AWS resources

Cluster

Required fields are red

Required fields are red
`apiVersion (string)` eks.aws.gke.cloud.google.com/v1beta1 `kind (string)` Cluster `metadata (object)` No description provided. `spec (object)` ClusterSpec defines the desired state of Cluster `deletionPolicy (string)` DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated in favor of the ManagementPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 `forProvider (object)` No description provided. `enabledClusterLogTypes (array)` List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging. `encryptionConfig (array)` Configuration block with encryption configuration for the cluster. Only available on Kubernetes 1.13 and above clusters created after March 6, 2020. Detailed below. `provider (array)` Configuration block with provider for encryption. Detailed below. `keyArn (string)` ARN of the Key Management Service (KMS) customer master key (CMK). The CMK must be symmetric, created in the same region as the cluster, and if the CMK was created in a different account, the user must have access to the CMK. For more information, see Allowing Users in Other Accounts to Use a CMK in the AWS Key Management Service Developer Guide. `resources (array)` List of strings with resources to be encrypted. Valid values: secrets. `kubernetesNetworkConfig (array)` Configuration block with kubernetes network configuration for the cluster. Detailed below. `ipFamily (string)` The IP family used to assign Kubernetes pod and service addresses. Valid values are ipv4 (default) and ipv6. You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created. `serviceIpv4Cidr (string)` The CIDR block to assign Kubernetes pod and service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements: `outpostConfig (array)` Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud. `controlPlaneInstanceType (string)` The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. The instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. Choose an instance type based on the number of nodes that your cluster will have. If your cluster will have: `controlPlanePlacement (array)` An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on AWS Outpost. The following arguments are supported in the control_plane_placement configuration block: `groupName (string)` The name of the placement group for the Kubernetes control plane instances. This setting can't be changed after cluster creation. `outpostArns (array)` The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. This argument is a list of arns, but only a single Outpost ARN is supported currently. `region (string)` Region is the region you'd like your resource to be created in. `roleArn (string)` ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws_iam_role_policy resource or aws_iam_role_policy_attachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion. `roleArnRef (object)` Reference to a Role in iam to populate roleArn. `name (string)` Name of the referenced object. `policy (object)` Policies for referencing. `resolution (string)` Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved. `resolve (string)` Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile. `roleArnSelector (object)` Selector for a Role in iam to populate roleArn. `matchControllerRef (boolean)` MatchControllerRef ensures an object with the same controller reference as the selecting object is selected. `matchLabels (object)` MatchLabels ensures an object with matching labels is selected. `additionalProperties (string)` No description provided. `policy (object)` Policies for selection. `resolution (string)` Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved. `resolve (string)` Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile. `tags (object)` Key-value map of resource tags. `additionalProperties (string)` No description provided. `version (string)` – Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS. `vpcConfig (array)` Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section. `endpointPrivateAccess (boolean)` Whether the Amazon EKS private API server endpoint is enabled. Default is false. `endpointPublicAccess (boolean)` Whether the Amazon EKS public API server endpoint is enabled. Default is true. `publicAccessCidrs (array)` List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint when enabled. EKS defaults this to a list with 0.0.0.0/0. `securityGroupIdRefs (array)` References to SecurityGroup in ec2 to populate securityGroupIds. `name (string)` Name of the referenced object. `policy (object)` Policies for referencing. `resolution (string)` Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved. `resolve (string)` Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile. `securityGroupIdSelector (object)` Selector for a list of SecurityGroup in ec2 to populate securityGroupIds. `matchControllerRef (boolean)` MatchControllerRef ensures an object with the same controller reference as the selecting object is selected. `matchLabels (object)` MatchLabels ensures an object with matching labels is selected. `additionalProperties (string)` No description provided. `policy (object)` Policies for selection. `resolution (string)` Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved. `resolve (string)` Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile. `securityGroupIds (array)` account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. `subnetIdRefs (array)` References to Subnet in ec2 to populate subnetIds. `name (string)` Name of the referenced object. `policy (object)` Policies for referencing. `resolution (string)` Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved. `resolve (string)` Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile. `subnetIdSelector (object)` Selector for a list of Subnet in ec2 to populate subnetIds. `matchControllerRef (boolean)` MatchControllerRef ensures an object with the same controller reference as the selecting object is selected. `matchLabels (object)` MatchLabels ensures an object with matching labels is selected. `additionalProperties (string)` No description provided. `policy (object)` Policies for selection. `resolution (string)` Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved. `resolve (string)` Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile. `subnetIds (array)` account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane. `managementPolicy (string)` THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. ManagementPolicy specifies the level of control Crossplane has over the managed external resource. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 `providerConfigRef (object)` ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured. `name (string)` Name of the referenced object. `policy (object)` Policies for referencing. `resolution (string)` Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved. `resolve (string)` Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile. `providerRef (object)` ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef` `name (string)` Name of the referenced object. `policy (object)` Policies for referencing. `resolution (string)` Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved. `resolve (string)` Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile. `publishConnectionDetailsTo (object)` PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. `configRef (object)` SecretStoreConfigRef specifies which secret store config should be used for this ConnectionSecret. `name (string)` Name of the referenced object. `policy (object)` Policies for referencing. `resolution (string)` Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved. `resolve (string)` Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile. `metadata (object)` Metadata is the metadata for connection secret. `annotations (object)` Annotations are the annotations to be added to connection secret. - For Kubernetes secrets, this will be used as "metadata.annotations". - It is up to Secret Store implementation for others store types. `additionalProperties (string)` No description provided. `labels (object)` Labels are the labels/tags to be added to connection secret. - For Kubernetes secrets, this will be used as "metadata.labels". - It is up to Secret Store implementation for others store types. `additionalProperties (string)` No description provided. `type (string)` Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. `name (string)` Name is the name of the connection secret. `writeConnectionSecretToRef (object)` WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other. `name (string)` Name of the secret. `namespace (string)` Namespace of the secret. `status (object)` ClusterStatus defines the observed state of Cluster. `atProvider (object)` No description provided. `arn (string)` ARN of the cluster. `certificateAuthority (array)` Attribute block containing certificate-authority-data for your cluster. Detailed below. `data (string)` Base64 encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster. `clusterId (string)` The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud. `createdAt (string)` Unix epoch timestamp in seconds for when the cluster was created. `enabledClusterLogTypes (array)` List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging. `encryptionConfig (array)` Configuration block with encryption configuration for the cluster. Only available on Kubernetes 1.13 and above clusters created after March 6, 2020. Detailed below. `provider (array)` Configuration block with provider for encryption. Detailed below. `keyArn (string)` ARN of the Key Management Service (KMS) customer master key (CMK). The CMK must be symmetric, created in the same region as the cluster, and if the CMK was created in a different account, the user must have access to the CMK. For more information, see Allowing Users in Other Accounts to Use a CMK in the AWS Key Management Service Developer Guide. `resources (array)` List of strings with resources to be encrypted. Valid values: secrets. `endpoint (string)` Endpoint for your Kubernetes API server. `id (string)` Name of the cluster. `identity (array)` Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below. `oidc (array)` Nested block containing OpenID Connect identity provider information for the cluster. Detailed below. `issuer (string)` Issuer URL for the OpenID Connect identity provider. `kubernetesNetworkConfig (array)` Configuration block with kubernetes network configuration for the cluster. Detailed below. `ipFamily (string)` The IP family used to assign Kubernetes pod and service addresses. Valid values are ipv4 (default) and ipv6. You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created. `serviceIpv4Cidr (string)` The CIDR block to assign Kubernetes pod and service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements: `serviceIpv6Cidr (string)` The CIDR block that Kubernetes pod and service IP addresses are assigned from if you specified ipv6 for ipFamily when you created the cluster. Kubernetes assigns service addresses from the unique local address range (fc00::/7) because you can't specify a custom IPv6 CIDR block when you create the cluster. `outpostConfig (array)` Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud. `controlPlaneInstanceType (string)` The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. The instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. Choose an instance type based on the number of nodes that your cluster will have. If your cluster will have: `controlPlanePlacement (array)` An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on AWS Outpost. The following arguments are supported in the control_plane_placement configuration block: `groupName (string)` The name of the placement group for the Kubernetes control plane instances. This setting can't be changed after cluster creation. `outpostArns (array)` The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. This argument is a list of arns, but only a single Outpost ARN is supported currently. `platformVersion (string)` Platform version for the cluster. `roleArn (string)` ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws_iam_role_policy resource or aws_iam_role_policy_attachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion. `status (string)` Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED. `tags (object)` Key-value map of resource tags. `additionalProperties (string)` No description provided. `tagsAll (object)` Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block. `additionalProperties (string)` No description provided. `version (string)` – Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS. `vpcConfig (array)` Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section. `clusterSecurityGroupId (string)` Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication. `endpointPrivateAccess (boolean)` Whether the Amazon EKS private API server endpoint is enabled. Default is false. `endpointPublicAccess (boolean)` Whether the Amazon EKS public API server endpoint is enabled. Default is true. `publicAccessCidrs (array)` List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint when enabled. EKS defaults this to a list with 0.0.0.0/0. `securityGroupIds (array)` account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. `subnetIds (array)` account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane. `vpcId (string)` ID of the VPC associated with your cluster. `conditions (array)` Conditions of the resource. `lastTransitionTime (string)` LastTransitionTime is the last time this condition transitioned from one status to another. `message (string)` A Message containing details about this condition's last transition from one status to another, if any. `reason (string)` A Reason for this condition's last transition from one status to another. `status (string)` Status of this condition; is it currently True, False, or Unknown? `type (string)` Type of this condition. At most one of each condition type may apply to a resource at any point in time.

`apiVersion (string)`

eks.aws.gke.cloud.google.com/v1beta1

`kind (string)`

Cluster

`metadata (object)`

No description provided.

`spec (object)`

ClusterSpec defines the desired state of Cluster

`deletionPolicy (string)`

DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated in favor of the ManagementPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223

`forProvider (object)`

No description provided.

`enabledClusterLogTypes (array)`

List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.

`encryptionConfig (array)`

Configuration block with encryption configuration for the cluster. Only available on Kubernetes 1.13 and above clusters created after March 6, 2020. Detailed below.

`provider (array)`

Configuration block with provider for encryption. Detailed below.

`keyArn (string)`

ARN of the Key Management Service (KMS) customer master key (CMK). The CMK must be symmetric, created in the same region as the cluster, and if the CMK was created in a different account, the user must have access to the CMK. For more information, see Allowing Users in Other Accounts to Use a CMK in the AWS Key Management Service Developer Guide.

`resources (array)`

List of strings with resources to be encrypted. Valid values: secrets.

`kubernetesNetworkConfig (array)`

Configuration block with kubernetes network configuration for the cluster. Detailed below.

`ipFamily (string)`

The IP family used to assign Kubernetes pod and service addresses. Valid values are ipv4 (default) and ipv6. You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.

`serviceIpv4Cidr (string)`

The CIDR block to assign Kubernetes pod and service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements:

`outpostConfig (array)`

Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.

`controlPlaneInstanceType (string)`

The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. The instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. Choose an instance type based on the number of nodes that your cluster will have. If your cluster will have:

`controlPlanePlacement (array)`

An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on AWS Outpost. The following arguments are supported in the control_plane_placement configuration block:

`groupName (string)`

The name of the placement group for the Kubernetes control plane instances. This setting can't be changed after cluster creation.

`outpostArns (array)`

The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. This argument is a list of arns, but only a single Outpost ARN is supported currently.

`region (string)`

Region is the region you'd like your resource to be created in.

`roleArn (string)`

ARN of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Ensure the resource configuration includes explicit dependencies on the IAM Role permissions by adding depends_on if using the aws_iam_role_policy resource or aws_iam_role_policy_attachment resource, otherwise EKS cannot delete EKS managed EC2 infrastructure such as Security Groups on EKS Cluster deletion.

`roleArnRef (object)`

Reference to a Role in iam to populate roleArn.

`name (string)`

Name of the referenced object.

`policy (object)`

Policies for referencing.

`resolution (string)`

Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved.

`resolve (string)`

Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile.

`roleArnSelector (object)`

Selector for a Role in iam to populate roleArn.

`matchControllerRef (boolean)`

MatchControllerRef ensures an object with the same controller reference as the selecting object is selected.

`matchLabels (object)`

MatchLabels ensures an object with matching labels is selected.

`additionalProperties (string)`

No description provided.

`policy (object)`

Policies for selection.

`resolution (string)`

`resolve (string)`

`tags (object)`

Key-value map of resource tags.

`additionalProperties (string)`

No description provided.

`version (string)`

– Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS.

`vpcConfig (array)`

Configuration block for the VPC associated with your cluster. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide. Detailed below. Also contains attributes detailed in the Attributes section.

`endpointPrivateAccess (boolean)`

Whether the Amazon EKS private API server endpoint is enabled. Default is false.

`endpointPublicAccess (boolean)`

Whether the Amazon EKS public API server endpoint is enabled. Default is true.

`publicAccessCidrs (array)`

List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint when enabled. EKS defaults this to a list with 0.0.0.0/0.

`securityGroupIdRefs (array)`

References to SecurityGroup in ec2 to populate securityGroupIds.

`name (string)`

Name of the referenced object.

`policy (object)`

Policies for referencing.

`resolution (string)`

`resolve (string)`

`securityGroupIdSelector (object)`

Selector for a list of SecurityGroup in ec2 to populate securityGroupIds.

`matchControllerRef (boolean)`

MatchControllerRef ensures an object with the same controller reference as the selecting object is selected.

`matchLabels (object)`

MatchLabels ensures an object with matching labels is selected.

`additionalProperties (string)`

No description provided.

`policy (object)`

Policies for selection.

`resolution (string)`

`resolve (string)`

`securityGroupIds (array)`

account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane.

`subnetIdRefs (array)`

References to Subnet in ec2 to populate subnetIds.

`name (string)`

Name of the referenced object.

`policy (object)`

Policies for referencing.

`resolution (string)`

`resolve (string)`

`subnetIdSelector (object)`

Selector for a list of Subnet in ec2 to populate subnetIds.

`matchControllerRef (boolean)`

MatchControllerRef ensures an object with the same controller reference as the selecting object is selected.

`matchLabels (object)`

MatchLabels ensures an object with matching labels is selected.

`additionalProperties (string)`

No description provided.

`policy (object)`

Policies for selection.

`resolution (string)`

`resolve (string)`

`subnetIds (array)`

account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.

`managementPolicy (string)`

THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. ManagementPolicy specifies the level of control Crossplane has over the managed external resource. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223

`providerConfigRef (object)`

ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.

`name (string)`

Name of the referenced object.

`policy (object)`

Policies for referencing.

`resolution (string)`

`resolve (string)`

`providerRef (object)`

ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`

`name (string)`

Name of the referenced object.

`policy (object)`

Policies for referencing.

`resolution (string)`

`resolve (string)`

`publishConnectionDetailsTo (object)`

PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.

`configRef (object)`

SecretStoreConfigRef specifies which secret store config should be used for this ConnectionSecret.

`name (string)`

Name of the referenced object.

`policy (object)`

Policies for referencing.

`resolution (string)`

`resolve (string)`

`metadata (object)`

Metadata is the metadata for connection secret.

`annotations (object)`

Annotations are the annotations to be added to connection secret. - For Kubernetes secrets, this will be used as "metadata.annotations". - It is up to Secret Store implementation for others store types.

`additionalProperties (string)`

No description provided.

`labels (object)`

Labels are the labels/tags to be added to connection secret. - For Kubernetes secrets, this will be used as "metadata.labels". - It is up to Secret Store implementation for others store types.

`additionalProperties (string)`

No description provided.

`type (string)`

Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores.

`name (string)`

Name is the name of the connection secret.

`writeConnectionSecretToRef (object)`

WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.

`name (string)`

Name of the secret.

`namespace (string)`

Namespace of the secret.

`status (object)`

ClusterStatus defines the observed state of Cluster.

`atProvider (object)`

No description provided.

`arn (string)`

ARN of the cluster.

`certificateAuthority (array)`

Attribute block containing certificate-authority-data for your cluster. Detailed below.

`data (string)`

Base64 encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.

`clusterId (string)`

The ID of your local Amazon EKS cluster on the AWS Outpost. This attribute isn't available for an AWS EKS cluster on AWS cloud.

`createdAt (string)`

Unix epoch timestamp in seconds for when the cluster was created.

`enabledClusterLogTypes (array)`

List of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging.

`encryptionConfig (array)`

Configuration block with encryption configuration for the cluster. Only available on Kubernetes 1.13 and above clusters created after March 6, 2020. Detailed below.

`provider (array)`

Configuration block with provider for encryption. Detailed below.

`keyArn (string)`

`resources (array)`

List of strings with resources to be encrypted. Valid values: secrets.

`endpoint (string)`

Endpoint for your Kubernetes API server.

`id (string)`

Name of the cluster.

`identity (array)`

Attribute block containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. Detailed below.

`oidc (array)`

Nested block containing OpenID Connect identity provider information for the cluster. Detailed below.

`issuer (string)`

Issuer URL for the OpenID Connect identity provider.

`kubernetesNetworkConfig (array)`

Configuration block with kubernetes network configuration for the cluster. Detailed below.

`ipFamily (string)`

`serviceIpv4Cidr (string)`

`serviceIpv6Cidr (string)`

The CIDR block that Kubernetes pod and service IP addresses are assigned from if you specified ipv6 for ipFamily when you created the cluster. Kubernetes assigns service addresses from the unique local address range (fc00::/7) because you can't specify a custom IPv6 CIDR block when you create the cluster.

`outpostConfig (array)`

Configuration block representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This block isn't available for creating Amazon EKS clusters on the AWS cloud.

`controlPlaneInstanceType (string)`

`controlPlanePlacement (array)`

`groupName (string)`

The name of the placement group for the Kubernetes control plane instances. This setting can't be changed after cluster creation.

`outpostArns (array)`

The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. This argument is a list of arns, but only a single Outpost ARN is supported currently.

`platformVersion (string)`

Platform version for the cluster.

`roleArn (string)`

`status (string)`

Status of the EKS cluster. One of CREATING, ACTIVE, DELETING, FAILED.

`tags (object)`

Key-value map of resource tags.

`additionalProperties (string)`

No description provided.

`tagsAll (object)`

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

`additionalProperties (string)`

No description provided.

`version (string)`

`vpcConfig (array)`

`clusterSecurityGroupId (string)`

Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.

`endpointPrivateAccess (boolean)`

Whether the Amazon EKS private API server endpoint is enabled. Default is false.

`endpointPublicAccess (boolean)`

Whether the Amazon EKS public API server endpoint is enabled. Default is true.

`publicAccessCidrs (array)`

List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint when enabled. EKS defaults this to a list with 0.0.0.0/0.

`securityGroupIds (array)`

account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane.

`subnetIds (array)`

account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.

`vpcId (string)`

ID of the VPC associated with your cluster.

`conditions (array)`

Conditions of the resource.

`lastTransitionTime (string)`

LastTransitionTime is the last time this condition transitioned from one status to another.

`message (string)`

A Message containing details about this condition's last transition from one status to another, if any.

`reason (string)`

A Reason for this condition's last transition from one status to another.

`status (string)`

Status of this condition; is it currently True, False, or Unknown?

`type (string)`

Type of this condition. At most one of each condition type may apply to a resource at any point in time.