aws_eks_cluster

account_id

Type: STRING

arn

Type: STRING
Provider name: arn
Description: The Amazon Resource Name (ARN) of the cluster.

certificate_authority

Type: STRUCT
Provider name: certificateAuthority
Description: The certificate-authority-data for your cluster.

• data
  Type: STRING
  Provider name: data
  Description: The Base64-encoded certificate data required to communicate with your cluster. Add this to the certificate-authority-data section of the kubeconfig file for your cluster.
  

client_request_token

Type: STRING
Provider name: clientRequestToken
Description: Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

connector_config

Type: STRUCT
Provider name: connectorConfig
Description: The configuration used to connect to a cluster for registration.

• activation_code
  Type: STRING
  Provider name: activationCode
  Description: A unique code associated with the cluster for registration purposes.
  
• activation_expiry
  Type: TIMESTAMP
  Provider name: activationExpiry
  Description: The expiration time of the connected cluster. The cluster’s YAML file must be applied through the native provider.
  
• activation_id
  Type: STRING
  Provider name: activationId
  Description: A unique ID associated with the cluster for registration purposes.
  
• provider
  Type: STRING
  Provider name: provider
  Description: The cluster’s cloud service provider.
  
• role_arn
  Type: STRING
  Provider name: roleArn
  Description: The Amazon Resource Name (ARN) of the role to communicate with services from the connected Kubernetes cluster.
  

created_at

Type: TIMESTAMP
Provider name: createdAt
Description: The Unix epoch timestamp in seconds for when the cluster was created.

encryption_config

Type: UNORDERED_LIST_STRUCT
Provider name: encryptionConfig
Description: The encryption configuration for the cluster.

• provider
  Type: STRUCT
  Provider name: provider
  Description: Key Management Service (KMS) key. Either the ARN or the alias can be used.
  
  • key_arn
    Type: STRING
    Provider name: keyArn
    Description: Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key. For more information, see Allowing Users in Other Accounts to Use a KMS key in the Key Management Service Developer Guide.
    
• resources
  Type: UNORDERED_LIST_STRING
  Provider name: resources
  Description: Specifies the resources to be encrypted. The only supported value is “secrets”.
  

endpoint

Type: STRING
Provider name: endpoint
Description: The endpoint for your Kubernetes API server.

health

Type: STRUCT
Provider name: health
Description: An object representing the health of your local Amazon EKS cluster on an Amazon Web Services Outpost. This object isn’t available for clusters on the Amazon Web Services cloud.

• issues
  Type: UNORDERED_LIST_STRUCT
  Provider name: issues
  Description: An object representing the health issues of your local Amazon EKS cluster on an Amazon Web Services Outpost.
  
  • code
    Type: STRING
    Provider name: code
    Description: The error code of the issue.
    
  • message
    Type: STRING
    Provider name: message
    Description: A description of the issue.
    
  • resource_ids
    Type: UNORDERED_LIST_STRING
    Provider name: resourceIds
    Description: The resource IDs that the issue relates to.
    

id

Type: STRING
Provider name: id
Description: The ID of your local Amazon EKS cluster on an Amazon Web Services Outpost. This property isn’t available for an Amazon EKS cluster on the Amazon Web Services cloud.

identity

Type: STRUCT
Provider name: identity
Description: The identity provider information for the cluster.

• oidc
  Type: STRUCT
  Provider name: oidc
  Description: An object representing the OpenID Connect identity provider information.
  
  • issuer
    Type: STRING
    Provider name: issuer
    Description: The issuer URL for the OIDC identity provider.
    

kubernetes_network_config

Type: STRUCT
Provider name: kubernetesNetworkConfig
Description: The Kubernetes network configuration for the cluster.

• ip_family
  Type: STRING
  Provider name: ipFamily
  Description: The IP family used to assign Kubernetes pod and service IP addresses. The IP family is always ipv4, unless you have a 1.21 or later cluster running version 1.10.1 or later of the Amazon VPC CNI add-on and specified ipv6 when you created the cluster.
  
• service_ipv4_cidr
  Type: STRING
  Provider name: serviceIpv4Cidr
  Description: The CIDR block that Kubernetes pod and service IP addresses are assigned from. Kubernetes assigns addresses from an IPv4 CIDR block assigned to a subnet that the node is in. If you didn’t specify a CIDR block when you created the cluster, then Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. If this was specified, then it was specified when the cluster was created and it can’t be changed.
  
• service_ipv6_cidr
  Type: STRING
  Provider name: serviceIpv6Cidr
  Description: The CIDR block that Kubernetes pod and service IP addresses are assigned from if you created a 1.21 or later cluster with version 1.10.1 or later of the Amazon VPC CNI add-on and specified ipv6 for ipFamily when you created the cluster. Kubernetes assigns service addresses from the unique local address range (fc00::/7) because you can’t specify a custom IPv6 CIDR block when you create the cluster.
  

logging

Type: STRUCT
Provider name: logging
Description: The logging configuration for your cluster.

• cluster_logging
  Type: UNORDERED_LIST_STRUCT
  Provider name: clusterLogging
  Description: The cluster control plane logging configuration for your cluster.
  
  • enabled
    Type: BOOLEAN
    Provider name: enabled
    Description: If a log type is enabled, that log type exports its control plane logs to CloudWatch Logs. If a log type isn’t enabled, that log type doesn’t export its control plane logs. Each individual log type can be enabled or disabled independently.
    
  • types
    Type: UNORDERED_LIST_STRING
    Provider name: types
    Description: The available cluster control plane log types.
    

name

Type: STRING
Provider name: name
Description: The name of the cluster.

outpost_config

Type: STRUCT
Provider name: outpostConfig
Description: An object representing the configuration of your local Amazon EKS cluster on an Amazon Web Services Outpost. This object isn’t available for clusters on the Amazon Web Services cloud.

• control_plane_instance_type
  Type: STRING
  Provider name: controlPlaneInstanceType
  Description: The Amazon EC2 instance type used for the control plane. The instance type is the same for all control plane instances.
  
• control_plane_placement
  Type: STRUCT
  Provider name: controlPlanePlacement
  Description: An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on an Amazon Web Services Outpost. For more information, see Capacity considerations in the Amazon EKS User Guide.
  
  • group_name
    Type: STRING
    Provider name: groupName
    Description: The name of the placement group for the Kubernetes control plane instances.
    
• outpost_arns
  Type: UNORDERED_LIST_STRING
  Provider name: outpostArns
  Description: The ARN of the Outpost that you specified for use with your local Amazon EKS cluster on Outposts.
  

platform_version

Type: STRING
Provider name: platformVersion
Description: The platform version of your Amazon EKS cluster. For more information, see Platform Versions in the Amazon EKS User Guide .

resources_vpc_config

Type: STRUCT
Provider name: resourcesVpcConfig
Description: The VPC configuration used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations and Cluster Security Group Considerations in the Amazon EKS User Guide.

• cluster_security_group_id
  Type: STRING
  Provider name: clusterSecurityGroupId
  Description: The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.
  
• endpoint_private_access
  Type: BOOLEAN
  Provider name: endpointPrivateAccess
  Description: This parameter indicates whether the Amazon EKS private API server endpoint is enabled. If the Amazon EKS private API server endpoint is enabled, Kubernetes API requests that originate from within your cluster’s VPC use the private VPC endpoint instead of traversing the internet. If this value is disabled and you have nodes or Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see Amazon EKS cluster endpoint access control in the Amazon EKS User Guide .
  
• endpoint_public_access
  Type: BOOLEAN
  Provider name: endpointPublicAccess
  Description: This parameter indicates whether the Amazon EKS public API server endpoint is enabled. If the Amazon EKS public API server endpoint is disabled, your cluster’s Kubernetes API server can only receive requests that originate from within the cluster VPC.
  
• public_access_cidrs
  Type: UNORDERED_LIST_STRING
  Provider name: publicAccessCidrs
  Description: The CIDR blocks that are allowed access to your cluster’s public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the listed CIDR blocks is denied. The default value is 0.0.0.0/0. If you’ve disabled private endpoint access and you have nodes or Fargate pods in the cluster, then ensure that the necessary CIDR blocks are listed. For more information, see Amazon EKS cluster endpoint access control in the Amazon EKS User Guide .
  
• security_group_ids
  Type: UNORDERED_LIST_STRING
  Provider name: securityGroupIds
  Description: The security groups associated with the cross-account elastic network interfaces that are used to allow communication between your nodes and the Kubernetes control plane.
  
• subnet_ids
  Type: UNORDERED_LIST_STRING
  Provider name: subnetIds
  Description: The subnets associated with your cluster.
  
• vpc_id
  Type: STRING
  Provider name: vpcId
  Description: The VPC associated with your cluster.
  

role_arn

Type: STRING
Provider name: roleArn
Description: The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to Amazon Web Services API operations on your behalf.

status

Type: STRING
Provider name: status
Description: The current status of the cluster.

tags

Type: UNORDERED_LIST_STRING

version

Type: STRING
Provider name: version
Description: The Kubernetes server version for the cluster.