cluster_name |
Name of the cluster. |
true |
subnet_ids |
List of subnet IDs. Must be in at least two different availability zones. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane. |
true |
vpc_id |
true |
additional_security_group_ids |
List of security group IDs for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. Defaults to []. |
false |
create_additional_security_group |
Indicates whether or not to create additional security group. Defaults to false. |
false |
enabled_cluster_log_types |
A list of the desired control plane logging to enable. ['api','audit', 'authenticator', 'controllerManager', 'scheduler'] Defaults to []. |
false |
endpoint_private_access |
Indicates whether or not the Amazon EKS private API server endpoint is enabled. Defaults to false. |
false |
endpoint_public_access |
Indicates whether or not the Amazon EKS public API server endpoint is enabled. Defaults to true. |
false |
kubernetes_version |
Desired Kubernetes master version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except those automatically triggered by EKS. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by EKS. Defaults to 1.14. |
false |
public_access_cidrs |
Indicates whether or not the Amazon EKS private API server endpoint is enabled. Defaults to [""]. |
false |
role_arn |
The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Defaults to "". |
false |
tags |
Key-value mapping of default tags for all IAM users. Defaults to {}. |
false |
cloudwatch_kms_key_id |
The ARN of the KMS Key to use when encrypting log data. Defaults to null. |
false |
cloudwatch_log_retention_in_days |
Number of days to retain log events. Defaults to 7. |
false |
iam_role_force_detach_policies |
Specifies to force detaching any policies the role has before destroying it. Defaults to true. |
false |
iam_role_path |
Path in which to create EKS IAM role. Defaults to /. |
false |
iam_role_permissions_boundary |
The ARN of the policy that is used to set the permissions boundary for the role. Defaults to "". |
false |