RubyGems - aws-sdk-eks - Versions diffs - 1.45.0 → 1.50.0 - Mend

aws-sdk-eks 1.45.0 → 1.50.0

Files changed (8) hide show

checksums.yaml +4 -4
data/lib/aws-sdk-eks.rb +2 -2
data/lib/aws-sdk-eks/client.rb +850 -92
data/lib/aws-sdk-eks/client_api.rb +400 -0
data/lib/aws-sdk-eks/errors.rb +30 -0
data/lib/aws-sdk-eks/types.rb +1312 -115
data/lib/aws-sdk-eks/waiters.rb +89 -0
metadata +4 -4

data/lib/aws-sdk-eks/errors.rb CHANGED Viewed

@@ -79,6 +79,11 @@ module Aws::EKS
         @data[:nodegroup_name]
       end
+      # @return [String]
+      def addon_name
+        @data[:addon_name]
+      end
       # @return [String]
       def message
         @message || @data[:message]
@@ -109,6 +114,11 @@ module Aws::EKS
         @data[:fargate_profile_name]
       end
+      # @return [String]
+      def addon_name
+        @data[:addon_name]
+      end
       # @return [String]
       def message
         @message || @data[:message]
@@ -134,6 +144,11 @@ module Aws::EKS
         @data[:nodegroup_name]
       end
+      # @return [String]
+      def addon_name
+        @data[:addon_name]
+      end
       # @return [String]
       def message
         @message || @data[:message]
@@ -174,6 +189,11 @@ module Aws::EKS
         @data[:nodegroup_name]
       end
+      # @return [String]
+      def addon_name
+        @data[:addon_name]
+      end
       # @return [String]
       def message
         @message || @data[:message]
@@ -229,6 +249,11 @@ module Aws::EKS
         @data[:fargate_profile_name]
       end
+      # @return [String]
+      def addon_name
+        @data[:addon_name]
+      end
       # @return [String]
       def message
         @message || @data[:message]
@@ -254,6 +279,11 @@ module Aws::EKS
         @data[:nodegroup_name]
       end
+      # @return [String]
+      def addon_name
+        @data[:addon_name]
+      end
       # @return [String]
       def message
         @message || @data[:message]

data/lib/aws-sdk-eks/types.rb CHANGED Viewed

@@ -10,6 +10,286 @@
 module Aws::EKS
   module Types
+    # An Amazon EKS add-on.
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] status
+    #   The status of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_version
+    #   The version of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] health
+    #   An object that represents the health of the add-on.
+    #   @return [Types::AddonHealth]
+    #
+    # @!attribute [rw] addon_arn
+    #   The Amazon Resource Name (ARN) of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] created_at
+    #   The date and time that the add-on was created.
+    #   @return [Time]
+    #
+    # @!attribute [rw] modified_at
+    #   The date and time that the add-on was last modified.
+    #   @return [Time]
+    #
+    # @!attribute [rw] service_account_role_arn
+    #   The Amazon Resource Name (ARN) of the IAM role that is bound to the
+    #   Kubernetes service account used by the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] tags
+    #   The metadata that you apply to the cluster to assist with
+    #   categorization and organization. Each tag consists of a key and an
+    #   optional value, both of which you define. Cluster tags do not
+    #   propagate to any other resources associated with the cluster.
+    #   @return [Hash<String,String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/Addon AWS API Documentation
+    #
+    class Addon < Struct.new(
+      :addon_name,
+      :cluster_name,
+      :status,
+      :addon_version,
+      :health,
+      :addon_arn,
+      :created_at,
+      :modified_at,
+      :service_account_role_arn,
+      :tags)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # The health of the add-on.
+    #
+    # @!attribute [rw] issues
+    #   An object that represents the add-on's health issues.
+    #   @return [Array<Types::AddonIssue>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AddonHealth AWS API Documentation
+    #
+    class AddonHealth < Struct.new(
+      :issues)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Information about an add-on.
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] type
+    #   The type of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_versions
+    #   An object that represents information about available add-on
+    #   versions and compatible Kubernetes versions.
+    #   @return [Array<Types::AddonVersionInfo>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AddonInfo AWS API Documentation
+    #
+    class AddonInfo < Struct.new(
+      :addon_name,
+      :type,
+      :addon_versions)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # An issue related to an add-on.
+    #
+    # @!attribute [rw] code
+    #   A code that describes the type of issue.
+    #   @return [String]
+    #
+    # @!attribute [rw] message
+    #   A message that provides details about the issue and what might cause
+    #   it.
+    #   @return [String]
+    #
+    # @!attribute [rw] resource_ids
+    #   The resource IDs of the issue.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AddonIssue AWS API Documentation
+    #
+    class AddonIssue < Struct.new(
+      :code,
+      :message,
+      :resource_ids)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Information about an add-on version.
+    #
+    # @!attribute [rw] addon_version
+    #   The version of the add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] architecture
+    #   The architectures that the version supports.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] compatibilities
+    #   An object that represents the compatibilities of a version.
+    #   @return [Array<Types::Compatibility>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AddonVersionInfo AWS API Documentation
+    #
+    class AddonVersionInfo < Struct.new(
+      :addon_version,
+      :architecture,
+      :compatibilities)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @note When making an API call, you may pass AssociateEncryptionConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "String", # required
+    #         encryption_config: [ # required
+    #           {
+    #             resources: ["String"],
+    #             provider: {
+    #               key_arn: "String",
+    #             },
+    #           },
+    #         ],
+    #         client_request_token: "String",
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster that you are associating with encryption
+    #   configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] encryption_config
+    #   The configuration you are using for encryption.
+    #   @return [Array<Types::EncryptionConfig>]
+    #
+    # @!attribute [rw] client_request_token
+    #   The client request token you are using with the encryption
+    #   configuration.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AssociateEncryptionConfigRequest AWS API Documentation
+    #
+    class AssociateEncryptionConfigRequest < Struct.new(
+      :cluster_name,
+      :encryption_config,
+      :client_request_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] update
+    #   An object representing an asynchronous update.
+    #   @return [Types::Update]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AssociateEncryptionConfigResponse AWS API Documentation
+    #
+    class AssociateEncryptionConfigResponse < Struct.new(
+      :update)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @note When making an API call, you may pass AssociateIdentityProviderConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "String", # required
+    #         oidc: { # required
+    #           identity_provider_config_name: "String", # required
+    #           issuer_url: "String", # required
+    #           client_id: "String", # required
+    #           username_claim: "String",
+    #           username_prefix: "String",
+    #           groups_claim: "String",
+    #           groups_prefix: "String",
+    #           required_claims: {
+    #             "requiredClaimsKey" => "requiredClaimsValue",
+    #           },
+    #         },
+    #         tags: {
+    #           "TagKey" => "TagValue",
+    #         },
+    #         client_request_token: "String",
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster to associate the configuration to.
+    #   @return [String]
+    #
+    # @!attribute [rw] oidc
+    #   An object that represents an OpenID Connect (OIDC) identity provider
+    #   configuration.
+    #   @return [Types::OidcIdentityProviderConfigRequest]
+    #
+    # @!attribute [rw] tags
+    #   The metadata to apply to the configuration to assist with
+    #   categorization and organization. Each tag consists of a key and an
+    #   optional value, both of which you define.
+    #   @return [Hash<String,String>]
+    #
+    # @!attribute [rw] client_request_token
+    #   Unique, case-sensitive identifier that you provide to ensure the
+    #   idempotency of the request.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AssociateIdentityProviderConfigRequest AWS API Documentation
+    #
+    class AssociateIdentityProviderConfigRequest < Struct.new(
+      :cluster_name,
+      :oidc,
+      :tags,
+      :client_request_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] update
+    #   An object representing an asynchronous update.
+    #   @return [Types::Update]
+    #
+    # @!attribute [rw] tags
+    #   The tags for the resource.
+    #   @return [Hash<String,String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/AssociateIdentityProviderConfigResponse AWS API Documentation
+    #
+    class AssociateIdentityProviderConfigResponse < Struct.new(
+      :update,
+      :tags)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # An Auto Scaling group that is associated with an Amazon EKS managed
     # node group.
     #
@@ -71,6 +351,9 @@ module Aws::EKS
     #   The Amazon EKS managed node group associated with the exception.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   @return [String]
+    #
     # @!attribute [rw] message
     #   @return [String]
     #
@@ -79,6 +362,7 @@ module Aws::EKS
     class ClientException < Struct.new(
       :cluster_name,
       :nodegroup_name,
+      :addon_name,
       :message)
       SENSITIVE = []
       include Aws::Structure
@@ -127,7 +411,7 @@ module Aws::EKS
     #   @return [Types::VpcConfigResponse]
     #
     # @!attribute [rw] kubernetes_network_config
-    #   Network configuration settings for your cluster.
+    #   The Kubernetes network configuration for the cluster.
     #   @return [Types::KubernetesNetworkConfigResponse]
     #
     # @!attribute [rw] logging
@@ -195,6 +479,133 @@ module Aws::EKS
       include Aws::Structure
     end
+    # Compatibility information.
+    #
+    # @!attribute [rw] cluster_version
+    #   The supported Kubernetes version of the cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] platform_versions
+    #   The supported compute platform.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] default_version
+    #   The supported default version.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/Compatibility AWS API Documentation
+    #
+    class Compatibility < Struct.new(
+      :cluster_version,
+      :platform_versions,
+      :default_version)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @note When making an API call, you may pass CreateAddonRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "ClusterName", # required
+    #         addon_name: "String", # required
+    #         addon_version: "String",
+    #         service_account_role_arn: "RoleArn",
+    #         resolve_conflicts: "OVERWRITE", # accepts OVERWRITE, NONE
+    #         client_request_token: "String",
+    #         tags: {
+    #           "TagKey" => "TagValue",
+    #         },
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster to create the add-on for.
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on. The name must match one of the names
+    #   returned by [ `ListAddons` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_version
+    #   The version of the add-on. The version must match one of the
+    #   versions returned by [ `DescribeAddonVersions` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonVersions.html
+    #   @return [String]
+    #
+    # @!attribute [rw] service_account_role_arn
+    #   The Amazon Resource Name (ARN) of an existing IAM role to bind to
+    #   the add-on's service account. The role must be assigned the IAM
+    #   permissions required by the add-on. If you don't specify an
+    #   existing IAM role, then the add-on uses the permissions assigned to
+    #   the node IAM role. For more information, see [Amazon EKS node IAM
+    #   role][1] in the *Amazon EKS User Guide*.
+    #
+    #   <note markdown="1"> To specify an existing IAM role, you must have an IAM OpenID Connect
+    #   (OIDC) provider created for your cluster. For more information, see
+    #   [Enabling IAM roles for service accounts on your cluster][2] in the
+    #   *Amazon EKS User Guide*.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html
+    #   [2]: https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html
+    #   @return [String]
+    #
+    # @!attribute [rw] resolve_conflicts
+    #   How to resolve parameter value conflicts when migrating an existing
+    #   add-on to an Amazon EKS add-on.
+    #   @return [String]
+    #
+    # @!attribute [rw] client_request_token
+    #   A unique, case-sensitive identifier that you provide to ensure the
+    #   idempotency of the request.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #   @return [String]
+    #
+    # @!attribute [rw] tags
+    #   The metadata to apply to the cluster to assist with categorization
+    #   and organization. Each tag consists of a key and an optional value,
+    #   both of which you define.
+    #   @return [Hash<String,String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/CreateAddonRequest AWS API Documentation
+    #
+    class CreateAddonRequest < Struct.new(
+      :cluster_name,
+      :addon_name,
+      :addon_version,
+      :service_account_role_arn,
+      :resolve_conflicts,
+      :client_request_token,
+      :tags)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] addon
+    #   An Amazon EKS add-on.
+    #   @return [Types::Addon]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/CreateAddonResponse AWS API Documentation
+    #
+    class CreateAddonResponse < Struct.new(
+      :addon)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass CreateClusterRequest
     #   data as a hash:
     #
@@ -470,6 +881,7 @@ module Aws::EKS
     #           version: "String",
     #           id: "String",
     #         },
+    #         capacity_type: "ON_DEMAND", # accepts ON_DEMAND, SPOT
     #         version: "String",
     #         release_version: "String",
     #       }
@@ -516,25 +928,31 @@ module Aws::EKS
     #   @return [Array<String>]
     #
     # @!attribute [rw] instance_types
-    #   The instance type to use for your node group. You can specify a
-    #   single instance type for a node group. The default value for
-    #   `instanceTypes` is `t3.medium`. If you choose a GPU instance type,
-    #   be sure to specify `AL2_x86_64_GPU` with the `amiType` parameter. If
-    #   you specify `launchTemplate`, then don't specify `instanceTypes`,
-    #   or the node group deployment will fail. For more information about
-    #   using launch templates with Amazon EKS, see [Launch template
-    #   support][1] in the Amazon EKS User Guide.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html
+    #   Specify the instance types for a node group. If you specify a GPU
+    #   instance type, be sure to specify `AL2_x86_64_GPU` with the
+    #   `amiType` parameter. If you specify `launchTemplate`, then you can
+    #   specify zero or one instance type in your launch template *or* you
+    #   can specify 0-20 instance types for `instanceTypes`. If however, you
+    #   specify an instance type in your launch template *and* specify any
+    #   `instanceTypes`, the node group deployment will fail. If you don't
+    #   specify an instance type in a launch template or for
+    #   `instanceTypes`, then `t3.medium` is used, by default. If you
+    #   specify `Spot` for `capacityType`, then we recommend specifying
+    #   multiple values for `instanceTypes`. For more information, see
+    #   [Managed node group capacity types][1] and [Launch template
+    #   support][2] in the *Amazon EKS User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types
+    #   [2]: https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html
     #   @return [Array<String>]
     #
     # @!attribute [rw] ami_type
     #   The AMI type for your node group. GPU instance types should use the
     #   `AL2_x86_64_GPU` AMI type. Non-GPU instances should use the
     #   `AL2_x86_64` AMI type. Arm instances should use the `AL2_ARM_64` AMI
-    #   type. All types use the Amazon EKS-optimized Amazon Linux 2 AMI. If
+    #   type. All types use the Amazon EKS optimized Amazon Linux 2 AMI. If
     #   you specify `launchTemplate`, and your launch template uses a custom
     #   AMI, then don't specify `amiType`, or the node group deployment
     #   will fail. For more information about using launch templates with
@@ -561,17 +979,16 @@ module Aws::EKS
     # @!attribute [rw] node_role
     #   The Amazon Resource Name (ARN) of the IAM role to associate with
     #   your node group. The Amazon EKS worker node `kubelet` daemon makes
-    #   calls to AWS APIs on your behalf. Worker nodes receive permissions
-    #   for these API calls through an IAM instance profile and associated
-    #   policies. Before you can launch worker nodes and register them into
-    #   a cluster, you must create an IAM role for those worker nodes to use
-    #   when they are launched. For more information, see [Amazon EKS Worker
-    #   Node IAM Role][1] in the <i> <i>Amazon EKS User Guide</i> </i>. If
-    #   you specify `launchTemplate`, then don't specify [
-    #   `IamInstanceProfile` ][2] in your launch template, or the node group
-    #   deployment will fail. For more information about using launch
-    #   templates with Amazon EKS, see [Launch template support][3] in the
-    #   Amazon EKS User Guide.
+    #   calls to AWS APIs on your behalf. Nodes receive permissions for
+    #   these API calls through an IAM instance profile and associated
+    #   policies. Before you can launch nodes and register them into a
+    #   cluster, you must create an IAM role for those nodes to use when
+    #   they are launched. For more information, see [Amazon EKS node IAM
+    #   role][1] in the <i> <i>Amazon EKS User Guide</i> </i>. If you
+    #   specify `launchTemplate`, then don't specify [ `IamInstanceProfile`
+    #   ][2] in your launch template, or the node group deployment will
+    #   fail. For more information about using launch templates with Amazon
+    #   EKS, see [Launch template support][3] in the Amazon EKS User Guide.
     #
     #
     #
@@ -608,6 +1025,10 @@ module Aws::EKS
     #   meets the requirements in `launchTemplateSpecification`.
     #   @return [Types::LaunchTemplateSpecification]
     #
+    # @!attribute [rw] capacity_type
+    #   The capacity type for your node group.
+    #   @return [String]
+    #
     # @!attribute [rw] version
     #   The Kubernetes version to use for your managed nodes. By default,
     #   the Kubernetes version of the cluster is used, and this is the only
@@ -623,15 +1044,15 @@ module Aws::EKS
     #   @return [String]
     #
     # @!attribute [rw] release_version
-    #   The AMI version of the Amazon EKS-optimized AMI to use with your
+    #   The AMI version of the Amazon EKS optimized AMI to use with your
     #   node group. By default, the latest available AMI version for the
     #   node group's current Kubernetes version is used. For more
-    #   information, see [Amazon EKS-Optimized Linux AMI Versions][1] in the
-    #   *Amazon EKS User Guide*. If you specify `launchTemplate`, and your
-    #   launch template uses a custom AMI, then don't specify
-    #   `releaseVersion`, or the node group deployment will fail. For more
-    #   information about using launch templates with Amazon EKS, see
-    #   [Launch template support][2] in the Amazon EKS User Guide.
+    #   information, see [Amazon EKS optimized Amazon Linux 2 AMI
+    #   versions][1] in the *Amazon EKS User Guide*. If you specify
+    #   `launchTemplate`, and your launch template uses a custom AMI, then
+    #   don't specify `releaseVersion`, or the node group deployment will
+    #   fail. For more information about using launch templates with Amazon
+    #   EKS, see [Launch template support][2] in the Amazon EKS User Guide.
     #
     #
     #
@@ -655,6 +1076,7 @@ module Aws::EKS
       :tags,
       :client_request_token,
       :launch_template,
+      :capacity_type,
       :version,
       :release_version)
       SENSITIVE = []
@@ -673,6 +1095,48 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass DeleteAddonRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "ClusterName", # required
+    #         addon_name: "String", # required
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster to delete the add-on from.
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on. The name must match one of the names
+    #   returned by [ `ListAddons` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DeleteAddonRequest AWS API Documentation
+    #
+    class DeleteAddonRequest < Struct.new(
+      :cluster_name,
+      :addon_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] addon
+    #   An Amazon EKS add-on.
+    #   @return [Types::Addon]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DeleteAddonResponse AWS API Documentation
+    #
+    class DeleteAddonResponse < Struct.new(
+      :addon)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass DeleteClusterRequest
     #   data as a hash:
     #
@@ -780,6 +1244,128 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass DescribeAddonRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "ClusterName", # required
+    #         addon_name: "String", # required
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on. The name must match one of the names
+    #   returned by [ `ListAddons` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeAddonRequest AWS API Documentation
+    #
+    class DescribeAddonRequest < Struct.new(
+      :cluster_name,
+      :addon_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] addon
+    #   An Amazon EKS add-on.
+    #   @return [Types::Addon]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeAddonResponse AWS API Documentation
+    #
+    class DescribeAddonResponse < Struct.new(
+      :addon)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @note When making an API call, you may pass DescribeAddonVersionsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         kubernetes_version: "String",
+    #         max_results: 1,
+    #         next_token: "String",
+    #         addon_name: "String",
+    #       }
+    #
+    # @!attribute [rw] kubernetes_version
+    #   The Kubernetes versions that the add-on can be used with.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of results to return.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   The `nextToken` value returned from a previous paginated
+    #   `DescribeAddonVersionsRequest` where `maxResults` was used and the
+    #   results exceeded the value of that parameter. Pagination continues
+    #   from the end of the previous results that returned the `nextToken`
+    #   value.
+    #
+    #   <note markdown="1"> This token should be treated as an opaque identifier that is used
+    #   only to retrieve the next items in a list and not for other
+    #   programmatic purposes.
+    #
+    #    </note>
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on. The name must match one of the names
+    #   returned by [ `ListAddons` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeAddonVersionsRequest AWS API Documentation
+    #
+    class DescribeAddonVersionsRequest < Struct.new(
+      :kubernetes_version,
+      :max_results,
+      :next_token,
+      :addon_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] addons
+    #   The list of available versions with Kubernetes version
+    #   compatibility.
+    #   @return [Array<Types::AddonInfo>]
+    #
+    # @!attribute [rw] next_token
+    #   The `nextToken` value returned from a previous paginated
+    #   `DescribeAddonVersionsResponse` where `maxResults` was used and the
+    #   results exceeded the value of that parameter. Pagination continues
+    #   from the end of the previous results that returned the `nextToken`
+    #   value.
+    #
+    #   <note markdown="1"> This token should be treated as an opaque identifier that is used
+    #   only to retrieve the next items in a list and not for other
+    #   programmatic purposes.
+    #
+    #    </note>
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeAddonVersionsResponse AWS API Documentation
+    #
+    class DescribeAddonVersionsResponse < Struct.new(
+      :addons,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass DescribeClusterRequest
     #   data as a hash:
     #
@@ -849,6 +1435,48 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass DescribeIdentityProviderConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "String", # required
+    #         identity_provider_config: { # required
+    #           type: "String", # required
+    #           name: "String", # required
+    #         },
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The cluster name that the identity provider configuration is
+    #   associated to.
+    #   @return [String]
+    #
+    # @!attribute [rw] identity_provider_config
+    #   An object that represents an identity provider configuration.
+    #   @return [Types::IdentityProviderConfig]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeIdentityProviderConfigRequest AWS API Documentation
+    #
+    class DescribeIdentityProviderConfigRequest < Struct.new(
+      :cluster_name,
+      :identity_provider_config)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] identity_provider_config
+    #   The object that represents an OpenID Connect (OIDC) identity
+    #   provider configuration.
+    #   @return [Types::IdentityProviderConfigResponse]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeIdentityProviderConfigResponse AWS API Documentation
+    #
+    class DescribeIdentityProviderConfigResponse < Struct.new(
+      :identity_provider_config)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass DescribeNodegroupRequest
     #   data as a hash:
     #
@@ -893,6 +1521,7 @@ module Aws::EKS
     #         name: "String", # required
     #         update_id: "String", # required
     #         nodegroup_name: "String",
+    #         addon_name: "String",
     #       }
     #
     # @!attribute [rw] name
@@ -907,12 +1536,22 @@ module Aws::EKS
     #   The name of the Amazon EKS node group associated with the update.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on. The name must match one of the names
+    #   returned by [ `ListAddons` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeUpdateRequest AWS API Documentation
     #
     class DescribeUpdateRequest < Struct.new(
       :name,
       :update_id,
-      :nodegroup_name)
+      :nodegroup_name,
+      :addon_name)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -929,6 +1568,56 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass DisassociateIdentityProviderConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "String", # required
+    #         identity_provider_config: { # required
+    #           type: "String", # required
+    #           name: "String", # required
+    #         },
+    #         client_request_token: "String",
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster to disassociate an identity provider from.
+    #   @return [String]
+    #
+    # @!attribute [rw] identity_provider_config
+    #   An object that represents an identity provider configuration.
+    #   @return [Types::IdentityProviderConfig]
+    #
+    # @!attribute [rw] client_request_token
+    #   A unique, case-sensitive identifier that you provide to ensure the
+    #   idempotency of the request.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DisassociateIdentityProviderConfigRequest AWS API Documentation
+    #
+    class DisassociateIdentityProviderConfigRequest < Struct.new(
+      :cluster_name,
+      :identity_provider_config,
+      :client_request_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] update
+    #   An object representing an asynchronous update.
+    #   @return [Types::Update]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DisassociateIdentityProviderConfigResponse AWS API Documentation
+    #
+    class DisassociateIdentityProviderConfigResponse < Struct.new(
+      :update)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # The encryption configuration for the cluster.
     #
     # @note When making an API call, you may pass EncryptionConfig
@@ -1105,12 +1794,11 @@ module Aws::EKS
       include Aws::Structure
     end
-    # An object representing an identity provider for authentication
-    # credentials.
+    # An object representing an identity provider.
     #
     # @!attribute [rw] oidc
-    #   The [OpenID Connect][1] identity provider information for the
-    #   cluster.
+    #   An object representing the [OpenID Connect][1] identity provider
+    #   information.
     #
     #
     #
@@ -1125,6 +1813,48 @@ module Aws::EKS
       include Aws::Structure
     end
+    # An object representing an identity provider configuration.
+    #
+    # @note When making an API call, you may pass IdentityProviderConfig
+    #   data as a hash:
+    #
+    #       {
+    #         type: "String", # required
+    #         name: "String", # required
+    #       }
+    #
+    # @!attribute [rw] type
+    #   The type of the identity provider configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name of the identity provider configuration.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/IdentityProviderConfig AWS API Documentation
+    #
+    class IdentityProviderConfig < Struct.new(
+      :type,
+      :name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # An object that represents an identity configuration.
+    #
+    # @!attribute [rw] oidc
+    #   An object that represents an OpenID Connect (OIDC) identity provider
+    #   configuration.
+    #   @return [Types::OidcIdentityProviderConfig]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/IdentityProviderConfigResponse AWS API Documentation
+    #
+    class IdentityProviderConfigResponse < Struct.new(
+      :oidc)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # The specified parameter is invalid. Review the available parameters
     # for the API request.
     #
@@ -1140,6 +1870,9 @@ module Aws::EKS
     #   The Fargate profile associated with the exception.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   @return [String]
+    #
     # @!attribute [rw] message
     #   @return [String]
     #
@@ -1149,6 +1882,7 @@ module Aws::EKS
       :cluster_name,
       :nodegroup_name,
       :fargate_profile_name,
+      :addon_name,
       :message)
       SENSITIVE = []
       include Aws::Structure
@@ -1165,6 +1899,9 @@ module Aws::EKS
     #   The Amazon EKS managed node group associated with the exception.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   @return [String]
+    #
     # @!attribute [rw] message
     #   @return [String]
     #
@@ -1173,6 +1910,7 @@ module Aws::EKS
     class InvalidRequestException < Struct.new(
       :cluster_name,
       :nodegroup_name,
+      :addon_name,
       :message)
       SENSITIVE = []
       include Aws::Structure
@@ -1183,16 +1921,21 @@ module Aws::EKS
     # @!attribute [rw] code
     #   A brief description of the error.
     #
+    #   * **AccessDenied**\: Amazon EKS or one or more of your managed nodes
+    #     is failing to authenticate or authorize with your Kubernetes
+    #     cluster API server.
+    #
+    #   * **AsgInstanceLaunchFailures**\: Your Auto Scaling group is
+    #     experiencing failures while attempting to launch instances.
+    #
     #   * **AutoScalingGroupNotFound**\: We couldn't find the Auto Scaling
     #     group associated with the managed node group. You may be able to
     #     recreate an Auto Scaling group with the same settings to recover.
     #
-    #   * **Ec2SecurityGroupNotFound**\: We couldn't find the cluster
-    #     security group for the cluster. You must recreate your cluster.
-    #
-    #   * **Ec2SecurityGroupDeletionFailure**\: We could not delete the
-    #     remote access security group for your managed node group. Remove
-    #     any dependencies from the security group.
+    #   * **ClusterUnreachable**\: Amazon EKS or one or more of your managed
+    #     nodes is unable to to communicate with your Kubernetes cluster API
+    #     server. This can happen if there are network disruptions or if API
+    #     servers are timing out processing requests.
     #
     #   * **Ec2LaunchTemplateNotFound**\: We couldn't find the Amazon EC2
     #     launch template for your managed node group. You may be able to
@@ -1203,6 +1946,13 @@ module Aws::EKS
     #     version that Amazon EKS created. You may be able to revert to the
     #     version that Amazon EKS created to recover.
     #
+    #   * **Ec2SecurityGroupDeletionFailure**\: We could not delete the
+    #     remote access security group for your managed node group. Remove
+    #     any dependencies from the security group.
+    #
+    #   * **Ec2SecurityGroupNotFound**\: We couldn't find the cluster
+    #     security group for the cluster. You must recreate your cluster.
+    #
     #   * **Ec2SubnetInvalidConfiguration**\: One or more Amazon EC2 subnets
     #     specified for a node group do not automatically assign public IP
     #     addresses to instances launched into it. If you want your
@@ -1219,28 +1969,22 @@ module Aws::EKS
     #     managed node group. You may be able to recreate an IAM role with
     #     the same settings to recover.
     #
-    #   * **AsgInstanceLaunchFailures**\: Your Auto Scaling group is
-    #     experiencing failures while attempting to launch instances.
-    #
-    #   * **NodeCreationFailure**\: Your launched instances are unable to
-    #     register with your Amazon EKS cluster. Common causes of this
-    #     failure are insufficient [worker node IAM role][2] permissions or
-    #     lack of outbound internet access for the nodes.
-    #
     #   * **InstanceLimitExceeded**\: Your AWS account is unable to launch
     #     any more instances of the specified instance type. You may be able
     #     to request an Amazon EC2 instance limit increase to recover.
     #
     #   * **InsufficientFreeAddresses**\: One or more of the subnets
     #     associated with your managed node group does not have enough
-    #     available IP addresses for new nodes.
-    #
-    #   * **AccessDenied**\: Amazon EKS or one or more of your managed nodes
-    #     is unable to communicate with your cluster API server.
+    #     available IP addresses for new nodes.
     #
     #   * **InternalFailure**\: These errors are usually caused by an Amazon
     #     EKS server-side issue.
     #
+    #   * **NodeCreationFailure**\: Your launched instances are unable to
+    #     register with your Amazon EKS cluster. Common causes of this
+    #     failure are insufficient [node IAM role][2] permissions or lack of
+    #     outbound internet access for the nodes.
+    #
     #
     #
     #   [1]: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html#subnet-public-ip
@@ -1306,10 +2050,11 @@ module Aws::EKS
     #
     # @!attribute [rw] service_ipv_4_cidr
     #   The CIDR block that Kubernetes service IP addresses are assigned
-    #   from. If you didn't specify a CIDR block, then Kubernetes assigns
-    #   addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR
-    #   blocks. If this was specified, then it was specified when the
-    #   cluster was created and it cannot be changed.
+    #   from. If you didn't specify a CIDR block when you created the
+    #   cluster, then Kubernetes assigns addresses from either the
+    #   10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. If this was specified,
+    #   then it was specified when the cluster was created and it cannot be
+    #   changed.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/KubernetesNetworkConfigResponse AWS API Documentation
@@ -1374,6 +2119,80 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass ListAddonsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "ClusterName", # required
+    #         max_results: 1,
+    #         next_token: "String",
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of add-on results returned by `ListAddonsRequest`
+    #   in paginated output. When you use this parameter,
+    #   `ListAddonsRequest` returns only `maxResults` results in a single
+    #   page along with a `nextToken` response element. You can see the
+    #   remaining results of the initial request by sending another
+    #   `ListAddonsRequest` request with the returned `nextToken` value.
+    #   This value can be between 1 and 100. If you don't use this
+    #   parameter, `ListAddonsRequest` returns up to 100 results and a
+    #   `nextToken` value, if applicable.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   The `nextToken` value returned from a previous paginated
+    #   `ListAddonsRequest` where `maxResults` was used and the results
+    #   exceeded the value of that parameter. Pagination continues from the
+    #   end of the previous results that returned the `nextToken` value.
+    #
+    #   <note markdown="1"> This token should be treated as an opaque identifier that is used
+    #   only to retrieve the next items in a list and not for other
+    #   programmatic purposes.
+    #
+    #    </note>
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/ListAddonsRequest AWS API Documentation
+    #
+    class ListAddonsRequest < Struct.new(
+      :cluster_name,
+      :max_results,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] addons
+    #   A list of available add-ons.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] next_token
+    #   The `nextToken` value returned from a previous paginated
+    #   `ListAddonsResponse` where `maxResults` was used and the results
+    #   exceeded the value of that parameter. Pagination continues from the
+    #   end of the previous results that returned the `nextToken` value.
+    #
+    #   <note markdown="1"> This token should be treated as an opaque identifier that is used
+    #   only to retrieve the next items in a list and not for other
+    #   programmatic purposes.
+    #
+    #    </note>
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/ListAddonsResponse AWS API Documentation
+    #
+    class ListAddonsResponse < Struct.new(
+      :addons,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass ListClustersRequest
     #   data as a hash:
     #
@@ -1502,6 +2321,71 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass ListIdentityProviderConfigsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "String", # required
+    #         max_results: 1,
+    #         next_token: "String",
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The cluster name that you want to list identity provider
+    #   configurations for.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of identity provider configurations returned by
+    #   `ListIdentityProviderConfigs` in paginated output. When you use this
+    #   parameter, `ListIdentityProviderConfigs` returns only `maxResults`
+    #   results in a single page along with a `nextToken` response element.
+    #   You can see the remaining results of the initial request by sending
+    #   another `ListIdentityProviderConfigs` request with the returned
+    #   `nextToken` value. This value can be between 1 and 100. If you
+    #   don't use this parameter, `ListIdentityProviderConfigs` returns up
+    #   to 100 results and a `nextToken` value, if applicable.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   The `nextToken` value returned from a previous paginated
+    #   `IdentityProviderConfigsRequest` where `maxResults` was used and the
+    #   results exceeded the value of that parameter. Pagination continues
+    #   from the end of the previous results that returned the `nextToken`
+    #   value.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/ListIdentityProviderConfigsRequest AWS API Documentation
+    #
+    class ListIdentityProviderConfigsRequest < Struct.new(
+      :cluster_name,
+      :max_results,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] identity_provider_configs
+    #   The identity provider configurations for the cluster.
+    #   @return [Array<Types::IdentityProviderConfig>]
+    #
+    # @!attribute [rw] next_token
+    #   The `nextToken` value returned from a previous paginated
+    #   `ListIdentityProviderConfigsResponse` where `maxResults` was used
+    #   and the results exceeded the value of that parameter. Pagination
+    #   continues from the end of the previous results that returned the
+    #   `nextToken` value.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/ListIdentityProviderConfigsResponse AWS API Documentation
+    #
+    class ListIdentityProviderConfigsResponse < Struct.new(
+      :identity_provider_configs,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass ListNodegroupsRequest
     #   data as a hash:
     #
@@ -1606,6 +2490,7 @@ module Aws::EKS
     #       {
     #         name: "String", # required
     #         nodegroup_name: "String",
+    #         addon_name: "String",
     #         next_token: "String",
     #         max_results: 1,
     #       }
@@ -1618,6 +2503,10 @@ module Aws::EKS
     #   The name of the Amazon EKS managed node group to list updates for.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   The names of the installed add-ons that have available updates.
+    #   @return [String]
+    #
     # @!attribute [rw] next_token
     #   The `nextToken` value returned from a previous paginated
     #   `ListUpdates` request where `maxResults` was used and the results
@@ -1641,6 +2530,7 @@ module Aws::EKS
     class ListUpdatesRequest < Struct.new(
       :name,
       :nodegroup_name,
+      :addon_name,
       :next_token,
       :max_results)
       SENSITIVE = []
@@ -1748,7 +2638,7 @@ module Aws::EKS
     #   If the node group was deployed using a launch template with a custom
     #   AMI, then this is the AMI ID that was specified in the launch
     #   template. For node groups that weren't deployed using a launch
-    #   template, this is the version of the Amazon EKS-optimized AMI that
+    #   template, this is the version of the Amazon EKS optimized AMI that
     #   the node group was deployed with.
     #   @return [String]
     #
@@ -1766,6 +2656,10 @@ module Aws::EKS
     #   The current status of the managed node group.
     #   @return [String]
     #
+    # @!attribute [rw] capacity_type
+    #   The capacity type of your managed node group.
+    #   @return [String]
+    #
     # @!attribute [rw] scaling_config
     #   The scaling configuration details for the Auto Scaling group that is
     #   associated with your node group.
@@ -1797,10 +2691,10 @@ module Aws::EKS
     #   @return [String]
     #
     # @!attribute [rw] node_role
-    #   The IAM role associated with your node group. The Amazon EKS worker
-    #   node `kubelet` daemon makes calls to AWS APIs on your behalf. Worker
-    #   nodes receive permissions for these API calls through an IAM
-    #   instance profile and associated policies.
+    #   The IAM role associated with your node group. The Amazon EKS node
+    #   `kubelet` daemon makes calls to AWS APIs on your behalf. Nodes
+    #   receive permissions for these API calls through an IAM instance
+    #   profile and associated policies.
     #   @return [String]
     #
     # @!attribute [rw] labels
@@ -1853,6 +2747,7 @@ module Aws::EKS
       :created_at,
       :modified_at,
       :status,
+      :capacity_type,
       :scaling_config,
       :instance_types,
       :subnets,
@@ -1892,7 +2787,7 @@ module Aws::EKS
     #
     # @!attribute [rw] remote_access_security_group
     #   The remote access security group associated with the node group.
-    #   This security group controls SSH access to the worker nodes.
+    #   This security group controls SSH access to the nodes.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/NodegroupResources AWS API Documentation
@@ -1919,19 +2814,24 @@ module Aws::EKS
     #       }
     #
     # @!attribute [rw] min_size
-    #   The minimum number of worker nodes that the managed node group can
-    #   scale in to. This number must be greater than zero.
+    #   The minimum number of nodes that the managed node group can scale in
+    #   to. This number must be greater than zero.
     #   @return [Integer]
     #
     # @!attribute [rw] max_size
-    #   The maximum number of worker nodes that the managed node group can
-    #   scale out to. Managed node groups can support up to 100 nodes by
-    #   default.
+    #   The maximum number of nodes that the managed node group can scale
+    #   out to. For information about the maximum number that you can
+    #   specify, see [Amazon EKS service quotas][1] in the *Amazon EKS User
+    #   Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html
     #   @return [Integer]
     #
     # @!attribute [rw] desired_size
-    #   The current number of worker nodes that the managed node group
-    #   should maintain.
+    #   The current number of nodes that the managed node group should
+    #   maintain.
     #   @return [Integer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/NodegroupScalingConfig AWS API Documentation
@@ -1958,15 +2858,15 @@ module Aws::EKS
       include Aws::Structure
     end
-    # An object representing the [OpenID Connect][1] identity provider
-    # information for the cluster.
+    # An object representing the [OpenID Connect][1] (OIDC) identity
+    # provider information for the cluster.
     #
     #
     #
     # [1]: https://openid.net/connect/
     #
     # @!attribute [rw] issuer
-    #   The issuer URL for the OpenID Connect identity provider.
+    #   The issuer URL for the OIDC identity provider.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/OIDC AWS API Documentation
@@ -1977,6 +2877,187 @@ module Aws::EKS
       include Aws::Structure
     end
+    # An object that represents the configuration for an OpenID Connect
+    # (OIDC) identity provider.
+    #
+    # @!attribute [rw] identity_provider_config_name
+    #   The name of the configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] identity_provider_config_arn
+    #   The ARN of the configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] cluster_name
+    #   The cluster that the configuration is associated to.
+    #   @return [String]
+    #
+    # @!attribute [rw] issuer_url
+    #   The URL of the OIDC identity provider that allows the API server to
+    #   discover public signing keys for verifying tokens.
+    #   @return [String]
+    #
+    # @!attribute [rw] client_id
+    #   This is also known as *audience*. The ID of the client application
+    #   that makes authentication requests to the OIDC identity provider.
+    #   @return [String]
+    #
+    # @!attribute [rw] username_claim
+    #   The JSON Web token (JWT) claim that is used as the username.
+    #   @return [String]
+    #
+    # @!attribute [rw] username_prefix
+    #   The prefix that is prepended to username claims to prevent clashes
+    #   with existing names. The prefix can't contain `system:`
+    #   @return [String]
+    #
+    # @!attribute [rw] groups_claim
+    #   The JSON web token (JWT) claim that the provider uses to return your
+    #   groups.
+    #   @return [String]
+    #
+    # @!attribute [rw] groups_prefix
+    #   The prefix that is prepended to group claims to prevent clashes with
+    #   existing names (such as `system:` groups). For example, the value`
+    #   oidc:` creates group names like `oidc:engineering` and `oidc:infra`.
+    #   The prefix can't contain `system:`
+    #   @return [String]
+    #
+    # @!attribute [rw] required_claims
+    #   The key-value pairs that describe required claims in the identity
+    #   token. If set, each claim is verified to be present in the token
+    #   with a matching value.
+    #   @return [Hash<String,String>]
+    #
+    # @!attribute [rw] tags
+    #   The metadata to apply to the provider configuration to assist with
+    #   categorization and organization. Each tag consists of a key and an
+    #   optional value, both of which you defined.
+    #   @return [Hash<String,String>]
+    #
+    # @!attribute [rw] status
+    #   The status of the OIDC identity provider.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/OidcIdentityProviderConfig AWS API Documentation
+    #
+    class OidcIdentityProviderConfig < Struct.new(
+      :identity_provider_config_name,
+      :identity_provider_config_arn,
+      :cluster_name,
+      :issuer_url,
+      :client_id,
+      :username_claim,
+      :username_prefix,
+      :groups_claim,
+      :groups_prefix,
+      :required_claims,
+      :tags,
+      :status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # An object representing an OpenID Connect (OIDC) configuration. Before
+    # associating an OIDC identity provider to your cluster, review the
+    # considerations in [Authenticating users for your cluster from an
+    # OpenID Connect identity provider][1] in the *Amazon EKS User Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/eks/latest/userguide/authenticate-oidc-identity-provider.html
+    #
+    # @note When making an API call, you may pass OidcIdentityProviderConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         identity_provider_config_name: "String", # required
+    #         issuer_url: "String", # required
+    #         client_id: "String", # required
+    #         username_claim: "String",
+    #         username_prefix: "String",
+    #         groups_claim: "String",
+    #         groups_prefix: "String",
+    #         required_claims: {
+    #           "requiredClaimsKey" => "requiredClaimsValue",
+    #         },
+    #       }
+    #
+    # @!attribute [rw] identity_provider_config_name
+    #   The name of the OIDC provider configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] issuer_url
+    #   The URL of the OpenID identity provider that allows the API server
+    #   to discover public signing keys for verifying tokens. The URL must
+    #   begin with `https://` and should correspond to the `iss` claim in
+    #   the provider's OIDC ID tokens. Per the OIDC standard, path
+    #   components are allowed but query parameters are not. Typically the
+    #   URL consists of only a hostname, like `https://server.example.org`
+    #   or `https://example.com`. This URL should point to the level below
+    #   `.well-known/openid-configuration` and must be publicly accessible
+    #   over the internet.
+    #   @return [String]
+    #
+    # @!attribute [rw] client_id
+    #   This is also known as *audience*. The ID for the client application
+    #   that makes authentication requests to the OpenID identity provider.
+    #   @return [String]
+    #
+    # @!attribute [rw] username_claim
+    #   The JSON Web Token (JWT) claim to use as the username. The default
+    #   is `sub`, which is expected to be a unique identifier of the end
+    #   user. You can choose other claims, such as `email` or `name`,
+    #   depending on the OpenID identity provider. Claims other than `email`
+    #   are prefixed with the issuer URL to prevent naming clashes with
+    #   other plug-ins.
+    #   @return [String]
+    #
+    # @!attribute [rw] username_prefix
+    #   The prefix that is prepended to username claims to prevent clashes
+    #   with existing names. If you do not provide this field, and
+    #   `username` is a value other than `email`, the prefix defaults to
+    #   `issuerurl#`. You can use the value `-` to disable all prefixing.
+    #   @return [String]
+    #
+    # @!attribute [rw] groups_claim
+    #   The JWT claim that the provider uses to return your groups.
+    #   @return [String]
+    #
+    # @!attribute [rw] groups_prefix
+    #   The prefix that is prepended to group claims to prevent clashes with
+    #   existing names (such as `system:` groups). For example, the value`
+    #   oidc:` will create group names like `oidc:engineering` and
+    #   `oidc:infra`.
+    #   @return [String]
+    #
+    # @!attribute [rw] required_claims
+    #   The key value pairs that describe required claims in the identity
+    #   token. If set, each claim is verified to be present in the token
+    #   with a matching value. For the maximum number of claims that you can
+    #   require, see [Amazon EKS service quotas][1] in the *Amazon EKS User
+    #   Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html
+    #   @return [Hash<String,String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/OidcIdentityProviderConfigRequest AWS API Documentation
+    #
+    class OidcIdentityProviderConfigRequest < Struct.new(
+      :identity_provider_config_name,
+      :issuer_url,
+      :client_id,
+      :username_claim,
+      :username_prefix,
+      :groups_claim,
+      :groups_prefix,
+      :required_claims)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # Identifies the AWS Key Management Service (AWS KMS) customer master
     # key (CMK) used to encrypt the secrets.
     #
@@ -2021,9 +3102,9 @@ module Aws::EKS
     #
     # @!attribute [rw] ec2_ssh_key
     #   The Amazon EC2 SSH key that provides access for SSH communication
-    #   with the worker nodes in the managed node group. For more
-    #   information, see [Amazon EC2 Key Pairs][1] in the *Amazon Elastic
-    #   Compute Cloud User Guide for Linux Instances*.
+    #   with the nodes in the managed node group. For more information, see
+    #   [Amazon EC2 Key Pairs][1] in the *Amazon Elastic Compute Cloud User
+    #   Guide for Linux Instances*.
     #
     #
     #
@@ -2032,11 +3113,11 @@ module Aws::EKS
     #
     # @!attribute [rw] source_security_groups
     #   The security groups that are allowed SSH access (port 22) to the
-    #   worker nodes. If you specify an Amazon EC2 SSH key but do not
-    #   specify a source security group when you create a managed node
-    #   group, then port 22 on the worker nodes is opened to the internet
-    #   (0.0.0.0/0). For more information, see [Security Groups for Your
-    #   VPC][1] in the *Amazon Virtual Private Cloud User Guide*.
+    #   nodes. If you specify an Amazon EC2 SSH key but do not specify a
+    #   source security group when you create a managed node group, then
+    #   port 22 on the nodes is opened to the internet (0.0.0.0/0). For more
+    #   information, see [Security Groups for Your VPC][1] in the *Amazon
+    #   Virtual Private Cloud User Guide*.
     #
     #
     #
@@ -2062,6 +3143,9 @@ module Aws::EKS
     #   The Amazon EKS managed node group associated with the exception.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   @return [String]
+    #
     # @!attribute [rw] message
     #   @return [String]
     #
@@ -2070,6 +3154,7 @@ module Aws::EKS
     class ResourceInUseException < Struct.new(
       :cluster_name,
       :nodegroup_name,
+      :addon_name,
       :message)
       SENSITIVE = []
       include Aws::Structure
@@ -2115,6 +3200,9 @@ module Aws::EKS
     #   The Fargate profile associated with the exception.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   @return [String]
+    #
     # @!attribute [rw] message
     #   @return [String]
     #
@@ -2124,6 +3212,7 @@ module Aws::EKS
       :cluster_name,
       :nodegroup_name,
       :fargate_profile_name,
+      :addon_name,
       :message)
       SENSITIVE = []
       include Aws::Structure
@@ -2139,6 +3228,9 @@ module Aws::EKS
     #   The Amazon EKS managed node group associated with the exception.
     #   @return [String]
     #
+    # @!attribute [rw] addon_name
+    #   @return [String]
+    #
     # @!attribute [rw] message
     #   @return [String]
     #
@@ -2147,6 +3239,7 @@ module Aws::EKS
     class ServerException < Struct.new(
       :cluster_name,
       :nodegroup_name,
+      :addon_name,
       :message)
       SENSITIVE = []
       include Aws::Structure
@@ -2302,6 +3395,99 @@ module Aws::EKS
       include Aws::Structure
     end
+    # @note When making an API call, you may pass UpdateAddonRequest
+    #   data as a hash:
+    #
+    #       {
+    #         cluster_name: "ClusterName", # required
+    #         addon_name: "String", # required
+    #         addon_version: "String",
+    #         service_account_role_arn: "RoleArn",
+    #         resolve_conflicts: "OVERWRITE", # accepts OVERWRITE, NONE
+    #         client_request_token: "String",
+    #       }
+    #
+    # @!attribute [rw] cluster_name
+    #   The name of the cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_name
+    #   The name of the add-on. The name must match one of the names
+    #   returned by [ `ListAddons` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html
+    #   @return [String]
+    #
+    # @!attribute [rw] addon_version
+    #   The version of the add-on. The version must match one of the
+    #   versions returned by [ `DescribeAddonVersions` ][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonVersions.html
+    #   @return [String]
+    #
+    # @!attribute [rw] service_account_role_arn
+    #   The Amazon Resource Name (ARN) of an existing IAM role to bind to
+    #   the add-on's service account. The role must be assigned the IAM
+    #   permissions required by the add-on. If you don't specify an
+    #   existing IAM role, then the add-on uses the permissions assigned to
+    #   the node IAM role. For more information, see [Amazon EKS node IAM
+    #   role][1] in the *Amazon EKS User Guide*.
+    #
+    #   <note markdown="1"> To specify an existing IAM role, you must have an IAM OpenID Connect
+    #   (OIDC) provider created for your cluster. For more information, see
+    #   [Enabling IAM roles for service accounts on your cluster][2] in the
+    #   *Amazon EKS User Guide*.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html
+    #   [2]: https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html
+    #   @return [String]
+    #
+    # @!attribute [rw] resolve_conflicts
+    #   How to resolve parameter value conflicts when applying the new
+    #   version of the add-on to the cluster.
+    #   @return [String]
+    #
+    # @!attribute [rw] client_request_token
+    #   Unique, case-sensitive identifier that you provide to ensure the
+    #   idempotency of the request.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/UpdateAddonRequest AWS API Documentation
+    #
+    class UpdateAddonRequest < Struct.new(
+      :cluster_name,
+      :addon_name,
+      :addon_version,
+      :service_account_role_arn,
+      :resolve_conflicts,
+      :client_request_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] update
+    #   An object representing an asynchronous update.
+    #   @return [Types::Update]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/UpdateAddonResponse AWS API Documentation
+    #
+    class UpdateAddonResponse < Struct.new(
+      :update)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass UpdateClusterConfigRequest
     #   data as a hash:
     #
@@ -2575,15 +3761,15 @@ module Aws::EKS
     #   @return [String]
     #
     # @!attribute [rw] release_version
-    #   The AMI version of the Amazon EKS-optimized AMI to use for the
+    #   The AMI version of the Amazon EKS optimized AMI to use for the
     #   update. By default, the latest available AMI version for the node
     #   group's Kubernetes version is used. For more information, see
-    #   [Amazon EKS-Optimized Linux AMI Versions ][1] in the *Amazon EKS
-    #   User Guide*. If you specify `launchTemplate`, and your launch
-    #   template uses a custom AMI, then don't specify `releaseVersion`, or
-    #   the node group update will fail. For more information about using
-    #   launch templates with Amazon EKS, see [Launch template support][2]
-    #   in the Amazon EKS User Guide.
+    #   [Amazon EKS optimized Amazon Linux 2 AMI versions ][1] in the
+    #   *Amazon EKS User Guide*. If you specify `launchTemplate`, and your
+    #   launch template uses a custom AMI, then don't specify
+    #   `releaseVersion`, or the node group update will fail. For more
+    #   information about using launch templates with Amazon EKS, see
+    #   [Launch template support][2] in the Amazon EKS User Guide.
     #
     #
     #
@@ -2674,18 +3860,29 @@ module Aws::EKS
     #       }
     #
     # @!attribute [rw] subnet_ids
-    #   Specify subnets for your Amazon EKS worker nodes. Amazon EKS creates
+    #   Specify subnets for your Amazon EKS nodes. Amazon EKS creates
     #   cross-account elastic network interfaces in these subnets to allow
-    #   communication between your worker nodes and the Kubernetes control
-    #   plane.
+    #   communication between your nodes and the Kubernetes control plane.
     #   @return [Array<String>]
     #
     # @!attribute [rw] security_group_ids
     #   Specify one or more security groups for the cross-account elastic
     #   network interfaces that Amazon EKS creates to use to allow
-    #   communication between your worker nodes and the Kubernetes control
-    #   plane. If you don't specify a security group, the default security
-    #   group for your VPC is used.
+    #   communication between your nodes and the Kubernetes control plane.
+    #   If you don't specify any security groups, then familiarize yourself
+    #   with the difference between Amazon EKS defaults for clusters
+    #   deployed with Kubernetes:
+    #
+    #   * 1\.14 Amazon EKS platform version `eks.2` and earlier
+    #
+    #   * 1\.14 Amazon EKS platform version `eks.3` and later
+    #
+    #   For more information, see [Amazon EKS security group
+    #   considerations][1] in the <i> <i>Amazon EKS User Guide</i> </i>.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html
     #   @return [Array<String>]
     #
     # @!attribute [rw] endpoint_public_access
@@ -2708,12 +3905,12 @@ module Aws::EKS
     #   access, Kubernetes API requests from within your cluster's VPC use
     #   the private VPC endpoint. The default value for this parameter is
     #   `false`, which disables private access for your Kubernetes API
-    #   server. If you disable private access and you have worker nodes or
-    #   AWS Fargate pods in the cluster, then ensure that
-    #   `publicAccessCidrs` includes the necessary CIDR blocks for
-    #   communication with the worker nodes or Fargate pods. For more
-    #   information, see [Amazon EKS Cluster Endpoint Access Control][1] in
-    #   the <i> <i>Amazon EKS User Guide</i> </i>.
+    #   server. If you disable private access and you have nodes or AWS
+    #   Fargate pods in the cluster, then ensure that `publicAccessCidrs`
+    #   includes the necessary CIDR blocks for communication with the nodes
+    #   or Fargate pods. For more information, see [Amazon EKS Cluster
+    #   Endpoint Access Control][1] in the <i> <i>Amazon EKS User Guide</i>
+    #   </i>.
     #
     #
     #
@@ -2725,8 +3922,8 @@ module Aws::EKS
     #   Kubernetes API server endpoint. Communication to the endpoint from
     #   addresses outside of the CIDR blocks that you specify is denied. The
     #   default value is `0.0.0.0/0`. If you've disabled private endpoint
-    #   access and you have worker nodes or AWS Fargate pods in the cluster,
-    #   then ensure that you specify the necessary CIDR blocks. For more
+    #   access and you have nodes or AWS Fargate pods in the cluster, then
+    #   ensure that you specify the necessary CIDR blocks. For more
     #   information, see [Amazon EKS Cluster Endpoint Access Control][1] in
     #   the <i> <i>Amazon EKS User Guide</i> </i>.
     #
@@ -2757,7 +3954,7 @@ module Aws::EKS
     # @!attribute [rw] security_group_ids
     #   The security groups associated with the cross-account elastic
     #   network interfaces that are used to allow communication between your
-    #   worker nodes and the Kubernetes control plane.
+    #   nodes and the Kubernetes control plane.
     #   @return [Array<String>]
     #
     # @!attribute [rw] cluster_security_group_id
@@ -2782,12 +3979,12 @@ module Aws::EKS
     #   endpoint is enabled. If the Amazon EKS private API server endpoint
     #   is enabled, Kubernetes API requests that originate from within your
     #   cluster's VPC use the private VPC endpoint instead of traversing
-    #   the internet. If this value is disabled and you have worker nodes or
-    #   AWS Fargate pods in the cluster, then ensure that
-    #   `publicAccessCidrs` includes the necessary CIDR blocks for
-    #   communication with the worker nodes or Fargate pods. For more
-    #   information, see [Amazon EKS Cluster Endpoint Access Control][1] in
-    #   the <i> <i>Amazon EKS User Guide</i> </i>.
+    #   the internet. If this value is disabled and you have nodes or AWS
+    #   Fargate pods in the cluster, then ensure that `publicAccessCidrs`
+    #   includes the necessary CIDR blocks for communication with the nodes
+    #   or Fargate pods. For more information, see [Amazon EKS Cluster
+    #   Endpoint Access Control][1] in the <i> <i>Amazon EKS User Guide</i>
+    #   </i>.
     #
     #
     #
@@ -2799,10 +3996,10 @@ module Aws::EKS
     #   Kubernetes API server endpoint. Communication to the endpoint from
     #   addresses outside of the listed CIDR blocks is denied. The default
     #   value is `0.0.0.0/0`. If you've disabled private endpoint access
-    #   and you have worker nodes or AWS Fargate pods in the cluster, then
-    #   ensure that the necessary CIDR blocks are listed. For more
-    #   information, see [Amazon EKS Cluster Endpoint Access Control][1] in
-    #   the <i> <i>Amazon EKS User Guide</i> </i>.
+    #   and you have nodes or AWS Fargate pods in the cluster, then ensure
+    #   that the necessary CIDR blocks are listed. For more information, see
+    #   [Amazon EKS Cluster Endpoint Access Control][1] in the <i> <i>Amazon
+    #   EKS User Guide</i> </i>.
     #
     #
     #