LaunchTemplateSpecification
An object representing a node group launch template specification. The launch template cannot include SubnetId, IamInstanceProfile, RequestSpotInstances, HibernationOptions, or TerminateInstances, or the node group deployment or update will fail. For more information about launch templates, see CreateLaunchTemplate in the Amazon EC2 API Reference. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.
Specify either name or id, but not both.
Contents
id
The ID of the launch template.
Type: String Required: No name
The name of the launch template.
Type: String Required: No version
The version of the launch template to use. If no version is specified, then the template's default version is used.
Type: String Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
Logging
Logging
An object representing the logging configuration for resources in your cluster.
Contents
clusterLogging
The cluster control plane logging configuration for your cluster.
Type: Array of LogSetup (p. 179) objects Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
LogSetup
LogSetup
An object representing the enabled or disabled Kubernetes control plane logs for your cluster.
Contents
enabled
If a log type is enabled, that log type exports its control plane logs to CloudWatch Logs. If a log type isn't enabled, that log type doesn't export its control plane logs. Each individual log type can be enabled or disabled independently.
Type: Boolean Required: No types
The available cluster control plane log types.
Type: Array of strings
Valid Values: api | audit | authenticator | controllerManager | scheduler Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
Nodegroup
Nodegroup
An object representing an Amazon EKS managed node group.
Contents
amiType
If the node group was deployed using a launch template with a custom AMI, then this is CUSTOM. For node groups that weren't deployed using a launch template, this is the AMI type that was specified in the node group configuration.
Type: String
Valid Values: AL2_x86_64 | AL2_x86_64_GPU | AL2_ARM_64 | CUSTOM | BOTTLEROCKET_ARM_64 | BOTTLEROCKET_x86_64
Required: No capacityType
The capacity type of your managed node group.
Type: String
Valid Values: ON_DEMAND | SPOT Required: No
clusterName
The name of the cluster that the managed node group resides in.
Type: String Required: No createdAt
The Unix epoch timestamp in seconds for when the managed node group was created.
Type: Timestamp Required: No diskSize
If the node group wasn't deployed with a launch template, then this is the disk size in the node group configuration. If the node group was deployed with a launch template, then this is null.
Type: Integer Required: No health
The health status of the node group. If there are issues with your node group's health, they are listed here.
Type: NodegroupHealth (p. 184) object Required: No
Contents
instanceTypes
If the node group wasn't deployed with a launch template, then this is the instance type that is associated with the node group. If the node group was deployed with a launch template, then this is null.
Type: Array of strings Required: No
labels
The Kubernetes labels applied to the nodes in the node group.
NoteOnly labels that are applied with the Amazon EKS API are shown here. There may be other Kubernetes labels applied to the nodes in this group.
Type: String to string map
Key Length Constraints: Minimum length of 1. Maximum length of 63.
Value Length Constraints: Minimum length of 1. Maximum length of 63.
Required: No launchTemplate
If a launch template was used to create the node group, then this is the launch template that was used.
Type: LaunchTemplateSpecification (p. 177) object Required: No
modifiedAt
The Unix epoch timestamp in seconds for when the managed node group was last modified.
Type: Timestamp Required: No nodegroupArn
The Amazon Resource Name (ARN) associated with the managed node group.
Type: String Required: No nodegroupName
The name associated with an Amazon EKS managed node group.
Type: String Required: No nodeRole
The IAM role associated with your node group. The Amazon EKS node kubelet daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies.
Type: String
Contents
Required: No releaseVersion
If the node group was deployed using a launch template with a custom AMI, then this is the AMI ID that was specified in the launch template. For node groups that weren't deployed using a launch template, this is the version of the Amazon EKS optimized AMI that the node group was deployed with.
Type: String Required: No remoteAccess
If the node group wasn't deployed with a launch template, then this is the remote access
configuration that is associated with the node group. If the node group was deployed with a launch template, then this is null.
Type: RemoteAccessConfig (p. 197) object Required: No
resources
The resources associated with the node group, such as Auto Scaling groups and security groups for remote access.
Type: NodegroupResources (p. 185) object Required: No
scalingConfig
The scaling configuration details for the Auto Scaling group that is associated with your node group.
Type: NodegroupScalingConfig (p. 186) object Required: No
status
The current status of the managed node group.
Type: String
Valid Values: CREATING | ACTIVE | UPDATING | DELETING | CREATE_FAILED | DELETE_FAILED | DEGRADED
Required: No subnets
The subnets that were specified for the Auto Scaling group that is associated with your node group.
Type: Array of strings Required: No
tags
The metadata applied to the node group to assist with categorization and organization. Each tag consists of a key and an optional value. You define both. Node group tags do not propagate to any other resources associated with the node group, such as the Amazon EC2 instances or subnets.
Type: String to string map
See Also
Map Entries: Maximum number of 50 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Maximum length of 256.
Required: No taints
The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of No_Schedule, Prefer_No_Schedule, or No_Execute. Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes. For more information, see Node taints on managed node groups.
Type: Array of Taint (p. 198) objects Required: No
updateConfig
The node group update configuration.
Type: NodegroupUpdateConfig (p. 188) object Required: No
version
The Kubernetes version of the managed node group.
Type: String Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
NodegroupHealth
NodegroupHealth
An object representing the health status of the node group.
Contents
issues
Any issues that are associated with the node group.
Type: Array of Issue (p. 173) objects Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
NodegroupResources
NodegroupResources
An object representing the resources associated with the node group, such as Auto Scaling groups and security groups for remote access.
Contents
autoScalingGroups
The Auto Scaling groups associated with the node group.
Type: Array of AutoScalingGroup (p. 157) objects Required: No
remoteAccessSecurityGroup
The remote access security group associated with the node group. This security group controls SSH access to the nodes.
Type: String Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
NodegroupScalingConfig
NodegroupScalingConfig
An object representing the scaling configuration details for the Auto Scaling group that is associated with your node group. When creating a node group, you must specify all or none of the properties. When updating a node group, you can specify any or none of the properties.
Contents
desiredSize
The current number of nodes that the managed node group should maintain.
Important
If you use Cluster Autoscaler, you shouldn't change the desiredSize value directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale down.
Whenever this parameter changes, the number of worker nodes in the node group is updated to the specified size. If this parameter is given a value that is smaller than the current number of running worker nodes, the necessary number of worker nodes are terminated to match the given value.
When using CloudFormation, no action occurs if you remove this parameter from your CFN template.
This parameter can be different from minSize in some cases, such as when starting with extra hosts for testing. This parameter can also be different when you want to start with an estimated number of needed hosts, but let Cluster Autoscaler reduce the number if there are too many. When Cluster Autoscaler is used, the desiredSize parameter is altered by Cluster Autoscaler (but can be out-of-date for short periods of time). Cluster Autoscaler doesn't scale a managed node group lower than minSize or higher than maxSize.
Type: Integer
Valid Range: Minimum value of 0.
Required: No maxSize
The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see Amazon EKS service quotas in the Amazon EKS User Guide.
Type: Integer
Valid Range: Minimum value of 1.
Required: No minSize
The minimum number of nodes that the managed node group can scale in to.
Type: Integer
Valid Range: Minimum value of 0.
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
See Also
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
NodegroupUpdateConfig
NodegroupUpdateConfig
The node group update configuration.
Contents
maxUnavailable
The maximum number of nodes unavailable at once during a version update. Nodes will be updated in parallel. This value or maxUnavailablePercentage is required to have a value.The maximum number is 100.
Type: Integer
Valid Range: Minimum value of 1.
Required: No
maxUnavailablePercentage
The maximum percentage of nodes unavailable during a version update. This percentage of nodes will be updated in parallel, up to 100 nodes at once. This value or maxUnavailable is required to have a value.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 100.
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
OIDC
OIDC
An object representing the OpenID Connect (OIDC) identity provider information for the cluster.
Contents
issuer
The issuer URL for the OIDC identity provider.
Type: String Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
OidcIdentityProviderConfig
OidcIdentityProviderConfig
An object that represents the configuration for an OpenID Connect (OIDC) identity provider.
Contents
clientId
This is also known as audience. The ID of the client application that makes authentication requests to the OIDC identity provider.
Type: String Required: No clusterName
The cluster that the configuration is associated to.
Type: String Required: No groupsClaim
The JSON web token (JWT) claim that the provider uses to return your groups.
Type: String Required: No groupsPrefix
The prefix that is prepended to group claims to prevent clashes with existing names (such as
system: groups). For example, the value oidc: creates group names like oidc:engineering and oidc:infra. The prefix can't contain system:
Type: String Required: No
identityProviderConfigArn The ARN of the configuration.
Type: String Required: No
identityProviderConfigName The name of the configuration.
Type: String Required: No issuerUrl
The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.
Type: String