aws-sdk-eks 1.29.0 → 1.30.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ab062e754d7103f2d652aed8623a8e4f515c18ba
-  data.tar.gz: 810a2937ad71c13a9b44ae7d6807561b6baf30ef
+  metadata.gz: e03cf8481cf62f4305d5af638d2a6468bda36209
+  data.tar.gz: 706c9a86c3cc3e1af58edad859cbf1d0682adfe4
 SHA512:
-  metadata.gz: de9c790f59a099f704e09688675473e479b8b94705ab9eaddfc577d774cce30942f39762b0a6f21b082caf17567f4f1c6181e0503a7097e1148473cfaef9678f
-  data.tar.gz: 3d5042176dba4f4600ac81bfad3dead010a78742ce6fb53fccec8a037db981c2df344ec1e3e3e6b4f96ad2fd78dc8d7c1dad566b69f5df47246c54e19730535b
+  metadata.gz: b9ed1099533ec887fb247e485f3e4a3191ae7a290fd8bd2a8973314448c9d164910ee855f828b4ff6d6a2b49cf515e5ebd226ee8fa7f053327ae9fc0d6f80c97
+  data.tar.gz: e5b46c49ce8b3214ad309e1e8dd9a3eadaae4d1e309f6b5d4f506fc820f4ac5d1afd211905d55a61eaedb09f915439fcc4ba675aca7d2355b9cd5ec33b4c6603

data/lib/aws-sdk-eks.rb

@@ -43,6 +43,6 @@ require_relative 'aws-sdk-eks/customizations'
 # @service
 module Aws::EKS
 
-  GEM_VERSION = '1.29.0'
+  GEM_VERSION = '1.30.0'
 
 end

data/lib/aws-sdk-eks/client.rb

@@ -409,6 +409,7 @@ module Aws::EKS
     #       security_group_ids: ["String"],
     #       endpoint_public_access: false,
     #       endpoint_private_access: false,
+    #       public_access_cidrs: ["String"],
     #     },
     #     logging: {
     #       cluster_logging: [
@@ -440,6 +441,8 @@ module Aws::EKS
     #   resp.cluster.resources_vpc_config.vpc_id #=> String
     #   resp.cluster.resources_vpc_config.endpoint_public_access #=> Boolean
     #   resp.cluster.resources_vpc_config.endpoint_private_access #=> Boolean
+    #   resp.cluster.resources_vpc_config.public_access_cidrs #=> Array
+    #   resp.cluster.resources_vpc_config.public_access_cidrs[0] #=> String
     #   resp.cluster.logging.cluster_logging #=> Array
     #   resp.cluster.logging.cluster_logging[0].types #=> Array
     #   resp.cluster.logging.cluster_logging[0].types[0] #=> String, one of "api", "audit", "authenticator", "controllerManager", "scheduler"
@@ -462,29 +465,28 @@ module Aws::EKS
     end
 
     # Creates an AWS Fargate profile for your Amazon EKS cluster. You must
-    # have at least one Fargate profile in a cluster to be able to schedule
-    # pods on Fargate infrastructure.
+    # have at least one Fargate profile in a cluster to be able to run pods
+    # on Fargate.
     #
     # The Fargate profile allows an administrator to declare which pods run
-    # on Fargate infrastructure and specify which pods run on which Fargate
-    # profile. This declaration is done through the profile’s selectors.
-    # Each profile can have up to five selectors that contain a namespace
-    # and labels. A namespace is required for every selector. The label
-    # field consists of multiple optional key-value pairs. Pods that match
-    # the selectors are scheduled on Fargate infrastructure. If a
-    # to-be-scheduled pod matches any of the selectors in the Fargate
-    # profile, then that pod is scheduled on Fargate infrastructure.
+    # on Fargate and specify which pods run on which Fargate profile. This
+    # declaration is done through the profile’s selectors. Each profile can
+    # have up to five selectors that contain a namespace and labels. A
+    # namespace is required for every selector. The label field consists of
+    # multiple optional key-value pairs. Pods that match the selectors are
+    # scheduled on Fargate. If a to-be-scheduled pod matches any of the
+    # selectors in the Fargate profile, then that pod is run on Fargate.
     #
     # When you create a Fargate profile, you must specify a pod execution
     # role to use with the pods that are scheduled with the profile. This
     # role is added to the cluster's Kubernetes [Role Based Access
     # Control][1] (RBAC) for authorization so that the `kubelet` that is
     # running on the Fargate infrastructure can register with your Amazon
-    # EKS cluster. This role is what allows Fargate infrastructure to appear
-    # in your cluster as nodes. The pod execution role also provides IAM
-    # permissions to the Fargate infrastructure to allow read access to
-    # Amazon ECR image repositories. For more information, see [Pod
-    # Execution Role][2] in the *Amazon EKS User Guide*.
+    # EKS cluster so that it can appear in your cluster as a node. The pod
+    # execution role also provides IAM permissions to the Fargate
+    # infrastructure to allow read access to Amazon ECR image repositories.
+    # For more information, see [Pod Execution Role][2] in the *Amazon EKS
+    # User Guide*.
     #
     # Fargate profiles are immutable. However, you can create a new updated
     # profile to replace an existing profile and then delete the original
@@ -522,10 +524,10 @@ module Aws::EKS
     #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html
     #
     # @option params [Array<String>] :subnets
-    #   The IDs of subnets to launch Fargate pods into. At this time, Fargate
-    #   pods are not assigned public IP addresses, so only private subnets
-    #   (with no direct route to an Internet Gateway) are accepted for this
-    #   parameter.
+    #   The IDs of subnets to launch your pods into. At this time, pods
+    #   running on Fargate are not assigned public IP addresses, so only
+    #   private subnets (with no direct route to an Internet Gateway) are
+    #   accepted for this parameter.
     #
     # @option params [Array<Types::FargateProfileSelector>] :selectors
     #   The selectors to match for pods to use this Fargate profile. Each
@@ -835,6 +837,8 @@ module Aws::EKS
     #   resp.cluster.resources_vpc_config.vpc_id #=> String
     #   resp.cluster.resources_vpc_config.endpoint_public_access #=> Boolean
     #   resp.cluster.resources_vpc_config.endpoint_private_access #=> Boolean
+    #   resp.cluster.resources_vpc_config.public_access_cidrs #=> Array
+    #   resp.cluster.resources_vpc_config.public_access_cidrs[0] #=> String
     #   resp.cluster.logging.cluster_logging #=> Array
     #   resp.cluster.logging.cluster_logging[0].types #=> Array
     #   resp.cluster.logging.cluster_logging[0].types[0] #=> String, one of "api", "audit", "authenticator", "controllerManager", "scheduler"
@@ -858,11 +862,11 @@ module Aws::EKS
 
     # Deletes an AWS Fargate profile.
     #
-    # When you delete a Fargate profile, any pods that were scheduled onto
-    # Fargate infrastructure with the profile are deleted. If those pods
-    # match another Fargate profile, then they are scheduled on Fargate
-    # infrastructure with that profile. If they no longer match any Fargate
-    # profiles, then they are not scheduled on Fargate infrastructure.
+    # When you delete a Fargate profile, any pods running on Fargate that
+    # were created with the profile are deleted. If those pods match another
+    # Fargate profile, then they are scheduled on Fargate with that profile.
+    # If they no longer match any Fargate profiles, then they are not
+    # scheduled on Fargate and they may remain in a pending state.
     #
     # Only one Fargate profile in a cluster can be in the `DELETING` status
     # at a time. You must wait for a Fargate profile to finish deleting
@@ -1057,6 +1061,8 @@ module Aws::EKS
     #   resp.cluster.resources_vpc_config.vpc_id #=> String
     #   resp.cluster.resources_vpc_config.endpoint_public_access #=> Boolean
     #   resp.cluster.resources_vpc_config.endpoint_private_access #=> Boolean
+    #   resp.cluster.resources_vpc_config.public_access_cidrs #=> Array
+    #   resp.cluster.resources_vpc_config.public_access_cidrs[0] #=> String
     #   resp.cluster.logging.cluster_logging #=> Array
     #   resp.cluster.logging.cluster_logging[0].types #=> Array
     #   resp.cluster.logging.cluster_logging[0].types[0] #=> String, one of "api", "audit", "authenticator", "controllerManager", "scheduler"
@@ -1222,7 +1228,7 @@ module Aws::EKS
     #   resp.update.status #=> String, one of "InProgress", "Failed", "Cancelled", "Successful"
     #   resp.update.type #=> String, one of "VersionUpdate", "EndpointAccessUpdate", "LoggingUpdate", "ConfigUpdate"
     #   resp.update.params #=> Array
-    #   resp.update.params[0].type #=> String, one of "Version", "PlatformVersion", "EndpointPrivateAccess", "EndpointPublicAccess", "ClusterLogging", "DesiredSize", "LabelsToAdd", "LabelsToRemove", "MaxSize", "MinSize", "ReleaseVersion"
+    #   resp.update.params[0].type #=> String, one of "Version", "PlatformVersion", "EndpointPrivateAccess", "EndpointPublicAccess", "ClusterLogging", "DesiredSize", "LabelsToAdd", "LabelsToRemove", "MaxSize", "MinSize", "ReleaseVersion", "PublicAccessCidrs"
     #   resp.update.params[0].value #=> String
     #   resp.update.created_at #=> Time
     #   resp.update.errors #=> Array
@@ -1661,6 +1667,7 @@ module Aws::EKS
     #       security_group_ids: ["String"],
     #       endpoint_public_access: false,
     #       endpoint_private_access: false,
+    #       public_access_cidrs: ["String"],
     #     },
     #     logging: {
     #       cluster_logging: [
@@ -1679,7 +1686,7 @@ module Aws::EKS
     #   resp.update.status #=> String, one of "InProgress", "Failed", "Cancelled", "Successful"
     #   resp.update.type #=> String, one of "VersionUpdate", "EndpointAccessUpdate", "LoggingUpdate", "ConfigUpdate"
     #   resp.update.params #=> Array
-    #   resp.update.params[0].type #=> String, one of "Version", "PlatformVersion", "EndpointPrivateAccess", "EndpointPublicAccess", "ClusterLogging", "DesiredSize", "LabelsToAdd", "LabelsToRemove", "MaxSize", "MinSize", "ReleaseVersion"
+    #   resp.update.params[0].type #=> String, one of "Version", "PlatformVersion", "EndpointPrivateAccess", "EndpointPublicAccess", "ClusterLogging", "DesiredSize", "LabelsToAdd", "LabelsToRemove", "MaxSize", "MinSize", "ReleaseVersion", "PublicAccessCidrs"
     #   resp.update.params[0].value #=> String
     #   resp.update.created_at #=> Time
     #   resp.update.errors #=> Array
@@ -1743,7 +1750,7 @@ module Aws::EKS
     #   resp.update.status #=> String, one of "InProgress", "Failed", "Cancelled", "Successful"
     #   resp.update.type #=> String, one of "VersionUpdate", "EndpointAccessUpdate", "LoggingUpdate", "ConfigUpdate"
     #   resp.update.params #=> Array
-    #   resp.update.params[0].type #=> String, one of "Version", "PlatformVersion", "EndpointPrivateAccess", "EndpointPublicAccess", "ClusterLogging", "DesiredSize", "LabelsToAdd", "LabelsToRemove", "MaxSize", "MinSize", "ReleaseVersion"
+    #   resp.update.params[0].type #=> String, one of "Version", "PlatformVersion", "EndpointPrivateAccess", "EndpointPublicAccess", "ClusterLogging", "DesiredSize", "LabelsToAdd", "LabelsToRemove", "MaxSize", "MinSize", "ReleaseVersion", "PublicAccessCidrs"
     #   resp.update.params[0].value #=> String
     #   resp.update.created_at #=> Time
     #   resp.update.errors #=> Array
@@ -1819,7 +1826,7 @@ module Aws::EKS
     #   resp.update.status #=> String, one of "InProgress", "Failed", "Cancelled", "Successful"
     #   resp.update.type #=> String, one of "VersionUpdate", "EndpointAccessUpdate", "LoggingUpdate", "ConfigUpdate"
     #   resp.update.params #=> Array
-    #   resp.update.params[0].type #=> String, one of "Version", "PlatformVersion", "EndpointPrivateAccess", "EndpointPublicAccess", "ClusterLogging", "DesiredSize", "LabelsToAdd", "LabelsToRemove", "MaxSize", "MinSize", "ReleaseVersion"
+    #   resp.update.params[0].type #=> String, one of "Version", "PlatformVersion", "EndpointPrivateAccess", "EndpointPublicAccess", "ClusterLogging", "DesiredSize", "LabelsToAdd", "LabelsToRemove", "MaxSize", "MinSize", "ReleaseVersion", "PublicAccessCidrs"
     #   resp.update.params[0].value #=> String
     #   resp.update.created_at #=> Time
     #   resp.update.errors #=> Array
@@ -1918,7 +1925,7 @@ module Aws::EKS
     #   resp.update.status #=> String, one of "InProgress", "Failed", "Cancelled", "Successful"
     #   resp.update.type #=> String, one of "VersionUpdate", "EndpointAccessUpdate", "LoggingUpdate", "ConfigUpdate"
     #   resp.update.params #=> Array
-    #   resp.update.params[0].type #=> String, one of "Version", "PlatformVersion", "EndpointPrivateAccess", "EndpointPublicAccess", "ClusterLogging", "DesiredSize", "LabelsToAdd", "LabelsToRemove", "MaxSize", "MinSize", "ReleaseVersion"
+    #   resp.update.params[0].type #=> String, one of "Version", "PlatformVersion", "EndpointPrivateAccess", "EndpointPublicAccess", "ClusterLogging", "DesiredSize", "LabelsToAdd", "LabelsToRemove", "MaxSize", "MinSize", "ReleaseVersion", "PublicAccessCidrs"
     #   resp.update.params[0].value #=> String
     #   resp.update.created_at #=> Time
     #   resp.update.errors #=> Array
@@ -1949,7 +1956,7 @@ module Aws::EKS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-eks'
-      context[:gem_version] = '1.29.0'
+      context[:gem_version] = '1.30.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-eks/client_api.rb

@@ -500,6 +500,7 @@ module Aws::EKS
     VpcConfigRequest.add_member(:security_group_ids, Shapes::ShapeRef.new(shape: StringList, location_name: "securityGroupIds"))
     VpcConfigRequest.add_member(:endpoint_public_access, Shapes::ShapeRef.new(shape: BoxedBoolean, location_name: "endpointPublicAccess"))
     VpcConfigRequest.add_member(:endpoint_private_access, Shapes::ShapeRef.new(shape: BoxedBoolean, location_name: "endpointPrivateAccess"))
+    VpcConfigRequest.add_member(:public_access_cidrs, Shapes::ShapeRef.new(shape: StringList, location_name: "publicAccessCidrs"))
     VpcConfigRequest.struct_class = Types::VpcConfigRequest
 
     VpcConfigResponse.add_member(:subnet_ids, Shapes::ShapeRef.new(shape: StringList, location_name: "subnetIds"))
@@ -508,6 +509,7 @@ module Aws::EKS
     VpcConfigResponse.add_member(:vpc_id, Shapes::ShapeRef.new(shape: String, location_name: "vpcId"))
     VpcConfigResponse.add_member(:endpoint_public_access, Shapes::ShapeRef.new(shape: Boolean, location_name: "endpointPublicAccess"))
     VpcConfigResponse.add_member(:endpoint_private_access, Shapes::ShapeRef.new(shape: Boolean, location_name: "endpointPrivateAccess"))
+    VpcConfigResponse.add_member(:public_access_cidrs, Shapes::ShapeRef.new(shape: StringList, location_name: "publicAccessCidrs"))
     VpcConfigResponse.struct_class = Types::VpcConfigResponse
 
     labelsKeyList.member = Shapes::ShapeRef.new(shape: String)

data/lib/aws-sdk-eks/types.rb

@@ -190,6 +190,7 @@ module Aws::EKS
     #           security_group_ids: ["String"],
     #           endpoint_public_access: false,
     #           endpoint_private_access: false,
+    #           public_access_cidrs: ["String"],
     #         },
     #         logging: {
     #           cluster_logging: [
@@ -342,10 +343,10 @@ module Aws::EKS
     #   @return [String]
     #
     # @!attribute [rw] subnets
-    #   The IDs of subnets to launch Fargate pods into. At this time,
-    #   Fargate pods are not assigned public IP addresses, so only private
-    #   subnets (with no direct route to an Internet Gateway) are accepted
-    #   for this parameter.
+    #   The IDs of subnets to launch your pods into. At this time, pods
+    #   running on Fargate are not assigned public IP addresses, so only
+    #   private subnets (with no direct route to an Internet Gateway) are
+    #   accepted for this parameter.
     #   @return [Array<String>]
     #
     # @!attribute [rw] selectors
@@ -866,13 +867,16 @@ module Aws::EKS
     # @!attribute [rw] pod_execution_role_arn
     #   The Amazon Resource Name (ARN) of the pod execution role to use for
     #   pods that match the selectors in the Fargate profile. For more
-    #   information, see [Pod Execution
-    #   Role](eks/latest/userguide/pod-execution-role.html) in the *Amazon
-    #   EKS User Guide*.
+    #   information, see [Pod Execution Role][1] in the *Amazon EKS User
+    #   Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html
     #   @return [String]
     #
     # @!attribute [rw] subnets
-    #   The IDs of subnets to launch Fargate pods into.
+    #   The IDs of subnets to launch pods into.
     #   @return [Array<String>]
     #
     # @!attribute [rw] selectors
@@ -1962,6 +1966,7 @@ module Aws::EKS
     #           security_group_ids: ["String"],
     #           endpoint_public_access: false,
     #           endpoint_private_access: false,
+    #           public_access_cidrs: ["String"],
     #         },
     #         logging: {
     #           cluster_logging: [
@@ -2283,6 +2288,7 @@ module Aws::EKS
     #         security_group_ids: ["String"],
     #         endpoint_public_access: false,
     #         endpoint_private_access: false,
+    #         public_access_cidrs: ["String"],
     #       }
     #
     # @!attribute [rw] subnet_ids
@@ -2301,9 +2307,9 @@ module Aws::EKS
     #   @return [Array<String>]
     #
     # @!attribute [rw] endpoint_public_access
-    #   Set this value to `false` to disable public access for your
+    #   Set this value to `false` to disable public access to your
     #   cluster's Kubernetes API server endpoint. If you disable public
-    #   access, your cluster's Kubernetes API server can receive only
+    #   access, your cluster's Kubernetes API server can only receive
     #   requests from within the cluster VPC. The default value for this
     #   parameter is `true`, which enables public access for your Kubernetes
     #   API server. For more information, see [Amazon EKS Cluster Endpoint
@@ -2320,21 +2326,41 @@ module Aws::EKS
     #   access, Kubernetes API requests from within your cluster's VPC use
     #   the private VPC endpoint. The default value for this parameter is
     #   `false`, which disables private access for your Kubernetes API
-    #   server. For more information, see [Amazon EKS Cluster Endpoint
-    #   Access Control][1] in the <i> <i>Amazon EKS User Guide</i> </i>.
+    #   server. If you disable private access and you have worker nodes or
+    #   AWS Fargate pods in the cluster, then ensure that
+    #   `publicAccessCidrs` includes the necessary CIDR blocks for
+    #   communication with the worker nodes or Fargate pods. For more
+    #   information, see [Amazon EKS Cluster Endpoint Access Control][1] in
+    #   the <i> <i>Amazon EKS User Guide</i> </i>.
     #
     #
     #
     #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html
     #   @return [Boolean]
     #
+    # @!attribute [rw] public_access_cidrs
+    #   The CIDR blocks that are allowed access to your cluster's public
+    #   Kubernetes API server endpoint. Communication to the endpoint from
+    #   addresses outside of the CIDR blocks that you specify is denied. The
+    #   default value is `0.0.0.0/0`. If you've disabled private endpoint
+    #   access and you have worker nodes or AWS Fargate pods in the cluster,
+    #   then ensure that you specify the necessary CIDR blocks. For more
+    #   information, see [Amazon EKS Cluster Endpoint Access Control][1] in
+    #   the <i> <i>Amazon EKS User Guide</i> </i>.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html
+    #   @return [Array<String>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/VpcConfigRequest AWS API Documentation
     #
     class VpcConfigRequest < Struct.new(
       :subnet_ids,
       :security_group_ids,
       :endpoint_public_access,
-      :endpoint_private_access)
+      :endpoint_private_access,
+      :public_access_cidrs)
       include Aws::Structure
     end
 
@@ -2364,7 +2390,7 @@ module Aws::EKS
     # @!attribute [rw] endpoint_public_access
     #   This parameter indicates whether the Amazon EKS public API server
     #   endpoint is enabled. If the Amazon EKS public API server endpoint is
-    #   disabled, your cluster's Kubernetes API server can receive only
+    #   disabled, your cluster's Kubernetes API server can only receive
     #   requests that originate from within the cluster VPC.
     #   @return [Boolean]
     #
@@ -2373,9 +2399,33 @@ module Aws::EKS
     #   endpoint is enabled. If the Amazon EKS private API server endpoint
     #   is enabled, Kubernetes API requests that originate from within your
     #   cluster's VPC use the private VPC endpoint instead of traversing
-    #   the internet.
+    #   the internet. If this value is disabled and you have worker nodes or
+    #   AWS Fargate pods in the cluster, then ensure that
+    #   `publicAccessCidrs` includes the necessary CIDR blocks for
+    #   communication with the worker nodes or Fargate pods. For more
+    #   information, see [Amazon EKS Cluster Endpoint Access Control][1] in
+    #   the <i> <i>Amazon EKS User Guide</i> </i>.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html
     #   @return [Boolean]
     #
+    # @!attribute [rw] public_access_cidrs
+    #   The CIDR blocks that are allowed access to your cluster's public
+    #   Kubernetes API server endpoint. Communication to the endpoint from
+    #   addresses outside of the listed CIDR blocks is denied. The default
+    #   value is `0.0.0.0/0`. If you've disabled private endpoint access
+    #   and you have worker nodes or AWS Fargate pods in the cluster, then
+    #   ensure that the necessary CIDR blocks are listed. For more
+    #   information, see [Amazon EKS Cluster Endpoint Access Control][1] in
+    #   the <i> <i>Amazon EKS User Guide</i> </i>.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html
+    #   @return [Array<String>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/VpcConfigResponse AWS API Documentation
     #
     class VpcConfigResponse < Struct.new(
@@ -2384,7 +2434,8 @@ module Aws::EKS
       :cluster_security_group_id,
       :vpc_id,
       :endpoint_public_access,
-      :endpoint_private_access)
+      :endpoint_private_access,
+      :public_access_cidrs)
       include Aws::Structure
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-eks
 version: !ruby/object:Gem::Version
-  version: 1.29.0
+  version: 1.30.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-12-03 00:00:00.000000000 Z
+date: 2019-12-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core