Node
data class NodeGroupArgs(val amiType: Output<String>? = null, val capacityType: Output<String>? = null, val clusterName: Output<String>? = null, val diskSize: Output<Int>? = null, val forceUpdateVersion: Output<Boolean>? = null, val instanceTypes: Output<List<String>>? = null, val labels: Output<Map<String, String>>? = null, val launchTemplate: Output<NodeGroupLaunchTemplateArgs>? = null, val nodeGroupName: Output<String>? = null, val nodeGroupNamePrefix: Output<String>? = null, val nodeRoleArn: Output<String>? = null, val releaseVersion: Output<String>? = null, val remoteAccess: Output<NodeGroupRemoteAccessArgs>? = null, val scalingConfig: Output<NodeGroupScalingConfigArgs>? = null, val subnetIds: Output<List<String>>? = null, val tags: Output<Map<String, String>>? = null, val taints: Output<List<NodeGroupTaintArgs>>? = null, val updateConfig: Output<NodeGroupUpdateConfigArgs>? = null, val version: Output<String>? = null) : ConvertibleToJava<NodeGroupArgs>
Manages an EKS Node Group, which can provision and optionally update an Auto Scaling Group of Kubernetes worker nodes compatible with EKS. Additional documentation about this functionality can be found in the EKS User Guide.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.eks.NodeGroup("example", {
clusterName: exampleAwsEksCluster.name,
nodeGroupName: "example",
nodeRoleArn: exampleAwsIamRole.arn,
subnetIds: exampleAwsSubnet.map(__item => __item.id),
scalingConfig: {
desiredSize: 1,
maxSize: 2,
minSize: 1,
},
updateConfig: {
maxUnavailable: 1,
},
}, {
dependsOn: [
example_AmazonEKSWorkerNodePolicy,
example_AmazonEKSCNIPolicy,
example_AmazonEC2ContainerRegistryReadOnly,
],
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.eks.NodeGroup("example",
cluster_name=example_aws_eks_cluster["name"],
node_group_name="example",
node_role_arn=example_aws_iam_role["arn"],
subnet_ids=[__item["id"] for __item in example_aws_subnet],
scaling_config=aws.eks.NodeGroupScalingConfigArgs(
desired_size=1,
max_size=2,
min_size=1,
),
update_config=aws.eks.NodeGroupUpdateConfigArgs(
max_unavailable=1,
),
opts=pulumi.ResourceOptions(depends_on=[
example__amazon_eks_worker_node_policy,
example__amazon_ekscni_policy,
example__amazon_ec2_container_registry_read_only,
]))Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Eks.NodeGroup("example", new()
{
ClusterName = exampleAwsEksCluster.Name,
NodeGroupName = "example",
NodeRoleArn = exampleAwsIamRole.Arn,
SubnetIds = exampleAwsSubnet.Select(__item => __item.Id).ToList(),
ScalingConfig = new Aws.Eks.Inputs.NodeGroupScalingConfigArgs
{
DesiredSize = 1,
MaxSize = 2,
MinSize = 1,
},
UpdateConfig = new Aws.Eks.Inputs.NodeGroupUpdateConfigArgs
{
MaxUnavailable = 1,
},
}, new CustomResourceOptions
{
DependsOn =
{
example_AmazonEKSWorkerNodePolicy,
example_AmazonEKSCNIPolicy,
example_AmazonEC2ContainerRegistryReadOnly,
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
var splat0 []interface{}
for _, val0 := range exampleAwsSubnet {
splat0 = append(splat0, val0.Id)
}
_, err := eks.NewNodeGroup(ctx, "example", &eks.NodeGroupArgs{
ClusterName: pulumi.Any(exampleAwsEksCluster.Name),
NodeGroupName: pulumi.String("example"),
NodeRoleArn: pulumi.Any(exampleAwsIamRole.Arn),
SubnetIds: toPulumiArray(splat0),
ScalingConfig: &eks.NodeGroupScalingConfigArgs{
DesiredSize: pulumi.Int(1),
MaxSize: pulumi.Int(2),
MinSize: pulumi.Int(1),
},
UpdateConfig: &eks.NodeGroupUpdateConfigArgs{
MaxUnavailable: pulumi.Int(1),
},
}, pulumi.DependsOn([]pulumi.Resource{
example_AmazonEKSWorkerNodePolicy,
example_AmazonEKSCNIPolicy,
example_AmazonEC2ContainerRegistryReadOnly,
}))
if err != nil {
return err
}
return nil
})
}
func toPulumiArray(arr []) pulumi.Array {
var pulumiArr pulumi.Array
for _, v := range arr {
pulumiArr = append(pulumiArr, pulumi.(v))
}
return pulumiArr
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.eks.NodeGroup;
import com.pulumi.aws.eks.NodeGroupArgs;
import com.pulumi.aws.eks.inputs.NodeGroupScalingConfigArgs;
import com.pulumi.aws.eks.inputs.NodeGroupUpdateConfigArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new NodeGroup("example", NodeGroupArgs.builder()
.clusterName(exampleAwsEksCluster.name())
.nodeGroupName("example")
.nodeRoleArn(exampleAwsIamRole.arn())
.subnetIds(exampleAwsSubnet.stream().map(element -> element.id()).collect(toList()))
.scalingConfig(NodeGroupScalingConfigArgs.builder()
.desiredSize(1)
.maxSize(2)
.minSize(1)
.build())
.updateConfig(NodeGroupUpdateConfigArgs.builder()
.maxUnavailable(1)
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(
example_AmazonEKSWorkerNodePolicy,
example_AmazonEKSCNIPolicy,
example_AmazonEC2ContainerRegistryReadOnly)
.build());
}
}Content copied to clipboard
Ignoring Changes to Desired Size
You can utilize ignoreChanges create an EKS Node Group with an initial size of running instances, then ignore any changes to that count caused externally (e.g. Application Autoscaling).
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.eks.NodeGroup("example", {scalingConfig: {
desiredSize: 2,
}});Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.eks.NodeGroup("example", scaling_config=aws.eks.NodeGroupScalingConfigArgs(
desired_size=2,
))Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Eks.NodeGroup("example", new()
{
ScalingConfig = new Aws.Eks.Inputs.NodeGroupScalingConfigArgs
{
DesiredSize = 2,
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := eks.NewNodeGroup(ctx, "example", &eks.NodeGroupArgs{
ScalingConfig: &eks.NodeGroupScalingConfigArgs{
DesiredSize: pulumi.Int(2),
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.eks.NodeGroup;
import com.pulumi.aws.eks.NodeGroupArgs;
import com.pulumi.aws.eks.inputs.NodeGroupScalingConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new NodeGroup("example", NodeGroupArgs.builder()
.scalingConfig(NodeGroupScalingConfigArgs.builder()
.desiredSize(2)
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:eks:NodeGroup
properties:
scalingConfig:
desiredSize: 2Content copied to clipboard
Example IAM Role for EKS Node Group
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.iam.Role("example", {
name: "eks-node-group-example",
assumeRolePolicy: JSON.stringify({
Statement: [{
Action: "sts:AssumeRole",
Effect: "Allow",
Principal: {
Service: "ec2.amazonaws.com",
},
}],
Version: "2012-10-17",
}),
});
const example_AmazonEKSWorkerNodePolicy = new aws.iam.RolePolicyAttachment("example-AmazonEKSWorkerNodePolicy", {
policyArn: "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy",
role: example.name,
});
const example_AmazonEKSCNIPolicy = new aws.iam.RolePolicyAttachment("example-AmazonEKS_CNI_Policy", {
policyArn: "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy",
role: example.name,
});
const example_AmazonEC2ContainerRegistryReadOnly = new aws.iam.RolePolicyAttachment("example-AmazonEC2ContainerRegistryReadOnly", {
policyArn: "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly",
role: example.name,
});Content copied to clipboard
import pulumi
import json
import pulumi_aws as aws
example = aws.iam.Role("example",
name="eks-node-group-example",
assume_role_policy=json.dumps({
"Statement": [{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com",
},
}],
"Version": "2012-10-17",
}))
example__amazon_eks_worker_node_policy = aws.iam.RolePolicyAttachment("example-AmazonEKSWorkerNodePolicy",
policy_arn="arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy",
role=example.name)
example__amazon_ekscni_policy = aws.iam.RolePolicyAttachment("example-AmazonEKS_CNI_Policy",
policy_arn="arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy",
role=example.name)
example__amazon_ec2_container_registry_read_only = aws.iam.RolePolicyAttachment("example-AmazonEC2ContainerRegistryReadOnly",
policy_arn="arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly",
role=example.name)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Iam.Role("example", new()
{
Name = "eks-node-group-example",
AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?>
{
["Statement"] = new[]
{
new Dictionary<string, object?>
{
["Action"] = "sts:AssumeRole",
["Effect"] = "Allow",
["Principal"] = new Dictionary<string, object?>
{
["Service"] = "ec2.amazonaws.com",
},
},
},
["Version"] = "2012-10-17",
}),
});
var example_AmazonEKSWorkerNodePolicy = new Aws.Iam.RolePolicyAttachment("example-AmazonEKSWorkerNodePolicy", new()
{
PolicyArn = "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy",
Role = example.Name,
});
var example_AmazonEKSCNIPolicy = new Aws.Iam.RolePolicyAttachment("example-AmazonEKS_CNI_Policy", new()
{
PolicyArn = "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy",
Role = example.Name,
});
var example_AmazonEC2ContainerRegistryReadOnly = new Aws.Iam.RolePolicyAttachment("example-AmazonEC2ContainerRegistryReadOnly", new()
{
PolicyArn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly",
Role = example.Name,
});
});Content copied to clipboard
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
tmpJSON0, err := json.Marshal(map[string]interface{}{
"Statement": []map[string]interface{}{
map[string]interface{}{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": map[string]interface{}{
"Service": "ec2.amazonaws.com",
},
},
},
"Version": "2012-10-17",
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
example, err := iam.NewRole(ctx, "example", &iam.RoleArgs{
Name: pulumi.String("eks-node-group-example"),
AssumeRolePolicy: pulumi.String(json0),
})
if err != nil {
return err
}
_, err = iam.NewRolePolicyAttachment(ctx, "example-AmazonEKSWorkerNodePolicy", &iam.RolePolicyAttachmentArgs{
PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy"),
Role: example.Name,
})
if err != nil {
return err
}
_, err = iam.NewRolePolicyAttachment(ctx, "example-AmazonEKS_CNI_Policy", &iam.RolePolicyAttachmentArgs{
PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"),
Role: example.Name,
})
if err != nil {
return err
}
_, err = iam.NewRolePolicyAttachment(ctx, "example-AmazonEC2ContainerRegistryReadOnly", &iam.RolePolicyAttachmentArgs{
PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"),
Role: example.Name,
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Role("example", RoleArgs.builder()
.name("eks-node-group-example")
.assumeRolePolicy(serializeJson(
jsonObject(
jsonProperty("Statement", jsonArray(jsonObject(
jsonProperty("Action", "sts:AssumeRole"),
jsonProperty("Effect", "Allow"),
jsonProperty("Principal", jsonObject(
jsonProperty("Service", "ec2.amazonaws.com")
))
))),
jsonProperty("Version", "2012-10-17")
)))
.build());
var example_AmazonEKSWorkerNodePolicy = new RolePolicyAttachment("example-AmazonEKSWorkerNodePolicy", RolePolicyAttachmentArgs.builder()
.policyArn("arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy")
.role(example.name())
.build());
var example_AmazonEKSCNIPolicy = new RolePolicyAttachment("example-AmazonEKSCNIPolicy", RolePolicyAttachmentArgs.builder()
.policyArn("arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy")
.role(example.name())
.build());
var example_AmazonEC2ContainerRegistryReadOnly = new RolePolicyAttachment("example-AmazonEC2ContainerRegistryReadOnly", RolePolicyAttachmentArgs.builder()
.policyArn("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly")
.role(example.name())
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:iam:Role
properties:
name: eks-node-group-example
assumeRolePolicy:
fn::toJSON:
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service: ec2.amazonaws.com
Version: 2012-10-17
example-AmazonEKSWorkerNodePolicy:
type: aws:iam:RolePolicyAttachment
properties:
policyArn: arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
role: ${example.name}
example-AmazonEKSCNIPolicy:
type: aws:iam:RolePolicyAttachment
name: example-AmazonEKS_CNI_Policy
properties:
policyArn: arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
role: ${example.name}
example-AmazonEC2ContainerRegistryReadOnly:
type: aws:iam:RolePolicyAttachment
properties:
policyArn: arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
role: ${example.name}Content copied to clipboard
Example Subnets for EKS Node Group
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as std from "@pulumi/std";
const available = aws.getAvailabilityZones({
state: "available",
});
const example: aws.ec2.Subnet[] = [];
for (const range = {value: 0}; range.value < 2; range.value++) {
example.push(new aws.ec2.Subnet(`example-${range.value}`, {
availabilityZone: available.then(available => available.names[range.value]),
cidrBlock: std.cidrsubnet({
input: exampleAwsVpc.cidrBlock,
newbits: 8,
netnum: range.value,
}).then(invoke => invoke.result),
vpcId: exampleAwsVpc.id,
}));
}Content copied to clipboard
import pulumi
import pulumi_aws as aws
import pulumi_std as std
available = aws.get_availability_zones(state="available")
example = []
for range in [{"value": i} for i in range(0, 2)]:
example.append(aws.ec2.Subnet(f"example-{range['value']}",
availability_zone=available.names[range["value"]],
cidr_block=std.cidrsubnet(input=example_aws_vpc["cidrBlock"],
newbits=8,
netnum=range["value"]).result,
vpc_id=example_aws_vpc["id"]))Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
var available = Aws.GetAvailabilityZones.Invoke(new()
{
State = "available",
});
var example = new List<Aws.Ec2.Subnet>();
for (var rangeIndex = 0; rangeIndex < 2; rangeIndex++)
{
var range = new { Value = rangeIndex };
example.Add(new Aws.Ec2.Subnet($"example-{range.Value}", new()
{
AvailabilityZone = available.Apply(getAvailabilityZonesResult => getAvailabilityZonesResult.Names)[range.Value],
CidrBlock = Std.Cidrsubnet.Invoke(new()
{
Input = exampleAwsVpc.CidrBlock,
Newbits = 8,
Netnum = range.Value,
}).Apply(invoke => invoke.Result),
VpcId = exampleAwsVpc.Id,
}));
}
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
available, err := aws.GetAvailabilityZones(ctx, &aws.GetAvailabilityZonesArgs{
State: pulumi.StringRef("available"),
}, nil)
if err != nil {
return err
}
invokeCidrsubnet, err := std.Cidrsubnet(ctx, &std.CidrsubnetArgs{
Input: exampleAwsVpc.CidrBlock,
Newbits: 8,
Netnum: val0,
}, nil)
if err != nil {
return err
}
var example []*ec2.Subnet
for index := 0; index < 2; index++ {
key0 := index
val0 := index
__res, err := ec2.NewSubnet(ctx, fmt.Sprintf("example-%v", key0), &ec2.SubnetArgs{
AvailabilityZone: available.Names[val0],
CidrBlock: invokeCidrsubnet.Result,
VpcId: pulumi.Any(exampleAwsVpc.Id),
})
if err != nil {
return err
}
example = append(example, __res)
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.AwsFunctions;
import com.pulumi.aws.inputs.GetAvailabilityZonesArgs;
import com.pulumi.aws.ec2.Subnet;
import com.pulumi.aws.ec2.SubnetArgs;
import com.pulumi.codegen.internal.KeyedValue;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()
.state("available")
.build());
for (var i = 0; i < 2; i++) {
new Subnet("example-" + i, SubnetArgs.builder()
.availabilityZone(available.applyValue(getAvailabilityZonesResult -> getAvailabilityZonesResult.names())[range.value()])
.cidrBlock(StdFunctions.cidrsubnet(CidrsubnetArgs.builder()
.input(exampleAwsVpc.cidrBlock())
.newbits(8)
.netnum(range.value())
.build()).result())
.vpcId(exampleAwsVpc.id())
.build());
}
}
}Content copied to clipboard
Import
Using pulumi import, import EKS Node Groups using the cluster_name and node_group_name separated by a colon (:). For example:
$ pulumi import aws:eks/nodeGroup:NodeGroup my_node_group my_cluster:my_node_groupContent copied to clipboard
Constructors
Link copied to clipboard
fun NodeGroupArgs(amiType: Output<String>? = null, capacityType: Output<String>? = null, clusterName: Output<String>? = null, diskSize: Output<Int>? = null, forceUpdateVersion: Output<Boolean>? = null, instanceTypes: Output<List<String>>? = null, labels: Output<Map<String, String>>? = null, launchTemplate: Output<NodeGroupLaunchTemplateArgs>? = null, nodeGroupName: Output<String>? = null, nodeGroupNamePrefix: Output<String>? = null, nodeRoleArn: Output<String>? = null, releaseVersion: Output<String>? = null, remoteAccess: Output<NodeGroupRemoteAccessArgs>? = null, scalingConfig: Output<NodeGroupScalingConfigArgs>? = null, subnetIds: Output<List<String>>? = null, tags: Output<Map<String, String>>? = null, taints: Output<List<NodeGroupTaintArgs>>? = null, updateConfig: Output<NodeGroupUpdateConfigArgs>? = null, version: Output<String>? = null)
Functions
Properties
Link copied to clipboard
Type of Amazon Machine Image (AMI) associated with the EKS Node Group. See the AWS documentation for valid values. This provider will only perform drift detection if a configuration value is provided.
Link copied to clipboard