KubectlProviderProps

class aws_cdk.aws_eks_v2_alpha.KubectlProviderProps(*, kubectl_layer, awscli_layer=None, environment=None, memory=None, private_subnets=None, removal_policy=None, role=None, security_group=None, cluster)

Bases: KubectlProviderOptions

(experimental) Properties for a KubectlProvider.

Parameters:

  • kubectl_layer (ILayerVersion) – (experimental) An AWS Lambda layer that includes kubectl and helm.

  • awscli_layer (Optional[ILayerVersion]) – (experimental) An AWS Lambda layer that contains the aws CLI. If not defined, a default layer will be used containing the AWS CLI 2.x.

  • environment (Optional[Mapping[str, str]]) – (experimental) Custom environment variables when running kubectl against this cluster.

  • memory (Optional[Size]) – (experimental) The amount of memory allocated to the kubectl provider’s lambda function.

  • private_subnets (Optional[Sequence[ISubnet]]) – (experimental) Subnets to host the kubectl compute resources. If not specified, the k8s endpoint is expected to be accessible publicly.

  • removal_policy (Optional[RemovalPolicy]) – (experimental) The removal policy applied to the custom resource that provides kubectl. The removal policy controls what happens to the resource if it stops being managed by CloudFormation. This can happen in one of three situations: - The resource is removed from the template, so CloudFormation stops managing it - A change to the resource is made that requires it to be replaced, so CloudFormation stops managing it - The stack is deleted, so CloudFormation stops managing all resources in it Default: RemovalPolicy.DESTROY

  • role (Optional[IRole]) – (experimental) An IAM role that can perform kubectl operations against this cluster. The role should be mapped to the system:masters Kubernetes RBAC role. This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster. Default: - if not specified, the default role created by a lambda function will be used.

  • security_group (Optional[ISecurityGroup]) – (experimental) A security group to use for kubectl execution. Default: - If not specified, the k8s endpoint is expected to be accessible publicly.

  • cluster (ICluster) – (experimental) The cluster to control.

Stability:

experimental

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_eks_v2_alpha as eks_v2_alpha
import aws_cdk as cdk
from aws_cdk import aws_ec2 as ec2
from aws_cdk import aws_iam as iam
from aws_cdk import aws_lambda as lambda_

# cluster: eks_v2_alpha.Cluster
# layer_version: lambda.LayerVersion
# role: iam.Role
# security_group: ec2.SecurityGroup
# size: cdk.Size
# subnet: ec2.Subnet

kubectl_provider_props = eks_v2_alpha.KubectlProviderProps(
    cluster=cluster,
    kubectl_layer=layer_version,

    # the properties below are optional
    awscli_layer=layer_version,
    environment={
        "environment_key": "environment"
    },
    memory=size,
    private_subnets=[subnet],
    removal_policy=cdk.RemovalPolicy.DESTROY,
    role=role,
    security_group=security_group
)

Attributes

awscli_layer

(experimental) An AWS Lambda layer that contains the aws CLI.

If not defined, a default layer will be used containing the AWS CLI 2.x.

Stability:

experimental

cluster

(experimental) The cluster to control.

Stability:

experimental

environment

(experimental) Custom environment variables when running kubectl against this cluster.

Stability:

experimental

kubectl_layer

(experimental) An AWS Lambda layer that includes kubectl and helm.

Stability:

experimental

memory

(experimental) The amount of memory allocated to the kubectl provider’s lambda function.

Stability:

experimental

private_subnets

(experimental) Subnets to host the kubectl compute resources.

If not specified, the k8s endpoint is expected to be accessible publicly.

Stability:

experimental

removal_policy

(experimental) The removal policy applied to the custom resource that provides kubectl.

The removal policy controls what happens to the resource if it stops being managed by CloudFormation. This can happen in one of three situations:

  • The resource is removed from the template, so CloudFormation stops managing it

  • A change to the resource is made that requires it to be replaced, so CloudFormation stops managing it

  • The stack is deleted, so CloudFormation stops managing all resources in it

Default:

RemovalPolicy.DESTROY

Stability:

experimental

role

(experimental) An IAM role that can perform kubectl operations against this cluster.

The role should be mapped to the system:masters Kubernetes RBAC role.

This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster.

Default:

  • if not specified, the default role created by a lambda function will

be used.

Stability:

experimental

security_group

(experimental) A security group to use for kubectl execution.

Default:

  • If not specified, the k8s endpoint is expected to be accessible

publicly.

Stability:

experimental