AWS::EKS::Cluster

EKS Cluster

An object representing an Amazon EKS cluster.

Properties

19 configurable properties. 2 required. Click a row to see details.

Filter:

Property	Type	Flags
`ResourcesVpcConfig`	`ResourcesVpcConfig`	Required
`RoleArn`	`string`	RequiredCreate-only
`AccessConfig`	`AccessConfig`
`BootstrapSelfManagedAddons`	`boolean`	Create-onlyWrite-only
`ComputeConfig`	`ComputeConfig`
`ControlPlaneScalingConfig`	`ControlPlaneScalingConfig`
`DeletionProtection`	`boolean`
`EncryptionConfig`	`Array<EncryptionConfig>`	Create-only
`Force`	`boolean`	Write-only
`KubernetesNetworkConfig`	`KubernetesNetworkConfig`
`Logging`	`Logging`
`Name`	`string`	Create-only
`OutpostConfig`	`OutpostConfig`	Create-only
`RemoteNetworkConfig`	`RemoteNetworkConfig`
`StorageConfig`	`StorageConfig`
`Tags`	`Array<Tag>`
`UpgradePolicy`	`UpgradePolicy`
`Version`	`string`
`ZonalShiftConfig`	`ZonalShiftConfig`

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

Attribute	Type	Description
`Arn`	`string`	The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.
`CertificateAuthorityData`	`string`	The certificate-authority-data for your cluster.
`ClusterSecurityGroupId`	`string`	The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.
`EncryptionConfigKeyArn`	`string`	Amazon Resource Name (ARN) or alias of the customer master key (CMK).
`Endpoint`	`string`	The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.
`Id`	`string`	The unique ID given to your cluster.
`OpenIdConnectIssuerUrl`	`string`	The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml

AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::EKS::Cluster

Resources:
  MyResource:
    Type: AWS::EKS::Cluster
    Properties:
      RoleArn: "arn:aws:service:region:account:resource"
      ResourcesVpcConfig: "value"
      Tags:
        - Key: Environment
          Value: Production
      Name: !Ref "AWS::StackName"

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

read

eks:DescribeCluster

create

eks:CreateClustereks:DescribeClustereks:TagResourceeks:CreateAccessEntryiam:PassRoleiam:GetRoleiam:ListAttachedRolePoliciesiam:CreateServiceLinkedRole

update

iam:PassRoleeks:UpdateClusterConfigeks:UpdateClusterVersioneks:DescribeClustereks:DescribeUpdateeks:TagResourceeks:UntagResource

list

eks:ListClusters

delete

eks:DeleteClustereks:DescribeCluster

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

ServiceEKS

Properties26

Required2

TaggingSupported

Primary IDName

Supported Operations

ReadCreateUpdateListDelete

Immutable After Creation

These properties cannot be changed after the resource is created. Updating them triggers a replacement.

OutpostConfigEncryptionConfigKubernetesNetworkConfig/IpFamilyKubernetesNetworkConfig/ServiceIpv4CidrAccessConfig/BootstrapClusterCreatorAdminPermissionsNameRoleArnBootstrapSelfManagedAddons

Related Resources

External Links

AWS Documentation