@pulumi/eks 2.6.0-alpha.1717448271 → 2.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -26,7 +26,7 @@
26
26
  },
27
27
  "java": {
28
28
  "dependencies": {
29
- "com.pulumi:aws": "6.5.0",
29
+ "com.pulumi:aws": "6.18.2",
30
30
  "com.pulumi:kubernetes": "4.4.0"
31
31
  }
32
32
  },
@@ -46,6 +46,114 @@
46
46
  },
47
47
  "config": {},
48
48
  "types": {
49
+ "eks:index:AccessEntry": {
50
+ "description": "Access entries allow an IAM principal to access your cluster.\n\nYou have the following options for authorizing an IAM principal to access Kubernetes objects on your cluster: Kubernetes role-based access control (RBAC), Amazon EKS, or both.\nKubernetes RBAC authorization requires you to create and manage Kubernetes Role , ClusterRole , RoleBinding , and ClusterRoleBinding objects, in addition to managing access entries. If you use Amazon EKS authorization exclusively, you don't need to create and manage Kubernetes Role , ClusterRole , RoleBinding , and ClusterRoleBinding objects.",
51
+ "properties": {
52
+ "accessPolicies": {
53
+ "type": "object",
54
+ "additionalProperties": {
55
+ "$ref": "#/types/eks:index:AccessPolicyAssociation"
56
+ },
57
+ "plain": true,
58
+ "description": "The access policies to associate to the access entry."
59
+ },
60
+ "kubernetesGroups": {
61
+ "type": "array",
62
+ "items": {
63
+ "type": "string"
64
+ },
65
+ "description": "A list of groups within Kubernetes to which the IAM principal is mapped to."
66
+ },
67
+ "principalArn": {
68
+ "type": "string",
69
+ "description": "The IAM Principal ARN which requires Authentication access to the EKS cluster."
70
+ },
71
+ "tags": {
72
+ "type": "object",
73
+ "additionalProperties": {
74
+ "type": "string"
75
+ },
76
+ "description": "The tags to apply to the AccessEntry."
77
+ },
78
+ "type": {
79
+ "$ref": "#/types/eks:index:AccessEntryType",
80
+ "description": "The type of the new access entry. Valid values are STANDARD, FARGATE_LINUX, EC2_LINUX, and EC2_WINDOWS.\nDefaults to STANDARD which provides the standard workflow. EC2_LINUX, EC2_WINDOWS, FARGATE_LINUX types disallow users to input a username or kubernetesGroup, and prevent associating access policies."
81
+ },
82
+ "username": {
83
+ "type": "string",
84
+ "description": "Defaults to the principalArn if the principal is a user, else defaults to assume-role/session-name."
85
+ }
86
+ },
87
+ "type": "object",
88
+ "required": [
89
+ "principalArn"
90
+ ]
91
+ },
92
+ "eks:index:AccessEntryType": {
93
+ "description": "The type of the new access entry. Valid values are STANDARD, FARGATE_LINUX, EC2_LINUX, and EC2_WINDOWS.\nDefaults to STANDARD which provides the standard workflow. EC2_LINUX and EC2_WINDOWS types disallow users to input a kubernetesGroup, and prevent associating access policies.",
94
+ "type": "string",
95
+ "enum": [
96
+ {
97
+ "name": "Standard",
98
+ "description": "Standard Access Entry Workflow. Allows users to input a username and kubernetesGroup, and to associate access policies.",
99
+ "value": "STANDARD"
100
+ },
101
+ {
102
+ "name": "FargateLinux",
103
+ "description": "For IAM roles used with AWS Fargate profiles.",
104
+ "value": "FARGATE_LINUX"
105
+ },
106
+ {
107
+ "name": "EC2Linux",
108
+ "description": "For IAM roles associated with self-managed Linux node groups. Allows the nodes to join the cluster.",
109
+ "value": "EC2_LINUX"
110
+ },
111
+ {
112
+ "name": "EC2Windows",
113
+ "description": "For IAM roles associated with self-managed Windows node groups. Allows the nodes to join the cluster.",
114
+ "value": "EC2_WINDOWS"
115
+ }
116
+ ]
117
+ },
118
+ "eks:index:AccessPolicyAssociation": {
119
+ "description": "Associates an access policy and its scope to an IAM principal.\n\nSee for more details:\nhttps://docs.aws.amazon.com/eks/latest/userguide/access-entries.html",
120
+ "properties": {
121
+ "accessScope": {
122
+ "$ref": "/aws/v6.18.2/schema.json#/types/aws:eks%2FAccessPolicyAssociationAccessScope:AccessPolicyAssociationAccessScope",
123
+ "description": "The scope of the access policy association. This controls whether the access policy is scoped to the cluster or to a particular namespace."
124
+ },
125
+ "policyArn": {
126
+ "type": "string",
127
+ "description": "The ARN of the access policy to associate with the principal"
128
+ }
129
+ },
130
+ "type": "object",
131
+ "required": [
132
+ "policyArn",
133
+ "accessScope"
134
+ ]
135
+ },
136
+ "eks:index:AuthenticationMode": {
137
+ "description": "The authentication mode of the cluster. Valid values are `CONFIG_MAP`, `API` or `API_AND_CONFIG_MAP`.\n\nSee for more details:\nhttps://docs.aws.amazon.com/eks/latest/userguide/grant-k8s-access.html#set-cam",
138
+ "type": "string",
139
+ "enum": [
140
+ {
141
+ "name": "ConfigMap",
142
+ "description": "Only aws-auth ConfigMap will be used for authenticating to the Kubernetes API.",
143
+ "value": "CONFIG_MAP"
144
+ },
145
+ {
146
+ "name": "Api",
147
+ "description": "Only Access Entries will be used for authenticating to the Kubernetes API.",
148
+ "value": "API"
149
+ },
150
+ {
151
+ "name": "ApiAndConfigMap",
152
+ "description": "Both aws-auth ConfigMap and Access Entries can be used for authenticating to the Kubernetes API.",
153
+ "value": "API_AND_CONFIG_MAP"
154
+ }
155
+ ]
156
+ },
49
157
  "eks:index:ClusterNodeGroupOptions": {
50
158
  "description": "Describes the configuration options accepted by a cluster to create its own node groups.",
51
159
  "properties": {
@@ -77,7 +185,7 @@
77
185
  "description": "The tags to apply to the CloudFormation Stack of the Worker NodeGroup.\n\nNote: Given the inheritance of auto-generated CF tags and `cloudFormationTags`, you should either supply the tag in `autoScalingGroupTags` or `cloudFormationTags`, but not both."
78
186
  },
79
187
  "clusterIngressRule": {
80
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroupRule:SecurityGroupRule",
188
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroupRule:SecurityGroupRule",
81
189
  "description": "The ingress rule that gives node group access."
82
190
  },
83
191
  "desiredCapacity": {
@@ -95,7 +203,7 @@
95
203
  "extraNodeSecurityGroups": {
96
204
  "type": "array",
97
205
  "items": {
98
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
206
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
99
207
  },
100
208
  "description": "Extra security groups to attach on all nodes in this worker node group.\n\nThis additional set of security groups captures any user application rules that will be needed for the nodes."
101
209
  },
@@ -104,7 +212,7 @@
104
212
  "description": "Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.\n\nDefaults to false.\n\nNote: `gpu` and `amiId` are mutually exclusive.\n\nSee for more details:\n- https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html\n- https://docs.aws.amazon.com/eks/latest/userguide/retrieve-ami-id.html"
105
213
  },
106
214
  "instanceProfile": {
107
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:iam%2FinstanceProfile:InstanceProfile",
215
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:iam%2FinstanceProfile:InstanceProfile",
108
216
  "plain": true,
109
217
  "description": "The ingress rule that gives node group access."
110
218
  },
@@ -152,7 +260,7 @@
152
260
  "description": "The size in GiB of a cluster node's root volume. Defaults to 20."
153
261
  },
154
262
  "nodeSecurityGroup": {
155
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
263
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
156
264
  "description": "The security group for the worker node group to communicate with the cluster.\n\nThis security group requires specific inbound and outbound rules.\n\nSee for more details:\nhttps://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html\n\nNote: The `nodeSecurityGroup` option and the cluster option`nodeSecurityGroupTags` are mutually exclusive."
157
265
  },
158
266
  "nodeSubnetIds": {
@@ -193,37 +301,44 @@
193
301
  "eks:index:CoreData": {
194
302
  "description": "Defines the core set of data associated with an EKS cluster, including the network in which it runs.",
195
303
  "properties": {
304
+ "accessEntries": {
305
+ "type": "array",
306
+ "items": {
307
+ "$ref": "#/types/eks:index:AccessEntry"
308
+ },
309
+ "description": "The access entries added to the cluster."
310
+ },
196
311
  "awsProvider": {
197
- "$ref": "/aws/v6.5.0/schema.json#/provider"
312
+ "$ref": "/aws/v6.18.2/schema.json#/provider"
198
313
  },
199
314
  "cluster": {
200
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:eks%2Fcluster:Cluster"
315
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:eks%2Fcluster:Cluster"
201
316
  },
202
317
  "clusterIamRole": {
203
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:iam%2Frole:Role",
318
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:iam%2Frole:Role",
204
319
  "description": "The IAM Role attached to the EKS Cluster"
205
320
  },
206
321
  "clusterSecurityGroup": {
207
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
322
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
208
323
  },
209
324
  "eksNodeAccess": {
210
325
  "$ref": "/kubernetes/v4.4.0/schema.json#/resources/kubernetes:core%2Fv1:ConfigMap"
211
326
  },
212
327
  "encryptionConfig": {
213
- "$ref": "/aws/v6.5.0/schema.json#/types/aws:eks%2FClusterEncryptionConfig:ClusterEncryptionConfig"
328
+ "$ref": "/aws/v6.18.2/schema.json#/types/aws:eks%2FClusterEncryptionConfig:ClusterEncryptionConfig"
214
329
  },
215
330
  "endpoint": {
216
331
  "type": "string",
217
332
  "description": "The EKS cluster's Kubernetes API server endpoint."
218
333
  },
219
334
  "fargateProfile": {
220
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:eks%2FfargateProfile:FargateProfile",
335
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:eks%2FfargateProfile:FargateProfile",
221
336
  "description": "The Fargate profile used to manage which pods run on Fargate."
222
337
  },
223
338
  "instanceRoles": {
224
339
  "type": "array",
225
340
  "items": {
226
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:iam%2Frole:Role"
341
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:iam%2Frole:Role"
227
342
  },
228
343
  "description": "The IAM instance roles for the cluster's nodes."
229
344
  },
@@ -243,7 +358,7 @@
243
358
  "description": "Tags attached to the security groups associated with the cluster's worker nodes."
244
359
  },
245
360
  "oidcProvider": {
246
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:iam%2FopenIdConnectProvider:OpenIdConnectProvider"
361
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:iam%2FopenIdConnectProvider:OpenIdConnectProvider"
247
362
  },
248
363
  "privateSubnetIds": {
249
364
  "type": "array",
@@ -309,11 +424,11 @@
309
424
  "description": "Contains the AWS Role and Provider necessary to override the `[system:master]` entity ARN. This is an optional argument used when creating `Cluster`. Read more: https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html\n\nNote: This option is only supported with Pulumi nodejs programs. Please use `ProviderCredentialOpts` as an alternative instead.",
310
425
  "properties": {
311
426
  "provider": {
312
- "$ref": "/aws/v6.5.0/schema.json#/provider",
427
+ "$ref": "/aws/v6.18.2/schema.json#/provider",
313
428
  "plain": true
314
429
  },
315
430
  "role": {
316
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:iam%2Frole:Role",
431
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:iam%2Frole:Role",
317
432
  "plain": true
318
433
  }
319
434
  },
@@ -333,7 +448,7 @@
333
448
  "selectors": {
334
449
  "type": "array",
335
450
  "items": {
336
- "$ref": "/aws/v6.5.0/schema.json#/types/aws:eks%2FFargateProfileSelector:FargateProfileSelector"
451
+ "$ref": "/aws/v6.18.2/schema.json#/types/aws:eks%2FFargateProfileSelector:FargateProfileSelector"
337
452
  },
338
453
  "description": "Specify the namespace and label selectors to use for launching pods into Fargate."
339
454
  },
@@ -369,18 +484,18 @@
369
484
  "description": "The AutoScalingGroup name for the node group."
370
485
  },
371
486
  "cfnStack": {
372
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:cloudformation%2Fstack:Stack",
487
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:cloudformation%2Fstack:Stack",
373
488
  "description": "The CloudFormation Stack which defines the Node AutoScalingGroup."
374
489
  },
375
490
  "extraNodeSecurityGroups": {
376
491
  "type": "array",
377
492
  "items": {
378
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
493
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
379
494
  },
380
495
  "description": "The additional security groups for the node group that captures user-specific rules."
381
496
  },
382
497
  "nodeSecurityGroup": {
383
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
498
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
384
499
  "description": "The security group for the node group to communicate with the cluster."
385
500
  }
386
501
  },
@@ -624,11 +739,11 @@
624
739
  "description": "Cluster is a component that wraps the AWS and Kubernetes resources necessary to run an EKS cluster, its worker nodes, its optional StorageClasses, and an optional deployment of the Kubernetes Dashboard.\n\n## Example Usage\n\n### Provisioning a New EKS Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as eks from \"@pulumi/eks\";\n\n// Create an EKS cluster with the default configuration.\nconst cluster = new eks.Cluster(\"cluster\", {});\n\n// Export the cluster's kubeconfig.\nexport const kubeconfig = cluster.kubeconfig;\n ```\n\n```python\n import pulumi\n import pulumi_eks as eks\n \n # Create an EKS cluster with the default configuration.\n cluster = eks.Cluster(\"cluster\")\n\n # Export the cluster's kubeconfig.\n pulumi.export(\"kubeconfig\", cluster.kubeconfig)\n ```\n\n```go\n package main\n \n import (\n \t\"github.com/pulumi/pulumi-eks/sdk/go/eks\"\n \t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n )\n\nfunc main() {\n \tpulumi.Run(func(ctx *pulumi.Context) error {\n \t\t// Create an EKS cluster with the default configuration.\n\t\tcluster, err := eks.NewCluster(ctx, \"cluster\", nil)\n \t\tif err != nil {\n \t\t\treturn err\n \t\t}\n \t\t// Export the cluster's kubeconfig.\n \t\tctx.Export(\"kubeconfig\", cluster.Kubeconfig)\n\t\treturn nil\n \t})\n }\n ```\n\n```csharp\n using System.Collections.Generic;\n using Pulumi;\n using Eks = Pulumi.Eks;\n \n return await Deployment.RunAsync(() =\u003e\n {\n \t// Create an EKS cluster with the default configuration.\n\tvar cluster = new Eks.Cluster(\"cluster\");\n \n \treturn new Dictionary\u003cstring, object?\u003e\n \t{\n \t\t// Export the cluster's kubeconfig.\n \t\t[\"kubeconfig\"] = cluster.Kubeconfig,\n \t};\n });\n\n```\n\n```java\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.eks.Cluster;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n\tpublic static void main(String[] args) {\n\t\tPulumi.run(App::stack);\n\t}\n\n\t public static void stack(Context ctx) {\n \t\t// Create an EKS cluster with the default configuration.\n \t\tvar cluster = new Cluster(\"cluster\");\n \n \t\t// Export the cluster's kubeconfig.\n\t\tctx.export(\"kubeconfig\", cluster.kubeconfig());\n\t}\n }\n```\n\n```yaml\nresources:\n# Create an EKS cluster with the default configuration.\ncluster:\ntype: eks:Cluster\noutputs:\n# Export the cluster's kubeconfig.\nkubeconfig: ${cluster.kubeconfig}\n\n```\n\u003c!--End PulumiCodeChooser --\u003e",
625
740
  "properties": {
626
741
  "awsProvider": {
627
- "$ref": "/aws/v6.5.0/schema.json#/provider",
742
+ "$ref": "/aws/v6.18.2/schema.json#/provider",
628
743
  "description": "The AWS resource provider."
629
744
  },
630
745
  "clusterSecurityGroup": {
631
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
746
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
632
747
  "description": "The security group for the EKS cluster."
633
748
  },
634
749
  "core": {
@@ -640,19 +755,19 @@
640
755
  "description": "The default Node Group configuration, or undefined if `skipDefaultNodeGroup` was specified."
641
756
  },
642
757
  "eksCluster": {
643
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:eks%2Fcluster:Cluster",
758
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:eks%2Fcluster:Cluster",
644
759
  "description": "The EKS cluster."
645
760
  },
646
761
  "eksClusterIngressRule": {
647
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroupRule:SecurityGroupRule",
762
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroupRule:SecurityGroupRule",
648
763
  "description": "The ingress rule that gives node group access to cluster API server."
649
764
  },
650
765
  "instanceRoles": {
651
766
  "type": "array",
652
767
  "items": {
653
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:iam%2Frole:Role"
768
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:iam%2Frole:Role"
654
769
  },
655
- "description": "The service roles used by the EKS cluster."
770
+ "description": "The service roles used by the EKS cluster. Only supported with authentication mode `CONFIG_MAP` or `API_AND_CONFIG_MAP`."
656
771
  },
657
772
  "kubeconfig": {
658
773
  "$ref": "pulumi.json#/Any",
@@ -663,7 +778,7 @@
663
778
  "description": "A kubeconfig that can be used to connect to the EKS cluster as a JSON string."
664
779
  },
665
780
  "nodeSecurityGroup": {
666
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
781
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
667
782
  "description": "The security group for the cluster's nodes."
668
783
  }
669
784
  },
@@ -679,8 +794,22 @@
679
794
  "core"
680
795
  ],
681
796
  "inputProperties": {
797
+ "accessEntries": {
798
+ "type": "object",
799
+ "additionalProperties": {
800
+ "$ref": "#/types/eks:index:AccessEntry",
801
+ "plain": true
802
+ },
803
+ "plain": true,
804
+ "description": "Access entries to add to the EKS cluster. They can be used to allow IAM principals to access the cluster. Access entries are only supported with authentication mode `API` or `API_AND_CONFIG_MAP`.\n\nSee for more details:\nhttps://docs.aws.amazon.com/eks/latest/userguide/access-entries.html"
805
+ },
806
+ "authenticationMode": {
807
+ "$ref": "#/types/eks:index:AuthenticationMode",
808
+ "plain": true,
809
+ "description": "The authentication mode of the cluster. Valid values are `CONFIG_MAP`, `API` or `API_AND_CONFIG_MAP`.\n\nSee for more details:\nhttps://docs.aws.amazon.com/eks/latest/userguide/grant-k8s-access.html#set-cam"
810
+ },
682
811
  "clusterSecurityGroup": {
683
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
812
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
684
813
  "description": "The security group to use for the cluster API endpoint. If not provided, a new security group will be created with full internet egress and ingress from node groups.\n\nNote: The security group resource should not contain any inline ingress or egress rules."
685
814
  },
686
815
  "clusterSecurityGroupTags": {
@@ -760,13 +889,13 @@
760
889
  "description": "The default IAM InstanceProfile to use on the Worker NodeGroups, if one is not already set in the NodeGroup."
761
890
  },
762
891
  "instanceRole": {
763
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:iam%2Frole:Role",
892
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:iam%2Frole:Role",
764
893
  "description": "This enables the simple case of only registering a *single* IAM instance role with the cluster, that is required to be shared by *all* node groups in their instance profiles.\n\nNote: options `instanceRole` and `instanceRoles` are mutually exclusive."
765
894
  },
766
895
  "instanceRoles": {
767
896
  "type": "array",
768
897
  "items": {
769
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:iam%2Frole:Role"
898
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:iam%2Frole:Role"
770
899
  },
771
900
  "description": "This enables the advanced case of registering *many* IAM instance roles with the cluster for per node group IAM, instead of the simpler, shared case of `instanceRole`.\n\nNote: options `instanceRole` and `instanceRoles` are mutually exclusive."
772
901
  },
@@ -874,10 +1003,10 @@
874
1003
  "items": {
875
1004
  "$ref": "#/types/eks:index:RoleMapping"
876
1005
  },
877
- "description": "Optional mappings from AWS IAM roles to Kubernetes users and groups."
1006
+ "description": "Optional mappings from AWS IAM roles to Kubernetes users and groups. Only supported with authentication mode `CONFIG_MAP` or `API_AND_CONFIG_MAP`"
878
1007
  },
879
1008
  "serviceRole": {
880
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:iam%2Frole:Role",
1009
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:iam%2Frole:Role",
881
1010
  "description": "IAM Service Role for EKS to use to manage the cluster."
882
1011
  },
883
1012
  "skipDefaultNodeGroup": {
@@ -927,7 +1056,7 @@
927
1056
  "items": {
928
1057
  "$ref": "#/types/eks:index:UserMapping"
929
1058
  },
930
- "description": "Optional mappings from AWS IAM users to Kubernetes users and groups."
1059
+ "description": "Optional mappings from AWS IAM users to Kubernetes users and groups. Only supported with authentication mode `CONFIG_MAP` or `API_AND_CONFIG_MAP`."
931
1060
  },
932
1061
  "version": {
933
1062
  "type": "string",
@@ -952,7 +1081,7 @@
952
1081
  "description": "ClusterCreationRoleProvider is a component that wraps creating a role provider that can be passed to the `Cluster`'s `creationRoleProvider`. This can be used to provide a specific role to use for the creation of the EKS cluster different from the role being used to run the Pulumi deployment.",
953
1082
  "properties": {
954
1083
  "role": {
955
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:iam%2Frole:Role"
1084
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:iam%2Frole:Role"
956
1085
  }
957
1086
  },
958
1087
  "required": [
@@ -972,7 +1101,7 @@
972
1101
  "description": "ManagedNodeGroup is a component that wraps creating an AWS managed node group.\n\nSee for more details:\nhttps://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html",
973
1102
  "properties": {
974
1103
  "nodeGroup": {
975
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:eks%2FnodeGroup:NodeGroup",
1104
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:eks%2FnodeGroup:NodeGroup",
976
1105
  "description": "The AWS managed node group."
977
1106
  }
978
1107
  },
@@ -1041,7 +1170,7 @@
1041
1170
  "description": "Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed."
1042
1171
  },
1043
1172
  "launchTemplate": {
1044
- "$ref": "/aws/v6.5.0/schema.json#/types/aws:eks%2FNodeGroupLaunchTemplate:NodeGroupLaunchTemplate",
1173
+ "$ref": "/aws/v6.18.2/schema.json#/types/aws:eks%2FNodeGroupLaunchTemplate:NodeGroupLaunchTemplate",
1045
1174
  "description": "Launch Template settings.\n\nNote: This field is mutually exclusive with `kubeletExtraArgs` and `bootstrapExtraArgs`."
1046
1175
  },
1047
1176
  "nodeGroupName": {
@@ -1053,7 +1182,7 @@
1053
1182
  "description": "Creates a unique name beginning with the specified prefix. Conflicts with `nodeGroupName`."
1054
1183
  },
1055
1184
  "nodeRole": {
1056
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:iam%2Frole:Role",
1185
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:iam%2Frole:Role",
1057
1186
  "description": "The IAM Role that provides permissions for the EKS Node Group.\n\nNote, `nodeRole` and `nodeRoleArn` are mutually exclusive, and a single option must be used."
1058
1187
  },
1059
1188
  "nodeRoleArn": {
@@ -1065,11 +1194,11 @@
1065
1194
  "description": "AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version."
1066
1195
  },
1067
1196
  "remoteAccess": {
1068
- "$ref": "/aws/v6.5.0/schema.json#/types/aws:eks%2FNodeGroupRemoteAccess:NodeGroupRemoteAccess",
1197
+ "$ref": "/aws/v6.18.2/schema.json#/types/aws:eks%2FNodeGroupRemoteAccess:NodeGroupRemoteAccess",
1069
1198
  "description": "Remote access settings."
1070
1199
  },
1071
1200
  "scalingConfig": {
1072
- "$ref": "/aws/v6.5.0/schema.json#/types/aws:eks%2FNodeGroupScalingConfig:NodeGroupScalingConfig",
1201
+ "$ref": "/aws/v6.18.2/schema.json#/types/aws:eks%2FNodeGroupScalingConfig:NodeGroupScalingConfig",
1073
1202
  "description": "Scaling settings.\n\nDefault scaling amounts of the node group autoscaling group are:\n - desiredSize: 2\n - minSize: 1\n - maxSize: 2"
1074
1203
  },
1075
1204
  "subnetIds": {
@@ -1089,7 +1218,7 @@
1089
1218
  "taints": {
1090
1219
  "type": "array",
1091
1220
  "items": {
1092
- "$ref": "/aws/v6.5.0/schema.json#/types/aws:eks%2FNodeGroupTaint:NodeGroupTaint"
1221
+ "$ref": "/aws/v6.18.2/schema.json#/types/aws:eks%2FNodeGroupTaint:NodeGroupTaint"
1093
1222
  },
1094
1223
  "description": "The Kubernetes taints to be applied to the nodes in the node group. Maximum of 50 taints per node group."
1095
1224
  },
@@ -1110,18 +1239,18 @@
1110
1239
  "description": "The AutoScalingGroup name for the Node group."
1111
1240
  },
1112
1241
  "cfnStack": {
1113
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:cloudformation%2Fstack:Stack",
1242
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:cloudformation%2Fstack:Stack",
1114
1243
  "description": "The CloudFormation Stack which defines the Node AutoScalingGroup."
1115
1244
  },
1116
1245
  "extraNodeSecurityGroups": {
1117
1246
  "type": "array",
1118
1247
  "items": {
1119
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
1248
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
1120
1249
  },
1121
1250
  "description": "The additional security groups for the node group that captures user-specific rules."
1122
1251
  },
1123
1252
  "nodeSecurityGroup": {
1124
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
1253
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
1125
1254
  "description": "The security group for the node group to communicate with the cluster."
1126
1255
  }
1127
1256
  },
@@ -1171,7 +1300,7 @@
1171
1300
  "description": "The target EKS cluster."
1172
1301
  },
1173
1302
  "clusterIngressRule": {
1174
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroupRule:SecurityGroupRule",
1303
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroupRule:SecurityGroupRule",
1175
1304
  "description": "The ingress rule that gives node group access."
1176
1305
  },
1177
1306
  "desiredCapacity": {
@@ -1189,7 +1318,7 @@
1189
1318
  "extraNodeSecurityGroups": {
1190
1319
  "type": "array",
1191
1320
  "items": {
1192
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
1321
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
1193
1322
  },
1194
1323
  "description": "Extra security groups to attach on all nodes in this worker node group.\n\nThis additional set of security groups captures any user application rules that will be needed for the nodes."
1195
1324
  },
@@ -1198,7 +1327,7 @@
1198
1327
  "description": "Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.\n\nDefaults to false.\n\nNote: `gpu` and `amiId` are mutually exclusive.\n\nSee for more details:\n- https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html\n- https://docs.aws.amazon.com/eks/latest/userguide/retrieve-ami-id.html"
1199
1328
  },
1200
1329
  "instanceProfile": {
1201
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:iam%2FinstanceProfile:InstanceProfile",
1330
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:iam%2FinstanceProfile:InstanceProfile",
1202
1331
  "plain": true,
1203
1332
  "description": "The ingress rule that gives node group access."
1204
1333
  },
@@ -1246,7 +1375,7 @@
1246
1375
  "description": "The size in GiB of a cluster node's root volume. Defaults to 20."
1247
1376
  },
1248
1377
  "nodeSecurityGroup": {
1249
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
1378
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
1250
1379
  "description": "The security group for the worker node group to communicate with the cluster.\n\nThis security group requires specific inbound and outbound rules.\n\nSee for more details:\nhttps://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html\n\nNote: The `nodeSecurityGroup` option and the cluster option`nodeSecurityGroupTags` are mutually exclusive."
1251
1380
  },
1252
1381
  "nodeSubnetIds": {
@@ -1291,11 +1420,11 @@
1291
1420
  "description": "NodeGroupSecurityGroup is a component that wraps creating a security group for node groups with the default ingress \u0026 egress rules required to connect and work with the EKS cluster security group.",
1292
1421
  "properties": {
1293
1422
  "securityGroup": {
1294
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
1423
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
1295
1424
  "description": "The security group for node groups with the default ingress \u0026 egress rules required to connect and work with the EKS cluster security group."
1296
1425
  },
1297
1426
  "securityGroupRule": {
1298
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroupRule:SecurityGroupRule",
1427
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroupRule:SecurityGroupRule",
1299
1428
  "description": "The EKS cluster ingress rule."
1300
1429
  }
1301
1430
  },
@@ -1305,11 +1434,11 @@
1305
1434
  ],
1306
1435
  "inputProperties": {
1307
1436
  "clusterSecurityGroup": {
1308
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
1437
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
1309
1438
  "description": "The security group associated with the EKS cluster."
1310
1439
  },
1311
1440
  "eksCluster": {
1312
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:eks%2Fcluster:Cluster",
1441
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:eks%2Fcluster:Cluster",
1313
1442
  "description": "The EKS cluster associated with the worker node group"
1314
1443
  },
1315
1444
  "tags": {
@@ -1335,18 +1464,18 @@
1335
1464
  "description": "NodeGroup is a component that wraps the AWS EC2 instances that provide compute capacity for an EKS cluster.",
1336
1465
  "properties": {
1337
1466
  "autoScalingGroup": {
1338
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:autoscaling%2Fgroup:Group",
1467
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:autoscaling%2Fgroup:Group",
1339
1468
  "description": "The AutoScalingGroup for the Node group."
1340
1469
  },
1341
1470
  "extraNodeSecurityGroups": {
1342
1471
  "type": "array",
1343
1472
  "items": {
1344
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
1473
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
1345
1474
  },
1346
1475
  "description": "The additional security groups for the node group that captures user-specific rules."
1347
1476
  },
1348
1477
  "nodeSecurityGroup": {
1349
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
1478
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
1350
1479
  "description": "The security group for the node group to communicate with the cluster."
1351
1480
  }
1352
1481
  },
@@ -1395,7 +1524,7 @@
1395
1524
  "description": "The target EKS cluster."
1396
1525
  },
1397
1526
  "clusterIngressRule": {
1398
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroupRule:SecurityGroupRule",
1527
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroupRule:SecurityGroupRule",
1399
1528
  "description": "The ingress rule that gives node group access."
1400
1529
  },
1401
1530
  "desiredCapacity": {
@@ -1413,7 +1542,7 @@
1413
1542
  "extraNodeSecurityGroups": {
1414
1543
  "type": "array",
1415
1544
  "items": {
1416
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
1545
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup"
1417
1546
  },
1418
1547
  "description": "Extra security groups to attach on all nodes in this worker node group.\n\nThis additional set of security groups captures any user application rules that will be needed for the nodes."
1419
1548
  },
@@ -1422,7 +1551,7 @@
1422
1551
  "description": "Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.\n\nDefaults to false.\n\nNote: `gpu` and `amiId` are mutually exclusive.\n\nSee for more details:\n- https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html\n- https://docs.aws.amazon.com/eks/latest/userguide/retrieve-ami-id.html"
1423
1552
  },
1424
1553
  "instanceProfile": {
1425
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:iam%2FinstanceProfile:InstanceProfile",
1554
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:iam%2FinstanceProfile:InstanceProfile",
1426
1555
  "plain": true,
1427
1556
  "description": "The ingress rule that gives node group access."
1428
1557
  },
@@ -1451,7 +1580,7 @@
1451
1580
  "launchTemplateTagSpecifications": {
1452
1581
  "type": "array",
1453
1582
  "items": {
1454
- "$ref": "/aws/v6.5.0/schema.json#/types/aws:ec2%2FLaunchTemplateTagSpecification:LaunchTemplateTagSpecification"
1583
+ "$ref": "/aws/v6.18.2/schema.json#/types/aws:ec2%2FLaunchTemplateTagSpecification:LaunchTemplateTagSpecification"
1455
1584
  },
1456
1585
  "description": "The tag specifications to apply to the launch template."
1457
1586
  },
@@ -1481,7 +1610,7 @@
1481
1610
  "description": "The size in GiB of a cluster node's root volume. Defaults to 20."
1482
1611
  },
1483
1612
  "nodeSecurityGroup": {
1484
- "$ref": "/aws/v6.5.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
1613
+ "$ref": "/aws/v6.18.2/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
1485
1614
  "description": "The security group for the worker node group to communicate with the cluster.\n\nThis security group requires specific inbound and outbound rules.\n\nSee for more details:\nhttps://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html\n\nNote: The `nodeSecurityGroup` option and the cluster option`nodeSecurityGroupTags` are mutually exclusive."
1486
1615
  },
1487
1616
  "nodeSubnetIds": {
package/index.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- export { Cluster, ClusterOptions, ClusterNodeGroupOptions, CoreData, RoleMapping, UserMapping, CreationRoleProvider, ClusterCreationRoleProvider, ClusterCreationRoleProviderOptions, getRoleProvider, KubeconfigOptions, } from "./cluster";
1
+ export { AccessEntry, AccessEntryType, AccessPolicyAssociation, AuthenticationMode, Cluster, ClusterOptions, ClusterNodeGroupOptions, CoreData, RoleMapping, UserMapping, CreationRoleProvider, ClusterCreationRoleProvider, ClusterCreationRoleProviderOptions, getRoleProvider, KubeconfigOptions, } from "./cluster";
2
2
  export { ManagedNodeGroup, ManagedNodeGroupOptions, NodeGroup, NodeGroupV2, NodeGroupOptions, NodeGroupData, createManagedNodeGroup, } from "./nodegroup";
3
3
  export { VpcCni, VpcCniOptions } from "./cni";
4
4
  export { NodeGroupSecurityGroup, createNodeGroupSecurityGroup } from "./securitygroup";
package/index.js CHANGED
@@ -13,8 +13,10 @@
13
13
  // See the License for the specific language governing permissions and
14
14
  // limitations under the License.
15
15
  Object.defineProperty(exports, "__esModule", { value: true });
16
- exports.createStorageClass = exports.createNodeGroupSecurityGroup = exports.NodeGroupSecurityGroup = exports.VpcCni = exports.createManagedNodeGroup = exports.NodeGroupV2 = exports.NodeGroup = exports.ManagedNodeGroup = exports.getRoleProvider = exports.ClusterCreationRoleProvider = exports.Cluster = void 0;
16
+ exports.createStorageClass = exports.createNodeGroupSecurityGroup = exports.NodeGroupSecurityGroup = exports.VpcCni = exports.createManagedNodeGroup = exports.NodeGroupV2 = exports.NodeGroup = exports.ManagedNodeGroup = exports.getRoleProvider = exports.ClusterCreationRoleProvider = exports.Cluster = exports.AuthenticationMode = exports.AccessEntryType = void 0;
17
17
  var cluster_1 = require("./cluster");
18
+ Object.defineProperty(exports, "AccessEntryType", { enumerable: true, get: function () { return cluster_1.AccessEntryType; } });
19
+ Object.defineProperty(exports, "AuthenticationMode", { enumerable: true, get: function () { return cluster_1.AuthenticationMode; } });
18
20
  Object.defineProperty(exports, "Cluster", { enumerable: true, get: function () { return cluster_1.Cluster; } });
19
21
  Object.defineProperty(exports, "ClusterCreationRoleProvider", { enumerable: true, get: function () { return cluster_1.ClusterCreationRoleProvider; } });
20
22
  Object.defineProperty(exports, "getRoleProvider", { enumerable: true, get: function () { return cluster_1.getRoleProvider; } });
package/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":";AAAA,2CAA2C;AAC3C,EAAE;AACF,kEAAkE;AAClE,mEAAmE;AACnE,0CAA0C;AAC1C,EAAE;AACF,iDAAiD;AACjD,EAAE;AACF,sEAAsE;AACtE,oEAAoE;AACpE,2EAA2E;AAC3E,sEAAsE;AACtE,iCAAiC;;;AAEjC,qCAYmB;AAXf,kGAAA,OAAO,OAAA;AAOP,sHAAA,2BAA2B,OAAA;AAE3B,0GAAA,eAAe,OAAA;AAGnB,yCAQqB;AAPjB,6GAAA,gBAAgB,OAAA;AAEhB,sGAAA,SAAS,OAAA;AACT,wGAAA,WAAW,OAAA;AAGX,mHAAA,sBAAsB,OAAA;AAE1B,6BAA8C;AAArC,6FAAA,MAAM,OAAA;AACf,iDAAuF;AAA9E,uHAAA,sBAAsB,OAAA;AAAE,6HAAA,4BAA4B,OAAA;AAC7D,+CAAiF;AAA3C,kHAAA,kBAAkB,OAAA"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":";AAAA,2CAA2C;AAC3C,EAAE;AACF,kEAAkE;AAClE,mEAAmE;AACnE,0CAA0C;AAC1C,EAAE;AACF,iDAAiD;AACjD,EAAE;AACF,sEAAsE;AACtE,oEAAoE;AACpE,2EAA2E;AAC3E,sEAAsE;AACtE,iCAAiC;;;AAEjC,qCAgBmB;AAdf,0GAAA,eAAe,OAAA;AAEf,6GAAA,kBAAkB,OAAA;AAClB,kGAAA,OAAO,OAAA;AAOP,sHAAA,2BAA2B,OAAA;AAE3B,0GAAA,eAAe,OAAA;AAGnB,yCAQqB;AAPjB,6GAAA,gBAAgB,OAAA;AAEhB,sGAAA,SAAS,OAAA;AACT,wGAAA,WAAW,OAAA;AAGX,mHAAA,sBAAsB,OAAA;AAE1B,6BAA8C;AAArC,6FAAA,MAAM,OAAA;AACf,iDAAuF;AAA9E,uHAAA,sBAAsB,OAAA;AAAE,6HAAA,4BAA4B,OAAA;AAC7D,+CAAiF;AAA3C,kHAAA,kBAAkB,OAAA"}