Skip to content

Instantly share code, notes, and snippets.

@shinji62

shinji62/eksctl-shemav2.json

Last active April 1, 2022 02:43
Show Gist options
  • Save shinji62/5aa8f96fef9590b79b589d0e36b2ee37 to your computer and use it in GitHub Desktop.
Save shinji62/5aa8f96fef9590b79b589d0e36b2ee37 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
eksctl-shemav2.json
{
"$ref": "#/definitions/ClusterConfig",
"type": "object",
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"AZSubnetMapping": {
"additionalProperties": {
"$ref": "#/definitions/AZSubnetSpec"
},
"type": "object",
"description": "holds subnet to AZ mappings. If the key is an AZ, that also becomes the name of the subnet otherwise use the key to refer to this subnet.",
"x-intellij-html-description": "holds subnet to AZ mappings. If the key is an AZ, that also becomes the name of the subnet otherwise use the key to refer to this subnet.",
"default": "{}"
},
"AZSubnetSpec": {
"properties": {
"az": {
"type": "string",
"description": "can be omitted if the key is an AZ",
"x-intellij-html-description": "can be omitted if the key is an AZ"
},
"cidr": {
"$ref": "#/definitions/github.com|weaveworks|eksctl|pkg|utils|ipnet.IPNet"
},
"id": {
"type": "string"
}
},
"preferredOrder": [
"id",
"az",
"cidr"
],
"additionalProperties": false
},
"Addon": {
"required": [
"name"
],
"properties": {
"attachPolicy": {
"$ref": "#/definitions/InlineDocument",
"description": "holds a policy document to attach",
"x-intellij-html-description": "holds a policy document to attach"
},
"attachPolicyARNs": {
"items": {
"type": "string"
},
"type": "array",
"description": "list of ARNs of the IAM policies to attach",
"x-intellij-html-description": "list of ARNs of the IAM policies to attach"
},
"name": {
"type": "string"
},
"permissionsBoundary": {
"type": "string",
"description": "ARN of the permissions boundary to associate",
"x-intellij-html-description": "ARN of the permissions boundary to associate"
},
"serviceAccountRoleARN": {
"type": "string"
},
"tags": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"description": "The metadata to apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define.",
"x-intellij-html-description": "The metadata to apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define.",
"default": "{}"
},
"version": {
"type": "string"
}
},
"preferredOrder": [
"name",
"version",
"serviceAccountRoleARN",
"attachPolicyARNs",
"attachPolicy",
"permissionsBoundary",
"tags"
],
"additionalProperties": false,
"description": "holds the EKS addon configuration",
"x-intellij-html-description": "holds the EKS addon configuration"
},
"ClusterCloudWatch": {
"properties": {
"clusterLogging": {
"$ref": "#/definitions/ClusterCloudWatchLogging"
}
},
"preferredOrder": [
"clusterLogging"
],
"additionalProperties": false,
"description": "contains config parameters related to CloudWatch",
"x-intellij-html-description": "contains config parameters related to CloudWatch"
},
"ClusterCloudWatchLogging": {
"properties": {
"enableTypes": {
"items": {
"type": "string",
"enum": [
"api",
"audit",
"authenticator",
"controllerManager",
"scheduler",
"all",
"*"
]
},
"type": "array",
"description": "Types of logging to enable (see [CloudWatch docs](/usage/cloudwatch-cluster-logging/#clusterconfig-examples)). Valid entries are: `\"api\"`, `\"audit\"`, `\"authenticator\"`, `\"controllerManager\"`, `\"scheduler\"`, `\"all\"`, `\"*\"`.",
"x-intellij-html-description": "Types of logging to enable (see <a href=\"/usage/cloudwatch-cluster-logging/#clusterconfig-examples\">CloudWatch docs</a>). Valid entries are: <code>&quot;api&quot;</code>, <code>&quot;audit&quot;</code>, <code>&quot;authenticator&quot;</code>, <code>&quot;controllerManager&quot;</code>, <code>&quot;scheduler&quot;</code>, <code>&quot;all&quot;</code>, <code>&quot;*&quot;</code>."
}
},
"preferredOrder": [
"enableTypes"
],
"additionalProperties": false,
"description": "container config parameters related to cluster logging",
"x-intellij-html-description": "container config parameters related to cluster logging"
},
"ClusterConfig": {
"required": [
"metadata",
"kind",
"apiVersion"
],
"properties": {
"addons": {
"items": {
"$ref": "#/definitions/Addon"
},
"type": "array"
},
"apiVersion": {
"type": "string",
"enum": [
"eksctl.io/v1alpha5"
]
},
"availabilityZones": {
"items": {
"type": "string"
},
"type": "array"
},
"cloudWatch": {
"$ref": "#/definitions/ClusterCloudWatch",
"description": "See [CloudWatch support](/usage/cloudwatch-cluster-logging/)",
"x-intellij-html-description": "See <a href=\"/usage/cloudwatch-cluster-logging/\">CloudWatch support</a>"
},
"fargateProfiles": {
"items": {
"$ref": "#/definitions/FargateProfile"
},
"type": "array"
},
"git": {
"$ref": "#/definitions/Git",
"description": "FLUX V1 DEPRECATION NOTICE. https://github.com/weaveworks/eksctl/issues/2963 Git exposes configuration for Flux v1 and an earlier iteration of gitops",
"x-intellij-html-description": "FLUX V1 DEPRECATION NOTICE. https://github.com/weaveworks/eksctl/issues/2963 Git exposes configuration for Flux v1 and an earlier iteration of gitops"
},
"gitops": {
"$ref": "#/definitions/GitOps",
"description": "exposes configuration for Flux v2 and will continue to be used in future gitops plans, replacing the Git configuration above",
"x-intellij-html-description": "exposes configuration for Flux v2 and will continue to be used in future gitops plans, replacing the Git configuration above"
},
"iam": {
"$ref": "#/definitions/ClusterIAM"
},
"identityProviders": {
"items": {
"$ref": "#/definitions/IdentityProvider"
},
"type": "array"
},
"kind": {
"type": "string",
"enum": [
"ClusterConfig"
]
},
"kubernetesNetworkConfig": {
"$ref": "#/definitions/KubernetesNetworkConfig"
},
"managedNodeGroups": {
"items": {
"$ref": "#/definitions/ManagedNodeGroup"
},
"type": "array",
"description": "See [Nodegroups usage](/usage/managing-nodegroups) and [managed nodegroups](/usage/eks-managed-nodes/)",
"x-intellij-html-description": "See <a href=\"/usage/managing-nodegroups\">Nodegroups usage</a> and <a href=\"/usage/eks-managed-nodes/\">managed nodegroups</a>"
},
"metadata": {
"$ref": "#/definitions/ClusterMeta"
},
"nodeGroups": {
"items": {
"$ref": "#/definitions/NodeGroup"
},
"type": "array",
"description": "For information and examples see [nodegroups](/usage/managing-nodegroups)",
"x-intellij-html-description": "For information and examples see <a href=\"/usage/managing-nodegroups\">nodegroups</a>"
},
"privateCluster": {
"$ref": "#/definitions/PrivateCluster",
"description": "allows configuring a fully-private cluster in which no node has outbound internet access, and private access to AWS services is enabled via VPC endpoints",
"x-intellij-html-description": "allows configuring a fully-private cluster in which no node has outbound internet access, and private access to AWS services is enabled via VPC endpoints"
},
"secretsEncryption": {
"$ref": "#/definitions/SecretsEncryption"
},
"vpc": {
"$ref": "#/definitions/ClusterVPC"
}
},
"preferredOrder": [
"kind",
"apiVersion",
"metadata",
"kubernetesNetworkConfig",
"iam",
"identityProviders",
"vpc",
"addons",
"privateCluster",
"nodeGroups",
"managedNodeGroups",
"fargateProfiles",
"availabilityZones",
"cloudWatch",
"secretsEncryption",
"git",
"gitops"
],
"additionalProperties": false,
"description": "a simple config, to be replaced with Cluster API",
"x-intellij-html-description": "a simple config, to be replaced with Cluster API",
"x-kubernetes-group-version-kind": [
{
"group": "eksctl.io",
"version": "v1alpha5",
"kind": "ClusterConfig"
}
]
},
"ClusterEndpoints": {
"properties": {
"privateAccess": {
"type": "boolean"
},
"publicAccess": {
"type": "boolean"
}
},
"preferredOrder": [
"privateAccess",
"publicAccess"
],
"additionalProperties": false,
"description": "holds cluster api server endpoint access information",
"x-intellij-html-description": "holds cluster api server endpoint access information"
},
"ClusterIAM": {
"properties": {
"fargatePodExecutionRoleARN": {
"type": "string",
"description": "role used by pods to access AWS APIs. This role is added to the Kubernetes RBAC for authorization. See [Pod Execution Role](https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html)",
"x-intellij-html-description": "role used by pods to access AWS APIs. This role is added to the Kubernetes RBAC for authorization. See <a href=\"https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html\">Pod Execution Role</a>"
},
"fargatePodExecutionRolePermissionsBoundary": {
"type": "string",
"description": "permissions boundary for the fargate pod execution role`. See [EKS Fargate Support](/usage/fargate-support/)",
"x-intellij-html-description": "permissions boundary for the fargate pod execution role`. See <a href=\"/usage/fargate-support/\">EKS Fargate Support</a>"
},
"serviceAccounts": {
"items": {
"$ref": "#/definitions/ClusterIAMServiceAccount"
},
"type": "array",
"description": "service accounts to create in the cluster. See [IAM Service Accounts](/iamserviceaccounts/#usage-with-config-files)",
"x-intellij-html-description": "service accounts to create in the cluster. See <a href=\"/iamserviceaccounts/#usage-with-config-files\">IAM Service Accounts</a>"
},
"serviceRoleARN": {
"type": "string"
},
"serviceRolePermissionsBoundary": {
"type": "string",
"description": "permissions boundary for all identity-based entities created by eksctl. See [AWS Permission Boundary](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)",
"x-intellij-html-description": "permissions boundary for all identity-based entities created by eksctl. See <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html\">AWS Permission Boundary</a>"
},
"vpcResourceControllerPolicy": {
"type": "boolean",
"description": "attaches the IAM policy necessary to run the VPC controller in the control plane",
"x-intellij-html-description": "attaches the IAM policy necessary to run the VPC controller in the control plane",
"default": true
},
"withOIDC": {
"type": "boolean",
"description": "enables the IAM OIDC provider as well as IRSA for the Amazon CNI plugin",
"x-intellij-html-description": "enables the IAM OIDC provider as well as IRSA for the Amazon CNI plugin"
}
},
"preferredOrder": [
"serviceRoleARN",
"serviceRolePermissionsBoundary",
"fargatePodExecutionRoleARN",
"fargatePodExecutionRolePermissionsBoundary",
"withOIDC",
"serviceAccounts",
"vpcResourceControllerPolicy"
],
"additionalProperties": false,
"description": "holds all IAM attributes of a cluster",
"x-intellij-html-description": "holds all IAM attributes of a cluster"
},
"ClusterIAMMeta": {
"properties": {
"annotations": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"default": "{}"
},
"labels": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"default": "{}"
},
"name": {
"type": "string"
},
"namespace": {
"type": "string"
}
},
"preferredOrder": [
"name",
"namespace",
"labels",
"annotations"
],
"additionalProperties": false,
"description": "holds information we can use to create ObjectMeta for service accounts",
"x-intellij-html-description": "holds information we can use to create ObjectMeta for service accounts"
},
"ClusterIAMServiceAccount": {
"properties": {
"attachPolicy": {
"$ref": "#/definitions/InlineDocument",
"description": "holds a policy document to attach to this service account",
"x-intellij-html-description": "holds a policy document to attach to this service account"
},
"attachPolicyARNs": {
"items": {
"type": "string"
},
"type": "array",
"description": "list of ARNs of the IAM policies to attach",
"x-intellij-html-description": "list of ARNs of the IAM policies to attach"
},
"attachRoleARN": {
"type": "string",
"description": "ARN of the role to attach to the service account",
"x-intellij-html-description": "ARN of the role to attach to the service account"
},
"metadata": {
"$ref": "#/definitions/ClusterIAMMeta"
},
"permissionsBoundary": {
"type": "string",
"description": "ARN of the permissions boundary to associate with the service account",
"x-intellij-html-description": "ARN of the permissions boundary to associate with the service account"
},
"roleName": {
"type": "string",
"description": "Specific role name instead of the Cloudformation-generated role name",
"x-intellij-html-description": "Specific role name instead of the Cloudformation-generated role name"
},
"roleOnly": {
"type": "boolean",
"description": "Specify if only the IAM Service Account role should be created without creating/annotating the service account",
"x-intellij-html-description": "Specify if only the IAM Service Account role should be created without creating/annotating the service account"
},
"status": {
"$ref": "#/definitions/ClusterIAMServiceAccountStatus"
},
"tags": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"description": "AWS tags for the service account",
"x-intellij-html-description": "AWS tags for the service account",
"default": "{}"
},
"wellKnownPolicies": {
"$ref": "#/definitions/WellKnownPolicies"
}
},
"preferredOrder": [
"metadata",
"attachPolicyARNs",
"wellKnownPolicies",
"attachPolicy",
"attachRoleARN",
"permissionsBoundary",
"status",
"roleName",
"roleOnly",
"tags"
],
"additionalProperties": false,
"description": "holds an IAM service account metadata and configuration",
"x-intellij-html-description": "holds an IAM service account metadata and configuration"
},
"ClusterIAMServiceAccountStatus": {
"properties": {
"roleARN": {
"type": "string"
}
},
"preferredOrder": [
"roleARN"
],
"additionalProperties": false,
"description": "holds status of the IAM service account",
"x-intellij-html-description": "holds status of the IAM service account"
},
"ClusterMeta": {
"required": [
"name",
"region"
],
"properties": {
"annotations": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"description": "arbitrary metadata ignored by `eksctl`.",
"x-intellij-html-description": "arbitrary metadata ignored by <code>eksctl</code>.",
"default": "{}"
},
"name": {
"type": "string",
"description": "of the cluster",
"x-intellij-html-description": "of the cluster"
},
"region": {
"type": "string",
"description": "the AWS region hosting this cluster",
"x-intellij-html-description": "the AWS region hosting this cluster"
},
"tags": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"description": "used to tag AWS resources created by eksctl",
"x-intellij-html-description": "used to tag AWS resources created by eksctl",
"default": "{}"
},
"version": {
"type": "string",
"description": "Valid variants are: `\"1.16\"`, `\"1.17\"`, `\"1.18\"`, `\"1.19\"`, `\"1.20\"` (default), `\"1.21\"`.",
"x-intellij-html-description": "Valid variants are: <code>&quot;1.16&quot;</code>, <code>&quot;1.17&quot;</code>, <code>&quot;1.18&quot;</code>, <code>&quot;1.19&quot;</code>, <code>&quot;1.20&quot;</code> (default), <code>&quot;1.21&quot;</code>.",
"default": "1.20",
"enum": [
"1.16",
"1.17",
"1.18",
"1.19",
"1.20",
"1.21"
]
}
},
"preferredOrder": [
"name",
"region",
"version",
"tags",
"annotations"
],
"additionalProperties": false,
"description": "contains general cluster information",
"x-intellij-html-description": "contains general cluster information"
},
"ClusterNAT": {
"properties": {
"gateway": {
"type": "string",
"description": "Valid variants are: `\"HighlyAvailable\"` configures a highly available NAT gateway, `\"Single\"` configures a single NAT gateway (default), `\"Disable\"` disables NAT.",
"x-intellij-html-description": "Valid variants are: <code>&quot;HighlyAvailable&quot;</code> configures a highly available NAT gateway, <code>&quot;Single&quot;</code> configures a single NAT gateway (default), <code>&quot;Disable&quot;</code> disables NAT.",
"default": "Single",
"enum": [
"HighlyAvailable",
"Single",
"Disable"
]
}
},
"preferredOrder": [
"gateway"
],
"additionalProperties": false,
"description": "NAT config",
"x-intellij-html-description": "NAT config"
},
"ClusterSubnets": {
"properties": {
"private": {
"$ref": "#/definitions/AZSubnetMapping"
},
"public": {
"$ref": "#/definitions/AZSubnetMapping"
}
},
"preferredOrder": [
"private",
"public"
],
"additionalProperties": false,
"description": "holds private and public subnets",
"x-intellij-html-description": "holds private and public subnets"
},
"ClusterVPC": {
"properties": {
"autoAllocateIPv6": {
"type": "boolean",
"description": "AutoAllocateIPV6 requests an IPv6 CIDR block with /56 prefix for the VPC",
"x-intellij-html-description": "AutoAllocateIPV6 requests an IPv6 CIDR block with /56 prefix for the VPC"
},
"cidr": {
"$ref": "#/definitions/github.com|weaveworks|eksctl|pkg|utils|ipnet.IPNet"
},
"clusterEndpoints": {
"$ref": "#/definitions/ClusterEndpoints",
"description": "See [managing access to API](/usage/vpc-networking/#managing-access-to-the-kubernetes-api-server-endpoints)",
"x-intellij-html-description": "See <a href=\"/usage/vpc-networking/#managing-access-to-the-kubernetes-api-server-endpoints\">managing access to API</a>"
},
"extraCIDRs": {
"items": {
"type": "string"
},
"type": "array",
"description": "for additional CIDR associations, e.g. a CIDR for private subnets or any ad-hoc subnets",
"x-intellij-html-description": "for additional CIDR associations, e.g. a CIDR for private subnets or any ad-hoc subnets"
},
"id": {
"type": "string"
},
"manageSharedNodeSecurityGroupRules": {
"type": "boolean",
"description": "Automatically add security group rules to and from the default cluster security group and the shared node security group. This allows unmanaged nodes to communicate with the control plane and managed nodes. This option cannot be disabled when using eksctl created security groups.",
"x-intellij-html-description": "Automatically add security group rules to and from the default cluster security group and the shared node security group. This allows unmanaged nodes to communicate with the control plane and managed nodes. This option cannot be disabled when using eksctl created security groups.",
"default": true
},
"nat": {
"$ref": "#/definitions/ClusterNAT"
},
"publicAccessCIDRs": {
"items": {
"type": "string"
},
"type": "array",
"description": "which CIDR blocks to allow access to public k8s API endpoint",
"x-intellij-html-description": "which CIDR blocks to allow access to public k8s API endpoint"
},
"securityGroup": {
"type": "string",
"description": "(aka the ControlPlaneSecurityGroup) for communication between control plane and nodes",
"x-intellij-html-description": "(aka the ControlPlaneSecurityGroup) for communication between control plane and nodes"
},
"sharedNodeSecurityGroup": {
"type": "string",
"description": "for pre-defined shared node SG",
"x-intellij-html-description": "for pre-defined shared node SG"
},
"subnets": {
"$ref": "#/definitions/ClusterSubnets",
"description": "keyed by AZ for convenience. See [this example](/examples/reusing-iam-and-vpc/) as well as [using existing VPCs](/usage/vpc-networking/#use-existing-vpc-other-custom-configuration).",
"x-intellij-html-description": "keyed by AZ for convenience. See <a href=\"/examples/reusing-iam-and-vpc/\">this example</a> as well as <a href=\"/usage/vpc-networking/#use-existing-vpc-other-custom-configuration\">using existing VPCs</a>."
}
},
"preferredOrder": [
"id",
"cidr",
"securityGroup",
"subnets",
"extraCIDRs",
"sharedNodeSecurityGroup",
"manageSharedNodeSecurityGroupRules",
"autoAllocateIPv6",
"nat",
"clusterEndpoints",
"publicAccessCIDRs"
],
"additionalProperties": false,
"description": "holds global subnet and all child subnets",
"x-intellij-html-description": "holds global subnet and all child subnets"
},
"FargateProfile": {
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"description": "of the Fargate profile.",
"x-intellij-html-description": "of the Fargate profile."
},
"podExecutionRoleARN": {
"type": "string",
"description": "IAM role's ARN to use to run pods onto Fargate.",
"x-intellij-html-description": "IAM role's ARN to use to run pods onto Fargate."
},
"selectors": {
"items": {
"$ref": "#/definitions/FargateProfileSelector"
},
"type": "array",
"description": "define the rules to select workload to schedule onto Fargate.",
"x-intellij-html-description": "define the rules to select workload to schedule onto Fargate."
},
"status": {
"type": "string",
"description": "The current status of the Fargate profile.",
"x-intellij-html-description": "The current status of the Fargate profile."
},
"subnets": {
"items": {
"type": "string"
},
"type": "array",
"description": "which Fargate should use to do network placement of the selected workload. If none provided, all subnets for the cluster will be used.",
"x-intellij-html-description": "which Fargate should use to do network placement of the selected workload. If none provided, all subnets for the cluster will be used."
},
"tags": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"description": "Used to tag the AWS resources",
"x-intellij-html-description": "Used to tag the AWS resources",
"default": "{}"
}
},
"preferredOrder": [
"name",
"podExecutionRoleARN",
"selectors",
"subnets",
"tags",
"status"
],
"additionalProperties": false,
"description": "defines the settings used to schedule workload onto Fargate.",
"x-intellij-html-description": "defines the settings used to schedule workload onto Fargate."
},
"FargateProfileSelector": {
"required": [
"namespace"
],
"properties": {
"labels": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"description": "Kubernetes label selectors to use to select workload.",
"x-intellij-html-description": "Kubernetes label selectors to use to select workload.",
"default": "{}"
},
"namespace": {
"type": "string",
"description": "Kubernetes namespace from which to select workload.",
"x-intellij-html-description": "Kubernetes namespace from which to select workload."
}
},
"preferredOrder": [
"namespace",
"labels"
],
"additionalProperties": false,
"description": "defines rules to select workload to schedule onto Fargate.",
"x-intellij-html-description": "defines rules to select workload to schedule onto Fargate."
},
"Flux": {
"properties": {
"flags": {
"$ref": "#/definitions/FluxFlags",
"description": "an arbitrary map of string to string to pass any flags to Flux bootstrap via eksctl see https://fluxcd.io/docs/ for information on all flags",
"x-intellij-html-description": "an arbitrary map of string to string to pass any flags to Flux bootstrap via eksctl see https://fluxcd.io/docs/ for information on all flags"
},
"gitProvider": {
"type": "string",
"description": "The repository hosting service. Can be either Github or Gitlab.",
"x-intellij-html-description": "The repository hosting service. Can be either Github or Gitlab."
}
},
"preferredOrder": [
"gitProvider",
"flags"
],
"additionalProperties": false,
"description": "groups all configuration options related to a Git repository used for GitOps Toolkit (Flux v2).",
"x-intellij-html-description": "groups all configuration options related to a Git repository used for GitOps Toolkit (Flux v2)."
},
"FluxFlags": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"description": "a map of string for passing arbitrary flags to Flux bootstrap",
"x-intellij-html-description": "a map of string for passing arbitrary flags to Flux bootstrap",
"default": "{}"
},
"Git": {
"properties": {
"bootstrapProfile": {
"$ref": "#/definitions/Profile",
"description": "[Installing a Quickstart profile](/usage/gitops/#installing-a-quickstart-profile-in-your-cluster)",
"x-intellij-html-description": "<a href=\"/usage/gitops/#installing-a-quickstart-profile-in-your-cluster\">Installing a Quickstart profile</a>"
},
"operator": {
"$ref": "#/definitions/Operator",
"description": "[Enable Repo](/usage/gitops/#installing-flux-v1)",
"x-intellij-html-description": "<a href=\"/usage/gitops/#installing-flux-v1\">Enable Repo</a>"
},
"repo": {
"$ref": "#/definitions/Repo",
"description": "[Enable Repo](/usage/gitops/#installing-flux-v1)",
"x-intellij-html-description": "<a href=\"/usage/gitops/#installing-flux-v1\">Enable Repo</a>"
}
},
"preferredOrder": [
"repo",
"operator",
"bootstrapProfile"
],
"additionalProperties": false,
"description": "groups all configuration options related to enabling GitOps on a cluster and linking it to a Git repository. [Gitops Guide](/gitops-quickstart/)",
"x-intellij-html-description": "groups all configuration options related to enabling GitOps on a cluster and linking it to a Git repository. <a href=\"/gitops-quickstart/\">Gitops Guide</a>"
},
"GitOps": {
"properties": {
"flux": {
"$ref": "#/definitions/Flux",
"description": "[Enable Flux](/usage/gitops/#experimental-installing-gitops-toolkit-flux-v2)",
"x-intellij-html-description": "<a href=\"/usage/gitops/#experimental-installing-gitops-toolkit-flux-v2\">Enable Flux</a>"
}
},
"preferredOrder": [
"flux"
],
"additionalProperties": false,
"description": "groups all configuration options related to enabling GitOps Toolkit on a cluster and linking it to a Git repository. Note: this will replace the older Git types",
"x-intellij-html-description": "groups all configuration options related to enabling GitOps Toolkit on a cluster and linking it to a Git repository. Note: this will replace the older Git types"
},
"IdentityProvider": {
"required": [
"type"
],
"properties": {
"type": {
"type": "string",
"description": "Valid variants are: `\"oidc\"`: OIDC identity provider",
"x-intellij-html-description": "Valid variants are: <code>&quot;oidc&quot;</code>: OIDC identity provider",
"enum": [
"oidc"
]
}
},
"preferredOrder": [
"type"
],
"oneOf": [
{
"$ref": "#/definitions/OIDCIdentityProvider"
}
],
"description": "holds an identity provider configuration. See [the example eksctl config](https://github.com/weaveworks/eksctl/blob/main/examples/27-oidc-provider.yaml).",
"x-intellij-html-description": "holds an identity provider configuration. See <a href=\"https://github.com/weaveworks/eksctl/blob/main/examples/27-oidc-provider.yaml\">the example eksctl config</a>."
},
"InlineDocument": {
"additionalProperties": {},
"type": "object",
"description": "holds any arbitrary JSON/YAML documents, such as extra config parameters or IAM policies",
"x-intellij-html-description": "holds any arbitrary JSON/YAML documents, such as extra config parameters or IAM policies",
"default": "{}"
},
"InstanceSelector": {
"properties": {
"cpuArchitecture": {
"type": "string",
"description": "CPU Architecture of the EC2 instance type. Valid variants are: `\"x86_64\"` `\"amd64\"` `\"arm64\"`",
"x-intellij-html-description": "CPU Architecture of the EC2 instance type. Valid variants are: <code>&quot;x86_64&quot;</code> <code>&quot;amd64&quot;</code> <code>&quot;arm64&quot;</code>",
"enum": [
"x86_64",
"amd64",
"arm64"
]
},
"gpus": {
"type": "integer",
"description": "specifies the number of GPUs",
"x-intellij-html-description": "specifies the number of GPUs"
},
"memory": {
"type": "string",
"description": "specifies the memory The unit defaults to GiB",
"x-intellij-html-description": "specifies the memory The unit defaults to GiB"
},
"vCPUs": {
"type": "integer",
"description": "specifies the number of vCPUs",
"x-intellij-html-description": "specifies the number of vCPUs"
}
},
"preferredOrder": [
"vCPUs",
"memory",
"gpus",
"cpuArchitecture"
],
"additionalProperties": false,
"description": "holds EC2 instance selector options",
"x-intellij-html-description": "holds EC2 instance selector options"
},
"KubernetesNetworkConfig": {
"properties": {
"serviceIPv4CIDR": {
"type": "string",
"description": "CIDR range from where `ClusterIP`s are assigned",
"x-intellij-html-description": "CIDR range from where <code>ClusterIP</code>s are assigned"
}
},
"preferredOrder": [
"serviceIPv4CIDR"
],
"additionalProperties": false,
"description": "contains cluster networking options",
"x-intellij-html-description": "contains cluster networking options"
},
"LaunchTemplate": {
"required": [
"id"
],
"properties": {
"id": {
"type": "string",
"description": "Launch template ID",
"x-intellij-html-description": "Launch template ID"
},
"version": {
"type": "string",
"description": "Launch template version Defaults to the default launch template version TODO support $Default, $Latest",
"x-intellij-html-description": "Launch template version Defaults to the default launch template version TODO support $Default, $Latest"
}
},
"preferredOrder": [
"id",
"version"
],
"additionalProperties": false
},
"ManagedNodeGroup": {
"required": [
"name"
],
"properties": {
"ami": {
"type": "string",
"description": "Specify [custom AMIs](/usage/custom-ami-support/), `auto-ssm`, `auto`, or `static`",
"x-intellij-html-description": "Specify <a href=\"/usage/custom-ami-support/\">custom AMIs</a>, <code>auto-ssm</code>, <code>auto</code>, or <code>static</code>"
},
"amiFamily": {
"type": "string",
"description": "Valid variants are: `\"AmazonLinux2\"` (default), `\"Ubuntu2004\"`, `\"Ubuntu1804\"`, `\"Bottlerocket\"`, `\"WindowsServer2019CoreContainer\"`, `\"WindowsServer2019FullContainer\"`, `\"WindowsServer2004CoreContainer\"`.",
"x-intellij-html-description": "Valid variants are: <code>&quot;AmazonLinux2&quot;</code> (default), <code>&quot;Ubuntu2004&quot;</code>, <code>&quot;Ubuntu1804&quot;</code>, <code>&quot;Bottlerocket&quot;</code>, <code>&quot;WindowsServer2019CoreContainer&quot;</code>, <code>&quot;WindowsServer2019FullContainer&quot;</code>, <code>&quot;WindowsServer2004CoreContainer&quot;</code>.",
"default": "AmazonLinux2",
"enum": [
"AmazonLinux2",
"Ubuntu2004",
"Ubuntu1804",
"Bottlerocket",
"WindowsServer2019CoreContainer",
"WindowsServer2019FullContainer",
"WindowsServer2004CoreContainer"
]
},
"asgSuspendProcesses": {
"items": {
"type": "string"
},
"type": "array",
"description": "See [relevant AWS docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-rollingupdate-suspendprocesses)",
"x-intellij-html-description": "See <a href=\"https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-rollingupdate-suspendprocesses\">relevant AWS docs</a>"
},
"availabilityZones": {
"items": {
"type": "string"
},
"type": "array",
"description": "Limit [nodes to specific AZs](/usage/autoscaling/#zone-aware-auto-scaling)",
"x-intellij-html-description": "Limit <a href=\"/usage/autoscaling/#zone-aware-auto-scaling\">nodes to specific AZs</a>"
},
"bottlerocket": {
"$ref": "#/definitions/NodeGroupBottlerocket",
"description": "specifies settings for Bottlerocket nodes",
"x-intellij-html-description": "specifies settings for Bottlerocket nodes"
},
"desiredCapacity": {
"type": "integer"
},
"disableIMDSv1": {
"type": "boolean",
"description": "requires requests to the metadata service to use IMDSv2 tokens",
"x-intellij-html-description": "requires requests to the metadata service to use IMDSv2 tokens",
"default": false
},
"disablePodIMDS": {
"type": "boolean",
"description": "blocks all IMDS requests from non host networking pods",
"x-intellij-html-description": "blocks all IMDS requests from non host networking pods",
"default": false
},
"ebsOptimized": {
"type": "boolean",
"description": "enables [EBS optimization](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html)",
"x-intellij-html-description": "enables <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html\">EBS optimization</a>"
},
"efaEnabled": {
"type": "boolean",
"description": "creates the maximum allowed number of EFA-enabled network cards on nodes in this group.",
"x-intellij-html-description": "creates the maximum allowed number of EFA-enabled network cards on nodes in this group."
},
"iam": {
"$ref": "#/definitions/NodeGroupIAM"
},
"instanceName": {
"type": "string"
},
"instancePrefix": {
"type": "string"
},
"instanceSelector": {
"$ref": "#/definitions/InstanceSelector",
"description": "specifies options for EC2 instance selector",
"x-intellij-html-description": "specifies options for EC2 instance selector"
},
"instanceType": {
"type": "string"
},
"instanceTypes": {
"items": {
"type": "string"
},
"type": "array",
"description": "specifies a list of instance types",
"x-intellij-html-description": "specifies a list of instance types"
},
"labels": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"default": "{}"
},
"launchTemplate": {
"$ref": "#/definitions/LaunchTemplate",
"description": "specifies an existing launch template to use for the nodegroup",
"x-intellij-html-description": "specifies an existing launch template to use for the nodegroup"
},
"maxPodsPerNode": {
"type": "integer"
},
"maxSize": {
"type": "integer"
},
"minSize": {
"type": "integer"
},
"name": {
"type": "string"
},
"overrideBootstrapCommand": {
"type": "string",
"description": "Override `eksctl`'s bootstrapping script",
"x-intellij-html-description": "Override <code>eksctl</code>'s bootstrapping script"
},
"placement": {
"$ref": "#/definitions/Placement",
"description": "specifies the placement group in which nodes should be spawned",
"x-intellij-html-description": "specifies the placement group in which nodes should be spawned"
},
"preBootstrapCommands": {
"items": {
"type": "string"
},
"type": "array",
"description": "executed before bootstrapping instances to the cluster",
"x-intellij-html-description": "executed before bootstrapping instances to the cluster"
},
"privateNetworking": {
"type": "boolean",
"description": "Enable [private networking](/usage/vpc-networking/#use-private-subnets-for-initial-nodegroup) for nodegroup",
"x-intellij-html-description": "Enable <a href=\"/usage/vpc-networking/#use-private-subnets-for-initial-nodegroup\">private networking</a> for nodegroup",
"default": "false"
},
"releaseVersion": {
"type": "string",
"description": "the AMI version of the EKS optimized AMI to use",
"x-intellij-html-description": "the AMI version of the EKS optimized AMI to use"
},
"securityGroups": {
"$ref": "#/definitions/NodeGroupSGs"
},
"spot": {
"type": "boolean",
"description": "creates a spot nodegroup",
"x-intellij-html-description": "creates a spot nodegroup",
"default": "false"
},
"ssh": {
"$ref": "#/definitions/NodeGroupSSH",
"description": "configures ssh access for this nodegroup",
"x-intellij-html-description": "configures ssh access for this nodegroup"
},
"subnets": {
"items": {
"type": "string"
},
"type": "array",
"description": "Limit nodes to specific subnets",
"x-intellij-html-description": "Limit nodes to specific subnets"
},
"tags": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"description": "Applied to the Autoscaling Group and to the EC2 instances (unmanaged), Applied to the EKS Nodegroup resource and to the EC2 instances (managed)",
"x-intellij-html-description": "Applied to the Autoscaling Group and to the EC2 instances (unmanaged), Applied to the EKS Nodegroup resource and to the EC2 instances (managed)",
"default": "{}"
},
"taints": {
"items": {
"$ref": "#/definitions/NodeGroupTaint"
},
"type": "array",
"description": "taints to apply to the nodegroup",
"x-intellij-html-description": "taints to apply to the nodegroup"
},
"updateConfig": {
"$ref": "#/definitions/NodeGroupUpdateConfig",
"description": "configures how to update NodeGroups.",
"x-intellij-html-description": "configures how to update NodeGroups."
},
"volumeEncrypted": {
"type": "boolean"
},
"volumeIOPS": {
"type": "integer"
},
"volumeKmsKeyID": {
"type": "string"
},
"volumeName": {
"type": "string"
},
"volumeSize": {
"type": "integer",
"description": "gigabytes",
"x-intellij-html-description": "gigabytes",
"default": 80
},
"volumeThroughput": {
"type": "integer"
},
"volumeType": {
"type": "string",
"description": "Valid variants are: `\"gp2\"` is General Purpose SSD, `\"gp3\"` is General Purpose SSD which can be optimised for high throughput (default), `\"io1\"` is Provisioned IOPS SSD, `\"sc1\"` is Cold HDD, `\"st1\"` is Throughput Optimized HDD.",
"x-intellij-html-description": "Valid variants are: <code>&quot;gp2&quot;</code> is General Purpose SSD, <code>&quot;gp3&quot;</code> is General Purpose SSD which can be optimised for high throughput (default), <code>&quot;io1&quot;</code> is Provisioned IOPS SSD, <code>&quot;sc1&quot;</code> is Cold HDD, <code>&quot;st1&quot;</code> is Throughput Optimized HDD.",
"default": "gp3",
"enum": [
"gp2",
"gp3",
"io1",
"sc1",
"st1"
]
}
},
"preferredOrder": [
"name",
"amiFamily",
"instanceType",
"availabilityZones",
"subnets",
"instancePrefix",
"instanceName",
"desiredCapacity",
"minSize",
"maxSize",
"volumeSize",
"ssh",
"labels",
"privateNetworking",
"tags",
"iam",
"ami",
"securityGroups",
"maxPodsPerNode",
"asgSuspendProcesses",
"ebsOptimized",
"volumeType",
"volumeName",
"volumeEncrypted",
"volumeKmsKeyID",
"volumeIOPS",
"volumeThroughput",
"preBootstrapCommands",
"overrideBootstrapCommand",
"disableIMDSv1",
"disablePodIMDS",
"placement",
"efaEnabled",
"instanceSelector",
"bottlerocket",
"instanceTypes",
"spot",
"taints",
"updateConfig",
"launchTemplate",
"releaseVersion"
],
"additionalProperties": false,
"description": "represents an EKS-managed nodegroup TODO Validate for unmapped fields and throw an error",
"x-intellij-html-description": "represents an EKS-managed nodegroup TODO Validate for unmapped fields and throw an error"
},
"MetricsCollection": {
"required": [
"granularity"
],
"properties": {
"granularity": {
"type": "string"
},
"metrics": {
"items": {
"type": "string"
},
"type": "array"
}
},
"preferredOrder": [
"granularity",
"metrics"
],
"additionalProperties": false,
"description": "used by the scaling config, see [cloudformation docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-metricscollection.html)",
"x-intellij-html-description": "used by the scaling config, see <a href=\"https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-metricscollection.html\">cloudformation docs</a>"
},
"NodeGroup": {
"required": [
"name"
],
"properties": {
"ami": {
"type": "string",
"description": "Specify [custom AMIs](/usage/custom-ami-support/), `auto-ssm`, `auto`, or `static`",
"x-intellij-html-description": "Specify <a href=\"/usage/custom-ami-support/\">custom AMIs</a>, <code>auto-ssm</code>, <code>auto</code>, or <code>static</code>"
},
"amiFamily": {
"type": "string",
"description": "Valid variants are: `\"AmazonLinux2\"` (default), `\"Ubuntu2004\"`, `\"Ubuntu1804\"`, `\"Bottlerocket\"`, `\"WindowsServer2019CoreContainer\"`, `\"WindowsServer2019FullContainer\"`, `\"WindowsServer2004CoreContainer\"`.",
"x-intellij-html-description": "Valid variants are: <code>&quot;AmazonLinux2&quot;</code> (default), <code>&quot;Ubuntu2004&quot;</code>, <code>&quot;Ubuntu1804&quot;</code>, <code>&quot;Bottlerocket&quot;</code>, <code>&quot;WindowsServer2019CoreContainer&quot;</code>, <code>&quot;WindowsServer2019FullContainer&quot;</code>, <code>&quot;WindowsServer2004CoreContainer&quot;</code>.",
"default": "AmazonLinux2",
"enum": [
"AmazonLinux2",
"Ubuntu2004",
"Ubuntu1804",
"Bottlerocket",
"WindowsServer2019CoreContainer",
"WindowsServer2019FullContainer",
"WindowsServer2004CoreContainer"
]
},
"asgMetricsCollection": {
"items": {
"$ref": "#/definitions/MetricsCollection"
},
"type": "array"
},
"asgSuspendProcesses": {
"items": {
"type": "string"
},
"type": "array",
"description": "See [relevant AWS docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-rollingupdate-suspendprocesses)",
"x-intellij-html-description": "See <a href=\"https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-rollingupdate-suspendprocesses\">relevant AWS docs</a>"
},
"availabilityZones": {
"items": {
"type": "string"
},
"type": "array",
"description": "Limit [nodes to specific AZs](/usage/autoscaling/#zone-aware-auto-scaling)",
"x-intellij-html-description": "Limit <a href=\"/usage/autoscaling/#zone-aware-auto-scaling\">nodes to specific AZs</a>"
},
"bottlerocket": {
"$ref": "#/definitions/NodeGroupBottlerocket",
"description": "specifies settings for Bottlerocket nodes",
"x-intellij-html-description": "specifies settings for Bottlerocket nodes"
},
"classicLoadBalancerNames": {
"items": {
"type": "string"
},
"type": "array",
"description": "Associate load balancers with auto scaling group",
"x-intellij-html-description": "Associate load balancers with auto scaling group"
},
"clusterDNS": {
"type": "string",
"description": "[Custom address](/usage/vpc-networking/#custom-cluster-dns-address) used for DNS lookups",
"x-intellij-html-description": "<a href=\"/usage/vpc-networking/#custom-cluster-dns-address\">Custom address</a> used for DNS lookups"
},
"cpuCredits": {
"type": "string",
"description": "configures [T3 Unlimited](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode.html), valid only for T-type instances",
"x-intellij-html-description": "configures <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode.html\">T3 Unlimited</a>, valid only for T-type instances"
},
"desiredCapacity": {
"type": "integer"
},
"disableIMDSv1": {
"type": "boolean",
"description": "requires requests to the metadata service to use IMDSv2 tokens",
"x-intellij-html-description": "requires requests to the metadata service to use IMDSv2 tokens",
"default": false
},
"disablePodIMDS": {
"type": "boolean",
"description": "blocks all IMDS requests from non host networking pods",
"x-intellij-html-description": "blocks all IMDS requests from non host networking pods",
"default": false
},
"ebsOptimized": {
"type": "boolean",
"description": "enables [EBS optimization](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html)",
"x-intellij-html-description": "enables <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html\">EBS optimization</a>"
},
"efaEnabled": {
"type": "boolean",
"description": "creates the maximum allowed number of EFA-enabled network cards on nodes in this group.",
"x-intellij-html-description": "creates the maximum allowed number of EFA-enabled network cards on nodes in this group."
},
"iam": {
"$ref": "#/definitions/NodeGroupIAM"
},
"instanceName": {
"type": "string"
},
"instancePrefix": {
"type": "string"
},
"instanceSelector": {
"$ref": "#/definitions/InstanceSelector",
"description": "specifies options for EC2 instance selector",
"x-intellij-html-description": "specifies options for EC2 instance selector"
},
"instanceType": {
"type": "string"
},
"instancesDistribution": {
"$ref": "#/definitions/NodeGroupInstancesDistribution"
},
"kubeletExtraConfig": {
"$ref": "#/definitions/InlineDocument",
"description": "[Customize `kubelet` config](/usage/customizing-the-kubelet/)",
"x-intellij-html-description": "<a href=\"/usage/customizing-the-kubelet/\">Customize <code>kubelet</code> config</a>"
},
"labels": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"default": "{}"
},
"maxPodsPerNode": {
"type": "integer"
},
"maxSize": {
"type": "integer"
},
"minSize": {
"type": "integer"
},
"name": {
"type": "string"
},
"overrideBootstrapCommand": {
"type": "string",
"description": "Override `eksctl`'s bootstrapping script",
"x-intellij-html-description": "Override <code>eksctl</code>'s bootstrapping script"
},
"placement": {
"$ref": "#/definitions/Placement",
"description": "specifies the placement group in which nodes should be spawned",
"x-intellij-html-description": "specifies the placement group in which nodes should be spawned"
},
"preBootstrapCommands": {
"items": {
"type": "string"
},
"type": "array",
"description": "executed before bootstrapping instances to the cluster",
"x-intellij-html-description": "executed before bootstrapping instances to the cluster"
},
"privateNetworking": {
"type": "boolean",
"description": "Enable [private networking](/usage/vpc-networking/#use-private-subnets-for-initial-nodegroup) for nodegroup",
"x-intellij-html-description": "Enable <a href=\"/usage/vpc-networking/#use-private-subnets-for-initial-nodegroup\">private networking</a> for nodegroup",
"default": "false"
},
"securityGroups": {
"$ref": "#/definitions/NodeGroupSGs"
},
"ssh": {
"$ref": "#/definitions/NodeGroupSSH",
"description": "configures ssh access for this nodegroup",
"x-intellij-html-description": "configures ssh access for this nodegroup"
},
"subnets": {
"items": {
"type": "string"
},
"type": "array",
"description": "Limit nodes to specific subnets",
"x-intellij-html-description": "Limit nodes to specific subnets"
},
"tags": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"description": "Applied to the Autoscaling Group and to the EC2 instances (unmanaged), Applied to the EKS Nodegroup resource and to the EC2 instances (managed)",
"x-intellij-html-description": "Applied to the Autoscaling Group and to the EC2 instances (unmanaged), Applied to the EKS Nodegroup resource and to the EC2 instances (managed)",
"default": "{}"
},
"taints": {
"$ref": "#/definitions/taintsWrapper",
"description": "taints to apply to the nodegroup",
"x-intellij-html-description": "taints to apply to the nodegroup"
},
"targetGroupARNs": {
"items": {
"type": "string"
},
"type": "array",
"description": "Associate target group with auto scaling group",
"x-intellij-html-description": "Associate target group with auto scaling group"
},
"updateConfig": {
"$ref": "#/definitions/NodeGroupUpdateConfig",
"description": "configures how to update NodeGroups.",
"x-intellij-html-description": "configures how to update NodeGroups."
},
"volumeEncrypted": {
"type": "boolean"
},
"volumeIOPS": {
"type": "integer"
},
"volumeKmsKeyID": {
"type": "string"
},
"volumeName": {
"type": "string"
},
"volumeSize": {
"type": "integer",
"description": "gigabytes",
"x-intellij-html-description": "gigabytes",
"default": 80
},
"volumeThroughput": {
"type": "integer"
},
"volumeType": {
"type": "string",
"description": "Valid variants are: `\"gp2\"` is General Purpose SSD, `\"gp3\"` is General Purpose SSD which can be optimised for high throughput (default), `\"io1\"` is Provisioned IOPS SSD, `\"sc1\"` is Cold HDD, `\"st1\"` is Throughput Optimized HDD.",
"x-intellij-html-description": "Valid variants are: <code>&quot;gp2&quot;</code> is General Purpose SSD, <code>&quot;gp3&quot;</code> is General Purpose SSD which can be optimised for high throughput (default), <code>&quot;io1&quot;</code> is Provisioned IOPS SSD, <code>&quot;sc1&quot;</code> is Cold HDD, <code>&quot;st1&quot;</code> is Throughput Optimized HDD.",
"default": "gp3",
"enum": [
"gp2",
"gp3",
"io1",
"sc1",
"st1"
]
}
},
"preferredOrder": [
"name",
"amiFamily",
"instanceType",
"availabilityZones",
"subnets",
"instancePrefix",
"instanceName",
"desiredCapacity",
"minSize",
"maxSize",
"volumeSize",
"ssh",
"labels",
"privateNetworking",
"tags",
"iam",
"ami",
"securityGroups",
"maxPodsPerNode",
"asgSuspendProcesses",
"ebsOptimized",
"volumeType",
"volumeName",
"volumeEncrypted",
"volumeKmsKeyID",
"volumeIOPS",
"volumeThroughput",
"preBootstrapCommands",
"overrideBootstrapCommand",
"disableIMDSv1",
"disablePodIMDS",
"placement",
"efaEnabled",
"instanceSelector",
"bottlerocket",
"instancesDistribution",
"asgMetricsCollection",
"cpuCredits",
"classicLoadBalancerNames",
"targetGroupARNs",
"taints",
"updateConfig",
"clusterDNS",
"kubeletExtraConfig"
],
"additionalProperties": false,
"description": "holds configuration attributes that are specific to a nodegroup",
"x-intellij-html-description": "holds configuration attributes that are specific to a nodegroup"
},
"NodeGroupBottlerocket": {
"properties": {
"enableAdminContainer": {
"type": "boolean"
},
"settings": {
"$ref": "#/definitions/InlineDocument",
"description": "contains any [bottlerocket settings](https://github.com/bottlerocket-os/bottlerocket/#description-of-settings)",
"x-intellij-html-description": "contains any <a href=\"https://github.com/bottlerocket-os/bottlerocket/#description-of-settings\">bottlerocket settings</a>"
}
},
"preferredOrder": [
"enableAdminContainer",
"settings"
],
"additionalProperties": false,
"description": "holds the configuration for Bottlerocket based NodeGroups.",
"x-intellij-html-description": "holds the configuration for Bottlerocket based NodeGroups."
},
"NodeGroupIAM": {
"properties": {
"attachPolicyARNs": {
"items": {
"type": "string"
},
"type": "array"
},
"instanceProfileARN": {
"type": "string"
},
"instanceRoleARN": {
"type": "string"
},
"instanceRoleName": {
"type": "string"
},
"instanceRolePermissionsBoundary": {
"type": "string"
},
"withAddonPolicies": {
"$ref": "#/definitions/NodeGroupIAMAddonPolicies"
}
},
"preferredOrder": [
"attachPolicyARNs",
"instanceProfileARN",
"instanceRoleARN",
"instanceRoleName",
"instanceRolePermissionsBoundary",
"withAddonPolicies"
],
"additionalProperties": false,
"description": "holds all IAM attributes of a NodeGroup",
"x-intellij-html-description": "holds all IAM attributes of a NodeGroup"
},
"NodeGroupIAMAddonPolicies": {
"properties": {
"albIngress": {
"type": "boolean"
},
"appMesh": {
"type": "boolean",
"description": "enables full access to AppMesh",
"x-intellij-html-description": "enables full access to AppMesh"
},
"appMeshPreview": {
"type": "boolean",
"description": "enables full access to AppMesh Preview",
"x-intellij-html-description": "enables full access to AppMesh Preview"
},
"autoScaler": {
"type": "boolean",
"description": "enables IAM policy for cluster-autoscaler",
"x-intellij-html-description": "enables IAM policy for cluster-autoscaler"
},
"certManager": {
"type": "boolean",
"description": "enables the ability to add records to Route 53 in order to solve the DNS01 challenge. More information can be found [here](https://cert-manager.io/docs/configuration/acme/dns01/route53/#set-up-a-iam-role)",
"x-intellij-html-description": "enables the ability to add records to Route 53 in order to solve the DNS01 challenge. More information can be found <a href=\"https://cert-manager.io/docs/configuration/acme/dns01/route53/#set-up-a-iam-role\">here</a>"
},
"cloudWatch": {
"type": "boolean"
},
"ebs": {
"type": "boolean",
"description": "enables the new EBS CSI (Elastic Block Store Container Storage Interface) driver",
"x-intellij-html-description": "enables the new EBS CSI (Elastic Block Store Container Storage Interface) driver"
},
"efs": {
"type": "boolean"
},
"externalDNS": {
"type": "boolean",
"description": "adds the external-dns project policies for Amazon Route 53",
"x-intellij-html-description": "adds the external-dns project policies for Amazon Route 53"
},
"fsx": {
"type": "boolean"
},
"imageBuilder": {
"type": "boolean",
"description": "allows for full ECR (Elastic Container Registry) access. This is useful for building, for example, a CI server that needs to push images to ECR",
"x-intellij-html-description": "allows for full ECR (Elastic Container Registry) access. This is useful for building, for example, a CI server that needs to push images to ECR"
},
"xRay": {
"type": "boolean"
}
},
"preferredOrder": [
"imageBuilder",
"autoScaler",
"externalDNS",
"certManager",
"appMesh",
"appMeshPreview",
"ebs",
"fsx",
"efs",
"albIngress",
"xRay",
"cloudWatch"
],
"additionalProperties": false,
"description": "holds all IAM addon policies",
"x-intellij-html-description": "holds all IAM addon policies"
},
"NodeGroupInstancesDistribution": {
"required": [
"instanceTypes"
],
"properties": {
"capacityRebalance": {
"type": "boolean",
"description": "Enable [capacity rebalancing](https://docs.aws.amazon.com/autoscaling/ec2/userguide/capacity-rebalance.html) for spot instances",
"x-intellij-html-description": "Enable <a href=\"https://docs.aws.amazon.com/autoscaling/ec2/userguide/capacity-rebalance.html\">capacity rebalancing</a> for spot instances",
"default": "false"
},
"instanceTypes": {
"items": {
"type": "string"
},
"type": "array"
},
"maxPrice": {
"type": "number",
"default": "on demand price"
},
"onDemandBaseCapacity": {
"type": "integer",
"default": 0
},
"onDemandPercentageAboveBaseCapacity": {
"type": "integer",
"description": "Range [0-100]",
"x-intellij-html-description": "Range [0-100]",
"default": 100
},
"spotAllocationStrategy": {
"type": "string"
},
"spotInstancePools": {
"type": "integer",
"description": "Range [1-20]",
"x-intellij-html-description": "Range [1-20]",
"default": 2
}
},
"preferredOrder": [
"instanceTypes",
"maxPrice",
"onDemandBaseCapacity",
"onDemandPercentageAboveBaseCapacity",
"spotInstancePools",
"spotAllocationStrategy",
"capacityRebalance"
],
"additionalProperties": false,
"description": "holds the configuration for [spot instances](/usage/spot-instances/)",
"x-intellij-html-description": "holds the configuration for <a href=\"/usage/spot-instances/\">spot instances</a>"
},
"NodeGroupSGs": {
"properties": {
"attachIDs": {
"items": {
"type": "string"
},
"type": "array",
"description": "attaches additional security groups to the nodegroup",
"x-intellij-html-description": "attaches additional security groups to the nodegroup"
},
"withLocal": {
"type": "boolean",
"description": "attach a security group local to this nodegroup Not supported for managed nodegroups",
"x-intellij-html-description": "attach a security group local to this nodegroup Not supported for managed nodegroups",
"default": true
},
"withShared": {
"type": "boolean",
"description": "attach the security group shared among all nodegroups in the cluster",
"x-intellij-html-description": "attach the security group shared among all nodegroups in the cluster",
"default": true
}
},
"preferredOrder": [
"attachIDs",
"withShared",
"withLocal"
],
"additionalProperties": false,
"description": "controls security groups for this nodegroup",
"x-intellij-html-description": "controls security groups for this nodegroup"
},
"NodeGroupSSH": {
"properties": {
"allow": {
"type": "boolean",
"description": "If Allow is true the SSH configuration provided is used, otherwise it is ignored. Only one of PublicKeyPath, PublicKey and PublicKeyName can be configured",
"x-intellij-html-description": "If Allow is true the SSH configuration provided is used, otherwise it is ignored. Only one of PublicKeyPath, PublicKey and PublicKeyName can be configured"
},
"enableSsm": {
"type": "boolean",
"description": "Enables the ability to [SSH onto nodes using SSM](/introduction#ssh-access)",
"x-intellij-html-description": "Enables the ability to <a href=\"/introduction#ssh-access\">SSH onto nodes using SSM</a>"
},
"publicKey": {
"type": "string",
"description": "Public key to be added to the nodes SSH keychain. If Allow is false this value is ignored.",
"x-intellij-html-description": "Public key to be added to the nodes SSH keychain. If Allow is false this value is ignored."
},
"publicKeyName": {
"type": "string",
"description": "Public key name in EC2 to be added to the nodes SSH keychain. If Allow is false this value is ignored.",
"x-intellij-html-description": "Public key name in EC2 to be added to the nodes SSH keychain. If Allow is false this value is ignored."
},
"publicKeyPath": {
"type": "string",
"description": "The path to the SSH public key to be added to the nodes SSH keychain. If Allow is true this value defaults to \"~/.ssh/id_rsa.pub\", otherwise the value is ignored.",
"x-intellij-html-description": "The path to the SSH public key to be added to the nodes SSH keychain. If Allow is true this value defaults to &quot;~/.ssh/id_rsa.pub&quot;, otherwise the value is ignored."
},
"sourceSecurityGroupIds": {
"items": {
"type": "string"
},
"type": "array"
}
},
"preferredOrder": [
"allow",
"publicKeyPath",
"publicKey",
"publicKeyName",
"sourceSecurityGroupIds",
"enableSsm"
],
"additionalProperties": false,
"description": "holds all the ssh access configuration to a NodeGroup",
"x-intellij-html-description": "holds all the ssh access configuration to a NodeGroup"
},
"NodeGroupTaint": {
"properties": {
"effect": {
"$ref": "#/definitions/k8s.io|api|core|v1.TaintEffect"
},
"key": {
"type": "string"
},
"value": {
"type": "string"
}
},
"preferredOrder": [
"key",
"value",
"effect"
],
"additionalProperties": false,
"description": "represents a Kubernetes taint",
"x-intellij-html-description": "represents a Kubernetes taint"
},
"NodeGroupUpdateConfig": {
"properties": {
"maxUnavailable": {
"type": "integer",
"description": "sets the max number of nodes that can become unavailable when updating a nodegroup (specified as number)",
"x-intellij-html-description": "sets the max number of nodes that can become unavailable when updating a nodegroup (specified as number)"
},
"maxUnavailablePercentage": {
"type": "integer",
"description": "sets the max number of nodes that can become unavailable when updating a nodegroup (specified as percentage)",
"x-intellij-html-description": "sets the max number of nodes that can become unavailable when updating a nodegroup (specified as percentage)"
}
},
"preferredOrder": [
"maxUnavailable",
"maxUnavailablePercentage"
],
"additionalProperties": false,
"description": "contains the configuration for updating NodeGroups.",
"x-intellij-html-description": "contains the configuration for updating NodeGroups."
},
"OIDCIdentityProvider": {
"required": [
"name",
"issuerURL",
"clientID"
],
"properties": {
"clientID": {
"type": "string"
},
"groupsClaim": {
"type": "string"
},
"groupsPrefix": {
"type": "string"
},
"issuerURL": {
"type": "string"
},
"name": {
"type": "string"
},
"requiredClaims": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"default": "{}"
},
"tags": {
"additionalProperties": {
"type": "string"
},
"type": "object",
"default": "{}"
},
"usernameClaim": {
"type": "string"
},
"usernamePrefix": {
"type": "string"
}
},
"preferredOrder": [
"name",
"issuerURL",
"clientID",
"usernameClaim",
"usernamePrefix",
"groupsClaim",
"groupsPrefix",
"requiredClaims",
"tags"
],
"additionalProperties": false,
"description": "holds the spec of an OIDC provider to use for EKS authzn",
"x-intellij-html-description": "holds the spec of an OIDC provider to use for EKS authzn"
},
"Operator": {
"properties": {
"additionalFluxArgs": {
"items": {
"type": "string"
},
"type": "array",
"description": "Additional command line arguments for the Flux daemon",
"x-intellij-html-description": "Additional command line arguments for the Flux daemon"
},
"additionalHelmOperatorArgs": {
"items": {
"type": "string"
},
"type": "array",
"description": "Additional command line arguments for the Helm Operator",
"x-intellij-html-description": "Additional command line arguments for the Helm Operator"
},
"commitOperatorManifests": {
"type": "boolean",
"description": "Commit and push Flux manifests to the Git Repo on install",
"x-intellij-html-description": "Commit and push Flux manifests to the Git Repo on install"
},
"label": {
"type": "string",
"description": "Git label to keep track of Flux's sync progress; this is equivalent to overriding --git-sync-tag and --git-notes-ref in Flux",
"x-intellij-html-description": "Git label to keep track of Flux's sync progress; this is equivalent to overriding --git-sync-tag and --git-notes-ref in Flux"
},
"namespace": {
"type": "string",
"description": "Cluster namespace where to install Flux and the Helm Operator e.g. flux",
"x-intellij-html-description": "Cluster namespace where to install Flux and the Helm Operator e.g. flux"
},
"readOnly": {
"type": "boolean",
"description": "Instruct Flux to read-only mode and create the deploy key as read-only",
"x-intellij-html-description": "Instruct Flux to read-only mode and create the deploy key as read-only",
"default": "false"
},
"withHelm": {
"type": "boolean",
"description": "Install the Helm Operator",
"x-intellij-html-description": "Install the Helm Operator"
}
},
"preferredOrder": [
"commitOperatorManifests",
"label",
"namespace",
"withHelm",
"readOnly",
"additionalFluxArgs",
"additionalHelmOperatorArgs"
],
"additionalProperties": false,
"description": "groups all configuration options related to the operator used to keep the cluster and the Git repository in sync.",
"x-intellij-html-description": "groups all configuration options related to the operator used to keep the cluster and the Git repository in sync."
},
"Placement": {
"properties": {
"groupName": {
"type": "string"
}
},
"preferredOrder": [
"groupName"
],
"additionalProperties": false,
"description": "specifies placement group information",
"x-intellij-html-description": "specifies placement group information"
},
"PrivateCluster": {
"properties": {
"additionalEndpointServices": {
"items": {
"type": "string",
"enum": [
"cloudformation",
"autoscaling",
"logs"
]
},
"type": "array",
"description": "specifies additional endpoint services that must be enabled for private access. Valid entries are: `\"cloudformation\"`, `\"autoscaling\"`, `\"logs\"`.",
"x-intellij-html-description": "specifies additional endpoint services that must be enabled for private access. Valid entries are: <code>&quot;cloudformation&quot;</code>, <code>&quot;autoscaling&quot;</code>, <code>&quot;logs&quot;</code>."
},
"enabled": {
"type": "boolean",
"description": "enables creation of a fully-private cluster",
"x-intellij-html-description": "enables creation of a fully-private cluster",
"default": "false"
}
},
"preferredOrder": [
"enabled",
"additionalEndpointServices"
],
"additionalProperties": false,
"description": "defines the configuration for a fully-private cluster",
"x-intellij-html-description": "defines the configuration for a fully-private cluster"
},
"Profile": {
"properties": {
"outputPath": {
"type": "string",
"description": "Output directory for the processed profile templates (generate profile command)",
"x-intellij-html-description": "Output directory for the processed profile templates (generate profile command)",
"default": "./<quickstart-repo-name>"
},
"revision": {
"type": "string",
"description": "of the Quick Start profile. Can be a branch, tag or commit hash",
"x-intellij-html-description": "of the Quick Start profile. Can be a branch, tag or commit hash"
},
"source": {
"type": "string",
"description": "Name or URL of the Quick Start profile",
"x-intellij-html-description": "Name or URL of the Quick Start profile",
"examples": [
"app-dev"
]
}
},
"preferredOrder": [
"source",
"revision",
"outputPath"
],
"additionalProperties": false,
"description": "groups all details on a quickstart profile to enable on the cluster and add to the Git repository.",
"x-intellij-html-description": "groups all details on a quickstart profile to enable on the cluster and add to the Git repository."
},
"Repo": {
"properties": {
"branch": {
"type": "string",
"description": "The git branch under which cluster configuration files will be committed & pushed, e.g. master",
"x-intellij-html-description": "The git branch under which cluster configuration files will be committed &amp; pushed, e.g. master"
},
"email": {
"type": "string",
"description": "Git email which will be used to commit changes",
"x-intellij-html-description": "Git email which will be used to commit changes"
},
"fluxPath": {
"type": "string",
"description": "The directory under which Flux configuration files will be written, e.g. flux/",
"x-intellij-html-description": "The directory under which Flux configuration files will be written, e.g. flux/"
},
"paths": {
"items": {
"type": "string"
},
"type": "array",
"description": "Relative paths within the Git repository which the GitOps operator will monitor to find Kubernetes manifests to apply, e.g. [\"kube-system\", \"base\"]",
"x-intellij-html-description": "Relative paths within the Git repository which the GitOps operator will monitor to find Kubernetes manifests to apply, e.g. [&quot;kube-system&quot;, &quot;base&quot;]"
},
"privateSSHKeyPath": {
"type": "string",
"description": "Path to the private SSH key to use to authenticate",
"x-intellij-html-description": "Path to the private SSH key to use to authenticate"
},
"url": {
"type": "string",
"description": "The Git SSH URL to the repository which will contain the cluster configuration",
"x-intellij-html-description": "The Git SSH URL to the repository which will contain the cluster configuration",
"examples": [
"git@github.com:org/repo"
]
},
"user": {
"type": "string",
"description": "Git user which will be used to commit changes",
"x-intellij-html-description": "Git user which will be used to commit changes"
}
},
"preferredOrder": [
"url",
"branch",
"paths",
"fluxPath",
"user",
"email",
"privateSSHKeyPath"
],
"additionalProperties": false,
"description": "groups all configuration options related to a Git repository used for GitOps.",
"x-intellij-html-description": "groups all configuration options related to a Git repository used for GitOps."
},
"SecretsEncryption": {
"required": [
"keyARN"
],
"properties": {
"keyARN": {
"type": "string"
}
},
"preferredOrder": [
"keyARN"
],
"additionalProperties": false,
"description": "defines the configuration for KMS encryption provider",
"x-intellij-html-description": "defines the configuration for KMS encryption provider"
},
"WellKnownPolicies": {
"properties": {
"autoScaler": {
"type": "boolean",
"description": "adds policies for cluster-autoscaler. See [autoscaler AWS docs](https://docs.aws.amazon.com/eks/latest/userguide/cluster-autoscaler.html).",
"x-intellij-html-description": "adds policies for cluster-autoscaler. See <a href=\"https://docs.aws.amazon.com/eks/latest/userguide/cluster-autoscaler.html\">autoscaler AWS docs</a>.",
"default": "false"
},
"awsLoadBalancerController": {
"type": "boolean",
"description": "adds policies for using the aws-load-balancer-controller. See [Load Balancer docs](https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html).",
"x-intellij-html-description": "adds policies for using the aws-load-balancer-controller. See <a href=\"https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html\">Load Balancer docs</a>.",
"default": "false"
},
"certManager": {
"type": "boolean",
"description": "adds cert-manager policies. See [cert-manager docs](https://cert-manager.io/docs/configuration/acme/dns01/route53).",
"x-intellij-html-description": "adds cert-manager policies. See <a href=\"https://cert-manager.io/docs/configuration/acme/dns01/route53\">cert-manager docs</a>.",
"default": "false"
},
"ebsCSIController": {
"type": "boolean",
"description": "adds policies for using the ebs-csi-controller. See [aws-ebs-csi-driver docs](https://github.com/kubernetes-sigs/aws-ebs-csi-driver#set-up-driver-permission).",
"x-intellij-html-description": "adds policies for using the ebs-csi-controller. See <a href=\"https://github.com/kubernetes-sigs/aws-ebs-csi-driver#set-up-driver-permission\">aws-ebs-csi-driver docs</a>.",
"default": "false"
},
"efsCSIController": {
"type": "boolean",
"description": "adds policies for using the efs-csi-controller. See [aws-efs-csi-driver docs](https://aws.amazon.com/blogs/containers/introducing-efs-csi-dynamic-provisioning).",
"x-intellij-html-description": "adds policies for using the efs-csi-controller. See <a href=\"https://aws.amazon.com/blogs/containers/introducing-efs-csi-dynamic-provisioning\">aws-efs-csi-driver docs</a>.",
"default": "false"
},
"externalDNS": {
"type": "boolean",
"description": "adds external-dns policies for Amazon Route 53. See [external-dns docs](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/aws.md).",
"x-intellij-html-description": "adds external-dns policies for Amazon Route 53. See <a href=\"https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/aws.md\">external-dns docs</a>.",
"default": "false"
},
"imageBuilder": {
"type": "boolean",
"description": "allows for full ECR (Elastic Container Registry) access.",
"x-intellij-html-description": "allows for full ECR (Elastic Container Registry) access.",
"default": "false"
}
},
"preferredOrder": [
"imageBuilder",
"autoScaler",
"awsLoadBalancerController",
"externalDNS",
"certManager",
"ebsCSIController",
"efsCSIController"
],
"additionalProperties": false,
"description": "for attaching common IAM policies",
"x-intellij-html-description": "for attaching common IAM policies"
},
"github.com|weaveworks|eksctl|pkg|utils|ipnet.IPNet": {
"type": "string",
"description": "an IP address in CIDR notation",
"x-intellij-html-description": "an IP address in CIDR notation"
},
"k8s.io|api|core|v1.TaintEffect": {
"type": "string"
},
"taintsWrapper": {
"items": {
"$ref": "#/definitions/NodeGroupTaint"
},
"type": "array",
"description": "handles unmarshalling both map[string]string and []NodeGroupTaint",
"x-intellij-html-description": "handles unmarshalling both map[string]string and []NodeGroupTaint"
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment