Class: Aws::EKS::Types::VpcConfigRequest

Inherits:

Struct

• Object
• Struct
• Aws::EKS::Types::VpcConfigRequest

Includes:

Structure

Defined in:

lib/aws-sdk-eks/types.rb

Overview

An object representing the VPC configuration to use for an Amazon EKS cluster.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #endpoint_private_access ⇒ Boolean

  Set this value to ‘true` to enable private access for your cluster’s Kubernetes API server endpoint.

• #endpoint_public_access ⇒ Boolean

  Set this value to ‘false` to disable public access to your cluster’s Kubernetes API server endpoint.

• #public_access_cidrs ⇒ Array<String>

  The CIDR blocks that are allowed access to your cluster’s public Kubernetes API server endpoint.

• #security_group_ids ⇒ Array<String>

  Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use that allow communication between your nodes and the Kubernetes control plane.

• #subnet_ids ⇒ Array<String>

  Specify subnets for your Amazon EKS nodes.

Instance Attribute Details

#endpoint_private_access ⇒ Boolean

Set this value to ‘true` to enable private access for your cluster’s Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster’s VPC use the private VPC endpoint. The default value for this parameter is ‘false`, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or Fargate pods in the cluster, then ensure that `publicAccessCidrs` includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see [Cluster API server endpoint] in the Amazon EKS User Guide .

[1]: docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html

Returns:

• (Boolean)

# File 'lib/aws-sdk-eks/types.rb', line 7639

class VpcConfigRequest < Struct.new(
  :subnet_ids,
  :security_group_ids,
  :endpoint_public_access,
  :endpoint_private_access,
  :public_access_cidrs)
  SENSITIVE = []
  include Aws::Structure
end

#endpoint_public_access ⇒ Boolean

Set this value to ‘false` to disable public access to your cluster’s Kubernetes API server endpoint. If you disable public access, your cluster’s Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is ‘true`, which enables public access for your Kubernetes API server. The endpoint domain name and IP address family depends on the value of the `ipFamily` for the cluster. For more information, see [Cluster API server endpoint] in the Amazon EKS User Guide .

[1]: docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html

Returns:

• (Boolean)

# File 'lib/aws-sdk-eks/types.rb', line 7639

class VpcConfigRequest < Struct.new(
  :subnet_ids,
  :security_group_ids,
  :endpoint_public_access,
  :endpoint_private_access,
  :public_access_cidrs)
  SENSITIVE = []
  include Aws::Structure
end

#public_access_cidrs ⇒ Array<String>

The CIDR blocks that are allowed access to your cluster’s public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is ‘0.0.0.0/0` and additionally `::/0` for dual-stack `IPv6` clusters. If you’ve disabled private endpoint access, make sure that you specify the necessary CIDR blocks for every node and Fargate ‘Pod` in the cluster. For more information, see [Cluster API server endpoint] in the Amazon EKS User Guide .

Note that the public endpoints are dual-stack for only ‘IPv6` clusters that are made after October 2024. You can’t add ‘IPv6` CIDR blocks to `IPv4` clusters or `IPv6` clusters that were made before October 2024.

[1]: docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html

Returns:

• (Array<String>)

# File 'lib/aws-sdk-eks/types.rb', line 7639

class VpcConfigRequest < Struct.new(
  :subnet_ids,
  :security_group_ids,
  :endpoint_public_access,
  :endpoint_private_access,
  :public_access_cidrs)
  SENSITIVE = []
  include Aws::Structure
end

#security_group_ids ⇒ Array<String>

Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use that allow communication between your nodes and the Kubernetes control plane. If you don’t specify any security groups, then familiarize yourself with the difference between Amazon EKS defaults for clusters deployed with Kubernetes. For more information, see [Amazon EKS security group considerations] in the Amazon EKS User Guide .

[1]: docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html

Returns:

• (Array<String>)

# File 'lib/aws-sdk-eks/types.rb', line 7639

class VpcConfigRequest < Struct.new(
  :subnet_ids,
  :security_group_ids,
  :endpoint_public_access,
  :endpoint_private_access,
  :public_access_cidrs)
  SENSITIVE = []
  include Aws::Structure
end

#subnet_ids ⇒ Array<String>

Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.

Returns:

• (Array<String>)

# File 'lib/aws-sdk-eks/types.rb', line 7639

class VpcConfigRequest < Struct.new(
  :subnet_ids,
  :security_group_ids,
  :endpoint_public_access,
  :endpoint_private_access,
  :public_access_cidrs)
  SENSITIVE = []
  include Aws::Structure
end