pulumi-eks 3.9.0a1742626547__py3-none-any.whl → 4.2.0__py3-none-any.whl

pulumi_eks/cluster.py

@@ -2,6 +2,7 @@
 # *** WARNING: this file was generated by pulumi-gen-eks. ***
 # *** Do not edit by hand unless you're certain you know what you are doing! ***
 
+import builtins
 import copy
 import warnings
 import sys
@@ -28,58 +29,60 @@ class ClusterArgs:
                  access_entries: Optional[Mapping[str, 'AccessEntryArgs']] = None,
                  authentication_mode: Optional['AuthenticationMode'] = None,
                  auto_mode: Optional['AutoModeOptionsArgs'] = None,
+                 bootstrap_self_managed_addons: Optional[pulumi.Input[builtins.bool]] = None,
                  cluster_security_group: Optional[pulumi.Input['pulumi_aws.ec2.SecurityGroup']] = None,
-                 cluster_security_group_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 cluster_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
+                 cluster_security_group_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 cluster_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
                  coredns_addon_options: Optional['CoreDnsAddonOptionsArgs'] = None,
-                 create_instance_role: Optional[bool] = None,
-                 create_oidc_provider: Optional[pulumi.Input[bool]] = None,
+                 create_instance_role: Optional[builtins.bool] = None,
+                 create_oidc_provider: Optional[pulumi.Input[builtins.bool]] = None,
                  creation_role_provider: Optional['CreationRoleProviderArgs'] = None,
-                 default_addons_to_remove: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 desired_capacity: Optional[pulumi.Input[int]] = None,
-                 enable_config_map_mutable: Optional[pulumi.Input[bool]] = None,
-                 enabled_cluster_log_types: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 encryption_config_key_arn: Optional[pulumi.Input[str]] = None,
-                 endpoint_private_access: Optional[pulumi.Input[bool]] = None,
-                 endpoint_public_access: Optional[pulumi.Input[bool]] = None,
-                 fargate: Optional[pulumi.Input[Union[bool, 'FargateProfileArgs']]] = None,
-                 gpu: Optional[pulumi.Input[bool]] = None,
-                 instance_profile_name: Optional[pulumi.Input[str]] = None,
+                 deletion_protection: Optional[pulumi.Input[builtins.bool]] = None,
+                 desired_capacity: Optional[pulumi.Input[builtins.int]] = None,
+                 enable_config_map_mutable: Optional[pulumi.Input[builtins.bool]] = None,
+                 enabled_cluster_log_types: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 encryption_config_key_arn: Optional[pulumi.Input[builtins.str]] = None,
+                 endpoint_private_access: Optional[pulumi.Input[builtins.bool]] = None,
+                 endpoint_public_access: Optional[pulumi.Input[builtins.bool]] = None,
+                 fargate: Optional[pulumi.Input[Union[builtins.bool, 'FargateProfileArgs']]] = None,
+                 gpu: Optional[pulumi.Input[builtins.bool]] = None,
+                 instance_profile_name: Optional[pulumi.Input[builtins.str]] = None,
                  instance_role: Optional[pulumi.Input['pulumi_aws.iam.Role']] = None,
                  instance_roles: Optional[pulumi.Input[Sequence[pulumi.Input['pulumi_aws.iam.Role']]]] = None,
-                 instance_type: Optional[pulumi.Input[str]] = None,
-                 ip_family: Optional[pulumi.Input[str]] = None,
+                 instance_type: Optional[pulumi.Input[builtins.str]] = None,
+                 ip_family: Optional[pulumi.Input[builtins.str]] = None,
                  kube_proxy_addon_options: Optional['KubeProxyAddonOptionsArgs'] = None,
-                 kubernetes_service_ip_address_range: Optional[pulumi.Input[str]] = None,
-                 max_size: Optional[pulumi.Input[int]] = None,
-                 min_size: Optional[pulumi.Input[int]] = None,
-                 name: Optional[pulumi.Input[str]] = None,
-                 node_ami_id: Optional[pulumi.Input[str]] = None,
-                 node_associate_public_ip_address: Optional[bool] = None,
+                 kubernetes_service_ip_address_range: Optional[pulumi.Input[builtins.str]] = None,
+                 max_size: Optional[pulumi.Input[builtins.int]] = None,
+                 min_size: Optional[pulumi.Input[builtins.int]] = None,
+                 name: Optional[pulumi.Input[builtins.str]] = None,
+                 node_ami_id: Optional[pulumi.Input[builtins.str]] = None,
+                 node_associate_public_ip_address: Optional[builtins.bool] = None,
                  node_group_options: Optional['ClusterNodeGroupOptionsArgs'] = None,
-                 node_public_key: Optional[pulumi.Input[str]] = None,
-                 node_root_volume_encrypted: Optional[pulumi.Input[bool]] = None,
-                 node_root_volume_size: Optional[pulumi.Input[int]] = None,
-                 node_security_group_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 node_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 node_user_data: Optional[pulumi.Input[str]] = None,
-                 private_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 node_public_key: Optional[pulumi.Input[builtins.str]] = None,
+                 node_root_volume_encrypted: Optional[pulumi.Input[builtins.bool]] = None,
+                 node_root_volume_size: Optional[pulumi.Input[builtins.int]] = None,
+                 node_security_group_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 node_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 node_user_data: Optional[pulumi.Input[builtins.str]] = None,
+                 private_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  provider_credential_opts: Optional[pulumi.Input['KubeconfigOptionsArgs']] = None,
-                 proxy: Optional[str] = None,
-                 public_access_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 public_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 proxy: Optional[builtins.str] = None,
+                 public_access_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 public_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  role_mappings: Optional[pulumi.Input[Sequence[pulumi.Input['RoleMappingArgs']]]] = None,
                  service_role: Optional[pulumi.Input['pulumi_aws.iam.Role']] = None,
-                 skip_default_node_group: Optional[bool] = None,
-                 skip_default_security_groups: Optional[bool] = None,
-                 storage_classes: Optional[Union[str, Mapping[str, 'StorageClassArgs']]] = None,
-                 subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 use_default_vpc_cni: Optional[bool] = None,
+                 skip_default_node_group: Optional[builtins.bool] = None,
+                 skip_default_security_groups: Optional[builtins.bool] = None,
+                 storage_classes: Optional[Union[builtins.str, Mapping[str, 'StorageClassArgs']]] = None,
+                 subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 upgrade_policy: Optional[pulumi.Input['pulumi_aws.eks.ClusterUpgradePolicyArgs']] = None,
+                 use_default_vpc_cni: Optional[builtins.bool] = None,
                  user_mappings: Optional[pulumi.Input[Sequence[pulumi.Input['UserMappingArgs']]]] = None,
-                 version: Optional[pulumi.Input[str]] = None,
+                 version: Optional[pulumi.Input[builtins.str]] = None,
                  vpc_cni_options: Optional['VpcCniOptionsArgs'] = None,
-                 vpc_id: Optional[pulumi.Input[str]] = None):
+                 vpc_id: Optional[pulumi.Input[builtins.str]] = None):
         """
         The set of arguments for constructing a Cluster resource.
         :param Mapping[str, 'AccessEntryArgs'] access_entries: Access entries to add to the EKS cluster. They can be used to allow IAM principals to access the cluster. Access entries are only supported with authentication mode `API` or `API_AND_CONFIG_MAP`.
@@ -93,16 +96,17 @@ class ClusterArgs:
         :param 'AutoModeOptionsArgs' auto_mode: Configuration Options for EKS Auto Mode. If EKS Auto Mode is enabled, AWS will manage cluster infrastructure on your behalf.
                
                For more information, see: https://docs.aws.amazon.com/eks/latest/userguide/automode.html
+        :param pulumi.Input[builtins.bool] bootstrap_self_managed_addons: Install default unmanaged add-ons, such as `aws-cni`, `kube-proxy`, and CoreDNS during cluster creation. If `false`, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to `true`
         :param pulumi.Input['pulumi_aws.ec2.SecurityGroup'] cluster_security_group: The security group to use for the cluster API endpoint. If not provided, a new security group will be created with full internet egress and ingress from node groups.
                
                Note: The security group resource should not contain any inline ingress or egress rules.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] cluster_security_group_tags: The tags to apply to the cluster security group.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] cluster_tags: The tags to apply to the EKS cluster.
+        :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] cluster_security_group_tags: The tags to apply to the cluster security group.
+        :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] cluster_tags: The tags to apply to the EKS cluster.
         :param 'CoreDnsAddonOptionsArgs' coredns_addon_options: Options for managing the `coredns` addon.
-        :param bool create_instance_role: Whether to create the instance role for the EKS cluster. Defaults to true when using the default node group, false otherwise.
+        :param builtins.bool create_instance_role: Whether to create the instance role for the EKS cluster. Defaults to true when using the default node group, false otherwise.
                If set to false when using the default node group, an instance role or instance profile must be provided.n
                Note: this option has no effect if a custom instance role is provided with `instanceRole` or `instanceRoles`.
-        :param pulumi.Input[bool] create_oidc_provider: Indicates whether an IAM OIDC Provider is created for the EKS cluster.
+        :param pulumi.Input[builtins.bool] create_oidc_provider: Indicates whether an IAM OIDC Provider is created for the EKS cluster.
                
                The OIDC provider is used in the cluster in combination with k8s Service Account annotations to provide IAM roles at the k8s Pod level.
                
@@ -114,22 +118,22 @@ class ClusterArgs:
         :param 'CreationRoleProviderArgs' creation_role_provider: The IAM Role Provider used to create & authenticate against the EKS cluster. This role is given `[system:masters]` permission in K8S, See: https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html
                
                Note: This option is only supported with Pulumi nodejs programs. Please use `ProviderCredentialOpts` as an alternative instead.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] default_addons_to_remove: List of addons to remove upon creation. Any addon listed will be "adopted" and then removed. This allows for the creation of a baremetal cluster where no addon is deployed and direct management of addons via Pulumi Kubernetes resources. Valid entries are kube-proxy, coredns and vpc-cni. Only works on first creation of a cluster.
-        :param pulumi.Input[int] desired_capacity: The number of worker nodes that should be running in the cluster. Defaults to 2.
-        :param pulumi.Input[bool] enable_config_map_mutable: Sets the 'enableConfigMapMutable' option on the cluster kubernetes provider.
+        :param pulumi.Input[builtins.bool] deletion_protection: Whether to enable deletion protection for the cluster. When enabled, the cluster cannot be deleted unless deletion protection is first disabled. Default: `false`.
+        :param pulumi.Input[builtins.int] desired_capacity: The number of worker nodes that should be running in the cluster. Defaults to 2.
+        :param pulumi.Input[builtins.bool] enable_config_map_mutable: Sets the 'enableConfigMapMutable' option on the cluster kubernetes provider.
                
                Applies updates to the aws-auth ConfigMap in place over a replace operation if set to true.
                https://www.pulumi.com/registry/packages/kubernetes/api-docs/provider/#enableconfigmapmutable_nodejs
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] enabled_cluster_log_types: Enable EKS control plane logging. This sends logs to cloudwatch. Possible list of values are: ["api", "audit", "authenticator", "controllerManager", "scheduler"]. By default it is off.
-        :param pulumi.Input[str] encryption_config_key_arn: KMS Key ARN to use with the encryption configuration for the cluster.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] enabled_cluster_log_types: Enable EKS control plane logging. This sends logs to cloudwatch. Possible list of values are: ["api", "audit", "authenticator", "controllerManager", "scheduler"]. By default it is off.
+        :param pulumi.Input[builtins.str] encryption_config_key_arn: KMS Key ARN to use with the encryption configuration for the cluster.
                
                Only available on Kubernetes 1.13+ clusters created after March 6, 2020.
                See for more details:
                - https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-eks-adds-envelope-encryption-for-secrets-with-aws-kms/
-        :param pulumi.Input[bool] endpoint_private_access: Indicates whether or not the Amazon EKS private API server endpoint is enabled. Default is `false`.
-        :param pulumi.Input[bool] endpoint_public_access: Indicates whether or not the Amazon EKS public API server endpoint is enabled. Default is `true`.
-        :param pulumi.Input[Union[bool, 'FargateProfileArgs']] fargate: Add support for launching pods in Fargate. Defaults to launching pods in the `default` namespace.  If specified, the default node group is skipped as though `skipDefaultNodeGroup: true` had been passed.
-        :param pulumi.Input[bool] gpu: Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.
+        :param pulumi.Input[builtins.bool] endpoint_private_access: Indicates whether or not the Amazon EKS private API server endpoint is enabled. Default is `false`.
+        :param pulumi.Input[builtins.bool] endpoint_public_access: Indicates whether or not the Amazon EKS public API server endpoint is enabled. Default is `true`.
+        :param pulumi.Input[Union[builtins.bool, 'FargateProfileArgs']] fargate: Add support for launching pods in Fargate. Defaults to launching pods in the `default` namespace.  If specified, the default node group is skipped as though `skipDefaultNodeGroup: true` had been passed.
+        :param pulumi.Input[builtins.bool] gpu: Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.
                
                Defaults to false.
                
@@ -138,18 +142,18 @@ class ClusterArgs:
                See for more details:
                - https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html
                - https://docs.aws.amazon.com/eks/latest/userguide/retrieve-ami-id.html
-        :param pulumi.Input[str] instance_profile_name: The default IAM InstanceProfile to use on the Worker NodeGroups, if one is not already set in the NodeGroup.
+        :param pulumi.Input[builtins.str] instance_profile_name: The default IAM InstanceProfile to use on the Worker NodeGroups, if one is not already set in the NodeGroup.
         :param pulumi.Input['pulumi_aws.iam.Role'] instance_role: This enables the simple case of only registering a *single* IAM instance role with the cluster, that is required to be shared by *all* node groups in their instance profiles.
                
                Note: options `instanceRole` and `instanceRoles` are mutually exclusive.
         :param pulumi.Input[Sequence[pulumi.Input['pulumi_aws.iam.Role']]] instance_roles: This enables the advanced case of registering *many* IAM instance roles with the cluster for per node group IAM, instead of the simpler, shared case of `instanceRole`.
                
                Note: options `instanceRole` and `instanceRoles` are mutually exclusive.
-        :param pulumi.Input[str] instance_type: The instance type to use for the cluster's nodes. Defaults to "t3.medium".
-        :param pulumi.Input[str] ip_family: The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`.
+        :param pulumi.Input[builtins.str] instance_type: The instance type to use for the cluster's nodes. Defaults to "t3.medium".
+        :param pulumi.Input[builtins.str] ip_family: The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`.
                You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.
         :param 'KubeProxyAddonOptionsArgs' kube_proxy_addon_options: Options for managing the `kube-proxy` addon.
-        :param pulumi.Input[str] kubernetes_service_ip_address_range: The CIDR block to assign Kubernetes service IP addresses from. If you don't
+        :param pulumi.Input[builtins.str] kubernetes_service_ip_address_range: The CIDR block to assign Kubernetes service IP addresses from. If you don't
                specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or
                172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block
                that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify
@@ -159,14 +163,14 @@ class ClusterArgs:
                - Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0.0/12, or 192.168.0.0/16.
                - Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.
                - Between /24 and /12.
-        :param pulumi.Input[int] max_size: The maximum number of worker nodes running in the cluster. Defaults to 2.
-        :param pulumi.Input[int] min_size: The minimum number of worker nodes running in the cluster. Defaults to 1.
-        :param pulumi.Input[str] name: The cluster's physical resource name.
+        :param pulumi.Input[builtins.int] max_size: The maximum number of worker nodes running in the cluster. Defaults to 2.
+        :param pulumi.Input[builtins.int] min_size: The minimum number of worker nodes running in the cluster. Defaults to 1.
+        :param pulumi.Input[builtins.str] name: The cluster's physical resource name.
                
                If not specified, the default is to use auto-naming for the cluster's name, resulting in a physical name with the format `${name}-eksCluster-0123abcd`.
                
                See for more details: https://www.pulumi.com/docs/intro/concepts/programming-model/#autonaming
-        :param pulumi.Input[str] node_ami_id: The AMI ID to use for the worker nodes.
+        :param pulumi.Input[builtins.str] node_ami_id: The AMI ID to use for the worker nodes.
                
                Defaults to the latest recommended EKS Optimized Linux AMI from the AWS Systems Manager Parameter Store.
                
@@ -174,19 +178,19 @@ class ClusterArgs:
                
                See for more details:
                - https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html.
-        :param bool node_associate_public_ip_address: Whether or not to auto-assign the EKS worker nodes public IP addresses. If this toggle is set to true, the EKS workers will be auto-assigned public IPs. If false, they will not be auto-assigned public IPs.
+        :param builtins.bool node_associate_public_ip_address: Whether or not to auto-assign the EKS worker nodes public IP addresses. If this toggle is set to true, the EKS workers will be auto-assigned public IPs. If false, they will not be auto-assigned public IPs.
         :param 'ClusterNodeGroupOptionsArgs' node_group_options: The common configuration settings for NodeGroups.
-        :param pulumi.Input[str] node_public_key: Public key material for SSH access to worker nodes. See allowed formats at:
+        :param pulumi.Input[builtins.str] node_public_key: Public key material for SSH access to worker nodes. See allowed formats at:
                https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
                If not provided, no SSH access is enabled on VMs.
-        :param pulumi.Input[bool] node_root_volume_encrypted: Encrypt the root block device of the nodes in the node group.
-        :param pulumi.Input[int] node_root_volume_size: The size in GiB of a cluster node's root volume. Defaults to 20.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] node_security_group_tags: The tags to apply to the default `nodeSecurityGroup` created by the cluster.
+        :param pulumi.Input[builtins.bool] node_root_volume_encrypted: Encrypt the root block device of the nodes in the node group.
+        :param pulumi.Input[builtins.int] node_root_volume_size: The size in GiB of a cluster node's root volume. Defaults to 20.
+        :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] node_security_group_tags: The tags to apply to the default `nodeSecurityGroup` created by the cluster.
                
                Note: The `nodeSecurityGroupTags` option and the node group option `nodeSecurityGroup` are mutually exclusive.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] node_subnet_ids: The subnets to use for worker nodes. Defaults to the value of subnetIds.
-        :param pulumi.Input[str] node_user_data: Extra code to run on node startup. This code will run after the AWS EKS bootstrapping code and before the node signals its readiness to the managing CloudFormation stack. This code must be a typical user data script: critically it must begin with an interpreter directive (i.e. a `#!`).
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] private_subnet_ids: The set of private subnets to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] node_subnet_ids: The subnets to use for worker nodes. Defaults to the value of subnetIds.
+        :param pulumi.Input[builtins.str] node_user_data: Extra code to run on node startup. This code will run after the AWS EKS bootstrapping code and before the node signals its readiness to the managing CloudFormation stack. This code must be a typical user data script: critically it must begin with an interpreter directive (i.e. a `#!`).
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] private_subnet_ids: The set of private subnets to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
                
                If `vpcId` is not set, the cluster will use the AWS account's default VPC subnets.
                
@@ -214,7 +218,7 @@ class ClusterArgs:
                - https://www.pulumi.com/docs/intro/cloud-providers/aws/setup/
                - https://www.pulumi.com/docs/intro/cloud-providers/aws/#configuration
                - https://docs.aws.amazon.com/eks/latest/userguide/create-kubeconfig.html
-        :param str proxy: The HTTP(S) proxy to use within a proxied environment.
+        :param builtins.str proxy: The HTTP(S) proxy to use within a proxied environment.
                
                 The proxy is used during cluster creation, and OIDC configuration.
                
@@ -229,8 +233,8 @@ class ClusterArgs:
                  - "http://proxy.example.com:3128"
                  - "https://proxy.example.com"
                  - "http://username:password@proxy.example.com:3128"
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] public_access_cidrs: Indicates which CIDR blocks can access the Amazon EKS public API server endpoint.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] public_subnet_ids: The set of public subnets to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] public_access_cidrs: Indicates which CIDR blocks can access the Amazon EKS public API server endpoint.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] public_subnet_ids: The set of public subnets to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
                
                If `vpcId` is not set, the cluster will use the AWS account's default VPC subnets.
                
@@ -245,14 +249,14 @@ class ClusterArgs:
                See for more details: https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html.Note: The use of `subnetIds`, along with `publicSubnetIds` and/or `privateSubnetIds` is mutually exclusive. The use of `publicSubnetIds` and `privateSubnetIds` is encouraged.
         :param pulumi.Input[Sequence[pulumi.Input['RoleMappingArgs']]] role_mappings: Optional mappings from AWS IAM roles to Kubernetes users and groups. Only supported with authentication mode `CONFIG_MAP` or `API_AND_CONFIG_MAP`
         :param pulumi.Input['pulumi_aws.iam.Role'] service_role: IAM Service Role for EKS to use to manage the cluster.
-        :param bool skip_default_node_group: If this toggle is set to true, the EKS cluster will be created without node group attached. Defaults to false, unless `fargate` or `autoMode` is enabled.
-        :param bool skip_default_security_groups: If this toggle is set to true, the EKS cluster will be created without the default node and cluster security groups. Defaults to false, unless `autoMode` is enabled.
+        :param builtins.bool skip_default_node_group: If this toggle is set to true, the EKS cluster will be created without node group attached. Defaults to false, unless `fargate` or `autoMode` is enabled.
+        :param builtins.bool skip_default_security_groups: If this toggle is set to true, the EKS cluster will be created without the default node and cluster security groups. Defaults to false, unless `autoMode` is enabled.
                
                See for more details: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html
-        :param Union[str, Mapping[str, 'StorageClassArgs']] storage_classes: An optional set of StorageClasses to enable for the cluster. If this is a single volume type rather than a map, a single StorageClass will be created for that volume type.
+        :param Union[builtins.str, Mapping[str, 'StorageClassArgs']] storage_classes: An optional set of StorageClasses to enable for the cluster. If this is a single volume type rather than a map, a single StorageClass will be created for that volume type.
                
                Note: As of Kubernetes v1.11+ on EKS, a default `gp2` storage class will always be created automatically for the cluster by the EKS service. See https://docs.aws.amazon.com/eks/latest/userguide/storage-classes.html
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] subnet_ids: The set of all subnets, public and private, to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] subnet_ids: The set of all subnets, public and private, to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
                
                If `vpcId` is not set, the cluster will use the AWS account's default VPC subnets.
                
@@ -261,13 +265,14 @@ class ClusterArgs:
                See for more details: https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html.
                
                Note: The use of `subnetIds`, along with `publicSubnetIds` and/or `privateSubnetIds` is mutually exclusive. The use of `publicSubnetIds` and `privateSubnetIds` is encouraged.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] tags: Key-value mapping of tags that are automatically applied to all AWS resources directly under management with this cluster, which support tagging.
-        :param bool use_default_vpc_cni: Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`.
+        :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] tags: Key-value mapping of tags that are automatically applied to all AWS resources directly under management with this cluster, which support tagging.
+        :param pulumi.Input['pulumi_aws.eks.ClusterUpgradePolicyArgs'] upgrade_policy: The cluster's upgrade policy. Valid support types are "STANDARD" and "EXTENDED". Defaults to "EXTENDED".
+        :param builtins.bool use_default_vpc_cni: Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`.
                Defaults to true, unless `autoMode` is enabled.
         :param pulumi.Input[Sequence[pulumi.Input['UserMappingArgs']]] user_mappings: Optional mappings from AWS IAM users to Kubernetes users and groups. Only supported with authentication mode `CONFIG_MAP` or `API_AND_CONFIG_MAP`.
-        :param pulumi.Input[str] version: Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.
+        :param pulumi.Input[builtins.str] version: Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.
         :param 'VpcCniOptionsArgs' vpc_cni_options: The configuration of the Amazon VPC CNI plugin for this instance. Defaults are described in the documentation for the VpcCniOptions type.
-        :param pulumi.Input[str] vpc_id: The VPC in which to create the cluster and its worker nodes. If unset, the cluster will be created in the default VPC.
+        :param pulumi.Input[builtins.str] vpc_id: The VPC in which to create the cluster and its worker nodes. If unset, the cluster will be created in the default VPC.
         """
         if access_entries is not None:
             pulumi.set(__self__, "access_entries", access_entries)
@@ -275,6 +280,8 @@ class ClusterArgs:
             pulumi.set(__self__, "authentication_mode", authentication_mode)
         if auto_mode is not None:
             pulumi.set(__self__, "auto_mode", auto_mode)
+        if bootstrap_self_managed_addons is not None:
+            pulumi.set(__self__, "bootstrap_self_managed_addons", bootstrap_self_managed_addons)
         if cluster_security_group is not None:
             pulumi.set(__self__, "cluster_security_group", cluster_security_group)
         if cluster_security_group_tags is not None:
@@ -289,8 +296,8 @@ class ClusterArgs:
             pulumi.set(__self__, "create_oidc_provider", create_oidc_provider)
         if creation_role_provider is not None:
             pulumi.set(__self__, "creation_role_provider", creation_role_provider)
-        if default_addons_to_remove is not None:
-            pulumi.set(__self__, "default_addons_to_remove", default_addons_to_remove)
+        if deletion_protection is not None:
+            pulumi.set(__self__, "deletion_protection", deletion_protection)
         if desired_capacity is not None:
             pulumi.set(__self__, "desired_capacity", desired_capacity)
         if enable_config_map_mutable is not None:
@@ -369,6 +376,8 @@ class ClusterArgs:
             pulumi.set(__self__, "subnet_ids", subnet_ids)
         if tags is not None:
             pulumi.set(__self__, "tags", tags)
+        if upgrade_policy is not None:
+            pulumi.set(__self__, "upgrade_policy", upgrade_policy)
         if use_default_vpc_cni is not None:
             pulumi.set(__self__, "use_default_vpc_cni", use_default_vpc_cni)
         if user_mappings is not None:
@@ -424,6 +433,18 @@ class ClusterArgs:
     def auto_mode(self, value: Optional['AutoModeOptionsArgs']):
         pulumi.set(self, "auto_mode", value)
 
+    @property
+    @pulumi.getter(name="bootstrapSelfManagedAddons")
+    def bootstrap_self_managed_addons(self) -> Optional[pulumi.Input[builtins.bool]]:
+        """
+        Install default unmanaged add-ons, such as `aws-cni`, `kube-proxy`, and CoreDNS during cluster creation. If `false`, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to `true`
+        """
+        return pulumi.get(self, "bootstrap_self_managed_addons")
+
+    @bootstrap_self_managed_addons.setter
+    def bootstrap_self_managed_addons(self, value: Optional[pulumi.Input[builtins.bool]]):
+        pulumi.set(self, "bootstrap_self_managed_addons", value)
+
     @property
     @pulumi.getter(name="clusterSecurityGroup")
     def cluster_security_group(self) -> Optional[pulumi.Input['pulumi_aws.ec2.SecurityGroup']]:
@@ -440,26 +461,26 @@ class ClusterArgs:
 
     @property
     @pulumi.getter(name="clusterSecurityGroupTags")
-    def cluster_security_group_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
+    def cluster_security_group_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
         """
         The tags to apply to the cluster security group.
         """
         return pulumi.get(self, "cluster_security_group_tags")
 
     @cluster_security_group_tags.setter
-    def cluster_security_group_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
+    def cluster_security_group_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "cluster_security_group_tags", value)
 
     @property
     @pulumi.getter(name="clusterTags")
-    def cluster_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
+    def cluster_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
         """
         The tags to apply to the EKS cluster.
         """
         return pulumi.get(self, "cluster_tags")
 
     @cluster_tags.setter
-    def cluster_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
+    def cluster_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "cluster_tags", value)
 
     @property
@@ -476,7 +497,7 @@ class ClusterArgs:
 
     @property
     @pulumi.getter(name="createInstanceRole")
-    def create_instance_role(self) -> Optional[bool]:
+    def create_instance_role(self) -> Optional[builtins.bool]:
         """
         Whether to create the instance role for the EKS cluster. Defaults to true when using the default node group, false otherwise.
         If set to false when using the default node group, an instance role or instance profile must be provided.n
@@ -485,12 +506,12 @@ class ClusterArgs:
         return pulumi.get(self, "create_instance_role")
 
     @create_instance_role.setter
-    def create_instance_role(self, value: Optional[bool]):
+    def create_instance_role(self, value: Optional[builtins.bool]):
         pulumi.set(self, "create_instance_role", value)
 
     @property
     @pulumi.getter(name="createOidcProvider")
-    def create_oidc_provider(self) -> Optional[pulumi.Input[bool]]:
+    def create_oidc_provider(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Indicates whether an IAM OIDC Provider is created for the EKS cluster.
 
@@ -505,7 +526,7 @@ class ClusterArgs:
         return pulumi.get(self, "create_oidc_provider")
 
     @create_oidc_provider.setter
-    def create_oidc_provider(self, value: Optional[pulumi.Input[bool]]):
+    def create_oidc_provider(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "create_oidc_provider", value)
 
     @property
@@ -523,32 +544,32 @@ class ClusterArgs:
         pulumi.set(self, "creation_role_provider", value)
 
     @property
-    @pulumi.getter(name="defaultAddonsToRemove")
-    def default_addons_to_remove(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    @pulumi.getter(name="deletionProtection")
+    def deletion_protection(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
-        List of addons to remove upon creation. Any addon listed will be "adopted" and then removed. This allows for the creation of a baremetal cluster where no addon is deployed and direct management of addons via Pulumi Kubernetes resources. Valid entries are kube-proxy, coredns and vpc-cni. Only works on first creation of a cluster.
+        Whether to enable deletion protection for the cluster. When enabled, the cluster cannot be deleted unless deletion protection is first disabled. Default: `false`.
         """
-        return pulumi.get(self, "default_addons_to_remove")
+        return pulumi.get(self, "deletion_protection")
 
-    @default_addons_to_remove.setter
-    def default_addons_to_remove(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
-        pulumi.set(self, "default_addons_to_remove", value)
+    @deletion_protection.setter
+    def deletion_protection(self, value: Optional[pulumi.Input[builtins.bool]]):
+        pulumi.set(self, "deletion_protection", value)
 
     @property
     @pulumi.getter(name="desiredCapacity")
-    def desired_capacity(self) -> Optional[pulumi.Input[int]]:
+    def desired_capacity(self) -> Optional[pulumi.Input[builtins.int]]:
         """
         The number of worker nodes that should be running in the cluster. Defaults to 2.
         """
         return pulumi.get(self, "desired_capacity")
 
     @desired_capacity.setter
-    def desired_capacity(self, value: Optional[pulumi.Input[int]]):
+    def desired_capacity(self, value: Optional[pulumi.Input[builtins.int]]):
         pulumi.set(self, "desired_capacity", value)
 
     @property
     @pulumi.getter(name="enableConfigMapMutable")
-    def enable_config_map_mutable(self) -> Optional[pulumi.Input[bool]]:
+    def enable_config_map_mutable(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Sets the 'enableConfigMapMutable' option on the cluster kubernetes provider.
 
@@ -558,24 +579,24 @@ class ClusterArgs:
         return pulumi.get(self, "enable_config_map_mutable")
 
     @enable_config_map_mutable.setter
-    def enable_config_map_mutable(self, value: Optional[pulumi.Input[bool]]):
+    def enable_config_map_mutable(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "enable_config_map_mutable", value)
 
     @property
     @pulumi.getter(name="enabledClusterLogTypes")
-    def enabled_cluster_log_types(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def enabled_cluster_log_types(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         Enable EKS control plane logging. This sends logs to cloudwatch. Possible list of values are: ["api", "audit", "authenticator", "controllerManager", "scheduler"]. By default it is off.
         """
         return pulumi.get(self, "enabled_cluster_log_types")
 
     @enabled_cluster_log_types.setter
-    def enabled_cluster_log_types(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def enabled_cluster_log_types(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "enabled_cluster_log_types", value)
 
     @property
     @pulumi.getter(name="encryptionConfigKeyArn")
-    def encryption_config_key_arn(self) -> Optional[pulumi.Input[str]]:
+    def encryption_config_key_arn(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         KMS Key ARN to use with the encryption configuration for the cluster.
 
@@ -586,48 +607,48 @@ class ClusterArgs:
         return pulumi.get(self, "encryption_config_key_arn")
 
     @encryption_config_key_arn.setter
-    def encryption_config_key_arn(self, value: Optional[pulumi.Input[str]]):
+    def encryption_config_key_arn(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "encryption_config_key_arn", value)
 
     @property
     @pulumi.getter(name="endpointPrivateAccess")
-    def endpoint_private_access(self) -> Optional[pulumi.Input[bool]]:
+    def endpoint_private_access(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Indicates whether or not the Amazon EKS private API server endpoint is enabled. Default is `false`.
         """
         return pulumi.get(self, "endpoint_private_access")
 
     @endpoint_private_access.setter
-    def endpoint_private_access(self, value: Optional[pulumi.Input[bool]]):
+    def endpoint_private_access(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "endpoint_private_access", value)
 
     @property
     @pulumi.getter(name="endpointPublicAccess")
-    def endpoint_public_access(self) -> Optional[pulumi.Input[bool]]:
+    def endpoint_public_access(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Indicates whether or not the Amazon EKS public API server endpoint is enabled. Default is `true`.
         """
         return pulumi.get(self, "endpoint_public_access")
 
     @endpoint_public_access.setter
-    def endpoint_public_access(self, value: Optional[pulumi.Input[bool]]):
+    def endpoint_public_access(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "endpoint_public_access", value)
 
     @property
     @pulumi.getter
-    def fargate(self) -> Optional[pulumi.Input[Union[bool, 'FargateProfileArgs']]]:
+    def fargate(self) -> Optional[pulumi.Input[Union[builtins.bool, 'FargateProfileArgs']]]:
         """
         Add support for launching pods in Fargate. Defaults to launching pods in the `default` namespace.  If specified, the default node group is skipped as though `skipDefaultNodeGroup: true` had been passed.
         """
         return pulumi.get(self, "fargate")
 
     @fargate.setter
-    def fargate(self, value: Optional[pulumi.Input[Union[bool, 'FargateProfileArgs']]]):
+    def fargate(self, value: Optional[pulumi.Input[Union[builtins.bool, 'FargateProfileArgs']]]):
         pulumi.set(self, "fargate", value)
 
     @property
     @pulumi.getter
-    def gpu(self) -> Optional[pulumi.Input[bool]]:
+    def gpu(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.
 
@@ -642,19 +663,19 @@ class ClusterArgs:
         return pulumi.get(self, "gpu")
 
     @gpu.setter
-    def gpu(self, value: Optional[pulumi.Input[bool]]):
+    def gpu(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "gpu", value)
 
     @property
     @pulumi.getter(name="instanceProfileName")
-    def instance_profile_name(self) -> Optional[pulumi.Input[str]]:
+    def instance_profile_name(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The default IAM InstanceProfile to use on the Worker NodeGroups, if one is not already set in the NodeGroup.
         """
         return pulumi.get(self, "instance_profile_name")
 
     @instance_profile_name.setter
-    def instance_profile_name(self, value: Optional[pulumi.Input[str]]):
+    def instance_profile_name(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "instance_profile_name", value)
 
     @property
@@ -687,19 +708,19 @@ class ClusterArgs:
 
     @property
     @pulumi.getter(name="instanceType")
-    def instance_type(self) -> Optional[pulumi.Input[str]]:
+    def instance_type(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The instance type to use for the cluster's nodes. Defaults to "t3.medium".
         """
         return pulumi.get(self, "instance_type")
 
     @instance_type.setter
-    def instance_type(self, value: Optional[pulumi.Input[str]]):
+    def instance_type(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "instance_type", value)
 
     @property
     @pulumi.getter(name="ipFamily")
-    def ip_family(self) -> Optional[pulumi.Input[str]]:
+    def ip_family(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`.
         You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.
@@ -707,7 +728,7 @@ class ClusterArgs:
         return pulumi.get(self, "ip_family")
 
     @ip_family.setter
-    def ip_family(self, value: Optional[pulumi.Input[str]]):
+    def ip_family(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "ip_family", value)
 
     @property
@@ -724,7 +745,7 @@ class ClusterArgs:
 
     @property
     @pulumi.getter(name="kubernetesServiceIpAddressRange")
-    def kubernetes_service_ip_address_range(self) -> Optional[pulumi.Input[str]]:
+    def kubernetes_service_ip_address_range(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The CIDR block to assign Kubernetes service IP addresses from. If you don't
         specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or
@@ -740,36 +761,36 @@ class ClusterArgs:
         return pulumi.get(self, "kubernetes_service_ip_address_range")
 
     @kubernetes_service_ip_address_range.setter
-    def kubernetes_service_ip_address_range(self, value: Optional[pulumi.Input[str]]):
+    def kubernetes_service_ip_address_range(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "kubernetes_service_ip_address_range", value)
 
     @property
     @pulumi.getter(name="maxSize")
-    def max_size(self) -> Optional[pulumi.Input[int]]:
+    def max_size(self) -> Optional[pulumi.Input[builtins.int]]:
         """
         The maximum number of worker nodes running in the cluster. Defaults to 2.
         """
         return pulumi.get(self, "max_size")
 
     @max_size.setter
-    def max_size(self, value: Optional[pulumi.Input[int]]):
+    def max_size(self, value: Optional[pulumi.Input[builtins.int]]):
         pulumi.set(self, "max_size", value)
 
     @property
     @pulumi.getter(name="minSize")
-    def min_size(self) -> Optional[pulumi.Input[int]]:
+    def min_size(self) -> Optional[pulumi.Input[builtins.int]]:
         """
         The minimum number of worker nodes running in the cluster. Defaults to 1.
         """
         return pulumi.get(self, "min_size")
 
     @min_size.setter
-    def min_size(self, value: Optional[pulumi.Input[int]]):
+    def min_size(self, value: Optional[pulumi.Input[builtins.int]]):
         pulumi.set(self, "min_size", value)
 
     @property
     @pulumi.getter
-    def name(self) -> Optional[pulumi.Input[str]]:
+    def name(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The cluster's physical resource name.
 
@@ -780,12 +801,12 @@ class ClusterArgs:
         return pulumi.get(self, "name")
 
     @name.setter
-    def name(self, value: Optional[pulumi.Input[str]]):
+    def name(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "name", value)
 
     @property
     @pulumi.getter(name="nodeAmiId")
-    def node_ami_id(self) -> Optional[pulumi.Input[str]]:
+    def node_ami_id(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The AMI ID to use for the worker nodes.
 
@@ -799,19 +820,19 @@ class ClusterArgs:
         return pulumi.get(self, "node_ami_id")
 
     @node_ami_id.setter
-    def node_ami_id(self, value: Optional[pulumi.Input[str]]):
+    def node_ami_id(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "node_ami_id", value)
 
     @property
     @pulumi.getter(name="nodeAssociatePublicIpAddress")
-    def node_associate_public_ip_address(self) -> Optional[bool]:
+    def node_associate_public_ip_address(self) -> Optional[builtins.bool]:
         """
         Whether or not to auto-assign the EKS worker nodes public IP addresses. If this toggle is set to true, the EKS workers will be auto-assigned public IPs. If false, they will not be auto-assigned public IPs.
         """
         return pulumi.get(self, "node_associate_public_ip_address")
 
     @node_associate_public_ip_address.setter
-    def node_associate_public_ip_address(self, value: Optional[bool]):
+    def node_associate_public_ip_address(self, value: Optional[builtins.bool]):
         pulumi.set(self, "node_associate_public_ip_address", value)
 
     @property
@@ -828,7 +849,7 @@ class ClusterArgs:
 
     @property
     @pulumi.getter(name="nodePublicKey")
-    def node_public_key(self) -> Optional[pulumi.Input[str]]:
+    def node_public_key(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Public key material for SSH access to worker nodes. See allowed formats at:
         https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
@@ -837,36 +858,36 @@ class ClusterArgs:
         return pulumi.get(self, "node_public_key")
 
     @node_public_key.setter
-    def node_public_key(self, value: Optional[pulumi.Input[str]]):
+    def node_public_key(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "node_public_key", value)
 
     @property
     @pulumi.getter(name="nodeRootVolumeEncrypted")
-    def node_root_volume_encrypted(self) -> Optional[pulumi.Input[bool]]:
+    def node_root_volume_encrypted(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Encrypt the root block device of the nodes in the node group.
         """
         return pulumi.get(self, "node_root_volume_encrypted")
 
     @node_root_volume_encrypted.setter
-    def node_root_volume_encrypted(self, value: Optional[pulumi.Input[bool]]):
+    def node_root_volume_encrypted(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "node_root_volume_encrypted", value)
 
     @property
     @pulumi.getter(name="nodeRootVolumeSize")
-    def node_root_volume_size(self) -> Optional[pulumi.Input[int]]:
+    def node_root_volume_size(self) -> Optional[pulumi.Input[builtins.int]]:
         """
         The size in GiB of a cluster node's root volume. Defaults to 20.
         """
         return pulumi.get(self, "node_root_volume_size")
 
     @node_root_volume_size.setter
-    def node_root_volume_size(self, value: Optional[pulumi.Input[int]]):
+    def node_root_volume_size(self, value: Optional[pulumi.Input[builtins.int]]):
         pulumi.set(self, "node_root_volume_size", value)
 
     @property
     @pulumi.getter(name="nodeSecurityGroupTags")
-    def node_security_group_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
+    def node_security_group_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
         """
         The tags to apply to the default `nodeSecurityGroup` created by the cluster.
 
@@ -875,36 +896,36 @@ class ClusterArgs:
         return pulumi.get(self, "node_security_group_tags")
 
     @node_security_group_tags.setter
-    def node_security_group_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
+    def node_security_group_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "node_security_group_tags", value)
 
     @property
     @pulumi.getter(name="nodeSubnetIds")
-    def node_subnet_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def node_subnet_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         The subnets to use for worker nodes. Defaults to the value of subnetIds.
         """
         return pulumi.get(self, "node_subnet_ids")
 
     @node_subnet_ids.setter
-    def node_subnet_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def node_subnet_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "node_subnet_ids", value)
 
     @property
     @pulumi.getter(name="nodeUserData")
-    def node_user_data(self) -> Optional[pulumi.Input[str]]:
+    def node_user_data(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Extra code to run on node startup. This code will run after the AWS EKS bootstrapping code and before the node signals its readiness to the managing CloudFormation stack. This code must be a typical user data script: critically it must begin with an interpreter directive (i.e. a `#!`).
         """
         return pulumi.get(self, "node_user_data")
 
     @node_user_data.setter
-    def node_user_data(self, value: Optional[pulumi.Input[str]]):
+    def node_user_data(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "node_user_data", value)
 
     @property
     @pulumi.getter(name="privateSubnetIds")
-    def private_subnet_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def private_subnet_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         The set of private subnets to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
 
@@ -925,7 +946,7 @@ class ClusterArgs:
         return pulumi.get(self, "private_subnet_ids")
 
     @private_subnet_ids.setter
-    def private_subnet_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def private_subnet_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "private_subnet_ids", value)
 
     @property
@@ -954,7 +975,7 @@ class ClusterArgs:
 
     @property
     @pulumi.getter
-    def proxy(self) -> Optional[str]:
+    def proxy(self) -> Optional[builtins.str]:
         """
         The HTTP(S) proxy to use within a proxied environment.
 
@@ -975,24 +996,24 @@ class ClusterArgs:
         return pulumi.get(self, "proxy")
 
     @proxy.setter
-    def proxy(self, value: Optional[str]):
+    def proxy(self, value: Optional[builtins.str]):
         pulumi.set(self, "proxy", value)
 
     @property
     @pulumi.getter(name="publicAccessCidrs")
-    def public_access_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def public_access_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         Indicates which CIDR blocks can access the Amazon EKS public API server endpoint.
         """
         return pulumi.get(self, "public_access_cidrs")
 
     @public_access_cidrs.setter
-    def public_access_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def public_access_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "public_access_cidrs", value)
 
     @property
     @pulumi.getter(name="publicSubnetIds")
-    def public_subnet_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def public_subnet_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         The set of public subnets to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
 
@@ -1011,7 +1032,7 @@ class ClusterArgs:
         return pulumi.get(self, "public_subnet_ids")
 
     @public_subnet_ids.setter
-    def public_subnet_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def public_subnet_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "public_subnet_ids", value)
 
     @property
@@ -1040,19 +1061,19 @@ class ClusterArgs:
 
     @property
     @pulumi.getter(name="skipDefaultNodeGroup")
-    def skip_default_node_group(self) -> Optional[bool]:
+    def skip_default_node_group(self) -> Optional[builtins.bool]:
         """
         If this toggle is set to true, the EKS cluster will be created without node group attached. Defaults to false, unless `fargate` or `autoMode` is enabled.
         """
         return pulumi.get(self, "skip_default_node_group")
 
     @skip_default_node_group.setter
-    def skip_default_node_group(self, value: Optional[bool]):
+    def skip_default_node_group(self, value: Optional[builtins.bool]):
         pulumi.set(self, "skip_default_node_group", value)
 
     @property
     @pulumi.getter(name="skipDefaultSecurityGroups")
-    def skip_default_security_groups(self) -> Optional[bool]:
+    def skip_default_security_groups(self) -> Optional[builtins.bool]:
         """
         If this toggle is set to true, the EKS cluster will be created without the default node and cluster security groups. Defaults to false, unless `autoMode` is enabled.
 
@@ -1061,12 +1082,12 @@ class ClusterArgs:
         return pulumi.get(self, "skip_default_security_groups")
 
     @skip_default_security_groups.setter
-    def skip_default_security_groups(self, value: Optional[bool]):
+    def skip_default_security_groups(self, value: Optional[builtins.bool]):
         pulumi.set(self, "skip_default_security_groups", value)
 
     @property
     @pulumi.getter(name="storageClasses")
-    def storage_classes(self) -> Optional[Union[str, Mapping[str, 'StorageClassArgs']]]:
+    def storage_classes(self) -> Optional[Union[builtins.str, Mapping[str, 'StorageClassArgs']]]:
         """
         An optional set of StorageClasses to enable for the cluster. If this is a single volume type rather than a map, a single StorageClass will be created for that volume type.
 
@@ -1075,12 +1096,12 @@ class ClusterArgs:
         return pulumi.get(self, "storage_classes")
 
     @storage_classes.setter
-    def storage_classes(self, value: Optional[Union[str, Mapping[str, 'StorageClassArgs']]]):
+    def storage_classes(self, value: Optional[Union[builtins.str, Mapping[str, 'StorageClassArgs']]]):
         pulumi.set(self, "storage_classes", value)
 
     @property
     @pulumi.getter(name="subnetIds")
-    def subnet_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def subnet_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         The set of all subnets, public and private, to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
 
@@ -1095,24 +1116,36 @@ class ClusterArgs:
         return pulumi.get(self, "subnet_ids")
 
     @subnet_ids.setter
-    def subnet_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def subnet_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "subnet_ids", value)
 
     @property
     @pulumi.getter
-    def tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
+    def tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
         """
         Key-value mapping of tags that are automatically applied to all AWS resources directly under management with this cluster, which support tagging.
         """
         return pulumi.get(self, "tags")
 
     @tags.setter
-    def tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
+    def tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "tags", value)
 
+    @property
+    @pulumi.getter(name="upgradePolicy")
+    def upgrade_policy(self) -> Optional[pulumi.Input['pulumi_aws.eks.ClusterUpgradePolicyArgs']]:
+        """
+        The cluster's upgrade policy. Valid support types are "STANDARD" and "EXTENDED". Defaults to "EXTENDED".
+        """
+        return pulumi.get(self, "upgrade_policy")
+
+    @upgrade_policy.setter
+    def upgrade_policy(self, value: Optional[pulumi.Input['pulumi_aws.eks.ClusterUpgradePolicyArgs']]):
+        pulumi.set(self, "upgrade_policy", value)
+
     @property
     @pulumi.getter(name="useDefaultVpcCni")
-    def use_default_vpc_cni(self) -> Optional[bool]:
+    def use_default_vpc_cni(self) -> Optional[builtins.bool]:
         """
         Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`.
         Defaults to true, unless `autoMode` is enabled.
@@ -1120,7 +1153,7 @@ class ClusterArgs:
         return pulumi.get(self, "use_default_vpc_cni")
 
     @use_default_vpc_cni.setter
-    def use_default_vpc_cni(self, value: Optional[bool]):
+    def use_default_vpc_cni(self, value: Optional[builtins.bool]):
         pulumi.set(self, "use_default_vpc_cni", value)
 
     @property
@@ -1137,14 +1170,14 @@ class ClusterArgs:
 
     @property
     @pulumi.getter
-    def version(self) -> Optional[pulumi.Input[str]]:
+    def version(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.
         """
         return pulumi.get(self, "version")
 
     @version.setter
-    def version(self, value: Optional[pulumi.Input[str]]):
+    def version(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "version", value)
 
     @property
@@ -1161,17 +1194,18 @@ class ClusterArgs:
 
     @property
     @pulumi.getter(name="vpcId")
-    def vpc_id(self) -> Optional[pulumi.Input[str]]:
+    def vpc_id(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The VPC in which to create the cluster and its worker nodes. If unset, the cluster will be created in the default VPC.
         """
         return pulumi.get(self, "vpc_id")
 
     @vpc_id.setter
-    def vpc_id(self, value: Optional[pulumi.Input[str]]):
+    def vpc_id(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "vpc_id", value)
 
 
+@pulumi.type_token("eks:index:Cluster")
 class Cluster(pulumi.ComponentResource):
     @overload
     def __init__(__self__,
@@ -1180,58 +1214,60 @@ class Cluster(pulumi.ComponentResource):
                  access_entries: Optional[Mapping[str, Union['AccessEntryArgs', 'AccessEntryArgsDict']]] = None,
                  authentication_mode: Optional['AuthenticationMode'] = None,
                  auto_mode: Optional[Union['AutoModeOptionsArgs', 'AutoModeOptionsArgsDict']] = None,
+                 bootstrap_self_managed_addons: Optional[pulumi.Input[builtins.bool]] = None,
                  cluster_security_group: Optional[pulumi.Input['pulumi_aws.ec2.SecurityGroup']] = None,
-                 cluster_security_group_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 cluster_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
+                 cluster_security_group_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 cluster_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
                  coredns_addon_options: Optional[Union['CoreDnsAddonOptionsArgs', 'CoreDnsAddonOptionsArgsDict']] = None,
-                 create_instance_role: Optional[bool] = None,
-                 create_oidc_provider: Optional[pulumi.Input[bool]] = None,
+                 create_instance_role: Optional[builtins.bool] = None,
+                 create_oidc_provider: Optional[pulumi.Input[builtins.bool]] = None,
                  creation_role_provider: Optional[Union['CreationRoleProviderArgs', 'CreationRoleProviderArgsDict']] = None,
-                 default_addons_to_remove: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 desired_capacity: Optional[pulumi.Input[int]] = None,
-                 enable_config_map_mutable: Optional[pulumi.Input[bool]] = None,
-                 enabled_cluster_log_types: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 encryption_config_key_arn: Optional[pulumi.Input[str]] = None,
-                 endpoint_private_access: Optional[pulumi.Input[bool]] = None,
-                 endpoint_public_access: Optional[pulumi.Input[bool]] = None,
-                 fargate: Optional[pulumi.Input[Union[bool, Union['FargateProfileArgs', 'FargateProfileArgsDict']]]] = None,
-                 gpu: Optional[pulumi.Input[bool]] = None,
-                 instance_profile_name: Optional[pulumi.Input[str]] = None,
+                 deletion_protection: Optional[pulumi.Input[builtins.bool]] = None,
+                 desired_capacity: Optional[pulumi.Input[builtins.int]] = None,
+                 enable_config_map_mutable: Optional[pulumi.Input[builtins.bool]] = None,
+                 enabled_cluster_log_types: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 encryption_config_key_arn: Optional[pulumi.Input[builtins.str]] = None,
+                 endpoint_private_access: Optional[pulumi.Input[builtins.bool]] = None,
+                 endpoint_public_access: Optional[pulumi.Input[builtins.bool]] = None,
+                 fargate: Optional[pulumi.Input[Union[builtins.bool, Union['FargateProfileArgs', 'FargateProfileArgsDict']]]] = None,
+                 gpu: Optional[pulumi.Input[builtins.bool]] = None,
+                 instance_profile_name: Optional[pulumi.Input[builtins.str]] = None,
                  instance_role: Optional[pulumi.Input['pulumi_aws.iam.Role']] = None,
                  instance_roles: Optional[pulumi.Input[Sequence[pulumi.Input['pulumi_aws.iam.Role']]]] = None,
-                 instance_type: Optional[pulumi.Input[str]] = None,
-                 ip_family: Optional[pulumi.Input[str]] = None,
+                 instance_type: Optional[pulumi.Input[builtins.str]] = None,
+                 ip_family: Optional[pulumi.Input[builtins.str]] = None,
                  kube_proxy_addon_options: Optional[Union['KubeProxyAddonOptionsArgs', 'KubeProxyAddonOptionsArgsDict']] = None,
-                 kubernetes_service_ip_address_range: Optional[pulumi.Input[str]] = None,
-                 max_size: Optional[pulumi.Input[int]] = None,
-                 min_size: Optional[pulumi.Input[int]] = None,
-                 name: Optional[pulumi.Input[str]] = None,
-                 node_ami_id: Optional[pulumi.Input[str]] = None,
-                 node_associate_public_ip_address: Optional[bool] = None,
+                 kubernetes_service_ip_address_range: Optional[pulumi.Input[builtins.str]] = None,
+                 max_size: Optional[pulumi.Input[builtins.int]] = None,
+                 min_size: Optional[pulumi.Input[builtins.int]] = None,
+                 name: Optional[pulumi.Input[builtins.str]] = None,
+                 node_ami_id: Optional[pulumi.Input[builtins.str]] = None,
+                 node_associate_public_ip_address: Optional[builtins.bool] = None,
                  node_group_options: Optional[Union['ClusterNodeGroupOptionsArgs', 'ClusterNodeGroupOptionsArgsDict']] = None,
-                 node_public_key: Optional[pulumi.Input[str]] = None,
-                 node_root_volume_encrypted: Optional[pulumi.Input[bool]] = None,
-                 node_root_volume_size: Optional[pulumi.Input[int]] = None,
-                 node_security_group_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 node_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 node_user_data: Optional[pulumi.Input[str]] = None,
-                 private_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 node_public_key: Optional[pulumi.Input[builtins.str]] = None,
+                 node_root_volume_encrypted: Optional[pulumi.Input[builtins.bool]] = None,
+                 node_root_volume_size: Optional[pulumi.Input[builtins.int]] = None,
+                 node_security_group_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 node_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 node_user_data: Optional[pulumi.Input[builtins.str]] = None,
+                 private_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  provider_credential_opts: Optional[pulumi.Input[Union['KubeconfigOptionsArgs', 'KubeconfigOptionsArgsDict']]] = None,
-                 proxy: Optional[str] = None,
-                 public_access_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 public_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 proxy: Optional[builtins.str] = None,
+                 public_access_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 public_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  role_mappings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['RoleMappingArgs', 'RoleMappingArgsDict']]]]] = None,
                  service_role: Optional[pulumi.Input['pulumi_aws.iam.Role']] = None,
-                 skip_default_node_group: Optional[bool] = None,
-                 skip_default_security_groups: Optional[bool] = None,
-                 storage_classes: Optional[Union[str, Mapping[str, Union['StorageClassArgs', 'StorageClassArgsDict']]]] = None,
-                 subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 use_default_vpc_cni: Optional[bool] = None,
+                 skip_default_node_group: Optional[builtins.bool] = None,
+                 skip_default_security_groups: Optional[builtins.bool] = None,
+                 storage_classes: Optional[Union[builtins.str, Mapping[str, Union['StorageClassArgs', 'StorageClassArgsDict']]]] = None,
+                 subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 upgrade_policy: Optional[pulumi.Input[pulumi.InputType['pulumi_aws.eks.ClusterUpgradePolicyArgs']]] = None,
+                 use_default_vpc_cni: Optional[builtins.bool] = None,
                  user_mappings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['UserMappingArgs', 'UserMappingArgsDict']]]]] = None,
-                 version: Optional[pulumi.Input[str]] = None,
+                 version: Optional[pulumi.Input[builtins.str]] = None,
                  vpc_cni_options: Optional[Union['VpcCniOptionsArgs', 'VpcCniOptionsArgsDict']] = None,
-                 vpc_id: Optional[pulumi.Input[str]] = None,
+                 vpc_id: Optional[pulumi.Input[builtins.str]] = None,
                  __props__=None):
         """
         Cluster is a component that wraps the AWS and Kubernetes resources necessary to run an EKS cluster, its worker nodes, its optional StorageClasses, and an optional deployment of the Kubernetes Dashboard.
@@ -1267,16 +1303,17 @@ class Cluster(pulumi.ComponentResource):
         :param Union['AutoModeOptionsArgs', 'AutoModeOptionsArgsDict'] auto_mode: Configuration Options for EKS Auto Mode. If EKS Auto Mode is enabled, AWS will manage cluster infrastructure on your behalf.
                
                For more information, see: https://docs.aws.amazon.com/eks/latest/userguide/automode.html
+        :param pulumi.Input[builtins.bool] bootstrap_self_managed_addons: Install default unmanaged add-ons, such as `aws-cni`, `kube-proxy`, and CoreDNS during cluster creation. If `false`, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to `true`
         :param pulumi.Input['pulumi_aws.ec2.SecurityGroup'] cluster_security_group: The security group to use for the cluster API endpoint. If not provided, a new security group will be created with full internet egress and ingress from node groups.
                
                Note: The security group resource should not contain any inline ingress or egress rules.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] cluster_security_group_tags: The tags to apply to the cluster security group.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] cluster_tags: The tags to apply to the EKS cluster.
+        :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] cluster_security_group_tags: The tags to apply to the cluster security group.
+        :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] cluster_tags: The tags to apply to the EKS cluster.
         :param Union['CoreDnsAddonOptionsArgs', 'CoreDnsAddonOptionsArgsDict'] coredns_addon_options: Options for managing the `coredns` addon.
-        :param bool create_instance_role: Whether to create the instance role for the EKS cluster. Defaults to true when using the default node group, false otherwise.
+        :param builtins.bool create_instance_role: Whether to create the instance role for the EKS cluster. Defaults to true when using the default node group, false otherwise.
                If set to false when using the default node group, an instance role or instance profile must be provided.n
                Note: this option has no effect if a custom instance role is provided with `instanceRole` or `instanceRoles`.
-        :param pulumi.Input[bool] create_oidc_provider: Indicates whether an IAM OIDC Provider is created for the EKS cluster.
+        :param pulumi.Input[builtins.bool] create_oidc_provider: Indicates whether an IAM OIDC Provider is created for the EKS cluster.
                
                The OIDC provider is used in the cluster in combination with k8s Service Account annotations to provide IAM roles at the k8s Pod level.
                
@@ -1288,22 +1325,22 @@ class Cluster(pulumi.ComponentResource):
         :param Union['CreationRoleProviderArgs', 'CreationRoleProviderArgsDict'] creation_role_provider: The IAM Role Provider used to create & authenticate against the EKS cluster. This role is given `[system:masters]` permission in K8S, See: https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html
                
                Note: This option is only supported with Pulumi nodejs programs. Please use `ProviderCredentialOpts` as an alternative instead.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] default_addons_to_remove: List of addons to remove upon creation. Any addon listed will be "adopted" and then removed. This allows for the creation of a baremetal cluster where no addon is deployed and direct management of addons via Pulumi Kubernetes resources. Valid entries are kube-proxy, coredns and vpc-cni. Only works on first creation of a cluster.
-        :param pulumi.Input[int] desired_capacity: The number of worker nodes that should be running in the cluster. Defaults to 2.
-        :param pulumi.Input[bool] enable_config_map_mutable: Sets the 'enableConfigMapMutable' option on the cluster kubernetes provider.
+        :param pulumi.Input[builtins.bool] deletion_protection: Whether to enable deletion protection for the cluster. When enabled, the cluster cannot be deleted unless deletion protection is first disabled. Default: `false`.
+        :param pulumi.Input[builtins.int] desired_capacity: The number of worker nodes that should be running in the cluster. Defaults to 2.
+        :param pulumi.Input[builtins.bool] enable_config_map_mutable: Sets the 'enableConfigMapMutable' option on the cluster kubernetes provider.
                
                Applies updates to the aws-auth ConfigMap in place over a replace operation if set to true.
                https://www.pulumi.com/registry/packages/kubernetes/api-docs/provider/#enableconfigmapmutable_nodejs
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] enabled_cluster_log_types: Enable EKS control plane logging. This sends logs to cloudwatch. Possible list of values are: ["api", "audit", "authenticator", "controllerManager", "scheduler"]. By default it is off.
-        :param pulumi.Input[str] encryption_config_key_arn: KMS Key ARN to use with the encryption configuration for the cluster.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] enabled_cluster_log_types: Enable EKS control plane logging. This sends logs to cloudwatch. Possible list of values are: ["api", "audit", "authenticator", "controllerManager", "scheduler"]. By default it is off.
+        :param pulumi.Input[builtins.str] encryption_config_key_arn: KMS Key ARN to use with the encryption configuration for the cluster.
                
                Only available on Kubernetes 1.13+ clusters created after March 6, 2020.
                See for more details:
                - https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-eks-adds-envelope-encryption-for-secrets-with-aws-kms/
-        :param pulumi.Input[bool] endpoint_private_access: Indicates whether or not the Amazon EKS private API server endpoint is enabled. Default is `false`.
-        :param pulumi.Input[bool] endpoint_public_access: Indicates whether or not the Amazon EKS public API server endpoint is enabled. Default is `true`.
-        :param pulumi.Input[Union[bool, Union['FargateProfileArgs', 'FargateProfileArgsDict']]] fargate: Add support for launching pods in Fargate. Defaults to launching pods in the `default` namespace.  If specified, the default node group is skipped as though `skipDefaultNodeGroup: true` had been passed.
-        :param pulumi.Input[bool] gpu: Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.
+        :param pulumi.Input[builtins.bool] endpoint_private_access: Indicates whether or not the Amazon EKS private API server endpoint is enabled. Default is `false`.
+        :param pulumi.Input[builtins.bool] endpoint_public_access: Indicates whether or not the Amazon EKS public API server endpoint is enabled. Default is `true`.
+        :param pulumi.Input[Union[builtins.bool, Union['FargateProfileArgs', 'FargateProfileArgsDict']]] fargate: Add support for launching pods in Fargate. Defaults to launching pods in the `default` namespace.  If specified, the default node group is skipped as though `skipDefaultNodeGroup: true` had been passed.
+        :param pulumi.Input[builtins.bool] gpu: Use the latest recommended EKS Optimized Linux AMI with GPU support for the worker nodes from the AWS Systems Manager Parameter Store.
                
                Defaults to false.
                
@@ -1312,18 +1349,18 @@ class Cluster(pulumi.ComponentResource):
                See for more details:
                - https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html
                - https://docs.aws.amazon.com/eks/latest/userguide/retrieve-ami-id.html
-        :param pulumi.Input[str] instance_profile_name: The default IAM InstanceProfile to use on the Worker NodeGroups, if one is not already set in the NodeGroup.
+        :param pulumi.Input[builtins.str] instance_profile_name: The default IAM InstanceProfile to use on the Worker NodeGroups, if one is not already set in the NodeGroup.
         :param pulumi.Input['pulumi_aws.iam.Role'] instance_role: This enables the simple case of only registering a *single* IAM instance role with the cluster, that is required to be shared by *all* node groups in their instance profiles.
                
                Note: options `instanceRole` and `instanceRoles` are mutually exclusive.
         :param pulumi.Input[Sequence[pulumi.Input['pulumi_aws.iam.Role']]] instance_roles: This enables the advanced case of registering *many* IAM instance roles with the cluster for per node group IAM, instead of the simpler, shared case of `instanceRole`.
                
                Note: options `instanceRole` and `instanceRoles` are mutually exclusive.
-        :param pulumi.Input[str] instance_type: The instance type to use for the cluster's nodes. Defaults to "t3.medium".
-        :param pulumi.Input[str] ip_family: The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`.
+        :param pulumi.Input[builtins.str] instance_type: The instance type to use for the cluster's nodes. Defaults to "t3.medium".
+        :param pulumi.Input[builtins.str] ip_family: The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`.
                You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.
         :param Union['KubeProxyAddonOptionsArgs', 'KubeProxyAddonOptionsArgsDict'] kube_proxy_addon_options: Options for managing the `kube-proxy` addon.
-        :param pulumi.Input[str] kubernetes_service_ip_address_range: The CIDR block to assign Kubernetes service IP addresses from. If you don't
+        :param pulumi.Input[builtins.str] kubernetes_service_ip_address_range: The CIDR block to assign Kubernetes service IP addresses from. If you don't
                specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or
                172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block
                that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify
@@ -1333,14 +1370,14 @@ class Cluster(pulumi.ComponentResource):
                - Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0.0/12, or 192.168.0.0/16.
                - Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.
                - Between /24 and /12.
-        :param pulumi.Input[int] max_size: The maximum number of worker nodes running in the cluster. Defaults to 2.
-        :param pulumi.Input[int] min_size: The minimum number of worker nodes running in the cluster. Defaults to 1.
-        :param pulumi.Input[str] name: The cluster's physical resource name.
+        :param pulumi.Input[builtins.int] max_size: The maximum number of worker nodes running in the cluster. Defaults to 2.
+        :param pulumi.Input[builtins.int] min_size: The minimum number of worker nodes running in the cluster. Defaults to 1.
+        :param pulumi.Input[builtins.str] name: The cluster's physical resource name.
                
                If not specified, the default is to use auto-naming for the cluster's name, resulting in a physical name with the format `${name}-eksCluster-0123abcd`.
                
                See for more details: https://www.pulumi.com/docs/intro/concepts/programming-model/#autonaming
-        :param pulumi.Input[str] node_ami_id: The AMI ID to use for the worker nodes.
+        :param pulumi.Input[builtins.str] node_ami_id: The AMI ID to use for the worker nodes.
                
                Defaults to the latest recommended EKS Optimized Linux AMI from the AWS Systems Manager Parameter Store.
                
@@ -1348,19 +1385,19 @@ class Cluster(pulumi.ComponentResource):
                
                See for more details:
                - https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html.
-        :param bool node_associate_public_ip_address: Whether or not to auto-assign the EKS worker nodes public IP addresses. If this toggle is set to true, the EKS workers will be auto-assigned public IPs. If false, they will not be auto-assigned public IPs.
+        :param builtins.bool node_associate_public_ip_address: Whether or not to auto-assign the EKS worker nodes public IP addresses. If this toggle is set to true, the EKS workers will be auto-assigned public IPs. If false, they will not be auto-assigned public IPs.
         :param Union['ClusterNodeGroupOptionsArgs', 'ClusterNodeGroupOptionsArgsDict'] node_group_options: The common configuration settings for NodeGroups.
-        :param pulumi.Input[str] node_public_key: Public key material for SSH access to worker nodes. See allowed formats at:
+        :param pulumi.Input[builtins.str] node_public_key: Public key material for SSH access to worker nodes. See allowed formats at:
                https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
                If not provided, no SSH access is enabled on VMs.
-        :param pulumi.Input[bool] node_root_volume_encrypted: Encrypt the root block device of the nodes in the node group.
-        :param pulumi.Input[int] node_root_volume_size: The size in GiB of a cluster node's root volume. Defaults to 20.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] node_security_group_tags: The tags to apply to the default `nodeSecurityGroup` created by the cluster.
+        :param pulumi.Input[builtins.bool] node_root_volume_encrypted: Encrypt the root block device of the nodes in the node group.
+        :param pulumi.Input[builtins.int] node_root_volume_size: The size in GiB of a cluster node's root volume. Defaults to 20.
+        :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] node_security_group_tags: The tags to apply to the default `nodeSecurityGroup` created by the cluster.
                
                Note: The `nodeSecurityGroupTags` option and the node group option `nodeSecurityGroup` are mutually exclusive.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] node_subnet_ids: The subnets to use for worker nodes. Defaults to the value of subnetIds.
-        :param pulumi.Input[str] node_user_data: Extra code to run on node startup. This code will run after the AWS EKS bootstrapping code and before the node signals its readiness to the managing CloudFormation stack. This code must be a typical user data script: critically it must begin with an interpreter directive (i.e. a `#!`).
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] private_subnet_ids: The set of private subnets to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] node_subnet_ids: The subnets to use for worker nodes. Defaults to the value of subnetIds.
+        :param pulumi.Input[builtins.str] node_user_data: Extra code to run on node startup. This code will run after the AWS EKS bootstrapping code and before the node signals its readiness to the managing CloudFormation stack. This code must be a typical user data script: critically it must begin with an interpreter directive (i.e. a `#!`).
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] private_subnet_ids: The set of private subnets to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
                
                If `vpcId` is not set, the cluster will use the AWS account's default VPC subnets.
                
@@ -1388,7 +1425,7 @@ class Cluster(pulumi.ComponentResource):
                - https://www.pulumi.com/docs/intro/cloud-providers/aws/setup/
                - https://www.pulumi.com/docs/intro/cloud-providers/aws/#configuration
                - https://docs.aws.amazon.com/eks/latest/userguide/create-kubeconfig.html
-        :param str proxy: The HTTP(S) proxy to use within a proxied environment.
+        :param builtins.str proxy: The HTTP(S) proxy to use within a proxied environment.
                
                 The proxy is used during cluster creation, and OIDC configuration.
                
@@ -1403,8 +1440,8 @@ class Cluster(pulumi.ComponentResource):
                  - "http://proxy.example.com:3128"
                  - "https://proxy.example.com"
                  - "http://username:password@proxy.example.com:3128"
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] public_access_cidrs: Indicates which CIDR blocks can access the Amazon EKS public API server endpoint.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] public_subnet_ids: The set of public subnets to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] public_access_cidrs: Indicates which CIDR blocks can access the Amazon EKS public API server endpoint.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] public_subnet_ids: The set of public subnets to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
                
                If `vpcId` is not set, the cluster will use the AWS account's default VPC subnets.
                
@@ -1419,14 +1456,14 @@ class Cluster(pulumi.ComponentResource):
                See for more details: https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html.Note: The use of `subnetIds`, along with `publicSubnetIds` and/or `privateSubnetIds` is mutually exclusive. The use of `publicSubnetIds` and `privateSubnetIds` is encouraged.
         :param pulumi.Input[Sequence[pulumi.Input[Union['RoleMappingArgs', 'RoleMappingArgsDict']]]] role_mappings: Optional mappings from AWS IAM roles to Kubernetes users and groups. Only supported with authentication mode `CONFIG_MAP` or `API_AND_CONFIG_MAP`
         :param pulumi.Input['pulumi_aws.iam.Role'] service_role: IAM Service Role for EKS to use to manage the cluster.
-        :param bool skip_default_node_group: If this toggle is set to true, the EKS cluster will be created without node group attached. Defaults to false, unless `fargate` or `autoMode` is enabled.
-        :param bool skip_default_security_groups: If this toggle is set to true, the EKS cluster will be created without the default node and cluster security groups. Defaults to false, unless `autoMode` is enabled.
+        :param builtins.bool skip_default_node_group: If this toggle is set to true, the EKS cluster will be created without node group attached. Defaults to false, unless `fargate` or `autoMode` is enabled.
+        :param builtins.bool skip_default_security_groups: If this toggle is set to true, the EKS cluster will be created without the default node and cluster security groups. Defaults to false, unless `autoMode` is enabled.
                
                See for more details: https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html
-        :param Union[str, Mapping[str, Union['StorageClassArgs', 'StorageClassArgsDict']]] storage_classes: An optional set of StorageClasses to enable for the cluster. If this is a single volume type rather than a map, a single StorageClass will be created for that volume type.
+        :param Union[builtins.str, Mapping[str, Union['StorageClassArgs', 'StorageClassArgsDict']]] storage_classes: An optional set of StorageClasses to enable for the cluster. If this is a single volume type rather than a map, a single StorageClass will be created for that volume type.
                
                Note: As of Kubernetes v1.11+ on EKS, a default `gp2` storage class will always be created automatically for the cluster by the EKS service. See https://docs.aws.amazon.com/eks/latest/userguide/storage-classes.html
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] subnet_ids: The set of all subnets, public and private, to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] subnet_ids: The set of all subnets, public and private, to use for the worker node groups on the EKS cluster. These subnets are automatically tagged by EKS for Kubernetes purposes.
                
                If `vpcId` is not set, the cluster will use the AWS account's default VPC subnets.
                
@@ -1435,13 +1472,14 @@ class Cluster(pulumi.ComponentResource):
                See for more details: https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html.
                
                Note: The use of `subnetIds`, along with `publicSubnetIds` and/or `privateSubnetIds` is mutually exclusive. The use of `publicSubnetIds` and `privateSubnetIds` is encouraged.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] tags: Key-value mapping of tags that are automatically applied to all AWS resources directly under management with this cluster, which support tagging.
-        :param bool use_default_vpc_cni: Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`.
+        :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] tags: Key-value mapping of tags that are automatically applied to all AWS resources directly under management with this cluster, which support tagging.
+        :param pulumi.Input[pulumi.InputType['pulumi_aws.eks.ClusterUpgradePolicyArgs']] upgrade_policy: The cluster's upgrade policy. Valid support types are "STANDARD" and "EXTENDED". Defaults to "EXTENDED".
+        :param builtins.bool use_default_vpc_cni: Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`.
                Defaults to true, unless `autoMode` is enabled.
         :param pulumi.Input[Sequence[pulumi.Input[Union['UserMappingArgs', 'UserMappingArgsDict']]]] user_mappings: Optional mappings from AWS IAM users to Kubernetes users and groups. Only supported with authentication mode `CONFIG_MAP` or `API_AND_CONFIG_MAP`.
-        :param pulumi.Input[str] version: Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.
+        :param pulumi.Input[builtins.str] version: Desired Kubernetes master / control plane version. If you do not specify a value, the latest available version is used.
         :param Union['VpcCniOptionsArgs', 'VpcCniOptionsArgsDict'] vpc_cni_options: The configuration of the Amazon VPC CNI plugin for this instance. Defaults are described in the documentation for the VpcCniOptions type.
-        :param pulumi.Input[str] vpc_id: The VPC in which to create the cluster and its worker nodes. If unset, the cluster will be created in the default VPC.
+        :param pulumi.Input[builtins.str] vpc_id: The VPC in which to create the cluster and its worker nodes. If unset, the cluster will be created in the default VPC.
         """
         ...
     @overload
@@ -1488,58 +1526,60 @@ class Cluster(pulumi.ComponentResource):
                  access_entries: Optional[Mapping[str, Union['AccessEntryArgs', 'AccessEntryArgsDict']]] = None,
                  authentication_mode: Optional['AuthenticationMode'] = None,
                  auto_mode: Optional[Union['AutoModeOptionsArgs', 'AutoModeOptionsArgsDict']] = None,
+                 bootstrap_self_managed_addons: Optional[pulumi.Input[builtins.bool]] = None,
                  cluster_security_group: Optional[pulumi.Input['pulumi_aws.ec2.SecurityGroup']] = None,
-                 cluster_security_group_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 cluster_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
+                 cluster_security_group_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 cluster_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
                  coredns_addon_options: Optional[Union['CoreDnsAddonOptionsArgs', 'CoreDnsAddonOptionsArgsDict']] = None,
-                 create_instance_role: Optional[bool] = None,
-                 create_oidc_provider: Optional[pulumi.Input[bool]] = None,
+                 create_instance_role: Optional[builtins.bool] = None,
+                 create_oidc_provider: Optional[pulumi.Input[builtins.bool]] = None,
                  creation_role_provider: Optional[Union['CreationRoleProviderArgs', 'CreationRoleProviderArgsDict']] = None,
-                 default_addons_to_remove: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 desired_capacity: Optional[pulumi.Input[int]] = None,
-                 enable_config_map_mutable: Optional[pulumi.Input[bool]] = None,
-                 enabled_cluster_log_types: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 encryption_config_key_arn: Optional[pulumi.Input[str]] = None,
-                 endpoint_private_access: Optional[pulumi.Input[bool]] = None,
-                 endpoint_public_access: Optional[pulumi.Input[bool]] = None,
-                 fargate: Optional[pulumi.Input[Union[bool, Union['FargateProfileArgs', 'FargateProfileArgsDict']]]] = None,
-                 gpu: Optional[pulumi.Input[bool]] = None,
-                 instance_profile_name: Optional[pulumi.Input[str]] = None,
+                 deletion_protection: Optional[pulumi.Input[builtins.bool]] = None,
+                 desired_capacity: Optional[pulumi.Input[builtins.int]] = None,
+                 enable_config_map_mutable: Optional[pulumi.Input[builtins.bool]] = None,
+                 enabled_cluster_log_types: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 encryption_config_key_arn: Optional[pulumi.Input[builtins.str]] = None,
+                 endpoint_private_access: Optional[pulumi.Input[builtins.bool]] = None,
+                 endpoint_public_access: Optional[pulumi.Input[builtins.bool]] = None,
+                 fargate: Optional[pulumi.Input[Union[builtins.bool, Union['FargateProfileArgs', 'FargateProfileArgsDict']]]] = None,
+                 gpu: Optional[pulumi.Input[builtins.bool]] = None,
+                 instance_profile_name: Optional[pulumi.Input[builtins.str]] = None,
                  instance_role: Optional[pulumi.Input['pulumi_aws.iam.Role']] = None,
                  instance_roles: Optional[pulumi.Input[Sequence[pulumi.Input['pulumi_aws.iam.Role']]]] = None,
-                 instance_type: Optional[pulumi.Input[str]] = None,
-                 ip_family: Optional[pulumi.Input[str]] = None,
+                 instance_type: Optional[pulumi.Input[builtins.str]] = None,
+                 ip_family: Optional[pulumi.Input[builtins.str]] = None,
                  kube_proxy_addon_options: Optional[Union['KubeProxyAddonOptionsArgs', 'KubeProxyAddonOptionsArgsDict']] = None,
-                 kubernetes_service_ip_address_range: Optional[pulumi.Input[str]] = None,
-                 max_size: Optional[pulumi.Input[int]] = None,
-                 min_size: Optional[pulumi.Input[int]] = None,
-                 name: Optional[pulumi.Input[str]] = None,
-                 node_ami_id: Optional[pulumi.Input[str]] = None,
-                 node_associate_public_ip_address: Optional[bool] = None,
+                 kubernetes_service_ip_address_range: Optional[pulumi.Input[builtins.str]] = None,
+                 max_size: Optional[pulumi.Input[builtins.int]] = None,
+                 min_size: Optional[pulumi.Input[builtins.int]] = None,
+                 name: Optional[pulumi.Input[builtins.str]] = None,
+                 node_ami_id: Optional[pulumi.Input[builtins.str]] = None,
+                 node_associate_public_ip_address: Optional[builtins.bool] = None,
                  node_group_options: Optional[Union['ClusterNodeGroupOptionsArgs', 'ClusterNodeGroupOptionsArgsDict']] = None,
-                 node_public_key: Optional[pulumi.Input[str]] = None,
-                 node_root_volume_encrypted: Optional[pulumi.Input[bool]] = None,
-                 node_root_volume_size: Optional[pulumi.Input[int]] = None,
-                 node_security_group_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 node_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 node_user_data: Optional[pulumi.Input[str]] = None,
-                 private_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 node_public_key: Optional[pulumi.Input[builtins.str]] = None,
+                 node_root_volume_encrypted: Optional[pulumi.Input[builtins.bool]] = None,
+                 node_root_volume_size: Optional[pulumi.Input[builtins.int]] = None,
+                 node_security_group_tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 node_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 node_user_data: Optional[pulumi.Input[builtins.str]] = None,
+                 private_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  provider_credential_opts: Optional[pulumi.Input[Union['KubeconfigOptionsArgs', 'KubeconfigOptionsArgsDict']]] = None,
-                 proxy: Optional[str] = None,
-                 public_access_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 public_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 proxy: Optional[builtins.str] = None,
+                 public_access_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 public_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  role_mappings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['RoleMappingArgs', 'RoleMappingArgsDict']]]]] = None,
                  service_role: Optional[pulumi.Input['pulumi_aws.iam.Role']] = None,
-                 skip_default_node_group: Optional[bool] = None,
-                 skip_default_security_groups: Optional[bool] = None,
-                 storage_classes: Optional[Union[str, Mapping[str, Union['StorageClassArgs', 'StorageClassArgsDict']]]] = None,
-                 subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 use_default_vpc_cni: Optional[bool] = None,
+                 skip_default_node_group: Optional[builtins.bool] = None,
+                 skip_default_security_groups: Optional[builtins.bool] = None,
+                 storage_classes: Optional[Union[builtins.str, Mapping[str, Union['StorageClassArgs', 'StorageClassArgsDict']]]] = None,
+                 subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 upgrade_policy: Optional[pulumi.Input[pulumi.InputType['pulumi_aws.eks.ClusterUpgradePolicyArgs']]] = None,
+                 use_default_vpc_cni: Optional[builtins.bool] = None,
                  user_mappings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['UserMappingArgs', 'UserMappingArgsDict']]]]] = None,
-                 version: Optional[pulumi.Input[str]] = None,
+                 version: Optional[pulumi.Input[builtins.str]] = None,
                  vpc_cni_options: Optional[Union['VpcCniOptionsArgs', 'VpcCniOptionsArgsDict']] = None,
-                 vpc_id: Optional[pulumi.Input[str]] = None,
+                 vpc_id: Optional[pulumi.Input[builtins.str]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -1554,6 +1594,7 @@ class Cluster(pulumi.ComponentResource):
             __props__.__dict__["access_entries"] = access_entries
             __props__.__dict__["authentication_mode"] = authentication_mode
             __props__.__dict__["auto_mode"] = auto_mode
+            __props__.__dict__["bootstrap_self_managed_addons"] = bootstrap_self_managed_addons
             __props__.__dict__["cluster_security_group"] = cluster_security_group
             __props__.__dict__["cluster_security_group_tags"] = cluster_security_group_tags
             __props__.__dict__["cluster_tags"] = cluster_tags
@@ -1561,7 +1602,7 @@ class Cluster(pulumi.ComponentResource):
             __props__.__dict__["create_instance_role"] = create_instance_role
             __props__.__dict__["create_oidc_provider"] = create_oidc_provider
             __props__.__dict__["creation_role_provider"] = creation_role_provider
-            __props__.__dict__["default_addons_to_remove"] = default_addons_to_remove
+            __props__.__dict__["deletion_protection"] = deletion_protection
             __props__.__dict__["desired_capacity"] = desired_capacity
             __props__.__dict__["enable_config_map_mutable"] = enable_config_map_mutable
             __props__.__dict__["enabled_cluster_log_types"] = enabled_cluster_log_types
@@ -1601,6 +1642,7 @@ class Cluster(pulumi.ComponentResource):
             __props__.__dict__["storage_classes"] = storage_classes
             __props__.__dict__["subnet_ids"] = subnet_ids
             __props__.__dict__["tags"] = tags
+            __props__.__dict__["upgrade_policy"] = upgrade_policy
             __props__.__dict__["use_default_vpc_cni"] = use_default_vpc_cni
             __props__.__dict__["user_mappings"] = user_mappings
             __props__.__dict__["version"] = version
@@ -1633,7 +1675,7 @@ class Cluster(pulumi.ComponentResource):
 
     @property
     @pulumi.getter(name="autoModeNodeRoleName")
-    def auto_mode_node_role_name(self) -> pulumi.Output[str]:
+    def auto_mode_node_role_name(self) -> pulumi.Output[builtins.str]:
         """
         The name of the IAM role created for nodes managed by EKS Auto Mode. Defaults to an empty string.
         """
@@ -1649,7 +1691,7 @@ class Cluster(pulumi.ComponentResource):
 
     @property
     @pulumi.getter(name="clusterIngressRuleId")
-    def cluster_ingress_rule_id(self) -> pulumi.Output[str]:
+    def cluster_ingress_rule_id(self) -> pulumi.Output[builtins.str]:
         """
         The ID of the security group rule that gives node group access to the cluster API server. Defaults to an empty string if `skipDefaultSecurityGroups` is set to true.
         """
@@ -1665,7 +1707,7 @@ class Cluster(pulumi.ComponentResource):
 
     @property
     @pulumi.getter(name="clusterSecurityGroupId")
-    def cluster_security_group_id(self) -> pulumi.Output[str]:
+    def cluster_security_group_id(self) -> pulumi.Output[builtins.str]:
         """
         The cluster security group ID of the EKS cluster. Returns the EKS created security group if `skipDefaultSecurityGroups` is set to true.
         """
@@ -1689,7 +1731,7 @@ class Cluster(pulumi.ComponentResource):
 
     @property
     @pulumi.getter(name="defaultNodeGroupAsgName")
-    def default_node_group_asg_name(self) -> pulumi.Output[str]:
+    def default_node_group_asg_name(self) -> pulumi.Output[builtins.str]:
         """
         The name of the default node group's AutoScaling Group. Defaults to an empty string if `skipDefaultNodeGroup` is set to true.
         """
@@ -1713,7 +1755,7 @@ class Cluster(pulumi.ComponentResource):
 
     @property
     @pulumi.getter(name="fargateProfileId")
-    def fargate_profile_id(self) -> pulumi.Output[str]:
+    def fargate_profile_id(self) -> pulumi.Output[builtins.str]:
         """
         The ID of the Fargate Profile. Defaults to an empty string if no Fargate profile is configured.
         """
@@ -1721,7 +1763,7 @@ class Cluster(pulumi.ComponentResource):
 
     @property
     @pulumi.getter(name="fargateProfileStatus")
-    def fargate_profile_status(self) -> pulumi.Output[str]:
+    def fargate_profile_status(self) -> pulumi.Output[builtins.str]:
         """
         The status of the Fargate Profile. Defaults to an empty string if no Fargate profile is configured.
         """
@@ -1745,7 +1787,7 @@ class Cluster(pulumi.ComponentResource):
 
     @property
     @pulumi.getter(name="kubeconfigJson")
-    def kubeconfig_json(self) -> pulumi.Output[str]:
+    def kubeconfig_json(self) -> pulumi.Output[builtins.str]:
         """
         A kubeconfig that can be used to connect to the EKS cluster as a JSON string.
         """
@@ -1761,7 +1803,7 @@ class Cluster(pulumi.ComponentResource):
 
     @property
     @pulumi.getter(name="nodeSecurityGroupId")
-    def node_security_group_id(self) -> pulumi.Output[str]:
+    def node_security_group_id(self) -> pulumi.Output[builtins.str]:
         """
         The node security group ID of the EKS cluster. Returns the EKS created security group if `skipDefaultSecurityGroups` is set to true.
         """
@@ -1769,7 +1811,7 @@ class Cluster(pulumi.ComponentResource):
 
     @property
     @pulumi.getter(name="oidcIssuer")
-    def oidc_issuer(self) -> pulumi.Output[str]:
+    def oidc_issuer(self) -> pulumi.Output[builtins.str]:
         """
         The OIDC Issuer of the EKS cluster (OIDC Provider URL without leading `https://`).
 
@@ -1779,7 +1821,7 @@ class Cluster(pulumi.ComponentResource):
 
     @property
     @pulumi.getter(name="oidcProviderArn")
-    def oidc_provider_arn(self) -> pulumi.Output[str]:
+    def oidc_provider_arn(self) -> pulumi.Output[builtins.str]:
         """
         The ARN of the IAM OpenID Connect Provider for the EKS cluster. Defaults to an empty string if no OIDC provider is configured.
         """
@@ -1787,7 +1829,7 @@ class Cluster(pulumi.ComponentResource):
 
     @property
     @pulumi.getter(name="oidcProviderUrl")
-    def oidc_provider_url(self) -> pulumi.Output[str]:
+    def oidc_provider_url(self) -> pulumi.Output[builtins.str]:
         """
         Issuer URL for the OpenID Connect identity provider of the EKS cluster.
         """
@@ -1802,15 +1844,15 @@ class Cluster(pulumi.ComponentResource):
 
         @property
         @pulumi.getter
-        def result(self) -> str:
+        def result(self) -> builtins.str:
             """
             The kubeconfig for the cluster.
             """
             return pulumi.get(self, "result")
 
     def get_kubeconfig(__self__, *,
-                       profile_name: Optional[pulumi.Input[str]] = None,
-                       role_arn: Optional[pulumi.Input[str]] = None) -> pulumi.Output['str']:
+                       profile_name: Optional[pulumi.Input[builtins.str]] = None,
+                       role_arn: Optional[pulumi.Input[builtins.str]] = None) -> pulumi.Output['str']:
         """
         Generate a kubeconfig for cluster authentication that does not use the default AWS credential provider chain, and instead is scoped to the supported options in `KubeconfigOptions`.
 
@@ -1822,10 +1864,10 @@ class Cluster(pulumi.ComponentResource):
         - https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html
 
 
-        :param pulumi.Input[str] profile_name: AWS credential profile name to always use instead of the default AWS credential provider chain.
+        :param pulumi.Input[builtins.str] profile_name: AWS credential profile name to always use instead of the default AWS credential provider chain.
                
                The profile is passed to kubeconfig as an authentication environment setting.
-        :param pulumi.Input[str] role_arn: Role ARN to assume instead of the default AWS credential provider chain.
+        :param pulumi.Input[builtins.str] role_arn: Role ARN to assume instead of the default AWS credential provider chain.
                
                The role is passed to kubeconfig as an authentication exec argument.
         """