class KubectlProvider (construct)
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.EKSv2.KubectlProvider |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awseksv2#KubectlProvider |
 Java | software.amazon.awscdk.services.eks_v2.KubectlProvider |
 Python | aws_cdk.aws_eks_v2.KubectlProvider |
 TypeScript (source) | aws-cdk-lib » aws_eks_v2 » KubectlProvider |
Implements
IConstruct, IDependable, IKubectl
Implementation of Kubectl Lambda.
Example
const handlerRole = iam.Role.fromRoleArn(this, 'HandlerRole', 'arn:aws:iam::123456789012:role/lambda-role');
// get the serivceToken from the custom resource provider
const functionArn = lambda.Function.fromFunctionName(this, 'ProviderOnEventFunc', 'ProviderframeworkonEvent-XXX').functionArn;
const kubectlProvider = eks.KubectlProvider.fromKubectlProviderAttributes(this, 'KubectlProvider', {
serviceToken: functionArn,
role: handlerRole,
});
const cluster = eks.Cluster.fromClusterAttributes(this, 'Cluster', {
clusterName: 'cluster',
kubectlProvider,
});
Initializer
new KubectlProvider(scope: Construct, id: string, props: KubectlProviderProps)
Parameters
- scope
Construct - id
string - props
KubectlProvider Props
Construct Props
| Name | Type | Description |
|---|---|---|
| cluster | ICluster | The cluster to control. |
| kubectl | ILayer | An AWS Lambda layer that includes kubectl and helm. |
| awscli | ILayer | An AWS Lambda layer that contains the aws CLI. |
| environment? | { [string]: string } | Custom environment variables when running kubectl against this cluster. |
| memory? | Size | The amount of memory allocated to the kubectl provider's lambda function. |
| private | ISubnet[] | Subnets to host the kubectl compute resources. |
| removal | Removal | The removal policy applied to the custom resource that provides kubectl. |
| role? | IRole | An IAM role that can perform kubectl operations against this cluster. |
| security | ISecurity | A security group to use for kubectl execution. |
cluster
Type:
ICluster
The cluster to control.
kubectlLayer
Type:
ILayer
An AWS Lambda layer that includes kubectl and helm.
awscliLayer?
Type:
ILayer
(optional, default: If not defined, a default layer will be used containing the AWS CLI 2.x.)
An AWS Lambda layer that contains the aws CLI.
environment?
Type:
{ [string]: string }
(optional, default: No custom environment variables)
Custom environment variables when running kubectl against this cluster.
memory?
Type:
Size
(optional, default: 1024)
The amount of memory allocated to the kubectl provider's lambda function.
privateSubnets?
Type:
ISubnet[]
(optional, default: the k8s is accessible publicly)
Subnets to host the kubectl compute resources.
If not specified, the k8s endpoint is expected to be accessible publicly.
removalPolicy?
Type:
Removal
(optional, default: RemovalPolicy.DESTROY)
The removal policy applied to the custom resource that provides kubectl.
The removal policy controls what happens to the resource if it stops being managed by CloudFormation. This can happen in one of three situations:
- The resource is removed from the template, so CloudFormation stops managing it
- A change to the resource is made that requires it to be replaced, so CloudFormation stops managing it
- The stack is deleted, so CloudFormation stops managing all resources in it
role?
Type:
IRole
(optional, default: if not specified, the default role created by a lambda function will
be used.)
An IAM role that can perform kubectl operations against this cluster.
The role should be mapped to the system:masters Kubernetes RBAC role.
This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster.
securityGroup?
Type:
ISecurity
(optional, default: If not specified, the k8s endpoint is expected to be accessible
publicly.)
A security group to use for kubectl execution.
Properties
| Name | Type | Description |
|---|---|---|
| node | Node | The tree node. |
| service | string | The custom resource provider's service token. |
| role? | IRole | The IAM execution role of the handler. |
node
Type:
Node
The tree node.
serviceToken
Type:
string
The custom resource provider's service token.
role?
Type:
IRole
(optional)
The IAM execution role of the handler.
Methods
| Name | Description |
|---|---|
| to | Returns a string representation of this construct. |
| with(...mixins) | Applies one or more mixins to this construct. |
| static from | Import an existing provider. |
| static get | Take existing provider on cluster. |
toString()
public toString(): string
Returns
string
Returns a string representation of this construct.
with(...mixins)
public with(...mixins: IMixin[]): IConstruct
Parameters
- mixins
IMixin— The mixins to apply.
Returns
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
static fromKubectlProviderAttributes(scope, id, attrs)
public static fromKubectlProviderAttributes(scope: Construct, id: string, attrs: KubectlProviderAttributes): IKubectlProvider
Parameters
- scope
Construct— Construct. - id
string— an id of resource. - attrs
Kubectl— attributes for the provider.Provider Attributes
Returns
Import an existing provider.
static getKubectlProvider(scope, cluster)
public static getKubectlProvider(scope: Construct, cluster: ICluster): IKubectlProvider
Parameters
Returns
Take existing provider on cluster.