Package software.amazon.awscdk.services.eks_v2

Interface KubectlProviderOptions

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Subinterfaces:
KubectlProviderProps
All Known Implementing Classes:
KubectlProviderOptions.Jsii$Proxy, KubectlProviderProps.Jsii$Proxy
@Generated(value="jsii-pacmak/1.126.0 (build 206d44b)", date="2026-02-23T18:58:18.925Z") @Stability(Stable) public interface KubectlProviderOptions extends software.amazon.jsii.JsiiSerializable
Options for creating the kubectl provider - a lambda function that executes kubectl and helm against the cluster.

Example: 

 import software.amazon.awscdk.cdk.lambdalayer.kubectl.v34.KubectlV34Layer;
 Cluster cluster = Cluster.Builder.create(this, "hello-eks")
         .version(KubernetesVersion.V1_34)
         .kubectlProviderOptions(KubectlProviderOptions.builder()
                 .kubectlLayer(new KubectlV34Layer(this, "kubectl"))
                 .environment(Map.of(
                         "http_proxy", "http://proxy.myproxy.com"))
                 .build())
         .build();

  • Method Details

    • getKubectlLayer

      @Stability(Stable) @NotNull ILayerVersion getKubectlLayer()
      An AWS Lambda layer that includes kubectl and helm.

    • getAwscliLayer

      @Stability(Stable) @Nullable default ILayerVersion getAwscliLayer()
      An AWS Lambda layer that contains the aws CLI.

      Default: - If not defined, a default layer will be used containing the AWS CLI 2.x.

    • getEnvironment

      @Stability(Stable) @Nullable default Map<String,String> getEnvironment()
      Custom environment variables when running kubectl against this cluster.

      Default: - No custom environment variables

    • getMemory

      @Stability(Stable) @Nullable default Size getMemory()
      The amount of memory allocated to the kubectl provider's lambda function.

      Default: - 1024

    • getPrivateSubnets

      @Stability(Stable) @Nullable default List<ISubnet> getPrivateSubnets()
      Subnets to host the kubectl compute resources.

      If not specified, the k8s endpoint is expected to be accessible publicly.

      Default: - the k8s is accessible publicly

    • getRemovalPolicy

      @Stability(Stable) @Nullable default RemovalPolicy getRemovalPolicy()
      The removal policy applied to the custom resource that provides kubectl.

      The removal policy controls what happens to the resource if it stops being managed by CloudFormation. This can happen in one of three situations:

      • The resource is removed from the template, so CloudFormation stops managing it
      • A change to the resource is made that requires it to be replaced, so CloudFormation stops managing it
      • The stack is deleted, so CloudFormation stops managing all resources in it

      Default: RemovalPolicy.DESTROY

    • getRole

      @Stability(Stable) @Nullable default IRole getRole()
      An IAM role that can perform kubectl operations against this cluster.

      The role should be mapped to the system:masters Kubernetes RBAC role.

      This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster.

      Default: - if not specified, the default role created by a lambda function will be used.

    • getSecurityGroup

      @Stability(Stable) @Nullable default ISecurityGroup getSecurityGroup()
      A security group to use for kubectl execution.

      Default: - If not specified, the k8s endpoint is expected to be accessible publicly.

    • builder

      @Stability(Stable) static KubectlProviderOptions.Builder builder()
      Returns:
      a KubectlProviderOptions.Builder of KubectlProviderOptions