#
|
3853
|
+
# server. If you disable private access and you have nodes or AWS
|
3854
|
+
# Fargate pods in the cluster, then ensure that `publicAccessCidrs`
|
3855
|
+
# includes the necessary CIDR blocks for communication with the nodes
|
3856
|
+
# or Fargate pods. For more information, see [Amazon EKS Cluster
|
3857
|
+
# Endpoint Access Control][1] in the <i> <i>Amazon EKS User Guide</i>
|
3858
|
+
# </i>.
|
2717
3859
|
#
|
2718
3860
|
#
|
2719
3861
|
#
|
@@ -2725,8 +3867,8 @@ module Aws::EKS
|
|
2725
3867
|
# Kubernetes API server endpoint. Communication to the endpoint from
|
2726
3868
|
# addresses outside of the CIDR blocks that you specify is denied. The
|
2727
3869
|
# default value is `0.0.0.0/0`. If you've disabled private endpoint
|
2728
|
-
# access and you have
|
2729
|
-
#
|
3870
|
+
# access and you have nodes or AWS Fargate pods in the cluster, then
|
3871
|
+
# ensure that you specify the necessary CIDR blocks. For more
|
2730
3872
|
# information, see [Amazon EKS Cluster Endpoint Access Control][1] in
|
2731
3873
|
# the <i> <i>Amazon EKS User Guide</i> </i>.
|
2732
3874
|
#
|
@@ -2757,7 +3899,7 @@ module Aws::EKS
|
|
2757
3899
|
# @!attribute [rw] security_group_ids
|
2758
3900
|
# The security groups associated with the cross-account elastic
|
2759
3901
|
# network interfaces that are used to allow communication between your
|
2760
|
-
#
|
3902
|
+
# nodes and the Kubernetes control plane.
|
2761
3903
|
# @return [Array<String>]
|
2762
3904
|
#
|
2763
3905
|
# @!attribute [rw] cluster_security_group_id
|
@@ -2782,12 +3924,12 @@ module Aws::EKS
|
|
2782
3924
|
# endpoint is enabled. If the Amazon EKS private API server endpoint
|
2783
3925
|
# is enabled, Kubernetes API requests that originate from within your
|
2784
3926
|
# cluster's VPC use the private VPC endpoint instead of traversing
|
2785
|
-
# the internet. If this value is disabled and you have
|
2786
|
-
#
|
2787
|
-
#
|
2788
|
-
#
|
2789
|
-
#
|
2790
|
-
#
|
3927
|
+
# the internet. If this value is disabled and you have nodes or AWS
|
3928
|
+
# Fargate pods in the cluster, then ensure that `publicAccessCidrs`
|
3929
|
+
# includes the necessary CIDR blocks for communication with the nodes
|
3930
|
+
# or Fargate pods. For more information, see [Amazon EKS Cluster
|
3931
|
+
# Endpoint Access Control][1] in the <i> <i>Amazon EKS User Guide</i>
|
3932
|
+
# </i>.
|
2791
3933
|
#
|
2792
3934
|
#
|
2793
3935
|
#
|
@@ -2799,10 +3941,10 @@ module Aws::EKS
|
|
2799
3941
|
# Kubernetes API server endpoint. Communication to the endpoint from
|
2800
3942
|
# addresses outside of the listed CIDR blocks is denied. The default
|
2801
3943
|
# value is `0.0.0.0/0`. If you've disabled private endpoint access
|
2802
|
-
# and you have
|
2803
|
-
#
|
2804
|
-
#
|
2805
|
-
#
|
3944
|
+
# and you have nodes or AWS Fargate pods in the cluster, then ensure
|
3945
|
+
# that the necessary CIDR blocks are listed. For more information, see
|
3946
|
+
# [Amazon EKS Cluster Endpoint Access Control][1] in the <i> <i>Amazon
|
3947
|
+
# EKS User Guide</i> </i>.
|
2806
3948
|
#
|
2807
3949
|
#
|
2808
3950
|
#
|