RubyGems - aws-sdk-eks - Versions diffs - 1.44.0 → 1.49.0 - Mend

aws-sdk-eks 1.44.0 → 1.49.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/lib/aws-sdk-eks.rb +2 -2
data/lib/aws-sdk-eks/client.rb +853 -95
data/lib/aws-sdk-eks/client_api.rb +400 -0
data/lib/aws-sdk-eks/errors.rb +30 -0
data/lib/aws-sdk-eks/types.rb +1312 -115
data/lib/aws-sdk-eks/waiters.rb +89 -0
metadata +4 -4

data/lib/aws-sdk-eks/errors.rb CHANGED Viewed

@@ -79,6 +79,11 @@ module Aws::EKS
         @data[:nodegroup_name]
       end
+      # @return [String]
+      def addon_name
+        @data[:addon_name]
+      end
       # @return [String]
       def message
         @message || @data[:message]
@@ -109,6 +114,11 @@ module Aws::EKS
         @data[:fargate_profile_name]
       end
+      # @return [String]
+      def addon_name
+        @data[:addon_name]
+      end
       # @return [String]
       def message
         @message || @data[:message]
@@ -134,6 +144,11 @@ module Aws::EKS
         @data[:nodegroup_name]
       end
+      # @return [String]
+      def addon_name
+        @data[:addon_name]
+      end
       # @return [String]
       def message
         @message || @data[:message]
@@ -174,6 +189,11 @@ module Aws::EKS
         @data[:nodegroup_name]
       end
+      # @return [String]
+      def addon_name
+        @data[:addon_name]
+      end
       # @return [String]
       def message
         @message || @data[:message]
@@ -229,6 +249,11 @@ module Aws::EKS
         @data[:fargate_profile_name]
       end
+      # @return [String]
+      def addon_name
+        @data[:addon_name]
+      end
       # @return [String]
       def message
         @message || @data[:message]
@@ -254,6 +279,11 @@ module Aws::EKS
         @data[:nodegroup_name]
       end
+      # @return [String]
+      def addon_name
+        @data[:addon_name]
+      end
       # @return [String]
       def message
         @message || @data[:message]

data/lib/aws-sdk-eks/types.rb CHANGED Viewed

@@ -10,6 +10,286 @@
 module Aws::EKS
   module Types
+    # An Amazon EKS add-on.
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] status
+    #   The status of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_version
+    #   The version of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] health
+    #   An object that represents the health of the add-on.
+    #   @return [Types::AddonHealth]
+    #
+    # @!attribute [rw] addon_arn
+    #   The Amazon Resource Name (ARN) of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] created_at
+    #   The date and time that the add-on was created.
+    #   @return [Time]
+    #
+    # @!attribute [rw] modified_at
+    #   The date and time that the add-on was last modified.
+    #   @return [Time]
+    #
+    # @!attribute [rw] service_account_role_arn
+    #   The Amazon Resource Name (ARN) of the IAM role that is bound to the
+    #   Kubernetes service account used by the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] tags
+    #   The metadata that you apply to the cluster to assist with
+    #   categorization and organization. Each tag consists of a key and an
+    #   optional value, both of which you define. Cluster tags do not
+    #   propagate to any other resources associated with the cluster.
+    #   @return [Hash<String,String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/Addon AWS API Documentation
+    #
+    class Addon < Struct.new(
+      :addon_name,
+      :cluster_name,
+      :status,
+      :addon_version,
+      :health,
+      :addon_arn,
+      :created_at,
+      :modified_at,
+      :service_account_role_arn,
+      :tags)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # The health of the add-on.
+    #
+    # @!attribute [rw] issues
+    #   An object that represents the add-on's health issues.
+    #   @return [Array<Types::AddonIssue>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AddonHealth AWS API Documentation
+    #
+    class AddonHealth < Struct.new(
+      :issues)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Information about an add-on.
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] type
+    #   The type of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_versions
+    #   An object that represents information about available add-on
+    #   versions and compatible Kubernetes versions.
+    #   @return [Array<Types::AddonVersionInfo>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AddonInfo AWS API Documentation
+    #
+    class AddonInfo < Struct.new(
+      :addon_name,
+      :type,
+      :addon_versions)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # An issue related to an add-on.
+    #
+    # @!attribute [rw] code
+    #   A code that describes the type of issue.
+    #   @return [String]
+    #
+    # @!attribute [rw] message
+    #   A message that provides details about the issue and what might cause
+    #   it.
+    #   @return [String]
+    #
+    # @!attribute [rw] resource_ids
+    #   The resource IDs of the issue.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AddonIssue AWS API Documentation
+    #
+    class AddonIssue < Struct.new(
+      :code,
+      :message,
+      :resource_ids)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Information about an add-on version.
+    #
+    # @!attribute [rw] addon_version
+    #   The version of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] architecture
+    #   The architectures that the version supports.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] compatibilities
+    #   An object that represents the compatibilities of a version.
+    #   @return [Array<Types::Compatibility>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AddonVersionInfo AWS API Documentation
+    #
+    class AddonVersionInfo < Struct.new(
+      :addon_version,
+      :architecture,
+      :compatibilities)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @note When making an API call, you may pass AssociateEncryptionConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "String", # required
+    #         encryption_config: [ # required
+    #           {
+    #             resources: ["String"],
+    #             provider: {
+    #               key_arn: "String",
+    #             },
+    #           },
+    #         ],
+    #         client_request_token: "String",
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster that you are associating with encryption
+    #   configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] encryption_config
+    #   The configuration you are using for encryption.
+    #   @return [Array<Types::EncryptionConfig>]
+    #
+    # @!attribute [rw] client_request_token
+    #   The client request token you are using with the encryption
+    #   configuration.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AssociateEncryptionConfigRequest AWS API Documentation
+    #
+    class AssociateEncryptionConfigRequest < Struct.new(
+      :cluster_name,
+      :encryption_config,
+      :client_request_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] update
+    #   An object representing an asynchronous update.
+    #   @return [Types::Update]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AssociateEncryptionConfigResponse AWS API Documentation
+    #
+    class AssociateEncryptionConfigResponse < Struct.new(
+      :update)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @note When making an API call, you may pass AssociateIdentityProviderConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "String", # required
+    #         oidc: { # required
+    #           identity_provider_config_name: "String", # required
+    #           issuer_url: "String", # required
+    #           client_id: "String", # required
+    #           username_claim: "String",
+    #           username_prefix: "String",
+    #           groups_claim: "String",
+    #           groups_prefix: "String",
+    #           required_claims: {
+    #             "requiredClaimsKey" => "requiredClaimsValue",
+    #           },
+    #         },
+    #         tags: {
+    #           "TagKey" => "TagValue",
+    #         },
+    #         client_request_token: "String",
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster to associate the configuration to.
+    #   @return [String]
+    #
+    # @!attribute [rw] oidc
+    #   An object that represents an OpenID Connect (OIDC) identity provider
+    #   configuration.
+    #   @return [Types::OidcIdentityProviderConfigRequest]
+    #
+    # @!attribute [rw] tags
+    #   The metadata to apply to the configuration to assist with
+    #   categorization and organization. Each tag consists of a key and an
+    #   optional value, both of which you define.
+    #   @return [Hash<String,String>]
+    #
+    # @!attribute [rw] client_request_token
+    #   Unique, case-sensitive identifier that you provide to ensure the
+    #   idempotency of the request.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AssociateIdentityProviderConfigRequest AWS API Documentation
+    #
+    class AssociateIdentityProviderConfigRequest < Struct.new(
+      :cluster_name,
+      :oidc,
+      :tags,
+      :client_request_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] update
+    #   An object representing an asynchronous update.
+    #   @return [Types::Update]
+    #
+    # @!attribute [rw] tags
+    #   The tags for the resource.
+    #   @return [Hash<String,String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AssociateIdentityProviderConfigResponse AWS API Documentation
+    #
+    class AssociateIdentityProviderConfigResponse < Struct.new(
+      :update,
+      :tags)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # An Auto Scaling group that is associated with an Amazon EKS managed
     # node group.
     #
@@ -71,6 +351,9 @@ module Aws::EKS
     #   The Amazon EKS managed node group associated with the exception.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   @return [String]
+    #
     # @!attribute [rw] message
     #   @return [String]
     #
@@ -79,6 +362,7 @@ module Aws::EKS
     class ClientException < Struct.new(
       :cluster_name,
       :nodegroup_name,
+      :addon_name,
       :message)
       SENSITIVE = []
       include Aws::Structure
@@ -127,7 +411,7 @@ module Aws::EKS
     #   @return [Types::VpcConfigResponse]
     #
     # @!attribute [rw] kubernetes_network_config
-    #   Network configuration settings for your cluster.
+    #   The Kubernetes network configuration for the cluster.
     #   @return [Types::KubernetesNetworkConfigResponse]
     #
     # @!attribute [rw] logging
@@ -195,6 +479,133 @@ module Aws::EKS
       include Aws::Structure
     end
+    # Compatibility information.
+    #
+    # @!attribute [rw] cluster_version
+    #   The supported Kubernetes version of the cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] platform_versions
+    #   The supported compute platform.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] default_version
+    #   The supported default version.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/Compatibility AWS API Documentation
+    #
+    class Compatibility < Struct.new(
+      :cluster_version,
+      :platform_versions,
+      :default_version)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @note When making an API call, you may pass CreateAddonRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "ClusterName", # required
+    #         addon_name: "String", # required
+    #         addon_version: "String",
+    #         service_account_role_arn: "RoleArn",
+    #         resolve_conflicts: "OVERWRITE", # accepts OVERWRITE, NONE
+    #         client_request_token: "String",
+    #         tags: {
+    #           "TagKey" => "TagValue",
+    #         },
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster to create the add-on for.
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on. The name must match one of the names
+    #   returned by [ `ListAddons` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_version
+    #   The version of the add-on. The version must match one of the
+    #   versions returned by [ `DescribeAddonVersions` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonVersions.html
+    #   @return [String]
+    #
+    # @!attribute [rw] service_account_role_arn
+    #   The Amazon Resource Name (ARN) of an existing IAM role to bind to
+    #   the add-on's service account. The role must be assigned the IAM
+    #   permissions required by the add-on. If you don't specify an
+    #   existing IAM role, then the add-on uses the permissions assigned to
+    #   the node IAM role. For more information, see [Amazon EKS node IAM
+    #   role][1] in the *Amazon EKS User Guide*.
+    #
+    #   <note markdown="1"> To specify an existing IAM role, you must have an IAM OpenID Connect
+    #   (OIDC) provider created for your cluster. For more information, see
+    #   [Enabling IAM roles for service accounts on your cluster][2] in the
+    #   *Amazon EKS User Guide*.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html
+    #   [2]: https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html
+    #   @return [String]
+    #
+    # @!attribute [rw] resolve_conflicts
+    #   How to resolve parameter value conflicts when migrating an existing
+    #   add-on to an Amazon EKS add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] client_request_token
+    #   A unique, case-sensitive identifier that you provide to ensure the
+    #   idempotency of the request.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #   @return [String]
+    #
+    # @!attribute [rw] tags
+    #   The metadata to apply to the cluster to assist with categorization
+    #   and organization. Each tag consists of a key and an optional value,
+    #   both of which you define.
+    #   @return [Hash<String,String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/CreateAddonRequest AWS API Documentation
+    #
+    class CreateAddonRequest < Struct.new(
+      :cluster_name,
+      :addon_name,
+      :addon_version,
+      :service_account_role_arn,
+      :resolve_conflicts,
+      :client_request_token,
+      :tags)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] addon
+    #   An Amazon EKS add-on.
+    #   @return [Types::Addon]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/CreateAddonResponse AWS API Documentation
+    #
+    class CreateAddonResponse < Struct.new(
+      :addon)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass CreateClusterRequest
     #   data as a hash:
     #
@@ -470,6 +881,7 @@ module Aws::EKS
     #           version: "String",
     #           id: "String",
     #         },
+    #         capacity_type: "ON_DEMAND", # accepts ON_DEMAND, SPOT
     #         version: "String",
     #         release_version: "String",
     #       }
@@ -516,25 +928,31 @@ module Aws::EKS
     #   @return [Array<String>]
     #
     # @!attribute [rw] instance_types
-    #   The instance type to use for your node group. You can specify a
-    #   single instance type for a node group. The default value for
-    #   `instanceTypes` is `t3.medium`. If you choose a GPU instance type,
-    #   be sure to specify `AL2_x86_64_GPU` with the `amiType` parameter. If
-    #   you specify `launchTemplate`, then don't specify `instanceTypes`,
-    #   or the node group deployment will fail. For more information about
-    #   using launch templates with Amazon EKS, see [Launch template
-    #   support][1] in the Amazon EKS User Guide.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html
+    #   Specify the instance types for a node group. If you specify a GPU
+    #   instance type, be sure to specify `AL2_x86_64_GPU` with the
+    #   `amiType` parameter. If you specify `launchTemplate`, then you can
+    #   specify zero or one instance type in your launch template *or* you
+    #   can specify 0-20 instance types for `instanceTypes`. If however, you
+    #   specify an instance type in your launch template *and* specify any
+    #   `instanceTypes`, the node group deployment will fail. If you don't
+    #   specify an instance type in a launch template or for
+    #   `instanceTypes`, then `t3.medium` is used, by default. If you
+    #   specify `Spot` for `capacityType`, then we recommend specifying
+    #   multiple values for `instanceTypes`. For more information, see
+    #   [Managed node group capacity types][1] and [Launch template
+    #   support][2] in the *Amazon EKS User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types
+    #   [2]: https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html
     #   @return [Array<String>]
     #
     # @!attribute [rw] ami_type
     #   The AMI type for your node group. GPU instance types should use the
     #   `AL2_x86_64_GPU` AMI type. Non-GPU instances should use the
     #   `AL2_x86_64` AMI type. Arm instances should use the `AL2_ARM_64` AMI
-    #   type. All types use the Amazon EKS-optimized Amazon Linux 2 AMI. If
+    #   type. All types use the Amazon EKS optimized Amazon Linux 2 AMI. If
     #   you specify `launchTemplate`, and your launch template uses a custom
     #   AMI, then don't specify `amiType`, or the node group deployment
     #   will fail. For more information about using launch templates with
@@ -561,17 +979,16 @@ module Aws::EKS
     # @!attribute [rw] node_role
     #   The Amazon Resource Name (ARN) of the IAM role to associate with
     #   your node group. The Amazon EKS worker node `kubelet` daemon makes
-    #   calls to AWS APIs on your behalf. Worker nodes receive permissions
-    #   for these API calls through an IAM instance profile and associated
-    #   policies. Before you can launch worker nodes and register them into
-    #   a cluster, you must create an IAM role for those worker nodes to use
-    #   when they are launched. For more information, see [Amazon EKS Worker
-    #   Node IAM Role][1] in the <i> <i>Amazon EKS User Guide</i> </i>. If
-    #   you specify `launchTemplate`, then don't specify [
-    #   `IamInstanceProfile` ][2] in your launch template, or the node group
-    #   deployment will fail. For more information about using launch
-    #   templates with Amazon EKS, see [Launch template support][3] in the
-    #   Amazon EKS User Guide.
+    #   calls to AWS APIs on your behalf. Nodes receive permissions for
+    #   these API calls through an IAM instance profile and associated
+    #   policies. Before you can launch nodes and register them into a
+    #   cluster, you must create an IAM role for those nodes to use when
+    #   they are launched. For more information, see [Amazon EKS node IAM
+    #   role][1] in the <i> <i>Amazon EKS User Guide</i> </i>. If you
+    #   specify `launchTemplate`, then don't specify [ `IamInstanceProfile`
+    #   ][2] in your launch template, or the node group deployment will
+    #   fail. For more information about using launch templates with Amazon
+    #   EKS, see [Launch template support][3] in the Amazon EKS User Guide.
     #
     #
     #
@@ -608,6 +1025,10 @@ module Aws::EKS
     #   meets the requirements in `launchTemplateSpecification`.
     #   @return [Types::LaunchTemplateSpecification]
     #
+    # @!attribute [rw] capacity_type
+    #   The capacity type for your node group.
+    #   @return [String]
+    #
     # @!attribute [rw] version
     #   The Kubernetes version to use for your managed nodes. By default,
     #   the Kubernetes version of the cluster is used, and this is the only
@@ -623,15 +1044,15 @@ module Aws::EKS
     #   @return [String]
     #
     # @!attribute [rw] release_version
-    #   The AMI version of the Amazon EKS-optimized AMI to use with your
+    #   The AMI version of the Amazon EKS optimized AMI to use with your
     #   node group. By default, the latest available AMI version for the
     #   node group's current Kubernetes version is used. For more
-    #   information, see [Amazon EKS-Optimized Linux AMI Versions][1] in the
-    #   *Amazon EKS User Guide*. If you specify `launchTemplate`, and your
-    #   launch template uses a custom AMI, then don't specify
-    #   `releaseVersion`, or the node group deployment will fail. For more
-    #   information about using launch templates with Amazon EKS, see
-    #   [Launch template support][2] in the Amazon EKS User Guide.
+    #   information, see [Amazon EKS optimized Amazon Linux 2 AMI
+    #   versions][1] in the *Amazon EKS User Guide*. If you specify
+    #   `launchTemplate`, and your launch template uses a custom AMI, then
+    #   don't specify `releaseVersion`, or the node group deployment will
+    #   fail. For more information about using launch templates with Amazon
+    #   EKS, see [Launch template support][2] in the Amazon EKS User Guide.
     #
     #
     #
@@ -655,6 +1076,7 @@ module Aws::EKS
       :tags,
       :client_request_token,
       :launch_template,
+      :capacity_type,
       :version,
       :release_version)
       SENSITIVE = []
@@ -673,6 +1095,48 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass DeleteAddonRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "ClusterName", # required
+    #         addon_name: "String", # required
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster to delete the add-on from.
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on. The name must match one of the names
+    #   returned by [ `ListAddons` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DeleteAddonRequest AWS API Documentation
+    #
+    class DeleteAddonRequest < Struct.new(
+      :cluster_name,
+      :addon_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] addon
+    #   An Amazon EKS add-on.
+    #   @return [Types::Addon]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DeleteAddonResponse AWS API Documentation
+    #
+    class DeleteAddonResponse < Struct.new(
+      :addon)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass DeleteClusterRequest
     #   data as a hash:
     #
@@ -780,6 +1244,128 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass DescribeAddonRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "ClusterName", # required
+    #         addon_name: "String", # required
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on. The name must match one of the names
+    #   returned by [ `ListAddons` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeAddonRequest AWS API Documentation
+    #
+    class DescribeAddonRequest < Struct.new(
+      :cluster_name,
+      :addon_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] addon
+    #   An Amazon EKS add-on.
+    #   @return [Types::Addon]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeAddonResponse AWS API Documentation
+    #
+    class DescribeAddonResponse < Struct.new(
+      :addon)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @note When making an API call, you may pass DescribeAddonVersionsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         kubernetes_version: "String",
+    #         max_results: 1,
+    #         next_token: "String",
+    #         addon_name: "String",
+    #       }
+    #
+    # @!attribute [rw] kubernetes_version
+    #   The Kubernetes versions that the add-on can be used with.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of results to return.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   The `nextToken` value returned from a previous paginated
+    #   `DescribeAddonVersionsRequest` where `maxResults` was used and the
+    #   results exceeded the value of that parameter. Pagination continues
+    #   from the end of the previous results that returned the `nextToken`
+    #   value.
+    #
+    #   <note markdown="1"> This token should be treated as an opaque identifier that is used
+    #   only to retrieve the next items in a list and not for other
+    #   programmatic purposes.
+    #
+    #    </note>
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on. The name must match one of the names
+    #   returned by [ `ListAddons` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeAddonVersionsRequest AWS API Documentation
+    #
+    class DescribeAddonVersionsRequest < Struct.new(
+      :kubernetes_version,
+      :max_results,
+      :next_token,
+      :addon_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] addons
+    #   The list of available versions with Kubernetes version
+    #   compatibility.
+    #   @return [Array<Types::AddonInfo>]
+    #
+    # @!attribute [rw] next_token
+    #   The `nextToken` value returned from a previous paginated
+    #   `DescribeAddonVersionsResponse` where `maxResults` was used and the
+    #   results exceeded the value of that parameter. Pagination continues
+    #   from the end of the previous results that returned the `nextToken`
+    #   value.
+    #
+    #   <note markdown="1"> This token should be treated as an opaque identifier that is used
+    #   only to retrieve the next items in a list and not for other
+    #   programmatic purposes.
+    #
+    #    </note>
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeAddonVersionsResponse AWS API Documentation
+    #
+    class DescribeAddonVersionsResponse < Struct.new(
+      :addons,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass DescribeClusterRequest
     #   data as a hash:
     #
@@ -849,6 +1435,48 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass DescribeIdentityProviderConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "String", # required
+    #         identity_provider_config: { # required
+    #           type: "String", # required
+    #           name: "String", # required
+    #         },
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The cluster name that the identity provider configuration is
+    #   associated to.
+    #   @return [String]
+    #
+    # @!attribute [rw] identity_provider_config
+    #   An object that represents an identity provider configuration.
+    #   @return [Types::IdentityProviderConfig]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeIdentityProviderConfigRequest AWS API Documentation
+    #
+    class DescribeIdentityProviderConfigRequest < Struct.new(
+      :cluster_name,
+      :identity_provider_config)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] identity_provider_config
+    #   The object that represents an OpenID Connect (OIDC) identity
+    #   provider configuration.
+    #   @return [Types::IdentityProviderConfigResponse]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeIdentityProviderConfigResponse AWS API Documentation
+    #
+    class DescribeIdentityProviderConfigResponse < Struct.new(
+      :identity_provider_config)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass DescribeNodegroupRequest
     #   data as a hash:
     #
@@ -893,6 +1521,7 @@ module Aws::EKS
     #         name: "String", # required
     #         update_id: "String", # required
     #         nodegroup_name: "String",
+    #         addon_name: "String",
     #       }
     #
     # @!attribute [rw] name
@@ -907,12 +1536,22 @@ module Aws::EKS
     #   The name of the Amazon EKS node group associated with the update.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on. The name must match one of the names
+    #   returned by [ `ListAddons` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeUpdateRequest AWS API Documentation
     #
     class DescribeUpdateRequest < Struct.new(
       :name,
       :update_id,
-      :nodegroup_name)
+      :nodegroup_name,
+      :addon_name)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -929,6 +1568,56 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass DisassociateIdentityProviderConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "String", # required
+    #         identity_provider_config: { # required
+    #           type: "String", # required
+    #           name: "String", # required
+    #         },
+    #         client_request_token: "String",
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster to disassociate an identity provider from.
+    #   @return [String]
+    #
+    # @!attribute [rw] identity_provider_config
+    #   An object that represents an identity provider configuration.
+    #   @return [Types::IdentityProviderConfig]
+    #
+    # @!attribute [rw] client_request_token
+    #   A unique, case-sensitive identifier that you provide to ensure the
+    #   idempotency of the request.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DisassociateIdentityProviderConfigRequest AWS API Documentation
+    #
+    class DisassociateIdentityProviderConfigRequest < Struct.new(
+      :cluster_name,
+      :identity_provider_config,
+      :client_request_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] update
+    #   An object representing an asynchronous update.
+    #   @return [Types::Update]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DisassociateIdentityProviderConfigResponse AWS API Documentation
+    #
+    class DisassociateIdentityProviderConfigResponse < Struct.new(
+      :update)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # The encryption configuration for the cluster.
     #
     # @note When making an API call, you may pass EncryptionConfig
@@ -1105,12 +1794,11 @@ module Aws::EKS
       include Aws::Structure
     end
-    # An object representing an identity provider for authentication
-    # credentials.
+    # An object representing an identity provider.
     #
     # @!attribute [rw] oidc
-    #   The [OpenID Connect][1] identity provider information for the
-    #   cluster.
+    #   An object representing the [OpenID Connect][1] identity provider
+    #   information.
     #
     #
     #
@@ -1125,6 +1813,48 @@ module Aws::EKS
       include Aws::Structure
     end
+    # An object representing an identity provider configuration.
+    #
+    # @note When making an API call, you may pass IdentityProviderConfig
+    #   data as a hash:
+    #
+    #       {
+    #         type: "String", # required
+    #         name: "String", # required
+    #       }
+    #
+    # @!attribute [rw] type
+    #   The type of the identity provider configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name of the identity provider configuration.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/IdentityProviderConfig AWS API Documentation
+    #
+    class IdentityProviderConfig < Struct.new(
+      :type,
+      :name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # An object that represents an identity configuration.
+    #
+    # @!attribute [rw] oidc
+    #   An object that represents an OpenID Connect (OIDC) identity provider
+    #   configuration.
+    #   @return [Types::OidcIdentityProviderConfig]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/IdentityProviderConfigResponse AWS API Documentation
+    #
+    class IdentityProviderConfigResponse < Struct.new(
+      :oidc)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # The specified parameter is invalid. Review the available parameters
     # for the API request.
     #
@@ -1140,6 +1870,9 @@ module Aws::EKS
     #   The Fargate profile associated with the exception.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   @return [String]
+    #
     # @!attribute [rw] message
     #   @return [String]
     #
@@ -1149,6 +1882,7 @@ module Aws::EKS
       :cluster_name,
       :nodegroup_name,
       :fargate_profile_name,
+      :addon_name,
       :message)
       SENSITIVE = []
       include Aws::Structure
@@ -1165,6 +1899,9 @@ module Aws::EKS
     #   The Amazon EKS managed node group associated with the exception.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   @return [String]
+    #
     # @!attribute [rw] message
     #   @return [String]
     #
@@ -1173,6 +1910,7 @@ module Aws::EKS
     class InvalidRequestException < Struct.new(
       :cluster_name,
       :nodegroup_name,
+      :addon_name,
       :message)
       SENSITIVE = []
       include Aws::Structure
@@ -1183,16 +1921,21 @@ module Aws::EKS
     # @!attribute [rw] code
     #   A brief description of the error.
     #
+    #   * **AccessDenied**\: Amazon EKS or one or more of your managed nodes
+    #     is failing to authenticate or authorize with your Kubernetes
+    #     cluster API server.
+    #
+    #   * **AsgInstanceLaunchFailures**\: Your Auto Scaling group is
+    #     experiencing failures while attempting to launch instances.
+    #
     #   * **AutoScalingGroupNotFound**\: We couldn't find the Auto Scaling
     #     group associated with the managed node group. You may be able to
     #     recreate an Auto Scaling group with the same settings to recover.
     #
-    #   * **Ec2SecurityGroupNotFound**\: We couldn't find the cluster
-    #     security group for the cluster. You must recreate your cluster.
-    #
-    #   * **Ec2SecurityGroupDeletionFailure**\: We could not delete the
-    #     remote access security group for your managed node group. Remove
-    #     any dependencies from the security group.
+    #   * **ClusterUnreachable**\: Amazon EKS or one or more of your managed
+    #     nodes is unable to to communicate with your Kubernetes cluster API
+    #     server. This can happen if there are network disruptions or if API
+    #     servers are timing out processing requests.
     #
     #   * **Ec2LaunchTemplateNotFound**\: We couldn't find the Amazon EC2
     #     launch template for your managed node group. You may be able to
@@ -1203,6 +1946,13 @@ module Aws::EKS
     #     version that Amazon EKS created. You may be able to revert to the
     #     version that Amazon EKS created to recover.
     #
+    #   * **Ec2SecurityGroupDeletionFailure**\: We could not delete the
+    #     remote access security group for your managed node group. Remove
+    #     any dependencies from the security group.
+    #
+    #   * **Ec2SecurityGroupNotFound**\: We couldn't find the cluster
+    #     security group for the cluster. You must recreate your cluster.
+    #
     #   * **Ec2SubnetInvalidConfiguration**\: One or more Amazon EC2 subnets
     #     specified for a node group do not automatically assign public IP
     #     addresses to instances launched into it. If you want your
@@ -1219,28 +1969,22 @@ module Aws::EKS
     #     managed node group. You may be able to recreate an IAM role with
     #     the same settings to recover.
     #
-    #   * **AsgInstanceLaunchFailures**\: Your Auto Scaling group is
-    #     experiencing failures while attempting to launch instances.
-    #
-    #   * **NodeCreationFailure**\: Your launched instances are unable to
-    #     register with your Amazon EKS cluster. Common causes of this
-    #     failure are insufficient [worker node IAM role][2] permissions or
-    #     lack of outbound internet access for the nodes.
-    #
     #   * **InstanceLimitExceeded**\: Your AWS account is unable to launch
     #     any more instances of the specified instance type. You may be able
     #     to request an Amazon EC2 instance limit increase to recover.
     #
     #   * **InsufficientFreeAddresses**\: One or more of the subnets
     #     associated with your managed node group does not have enough
-    #     available IP addresses for new nodes.
-    #
-    #   * **AccessDenied**\: Amazon EKS or one or more of your managed nodes
-    #     is unable to communicate with your cluster API server.
+    #     available IP addresses for new nodes.
     #
     #   * **InternalFailure**\: These errors are usually caused by an Amazon
     #     EKS server-side issue.
     #
+    #   * **NodeCreationFailure**\: Your launched instances are unable to
+    #     register with your Amazon EKS cluster. Common causes of this
+    #     failure are insufficient [node IAM role][2] permissions or lack of
+    #     outbound internet access for the nodes.
+    #
     #
     #
     #   [1]: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html#subnet-public-ip
@@ -1306,10 +2050,11 @@ module Aws::EKS
     #
     # @!attribute [rw] service_ipv_4_cidr
     #   The CIDR block that Kubernetes service IP addresses are assigned
-    #   from. If you didn't specify a CIDR block, then Kubernetes assigns
-    #   addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR
-    #   blocks. If this was specified, then it was specified when the
-    #   cluster was created and it cannot be changed.
+    #   from. If you didn't specify a CIDR block when you created the
+    #   cluster, then Kubernetes assigns addresses from either the
+    #   10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. If this was specified,
+    #   then it was specified when the cluster was created and it cannot be
+    #   changed.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/KubernetesNetworkConfigResponse AWS API Documentation
@@ -1374,6 +2119,80 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass ListAddonsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "ClusterName", # required
+    #         max_results: 1,
+    #         next_token: "String",
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of add-on results returned by `ListAddonsRequest`
+    #   in paginated output. When you use this parameter,
+    #   `ListAddonsRequest` returns only `maxResults` results in a single
+    #   page along with a `nextToken` response element. You can see the
+    #   remaining results of the initial request by sending another
+    #   `ListAddonsRequest` request with the returned `nextToken` value.
+    #   This value can be between 1 and 100. If you don't use this
+    #   parameter, `ListAddonsRequest` returns up to 100 results and a
+    #   `nextToken` value, if applicable.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   The `nextToken` value returned from a previous paginated
+    #   `ListAddonsRequest` where `maxResults` was used and the results
+    #   exceeded the value of that parameter. Pagination continues from the
+    #   end of the previous results that returned the `nextToken` value.
+    #
+    #   <note markdown="1"> This token should be treated as an opaque identifier that is used
+    #   only to retrieve the next items in a list and not for other
+    #   programmatic purposes.
+    #
+    #    </note>
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/ListAddonsRequest AWS API Documentation
+    #
+    class ListAddonsRequest < Struct.new(
+      :cluster_name,
+      :max_results,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] addons
+    #   A list of available add-ons.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] next_token
+    #   The `nextToken` value returned from a previous paginated
+    #   `ListAddonsResponse` where `maxResults` was used and the results
+    #   exceeded the value of that parameter. Pagination continues from the
+    #   end of the previous results that returned the `nextToken` value.
+    #
+    #   <note markdown="1"> This token should be treated as an opaque identifier that is used
+    #   only to retrieve the next items in a list and not for other
+    #   programmatic purposes.
+    #
+    #    </note>
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/ListAddonsResponse AWS API Documentation
+    #
+    class ListAddonsResponse < Struct.new(
+      :addons,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass ListClustersRequest
     #   data as a hash:
     #
@@ -1502,6 +2321,71 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass ListIdentityProviderConfigsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "String", # required
+    #         max_results: 1,
+    #         next_token: "String",
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The cluster name that you want to list identity provider
+    #   configurations for.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of identity provider configurations returned by
+    #   `ListIdentityProviderConfigs` in paginated output. When you use this
+    #   parameter, `ListIdentityProviderConfigs` returns only `maxResults`
+    #   results in a single page along with a `nextToken` response element.
+    #   You can see the remaining results of the initial request by sending
+    #   another `ListIdentityProviderConfigs` request with the returned
+    #   `nextToken` value. This value can be between 1 and 100. If you
+    #   don't use this parameter, `ListIdentityProviderConfigs` returns up
+    #   to 100 results and a `nextToken` value, if applicable.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   The `nextToken` value returned from a previous paginated
+    #   `IdentityProviderConfigsRequest` where `maxResults` was used and the
+    #   results exceeded the value of that parameter. Pagination continues
+    #   from the end of the previous results that returned the `nextToken`
+    #   value.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/ListIdentityProviderConfigsRequest AWS API Documentation
+    #
+    class ListIdentityProviderConfigsRequest < Struct.new(
+      :cluster_name,
+      :max_results,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] identity_provider_configs
+    #   The identity provider configurations for the cluster.
+    #   @return [Array<Types::IdentityProviderConfig>]
+    #
+    # @!attribute [rw] next_token
+    #   The `nextToken` value returned from a previous paginated
+    #   `ListIdentityProviderConfigsResponse` where `maxResults` was used
+    #   and the results exceeded the value of that parameter. Pagination
+    #   continues from the end of the previous results that returned the
+    #   `nextToken` value.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/ListIdentityProviderConfigsResponse AWS API Documentation
+    #
+    class ListIdentityProviderConfigsResponse < Struct.new(
+      :identity_provider_configs,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass ListNodegroupsRequest
     #   data as a hash:
     #
@@ -1606,6 +2490,7 @@ module Aws::EKS
     #       {
     #         name: "String", # required
     #         nodegroup_name: "String",
+    #         addon_name: "String",
     #         next_token: "String",
     #         max_results: 1,
     #       }
@@ -1618,6 +2503,10 @@ module Aws::EKS
     #   The name of the Amazon EKS managed node group to list updates for.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   The names of the installed add-ons that have available updates.
+    #   @return [String]
+    #
     # @!attribute [rw] next_token
     #   The `nextToken` value returned from a previous paginated
     #   `ListUpdates` request where `maxResults` was used and the results
@@ -1641,6 +2530,7 @@ module Aws::EKS
     class ListUpdatesRequest < Struct.new(
       :name,
       :nodegroup_name,
+      :addon_name,
       :next_token,
       :max_results)
       SENSITIVE = []
@@ -1748,7 +2638,7 @@ module Aws::EKS
     #   If the node group was deployed using a launch template with a custom
     #   AMI, then this is the AMI ID that was specified in the launch
     #   template. For node groups that weren't deployed using a launch
-    #   template, this is the version of the Amazon EKS-optimized AMI that
+    #   template, this is the version of the Amazon EKS optimized AMI that
     #   the node group was deployed with.
     #   @return [String]
     #
@@ -1766,6 +2656,10 @@ module Aws::EKS
     #   The current status of the managed node group.
     #   @return [String]
     #
+    # @!attribute [rw] capacity_type
+    #   The capacity type of your managed node group.
+    #   @return [String]
+    #
     # @!attribute [rw] scaling_config
     #   The scaling configuration details for the Auto Scaling group that is
     #   associated with your node group.
@@ -1797,10 +2691,10 @@ module Aws::EKS
     #   @return [String]
     #
     # @!attribute [rw] node_role
-    #   The IAM role associated with your node group. The Amazon EKS worker
-    #   node `kubelet` daemon makes calls to AWS APIs on your behalf. Worker
-    #   nodes receive permissions for these API calls through an IAM
-    #   instance profile and associated policies.
+    #   The IAM role associated with your node group. The Amazon EKS node
+    #   `kubelet` daemon makes calls to AWS APIs on your behalf. Nodes
+    #   receive permissions for these API calls through an IAM instance
+    #   profile and associated policies.
     #   @return [String]
     #
     # @!attribute [rw] labels
@@ -1853,6 +2747,7 @@ module Aws::EKS
       :created_at,
       :modified_at,
       :status,
+      :capacity_type,
       :scaling_config,
       :instance_types,
       :subnets,
@@ -1892,7 +2787,7 @@ module Aws::EKS
     #
     # @!attribute [rw] remote_access_security_group
     #   The remote access security group associated with the node group.
-    #   This security group controls SSH access to the worker nodes.
+    #   This security group controls SSH access to the nodes.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/NodegroupResources AWS API Documentation
@@ -1919,19 +2814,24 @@ module Aws::EKS
     #       }
     #
     # @!attribute [rw] min_size
-    #   The minimum number of worker nodes that the managed node group can
-    #   scale in to. This number must be greater than zero.
+    #   The minimum number of nodes that the managed node group can scale in
+    #   to. This number must be greater than zero.
     #   @return [Integer]
     #
     # @!attribute [rw] max_size
-    #   The maximum number of worker nodes that the managed node group can
-    #   scale out to. Managed node groups can support up to 100 nodes by
-    #   default.
+    #   The maximum number of nodes that the managed node group can scale
+    #   out to. For information about the maximum number that you can
+    #   specify, see [Amazon EKS service quotas][1] in the *Amazon EKS User
+    #   Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html
     #   @return [Integer]
     #
     # @!attribute [rw] desired_size
-    #   The current number of worker nodes that the managed node group
-    #   should maintain.
+    #   The current number of nodes that the managed node group should
+    #   maintain.
     #   @return [Integer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/NodegroupScalingConfig AWS API Documentation
@@ -1958,15 +2858,15 @@ module Aws::EKS
       include Aws::Structure
     end
-    # An object representing the [OpenID Connect][1] identity provider
-    # information for the cluster.
+    # An object representing the [OpenID Connect][1] (OIDC) identity
+    # provider information for the cluster.
     #
     #
     #
     # [1]: https://openid.net/connect/
     #
     # @!attribute [rw] issuer
-    #   The issuer URL for the OpenID Connect identity provider.
+    #   The issuer URL for the OIDC identity provider.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/OIDC AWS API Documentation
@@ -1977,6 +2877,187 @@ module Aws::EKS
       include Aws::Structure
     end
+    # An object that represents the configuration for an OpenID Connect
+    # (OIDC) identity provider.
+    #
+    # @!attribute [rw] identity_provider_config_name
+    #   The name of the configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] identity_provider_config_arn
+    #   The ARN of the configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] cluster_name
+    #   The cluster that the configuration is associated to.
+    #   @return [String]
+    #
+    # @!attribute [rw] issuer_url
+    #   The URL of the OIDC identity provider that allows the API server to
+    #   discover public signing keys for verifying tokens.
+    #   @return [String]
+    #
+    # @!attribute [rw] client_id
+    #   This is also known as *audience*. The ID of the client application
+    #   that makes authentication requests to the OIDC identity provider.
+    #   @return [String]
+    #
+    # @!attribute [rw] username_claim
+    #   The JSON Web token (JWT) claim that is used as the username.
+    #   @return [String]
+    #
+    # @!attribute [rw] username_prefix
+    #   The prefix that is prepended to username claims to prevent clashes
+    #   with existing names. The prefix can't contain `system:`
+    #   @return [String]
+    #
+    # @!attribute [rw] groups_claim
+    #   The JSON web token (JWT) claim that the provider uses to return your
+    #   groups.
+    #   @return [String]
+    #
+    # @!attribute [rw] groups_prefix
+    #   The prefix that is prepended to group claims to prevent clashes with
+    #   existing names (such as `system:` groups). For example, the value`
+    #   oidc:` creates group names like `oidc:engineering` and `oidc:infra`.
+    #   The prefix can't contain `system:`
+    #   @return [String]
+    #
+    # @!attribute [rw] required_claims
+    #   The key-value pairs that describe required claims in the identity
+    #   token. If set, each claim is verified to be present in the token
+    #   with a matching value.
+    #   @return [Hash<String,String>]
+    #
+    # @!attribute [rw] tags
+    #   The metadata to apply to the provider configuration to assist with
+    #   categorization and organization. Each tag consists of a key and an
+    #   optional value, both of which you defined.
+    #   @return [Hash<String,String>]
+    #
+    # @!attribute [rw] status
+    #   The status of the OIDC identity provider.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/OidcIdentityProviderConfig AWS API Documentation
+    #
+    class OidcIdentityProviderConfig < Struct.new(
+      :identity_provider_config_name,
+      :identity_provider_config_arn,
+      :cluster_name,
+      :issuer_url,
+      :client_id,
+      :username_claim,
+      :username_prefix,
+      :groups_claim,
+      :groups_prefix,
+      :required_claims,
+      :tags,
+      :status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # An object representing an OpenID Connect (OIDC) configuration. Before
+    # associating an OIDC identity provider to your cluster, review the
+    # considerations in [Authenticating users for your cluster from an
+    # OpenID Connect identity provider][1] in the *Amazon EKS User Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/eks/latest/userguide/authenticate-oidc-identity-provider.html
+    #
+    # @note When making an API call, you may pass OidcIdentityProviderConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         identity_provider_config_name: "String", # required
+    #         issuer_url: "String", # required
+    #         client_id: "String", # required
+    #         username_claim: "String",
+    #         username_prefix: "String",
+    #         groups_claim: "String",
+    #         groups_prefix: "String",
+    #         required_claims: {
+    #           "requiredClaimsKey" => "requiredClaimsValue",
+    #         },
+    #       }
+    #
+    # @!attribute [rw] identity_provider_config_name
+    #   The name of the OIDC provider configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] issuer_url
+    #   The URL of the OpenID identity provider that allows the API server
+    #   to discover public signing keys for verifying tokens. The URL must
+    #   begin with `https://` and should correspond to the `iss` claim in
+    #   the provider's OIDC ID tokens. Per the OIDC standard, path
+    #   components are allowed but query parameters are not. Typically the
+    #   URL consists of only a hostname, like `https://server.example.org`
+    #   or `https://example.com`. This URL should point to the level below
+    #   `.well-known/openid-configuration` and must be publicly accessible
+    #   over the internet.
+    #   @return [String]
+    #
+    # @!attribute [rw] client_id
+    #   This is also known as *audience*. The ID for the client application
+    #   that makes authentication requests to the OpenID identity provider.
+    #   @return [String]
+    #
+    # @!attribute [rw] username_claim
+    #   The JSON Web Token (JWT) claim to use as the username. The default
+    #   is `sub`, which is expected to be a unique identifier of the end
+    #   user. You can choose other claims, such as `email` or `name`,
+    #   depending on the OpenID identity provider. Claims other than `email`
+    #   are prefixed with the issuer URL to prevent naming clashes with
+    #   other plug-ins.
+    #   @return [String]
+    #
+    # @!attribute [rw] username_prefix
+    #   The prefix that is prepended to username claims to prevent clashes
+    #   with existing names. If you do not provide this field, and
+    #   `username` is a value other than `email`, the prefix defaults to
+    #   `issuerurl#`. You can use the value `-` to disable all prefixing.
+    #   @return [String]
+    #
+    # @!attribute [rw] groups_claim
+    #   The JWT claim that the provider uses to return your groups.
+    #   @return [String]
+    #
+    # @!attribute [rw] groups_prefix
+    #   The prefix that is prepended to group claims to prevent clashes with
+    #   existing names (such as `system:` groups). For example, the value`
+    #   oidc:` will create group names like `oidc:engineering` and
+    #   `oidc:infra`.
+    #   @return [String]
+    #
+    # @!attribute [rw] required_claims
+    #   The key value pairs that describe required claims in the identity
+    #   token. If set, each claim is verified to be present in the token
+    #   with a matching value. For the maximum number of claims that you can
+    #   require, see [Amazon EKS service quotas][1] in the *Amazon EKS User
+    #   Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html
+    #   @return [Hash<String,String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/OidcIdentityProviderConfigRequest AWS API Documentation
+    #
+    class OidcIdentityProviderConfigRequest < Struct.new(
+      :identity_provider_config_name,
+      :issuer_url,
+      :client_id,
+      :username_claim,
+      :username_prefix,
+      :groups_claim,
+      :groups_prefix,
+      :required_claims)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # Identifies the AWS Key Management Service (AWS KMS) customer master
     # key (CMK) used to encrypt the secrets.
     #
@@ -2021,9 +3102,9 @@ module Aws::EKS
     #
     # @!attribute [rw] ec2_ssh_key
     #   The Amazon EC2 SSH key that provides access for SSH communication
-    #   with the worker nodes in the managed node group. For more
-    #   information, see [Amazon EC2 Key Pairs][1] in the *Amazon Elastic
-    #   Compute Cloud User Guide for Linux Instances*.
+    #   with the nodes in the managed node group. For more information, see
+    #   [Amazon EC2 Key Pairs][1] in the *Amazon Elastic Compute Cloud User
+    #   Guide for Linux Instances*.
     #
     #
     #
@@ -2032,11 +3113,11 @@ module Aws::EKS
     #
     # @!attribute [rw] source_security_groups
     #   The security groups that are allowed SSH access (port 22) to the
-    #   worker nodes. If you specify an Amazon EC2 SSH key but do not
-    #   specify a source security group when you create a managed node
-    #   group, then port 22 on the worker nodes is opened to the internet
-    #   (0.0.0.0/0). For more information, see [Security Groups for Your
-    #   VPC][1] in the *Amazon Virtual Private Cloud User Guide*.
+    #   nodes. If you specify an Amazon EC2 SSH key but do not specify a
+    #   source security group when you create a managed node group, then
+    #   port 22 on the nodes is opened to the internet (0.0.0.0/0). For more
+    #   information, see [Security Groups for Your VPC][1] in the *Amazon
+    #   Virtual Private Cloud User Guide*.
     #
     #
     #
@@ -2062,6 +3143,9 @@ module Aws::EKS
     #   The Amazon EKS managed node group associated with the exception.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   @return [String]
+    #
     # @!attribute [rw] message
     #   @return [String]
     #
@@ -2070,6 +3154,7 @@ module Aws::EKS
     class ResourceInUseException < Struct.new(
       :cluster_name,
       :nodegroup_name,
+      :addon_name,
       :message)
       SENSITIVE = []
       include Aws::Structure
@@ -2115,6 +3200,9 @@ module Aws::EKS
     #   The Fargate profile associated with the exception.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   @return [String]
+    #
     # @!attribute [rw] message
     #   @return [String]
     #
@@ -2124,6 +3212,7 @@ module Aws::EKS
       :cluster_name,
       :nodegroup_name,
       :fargate_profile_name,
+      :addon_name,
       :message)
       SENSITIVE = []
       include Aws::Structure
@@ -2139,6 +3228,9 @@ module Aws::EKS
     #   The Amazon EKS managed node group associated with the exception.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   @return [String]
+    #
     # @!attribute [rw] message
     #   @return [String]
     #
@@ -2147,6 +3239,7 @@ module Aws::EKS
     class ServerException < Struct.new(
       :cluster_name,
       :nodegroup_name,
+      :addon_name,
       :message)
       SENSITIVE = []
       include Aws::Structure
@@ -2302,6 +3395,99 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass UpdateAddonRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "ClusterName", # required
+    #         addon_name: "String", # required
+    #         addon_version: "String",
+    #         service_account_role_arn: "RoleArn",
+    #         resolve_conflicts: "OVERWRITE", # accepts OVERWRITE, NONE
+    #         client_request_token: "String",
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on. The name must match one of the names
+    #   returned by [ `ListAddons` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_version
+    #   The version of the add-on. The version must match one of the
+    #   versions returned by [ `DescribeAddonVersions` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonVersions.html
+    #   @return [String]
+    #
+    # @!attribute [rw] service_account_role_arn
+    #   The Amazon Resource Name (ARN) of an existing IAM role to bind to
+    #   the add-on's service account. The role must be assigned the IAM
+    #   permissions required by the add-on. If you don't specify an
+    #   existing IAM role, then the add-on uses the permissions assigned to
+    #   the node IAM role. For more information, see [Amazon EKS node IAM
+    #   role][1] in the *Amazon EKS User Guide*.
+    #
+    #   <note markdown="1"> To specify an existing IAM role, you must have an IAM OpenID Connect
+    #   (OIDC) provider created for your cluster. For more information, see
+    #   [Enabling IAM roles for service accounts on your cluster][2] in the
+    #   *Amazon EKS User Guide*.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html
+    #   [2]: https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html
+    #   @return [String]
+    #
+    # @!attribute [rw] resolve_conflicts
+    #   How to resolve parameter value conflicts when applying the new
+    #   version of the add-on to the cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] client_request_token
+    #   Unique, case-sensitive identifier that you provide to ensure the
+    #   idempotency of the request.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/UpdateAddonRequest AWS API Documentation
+    #
+    class UpdateAddonRequest < Struct.new(
+      :cluster_name,
+      :addon_name,
+      :addon_version,
+      :service_account_role_arn,
+      :resolve_conflicts,
+      :client_request_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] update
+    #   An object representing an asynchronous update.
+    #   @return [Types::Update]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/UpdateAddonResponse AWS API Documentation
+    #
+    class UpdateAddonResponse < Struct.new(
+      :update)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass UpdateClusterConfigRequest
     #   data as a hash:
     #
@@ -2575,15 +3761,15 @@ module Aws::EKS
     #   @return [String]
     #
     # @!attribute [rw] release_version
-    #   The AMI version of the Amazon EKS-optimized AMI to use for the
+    #   The AMI version of the Amazon EKS optimized AMI to use for the
     #   update. By default, the latest available AMI version for the node
     #   group's Kubernetes version is used. For more information, see
-    #   [Amazon EKS-Optimized Linux AMI Versions ][1] in the *Amazon EKS
-    #   User Guide*. If you specify `launchTemplate`, and your launch
-    #   template uses a custom AMI, then don't specify `releaseVersion`, or
-    #   the node group update will fail. For more information about using
-    #   launch templates with Amazon EKS, see [Launch template support][2]
-    #   in the Amazon EKS User Guide.
+    #   [Amazon EKS optimized Amazon Linux 2 AMI versions ][1] in the
+    #   *Amazon EKS User Guide*. If you specify `launchTemplate`, and your
+    #   launch template uses a custom AMI, then don't specify
+    #   `releaseVersion`, or the node group update will fail. For more
+    #   information about using launch templates with Amazon EKS, see
+    #   [Launch template support][2] in the Amazon EKS User Guide.
     #
     #
     #
@@ -2674,18 +3860,29 @@ module Aws::EKS
     #       }
     #
     # @!attribute [rw] subnet_ids
-    #   Specify subnets for your Amazon EKS worker nodes. Amazon EKS creates
+    #   Specify subnets for your Amazon EKS nodes. Amazon EKS creates
     #   cross-account elastic network interfaces in these subnets to allow
-    #   communication between your worker nodes and the Kubernetes control
-    #   plane.
+    #   communication between your nodes and the Kubernetes control plane.
     #   @return [Array<String>]
     #
     # @!attribute [rw] security_group_ids
     #   Specify one or more security groups for the cross-account elastic
     #   network interfaces that Amazon EKS creates to use to allow
-    #   communication between your worker nodes and the Kubernetes control
-    #   plane. If you don't specify a security group, the default security
-    #   group for your VPC is used.
+    #   communication between your nodes and the Kubernetes control plane.
+    #   If you don't specify any security groups, then familiarize yourself
+    #   with the difference between Amazon EKS defaults for clusters
+    #   deployed with Kubernetes:
+    #
+    #   * 1\.14 Amazon EKS platform version `eks.2` and earlier
+    #
+    #   * 1\.14 Amazon EKS platform version `eks.3` and later
+    #
+    #   For more information, see [Amazon EKS security group
+    #   considerations][1] in the <i> <i>Amazon EKS User Guide</i> </i>.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html
     #   @return [Array<String>]
     #
     # @!attribute [rw] endpoint_public_access
@@ -2708,12 +3905,12 @@ module Aws::EKS
     #   access, Kubernetes API requests from within your cluster's VPC use
     #   the private VPC endpoint. The default value for this parameter is
     #   `false`, which disables private access for your Kubernetes API
-    #   server. If you disable private access and you have worker nodes or
-    #   AWS Fargate pods in the cluster, then ensure that
-    #   `publicAccessCidrs` includes the necessary CIDR blocks for
-    #   communication with the worker nodes or Fargate pods. For more
-    #   information, see [Amazon EKS Cluster Endpoint Access Control][1] in
-    #   the <i> <i>Amazon EKS User Guide</i> </i>.
+    #   server. If you disable private access and you have nodes or AWS
+    #   Fargate pods in the cluster, then ensure that `publicAccessCidrs`
+    #   includes the necessary CIDR blocks for communication with the nodes
+    #   or Fargate pods. For more information, see [Amazon EKS Cluster
+    #   Endpoint Access Control][1] in the <i> <i>Amazon EKS User Guide</i>
+    #   </i>.
     #
     #
     #
@@ -2725,8 +3922,8 @@ module Aws::EKS
     #   Kubernetes API server endpoint. Communication to the endpoint from
     #   addresses outside of the CIDR blocks that you specify is denied. The
     #   default value is `0.0.0.0/0`. If you've disabled private endpoint
-    #   access and you have worker nodes or AWS Fargate pods in the cluster,
-    #   then ensure that you specify the necessary CIDR blocks. For more
+    #   access and you have nodes or AWS Fargate pods in the cluster, then
+    #   ensure that you specify the necessary CIDR blocks. For more
     #   information, see [Amazon EKS Cluster Endpoint Access Control][1] in
     #   the <i> <i>Amazon EKS User Guide</i> </i>.
     #
@@ -2757,7 +3954,7 @@ module Aws::EKS
     # @!attribute [rw] security_group_ids
     #   The security groups associated with the cross-account elastic
     #   network interfaces that are used to allow communication between your
-    #   worker nodes and the Kubernetes control plane.
+    #   nodes and the Kubernetes control plane.
     #   @return [Array<String>]
     #
     # @!attribute [rw] cluster_security_group_id
@@ -2782,12 +3979,12 @@ module Aws::EKS
     #   endpoint is enabled. If the Amazon EKS private API server endpoint
     #   is enabled, Kubernetes API requests that originate from within your
     #   cluster's VPC use the private VPC endpoint instead of traversing
-    #   the internet. If this value is disabled and you have worker nodes or
-    #   AWS Fargate pods in the cluster, then ensure that
-    #   `publicAccessCidrs` includes the necessary CIDR blocks for
-    #   communication with the worker nodes or Fargate pods. For more
-    #   information, see [Amazon EKS Cluster Endpoint Access Control][1] in
-    #   the <i> <i>Amazon EKS User Guide</i> </i>.
+    #   the internet. If this value is disabled and you have nodes or AWS
+    #   Fargate pods in the cluster, then ensure that `publicAccessCidrs`
+    #   includes the necessary CIDR blocks for communication with the nodes
+    #   or Fargate pods. For more information, see [Amazon EKS Cluster
+    #   Endpoint Access Control][1] in the <i> <i>Amazon EKS User Guide</i>
+    #   </i>.
     #
     #
     #
@@ -2799,10 +3996,10 @@ module Aws::EKS
     #   Kubernetes API server endpoint. Communication to the endpoint from
     #   addresses outside of the listed CIDR blocks is denied. The default
     #   value is `0.0.0.0/0`. If you've disabled private endpoint access
-    #   and you have worker nodes or AWS Fargate pods in the cluster, then
-    #   ensure that the necessary CIDR blocks are listed. For more
-    #   information, see [Amazon EKS Cluster Endpoint Access Control][1] in
-    #   the <i> <i>Amazon EKS User Guide</i> </i>.
+    #   and you have nodes or AWS Fargate pods in the cluster, then ensure
+    #   that the necessary CIDR blocks are listed. For more information, see
+    #   [Amazon EKS Cluster Endpoint Access Control][1] in the <i> <i>Amazon
+    #   EKS User Guide</i> </i>.
     #
     #
     #