Class: Aws::EKS::Types::VpcConfigRequest
- Inherits:
-
Struct
- Object
- Struct
- Aws::EKS::Types::VpcConfigRequest
- Defined in:
- gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb
Overview
An object representing the VPC configuration to use for an Amazon EKS cluster.
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#control_plane_egress_mode ⇒ String
Specifies the control plane egress routing mode for the cluster.
-
#endpoint_private_access ⇒ Boolean
Set this value to
trueto enable private access for your cluster's Kubernetes API server endpoint. -
#endpoint_public_access ⇒ Boolean
Set this value to
falseto disable public access to your cluster's Kubernetes API server endpoint. -
#public_access_cidrs ⇒ Array<String>
The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint.
-
#security_group_ids ⇒ Array<String>
Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use that allow communication between your nodes and the Kubernetes control plane.
-
#subnet_ids ⇒ Array<String>
Specify subnets for your Amazon EKS nodes.
Instance Attribute Details
#control_plane_egress_mode ⇒ String
Specifies the control plane egress routing mode for the cluster. If
the cluster is set to AWS_MANAGED, Amazon EKS manages the egress
path from the control plane and you don't need to configure NAT
gateways or other routing infrastructure for control plane traffic.
If the cluster is set to CUSTOMER_ROUTED, you manage the egress
path from the control plane in your VPC subnets. You are responsible
for ensuring that the control plane can reach required endpoints
such as webhook servers and OIDC providers. The default value is
AWS_MANAGED. Once set to CUSTOMER_ROUTED, this setting cannot be
changed back to AWS_MANAGED on the same cluster.
Learn more about control plane egress routing in the Amazon EKS User Guide.
8884 8885 8886 8887 8888 8889 8890 8891 8892 8893 |
# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 8884 class VpcConfigRequest < Struct.new( :subnet_ids, :security_group_ids, :endpoint_public_access, :endpoint_private_access, :public_access_cidrs, :control_plane_egress_mode) SENSITIVE = [] include Aws::Structure end |
#endpoint_private_access ⇒ Boolean
Set this value to true to enable private access for your
cluster's Kubernetes API server endpoint. If you enable private
access, Kubernetes API requests from within your cluster's VPC use
the private VPC endpoint. The default value for this parameter is
false, which disables private access for your Kubernetes API
server. If you disable private access and you have nodes or Fargate
pods in the cluster, then ensure that publicAccessCidrs includes
the necessary CIDR blocks for communication with the nodes or
Fargate pods. For more information, see Cluster API server
endpoint in the Amazon EKS User Guide .
8884 8885 8886 8887 8888 8889 8890 8891 8892 8893 |
# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 8884 class VpcConfigRequest < Struct.new( :subnet_ids, :security_group_ids, :endpoint_public_access, :endpoint_private_access, :public_access_cidrs, :control_plane_egress_mode) SENSITIVE = [] include Aws::Structure end |
#endpoint_public_access ⇒ Boolean
Set this value to false to disable public access to your
cluster's Kubernetes API server endpoint. If you disable public
access, your cluster's Kubernetes API server can only receive
requests from within the cluster VPC. The default value for this
parameter is true, which enables public access for your Kubernetes
API server. The endpoint domain name and IP address family depends
on the value of the ipFamily for the cluster. For more
information, see Cluster API server endpoint in the
Amazon EKS User Guide .
8884 8885 8886 8887 8888 8889 8890 8891 8892 8893 |
# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 8884 class VpcConfigRequest < Struct.new( :subnet_ids, :security_group_ids, :endpoint_public_access, :endpoint_private_access, :public_access_cidrs, :control_plane_egress_mode) SENSITIVE = [] include Aws::Structure end |
#public_access_cidrs ⇒ Array<String>
The CIDR blocks that are allowed access to your cluster's public
Kubernetes API server endpoint. Communication to the endpoint from
addresses outside of the CIDR blocks that you specify is denied. The
default value is 0.0.0.0/0 and additionally ::/0 for dual-stack
IPv6 clusters. If you've disabled private endpoint access, make
sure that you specify the necessary CIDR blocks for every node and
Fargate Pod in the cluster. For more information, see Cluster API
server endpoint in the Amazon EKS User Guide .
Note that the public endpoints are dual-stack for only IPv6
clusters that are made after October 2024. You can't add IPv6
CIDR blocks to IPv4 clusters or IPv6 clusters that were made
before October 2024.
8884 8885 8886 8887 8888 8889 8890 8891 8892 8893 |
# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 8884 class VpcConfigRequest < Struct.new( :subnet_ids, :security_group_ids, :endpoint_public_access, :endpoint_private_access, :public_access_cidrs, :control_plane_egress_mode) SENSITIVE = [] include Aws::Structure end |
#security_group_ids ⇒ Array<String>
Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use that allow communication between your nodes and the Kubernetes control plane. If you don't specify any security groups, then familiarize yourself with the difference between Amazon EKS defaults for clusters deployed with Kubernetes. For more information, see Amazon EKS security group considerations in the Amazon EKS User Guide .
8884 8885 8886 8887 8888 8889 8890 8891 8892 8893 |
# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 8884 class VpcConfigRequest < Struct.new( :subnet_ids, :security_group_ids, :endpoint_public_access, :endpoint_private_access, :public_access_cidrs, :control_plane_egress_mode) SENSITIVE = [] include Aws::Structure end |
#subnet_ids ⇒ Array<String>
Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.
8884 8885 8886 8887 8888 8889 8890 8891 8892 8893 |
# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 8884 class VpcConfigRequest < Struct.new( :subnet_ids, :security_group_ids, :endpoint_public_access, :endpoint_private_access, :public_access_cidrs, :control_plane_egress_mode) SENSITIVE = [] include Aws::Structure end |