gcp.container.AwsCluster
Explore with Pulumi AI
An Anthos cluster running on AWS.
For more information, see:
Example Usage
Basic_aws_cluster
A basic example of a containeraws cluster
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const versions = gcp.container.getAwsVersions({
    project: "my-project-name",
    location: "us-west1",
});
const primary = new gcp.container.AwsCluster("primary", {
    authorization: {
        adminUsers: [{
            username: "my@service-account.com",
        }],
        adminGroups: [{
            group: "group@domain.com",
        }],
    },
    awsRegion: "my-aws-region",
    controlPlane: {
        awsServicesAuthentication: {
            roleArn: "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
            roleSessionName: "my--1p-dev-session",
        },
        configEncryption: {
            kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
        },
        databaseEncryption: {
            kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
        },
        iamInstanceProfile: "my--1p-dev-controlplane",
        subnetIds: ["subnet-00000000000000000"],
        version: versions.then(versions => versions.validVersions?.[0]),
        instanceType: "t3.medium",
        mainVolume: {
            iops: 3000,
            kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            sizeGib: 10,
            volumeType: "GP3",
        },
        proxyConfig: {
            secretArn: "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
            secretVersion: "12345678-ABCD-EFGH-IJKL-987654321098",
        },
        rootVolume: {
            iops: 3000,
            kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            sizeGib: 10,
            volumeType: "GP3",
        },
        securityGroupIds: ["sg-00000000000000000"],
        sshConfig: {
            ec2KeyPair: "my--1p-dev-ssh",
        },
        tags: {
            owner: "my@service-account.com",
        },
    },
    fleet: {
        project: "my-project-number",
    },
    location: "us-west1",
    name: "name",
    networking: {
        podAddressCidrBlocks: ["10.2.0.0/16"],
        serviceAddressCidrBlocks: ["10.1.0.0/16"],
        vpcId: "vpc-00000000000000000",
    },
    annotations: {
        "label-one": "value-one",
    },
    description: "A sample aws cluster",
    project: "my-project-name",
});
import pulumi
import pulumi_gcp as gcp
versions = gcp.container.get_aws_versions(project="my-project-name",
    location="us-west1")
primary = gcp.container.AwsCluster("primary",
    authorization={
        "admin_users": [{
            "username": "my@service-account.com",
        }],
        "admin_groups": [{
            "group": "group@domain.com",
        }],
    },
    aws_region="my-aws-region",
    control_plane={
        "aws_services_authentication": {
            "role_arn": "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
            "role_session_name": "my--1p-dev-session",
        },
        "config_encryption": {
            "kms_key_arn": "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
        },
        "database_encryption": {
            "kms_key_arn": "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
        },
        "iam_instance_profile": "my--1p-dev-controlplane",
        "subnet_ids": ["subnet-00000000000000000"],
        "version": versions.valid_versions[0],
        "instance_type": "t3.medium",
        "main_volume": {
            "iops": 3000,
            "kms_key_arn": "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            "size_gib": 10,
            "volume_type": "GP3",
        },
        "proxy_config": {
            "secret_arn": "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
            "secret_version": "12345678-ABCD-EFGH-IJKL-987654321098",
        },
        "root_volume": {
            "iops": 3000,
            "kms_key_arn": "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            "size_gib": 10,
            "volume_type": "GP3",
        },
        "security_group_ids": ["sg-00000000000000000"],
        "ssh_config": {
            "ec2_key_pair": "my--1p-dev-ssh",
        },
        "tags": {
            "owner": "my@service-account.com",
        },
    },
    fleet={
        "project": "my-project-number",
    },
    location="us-west1",
    name="name",
    networking={
        "pod_address_cidr_blocks": ["10.2.0.0/16"],
        "service_address_cidr_blocks": ["10.1.0.0/16"],
        "vpc_id": "vpc-00000000000000000",
    },
    annotations={
        "label-one": "value-one",
    },
    description="A sample aws cluster",
    project="my-project-name")
package main
import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/container"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		versions, err := container.GetAwsVersions(ctx, &container.GetAwsVersionsArgs{
			Project:  pulumi.StringRef("my-project-name"),
			Location: pulumi.StringRef("us-west1"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = container.NewAwsCluster(ctx, "primary", &container.AwsClusterArgs{
			Authorization: &container.AwsClusterAuthorizationArgs{
				AdminUsers: container.AwsClusterAuthorizationAdminUserArray{
					&container.AwsClusterAuthorizationAdminUserArgs{
						Username: pulumi.String("my@service-account.com"),
					},
				},
				AdminGroups: container.AwsClusterAuthorizationAdminGroupArray{
					&container.AwsClusterAuthorizationAdminGroupArgs{
						Group: pulumi.String("group@domain.com"),
					},
				},
			},
			AwsRegion: pulumi.String("my-aws-region"),
			ControlPlane: &container.AwsClusterControlPlaneArgs{
				AwsServicesAuthentication: &container.AwsClusterControlPlaneAwsServicesAuthenticationArgs{
					RoleArn:         pulumi.String("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform"),
					RoleSessionName: pulumi.String("my--1p-dev-session"),
				},
				ConfigEncryption: &container.AwsClusterControlPlaneConfigEncryptionArgs{
					KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
				},
				DatabaseEncryption: &container.AwsClusterControlPlaneDatabaseEncryptionArgs{
					KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
				},
				IamInstanceProfile: pulumi.String("my--1p-dev-controlplane"),
				SubnetIds: pulumi.StringArray{
					pulumi.String("subnet-00000000000000000"),
				},
				Version:      pulumi.String(versions.ValidVersions[0]),
				InstanceType: pulumi.String("t3.medium"),
				MainVolume: &container.AwsClusterControlPlaneMainVolumeArgs{
					Iops:       pulumi.Int(3000),
					KmsKeyArn:  pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
					SizeGib:    pulumi.Int(10),
					VolumeType: pulumi.String("GP3"),
				},
				ProxyConfig: &container.AwsClusterControlPlaneProxyConfigArgs{
					SecretArn:     pulumi.String("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF"),
					SecretVersion: pulumi.String("12345678-ABCD-EFGH-IJKL-987654321098"),
				},
				RootVolume: &container.AwsClusterControlPlaneRootVolumeArgs{
					Iops:       pulumi.Int(3000),
					KmsKeyArn:  pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
					SizeGib:    pulumi.Int(10),
					VolumeType: pulumi.String("GP3"),
				},
				SecurityGroupIds: pulumi.StringArray{
					pulumi.String("sg-00000000000000000"),
				},
				SshConfig: &container.AwsClusterControlPlaneSshConfigArgs{
					Ec2KeyPair: pulumi.String("my--1p-dev-ssh"),
				},
				Tags: pulumi.StringMap{
					"owner": pulumi.String("my@service-account.com"),
				},
			},
			Fleet: &container.AwsClusterFleetArgs{
				Project: pulumi.String("my-project-number"),
			},
			Location: pulumi.String("us-west1"),
			Name:     pulumi.String("name"),
			Networking: &container.AwsClusterNetworkingArgs{
				PodAddressCidrBlocks: pulumi.StringArray{
					pulumi.String("10.2.0.0/16"),
				},
				ServiceAddressCidrBlocks: pulumi.StringArray{
					pulumi.String("10.1.0.0/16"),
				},
				VpcId: pulumi.String("vpc-00000000000000000"),
			},
			Annotations: pulumi.StringMap{
				"label-one": pulumi.String("value-one"),
			},
			Description: pulumi.String("A sample aws cluster"),
			Project:     pulumi.String("my-project-name"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() => 
{
    var versions = Gcp.Container.GetAwsVersions.Invoke(new()
    {
        Project = "my-project-name",
        Location = "us-west1",
    });
    var primary = new Gcp.Container.AwsCluster("primary", new()
    {
        Authorization = new Gcp.Container.Inputs.AwsClusterAuthorizationArgs
        {
            AdminUsers = new[]
            {
                new Gcp.Container.Inputs.AwsClusterAuthorizationAdminUserArgs
                {
                    Username = "my@service-account.com",
                },
            },
            AdminGroups = new[]
            {
                new Gcp.Container.Inputs.AwsClusterAuthorizationAdminGroupArgs
                {
                    Group = "group@domain.com",
                },
            },
        },
        AwsRegion = "my-aws-region",
        ControlPlane = new Gcp.Container.Inputs.AwsClusterControlPlaneArgs
        {
            AwsServicesAuthentication = new Gcp.Container.Inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs
            {
                RoleArn = "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
                RoleSessionName = "my--1p-dev-session",
            },
            ConfigEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneConfigEncryptionArgs
            {
                KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            },
            DatabaseEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneDatabaseEncryptionArgs
            {
                KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            },
            IamInstanceProfile = "my--1p-dev-controlplane",
            SubnetIds = new[]
            {
                "subnet-00000000000000000",
            },
            Version = versions.Apply(getAwsVersionsResult => getAwsVersionsResult.ValidVersions[0]),
            InstanceType = "t3.medium",
            MainVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneMainVolumeArgs
            {
                Iops = 3000,
                KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                SizeGib = 10,
                VolumeType = "GP3",
            },
            ProxyConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneProxyConfigArgs
            {
                SecretArn = "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
                SecretVersion = "12345678-ABCD-EFGH-IJKL-987654321098",
            },
            RootVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneRootVolumeArgs
            {
                Iops = 3000,
                KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                SizeGib = 10,
                VolumeType = "GP3",
            },
            SecurityGroupIds = new[]
            {
                "sg-00000000000000000",
            },
            SshConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneSshConfigArgs
            {
                Ec2KeyPair = "my--1p-dev-ssh",
            },
            Tags = 
            {
                { "owner", "my@service-account.com" },
            },
        },
        Fleet = new Gcp.Container.Inputs.AwsClusterFleetArgs
        {
            Project = "my-project-number",
        },
        Location = "us-west1",
        Name = "name",
        Networking = new Gcp.Container.Inputs.AwsClusterNetworkingArgs
        {
            PodAddressCidrBlocks = new[]
            {
                "10.2.0.0/16",
            },
            ServiceAddressCidrBlocks = new[]
            {
                "10.1.0.0/16",
            },
            VpcId = "vpc-00000000000000000",
        },
        Annotations = 
        {
            { "label-one", "value-one" },
        },
        Description = "A sample aws cluster",
        Project = "my-project-name",
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.container.ContainerFunctions;
import com.pulumi.gcp.container.inputs.GetAwsVersionsArgs;
import com.pulumi.gcp.container.AwsCluster;
import com.pulumi.gcp.container.AwsClusterArgs;
import com.pulumi.gcp.container.inputs.AwsClusterAuthorizationArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneConfigEncryptionArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneDatabaseEncryptionArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneMainVolumeArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneProxyConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneRootVolumeArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneSshConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterFleetArgs;
import com.pulumi.gcp.container.inputs.AwsClusterNetworkingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var versions = ContainerFunctions.getAwsVersions(GetAwsVersionsArgs.builder()
            .project("my-project-name")
            .location("us-west1")
            .build());
        var primary = new AwsCluster("primary", AwsClusterArgs.builder()
            .authorization(AwsClusterAuthorizationArgs.builder()
                .adminUsers(AwsClusterAuthorizationAdminUserArgs.builder()
                    .username("my@service-account.com")
                    .build())
                .adminGroups(AwsClusterAuthorizationAdminGroupArgs.builder()
                    .group("group@domain.com")
                    .build())
                .build())
            .awsRegion("my-aws-region")
            .controlPlane(AwsClusterControlPlaneArgs.builder()
                .awsServicesAuthentication(AwsClusterControlPlaneAwsServicesAuthenticationArgs.builder()
                    .roleArn("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform")
                    .roleSessionName("my--1p-dev-session")
                    .build())
                .configEncryption(AwsClusterControlPlaneConfigEncryptionArgs.builder()
                    .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                    .build())
                .databaseEncryption(AwsClusterControlPlaneDatabaseEncryptionArgs.builder()
                    .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                    .build())
                .iamInstanceProfile("my--1p-dev-controlplane")
                .subnetIds("subnet-00000000000000000")
                .version(versions.validVersions()[0])
                .instanceType("t3.medium")
                .mainVolume(AwsClusterControlPlaneMainVolumeArgs.builder()
                    .iops(3000)
                    .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                    .sizeGib(10)
                    .volumeType("GP3")
                    .build())
                .proxyConfig(AwsClusterControlPlaneProxyConfigArgs.builder()
                    .secretArn("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF")
                    .secretVersion("12345678-ABCD-EFGH-IJKL-987654321098")
                    .build())
                .rootVolume(AwsClusterControlPlaneRootVolumeArgs.builder()
                    .iops(3000)
                    .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                    .sizeGib(10)
                    .volumeType("GP3")
                    .build())
                .securityGroupIds("sg-00000000000000000")
                .sshConfig(AwsClusterControlPlaneSshConfigArgs.builder()
                    .ec2KeyPair("my--1p-dev-ssh")
                    .build())
                .tags(Map.of("owner", "my@service-account.com"))
                .build())
            .fleet(AwsClusterFleetArgs.builder()
                .project("my-project-number")
                .build())
            .location("us-west1")
            .name("name")
            .networking(AwsClusterNetworkingArgs.builder()
                .podAddressCidrBlocks("10.2.0.0/16")
                .serviceAddressCidrBlocks("10.1.0.0/16")
                .vpcId("vpc-00000000000000000")
                .build())
            .annotations(Map.of("label-one", "value-one"))
            .description("A sample aws cluster")
            .project("my-project-name")
            .build());
    }
}
resources:
  primary:
    type: gcp:container:AwsCluster
    properties:
      authorization:
        adminUsers:
          - username: my@service-account.com
        adminGroups:
          - group: group@domain.com
      awsRegion: my-aws-region
      controlPlane:
        awsServicesAuthentication:
          roleArn: arn:aws:iam::012345678910:role/my--1p-dev-oneplatform
          roleSessionName: my--1p-dev-session
        configEncryption:
          kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
        databaseEncryption:
          kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
        iamInstanceProfile: my--1p-dev-controlplane
        subnetIds:
          - subnet-00000000000000000
        version: ${versions.validVersions[0]}
        instanceType: t3.medium
        mainVolume:
          iops: 3000
          kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
          sizeGib: 10
          volumeType: GP3
        proxyConfig:
          secretArn: arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF
          secretVersion: 12345678-ABCD-EFGH-IJKL-987654321098
        rootVolume:
          iops: 3000
          kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
          sizeGib: 10
          volumeType: GP3
        securityGroupIds:
          - sg-00000000000000000
        sshConfig:
          ec2KeyPair: my--1p-dev-ssh
        tags:
          owner: my@service-account.com
      fleet:
        project: my-project-number
      location: us-west1
      name: name
      networking:
        podAddressCidrBlocks:
          - 10.2.0.0/16
        serviceAddressCidrBlocks:
          - 10.1.0.0/16
        vpcId: vpc-00000000000000000
      annotations:
        label-one: value-one
      description: A sample aws cluster
      project: my-project-name
variables:
  versions:
    fn::invoke:
      function: gcp:container:getAwsVersions
      arguments:
        project: my-project-name
        location: us-west1
Basic_enum_aws_cluster
A basic example of a containeraws cluster with lowercase enums
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const versions = gcp.container.getAwsVersions({
    project: "my-project-name",
    location: "us-west1",
});
const primary = new gcp.container.AwsCluster("primary", {
    authorization: {
        adminUsers: [{
            username: "my@service-account.com",
        }],
    },
    awsRegion: "my-aws-region",
    controlPlane: {
        awsServicesAuthentication: {
            roleArn: "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
            roleSessionName: "my--1p-dev-session",
        },
        configEncryption: {
            kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
        },
        databaseEncryption: {
            kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
        },
        iamInstanceProfile: "my--1p-dev-controlplane",
        subnetIds: ["subnet-00000000000000000"],
        version: versions.then(versions => versions.validVersions?.[0]),
        instanceType: "t3.medium",
        mainVolume: {
            iops: 3000,
            kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            sizeGib: 10,
            volumeType: "gp3",
        },
        proxyConfig: {
            secretArn: "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
            secretVersion: "12345678-ABCD-EFGH-IJKL-987654321098",
        },
        rootVolume: {
            iops: 3000,
            kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            sizeGib: 10,
            volumeType: "gp3",
        },
        securityGroupIds: ["sg-00000000000000000"],
        sshConfig: {
            ec2KeyPair: "my--1p-dev-ssh",
        },
        tags: {
            owner: "my@service-account.com",
        },
    },
    fleet: {
        project: "my-project-number",
    },
    location: "us-west1",
    name: "name",
    networking: {
        podAddressCidrBlocks: ["10.2.0.0/16"],
        serviceAddressCidrBlocks: ["10.1.0.0/16"],
        vpcId: "vpc-00000000000000000",
    },
    annotations: {
        "label-one": "value-one",
    },
    description: "A sample aws cluster",
    project: "my-project-name",
});
import pulumi
import pulumi_gcp as gcp
versions = gcp.container.get_aws_versions(project="my-project-name",
    location="us-west1")
primary = gcp.container.AwsCluster("primary",
    authorization={
        "admin_users": [{
            "username": "my@service-account.com",
        }],
    },
    aws_region="my-aws-region",
    control_plane={
        "aws_services_authentication": {
            "role_arn": "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
            "role_session_name": "my--1p-dev-session",
        },
        "config_encryption": {
            "kms_key_arn": "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
        },
        "database_encryption": {
            "kms_key_arn": "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
        },
        "iam_instance_profile": "my--1p-dev-controlplane",
        "subnet_ids": ["subnet-00000000000000000"],
        "version": versions.valid_versions[0],
        "instance_type": "t3.medium",
        "main_volume": {
            "iops": 3000,
            "kms_key_arn": "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            "size_gib": 10,
            "volume_type": "gp3",
        },
        "proxy_config": {
            "secret_arn": "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
            "secret_version": "12345678-ABCD-EFGH-IJKL-987654321098",
        },
        "root_volume": {
            "iops": 3000,
            "kms_key_arn": "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            "size_gib": 10,
            "volume_type": "gp3",
        },
        "security_group_ids": ["sg-00000000000000000"],
        "ssh_config": {
            "ec2_key_pair": "my--1p-dev-ssh",
        },
        "tags": {
            "owner": "my@service-account.com",
        },
    },
    fleet={
        "project": "my-project-number",
    },
    location="us-west1",
    name="name",
    networking={
        "pod_address_cidr_blocks": ["10.2.0.0/16"],
        "service_address_cidr_blocks": ["10.1.0.0/16"],
        "vpc_id": "vpc-00000000000000000",
    },
    annotations={
        "label-one": "value-one",
    },
    description="A sample aws cluster",
    project="my-project-name")
package main
import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/container"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		versions, err := container.GetAwsVersions(ctx, &container.GetAwsVersionsArgs{
			Project:  pulumi.StringRef("my-project-name"),
			Location: pulumi.StringRef("us-west1"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = container.NewAwsCluster(ctx, "primary", &container.AwsClusterArgs{
			Authorization: &container.AwsClusterAuthorizationArgs{
				AdminUsers: container.AwsClusterAuthorizationAdminUserArray{
					&container.AwsClusterAuthorizationAdminUserArgs{
						Username: pulumi.String("my@service-account.com"),
					},
				},
			},
			AwsRegion: pulumi.String("my-aws-region"),
			ControlPlane: &container.AwsClusterControlPlaneArgs{
				AwsServicesAuthentication: &container.AwsClusterControlPlaneAwsServicesAuthenticationArgs{
					RoleArn:         pulumi.String("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform"),
					RoleSessionName: pulumi.String("my--1p-dev-session"),
				},
				ConfigEncryption: &container.AwsClusterControlPlaneConfigEncryptionArgs{
					KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
				},
				DatabaseEncryption: &container.AwsClusterControlPlaneDatabaseEncryptionArgs{
					KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
				},
				IamInstanceProfile: pulumi.String("my--1p-dev-controlplane"),
				SubnetIds: pulumi.StringArray{
					pulumi.String("subnet-00000000000000000"),
				},
				Version:      pulumi.String(versions.ValidVersions[0]),
				InstanceType: pulumi.String("t3.medium"),
				MainVolume: &container.AwsClusterControlPlaneMainVolumeArgs{
					Iops:       pulumi.Int(3000),
					KmsKeyArn:  pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
					SizeGib:    pulumi.Int(10),
					VolumeType: pulumi.String("gp3"),
				},
				ProxyConfig: &container.AwsClusterControlPlaneProxyConfigArgs{
					SecretArn:     pulumi.String("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF"),
					SecretVersion: pulumi.String("12345678-ABCD-EFGH-IJKL-987654321098"),
				},
				RootVolume: &container.AwsClusterControlPlaneRootVolumeArgs{
					Iops:       pulumi.Int(3000),
					KmsKeyArn:  pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
					SizeGib:    pulumi.Int(10),
					VolumeType: pulumi.String("gp3"),
				},
				SecurityGroupIds: pulumi.StringArray{
					pulumi.String("sg-00000000000000000"),
				},
				SshConfig: &container.AwsClusterControlPlaneSshConfigArgs{
					Ec2KeyPair: pulumi.String("my--1p-dev-ssh"),
				},
				Tags: pulumi.StringMap{
					"owner": pulumi.String("my@service-account.com"),
				},
			},
			Fleet: &container.AwsClusterFleetArgs{
				Project: pulumi.String("my-project-number"),
			},
			Location: pulumi.String("us-west1"),
			Name:     pulumi.String("name"),
			Networking: &container.AwsClusterNetworkingArgs{
				PodAddressCidrBlocks: pulumi.StringArray{
					pulumi.String("10.2.0.0/16"),
				},
				ServiceAddressCidrBlocks: pulumi.StringArray{
					pulumi.String("10.1.0.0/16"),
				},
				VpcId: pulumi.String("vpc-00000000000000000"),
			},
			Annotations: pulumi.StringMap{
				"label-one": pulumi.String("value-one"),
			},
			Description: pulumi.String("A sample aws cluster"),
			Project:     pulumi.String("my-project-name"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() => 
{
    var versions = Gcp.Container.GetAwsVersions.Invoke(new()
    {
        Project = "my-project-name",
        Location = "us-west1",
    });
    var primary = new Gcp.Container.AwsCluster("primary", new()
    {
        Authorization = new Gcp.Container.Inputs.AwsClusterAuthorizationArgs
        {
            AdminUsers = new[]
            {
                new Gcp.Container.Inputs.AwsClusterAuthorizationAdminUserArgs
                {
                    Username = "my@service-account.com",
                },
            },
        },
        AwsRegion = "my-aws-region",
        ControlPlane = new Gcp.Container.Inputs.AwsClusterControlPlaneArgs
        {
            AwsServicesAuthentication = new Gcp.Container.Inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs
            {
                RoleArn = "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
                RoleSessionName = "my--1p-dev-session",
            },
            ConfigEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneConfigEncryptionArgs
            {
                KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            },
            DatabaseEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneDatabaseEncryptionArgs
            {
                KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            },
            IamInstanceProfile = "my--1p-dev-controlplane",
            SubnetIds = new[]
            {
                "subnet-00000000000000000",
            },
            Version = versions.Apply(getAwsVersionsResult => getAwsVersionsResult.ValidVersions[0]),
            InstanceType = "t3.medium",
            MainVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneMainVolumeArgs
            {
                Iops = 3000,
                KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                SizeGib = 10,
                VolumeType = "gp3",
            },
            ProxyConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneProxyConfigArgs
            {
                SecretArn = "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
                SecretVersion = "12345678-ABCD-EFGH-IJKL-987654321098",
            },
            RootVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneRootVolumeArgs
            {
                Iops = 3000,
                KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                SizeGib = 10,
                VolumeType = "gp3",
            },
            SecurityGroupIds = new[]
            {
                "sg-00000000000000000",
            },
            SshConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneSshConfigArgs
            {
                Ec2KeyPair = "my--1p-dev-ssh",
            },
            Tags = 
            {
                { "owner", "my@service-account.com" },
            },
        },
        Fleet = new Gcp.Container.Inputs.AwsClusterFleetArgs
        {
            Project = "my-project-number",
        },
        Location = "us-west1",
        Name = "name",
        Networking = new Gcp.Container.Inputs.AwsClusterNetworkingArgs
        {
            PodAddressCidrBlocks = new[]
            {
                "10.2.0.0/16",
            },
            ServiceAddressCidrBlocks = new[]
            {
                "10.1.0.0/16",
            },
            VpcId = "vpc-00000000000000000",
        },
        Annotations = 
        {
            { "label-one", "value-one" },
        },
        Description = "A sample aws cluster",
        Project = "my-project-name",
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.container.ContainerFunctions;
import com.pulumi.gcp.container.inputs.GetAwsVersionsArgs;
import com.pulumi.gcp.container.AwsCluster;
import com.pulumi.gcp.container.AwsClusterArgs;
import com.pulumi.gcp.container.inputs.AwsClusterAuthorizationArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneConfigEncryptionArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneDatabaseEncryptionArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneMainVolumeArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneProxyConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneRootVolumeArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneSshConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterFleetArgs;
import com.pulumi.gcp.container.inputs.AwsClusterNetworkingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var versions = ContainerFunctions.getAwsVersions(GetAwsVersionsArgs.builder()
            .project("my-project-name")
            .location("us-west1")
            .build());
        var primary = new AwsCluster("primary", AwsClusterArgs.builder()
            .authorization(AwsClusterAuthorizationArgs.builder()
                .adminUsers(AwsClusterAuthorizationAdminUserArgs.builder()
                    .username("my@service-account.com")
                    .build())
                .build())
            .awsRegion("my-aws-region")
            .controlPlane(AwsClusterControlPlaneArgs.builder()
                .awsServicesAuthentication(AwsClusterControlPlaneAwsServicesAuthenticationArgs.builder()
                    .roleArn("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform")
                    .roleSessionName("my--1p-dev-session")
                    .build())
                .configEncryption(AwsClusterControlPlaneConfigEncryptionArgs.builder()
                    .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                    .build())
                .databaseEncryption(AwsClusterControlPlaneDatabaseEncryptionArgs.builder()
                    .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                    .build())
                .iamInstanceProfile("my--1p-dev-controlplane")
                .subnetIds("subnet-00000000000000000")
                .version(versions.validVersions()[0])
                .instanceType("t3.medium")
                .mainVolume(AwsClusterControlPlaneMainVolumeArgs.builder()
                    .iops(3000)
                    .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                    .sizeGib(10)
                    .volumeType("gp3")
                    .build())
                .proxyConfig(AwsClusterControlPlaneProxyConfigArgs.builder()
                    .secretArn("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF")
                    .secretVersion("12345678-ABCD-EFGH-IJKL-987654321098")
                    .build())
                .rootVolume(AwsClusterControlPlaneRootVolumeArgs.builder()
                    .iops(3000)
                    .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                    .sizeGib(10)
                    .volumeType("gp3")
                    .build())
                .securityGroupIds("sg-00000000000000000")
                .sshConfig(AwsClusterControlPlaneSshConfigArgs.builder()
                    .ec2KeyPair("my--1p-dev-ssh")
                    .build())
                .tags(Map.of("owner", "my@service-account.com"))
                .build())
            .fleet(AwsClusterFleetArgs.builder()
                .project("my-project-number")
                .build())
            .location("us-west1")
            .name("name")
            .networking(AwsClusterNetworkingArgs.builder()
                .podAddressCidrBlocks("10.2.0.0/16")
                .serviceAddressCidrBlocks("10.1.0.0/16")
                .vpcId("vpc-00000000000000000")
                .build())
            .annotations(Map.of("label-one", "value-one"))
            .description("A sample aws cluster")
            .project("my-project-name")
            .build());
    }
}
resources:
  primary:
    type: gcp:container:AwsCluster
    properties:
      authorization:
        adminUsers:
          - username: my@service-account.com
      awsRegion: my-aws-region
      controlPlane:
        awsServicesAuthentication:
          roleArn: arn:aws:iam::012345678910:role/my--1p-dev-oneplatform
          roleSessionName: my--1p-dev-session
        configEncryption:
          kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
        databaseEncryption:
          kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
        iamInstanceProfile: my--1p-dev-controlplane
        subnetIds:
          - subnet-00000000000000000
        version: ${versions.validVersions[0]}
        instanceType: t3.medium
        mainVolume:
          iops: 3000
          kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
          sizeGib: 10
          volumeType: gp3
        proxyConfig:
          secretArn: arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF
          secretVersion: 12345678-ABCD-EFGH-IJKL-987654321098
        rootVolume:
          iops: 3000
          kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
          sizeGib: 10
          volumeType: gp3
        securityGroupIds:
          - sg-00000000000000000
        sshConfig:
          ec2KeyPair: my--1p-dev-ssh
        tags:
          owner: my@service-account.com
      fleet:
        project: my-project-number
      location: us-west1
      name: name
      networking:
        podAddressCidrBlocks:
          - 10.2.0.0/16
        serviceAddressCidrBlocks:
          - 10.1.0.0/16
        vpcId: vpc-00000000000000000
      annotations:
        label-one: value-one
      description: A sample aws cluster
      project: my-project-name
variables:
  versions:
    fn::invoke:
      function: gcp:container:getAwsVersions
      arguments:
        project: my-project-name
        location: us-west1
Beta_basic_enum_aws_cluster
A basic example of a containeraws cluster with lowercase enums (beta)
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const versions = gcp.container.getAwsVersions({
    project: "my-project-name",
    location: "us-west1",
});
const primary = new gcp.container.AwsCluster("primary", {
    authorization: {
        adminUsers: [{
            username: "my@service-account.com",
        }],
    },
    awsRegion: "my-aws-region",
    controlPlane: {
        awsServicesAuthentication: {
            roleArn: "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
            roleSessionName: "my--1p-dev-session",
        },
        configEncryption: {
            kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
        },
        databaseEncryption: {
            kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
        },
        iamInstanceProfile: "my--1p-dev-controlplane",
        subnetIds: ["subnet-00000000000000000"],
        version: versions.then(versions => versions.validVersions?.[0]),
        instanceType: "t3.medium",
        mainVolume: {
            iops: 3000,
            kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            sizeGib: 10,
            volumeType: "gp3",
        },
        proxyConfig: {
            secretArn: "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
            secretVersion: "12345678-ABCD-EFGH-IJKL-987654321098",
        },
        rootVolume: {
            iops: 3000,
            kmsKeyArn: "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            sizeGib: 10,
            volumeType: "gp3",
        },
        securityGroupIds: ["sg-00000000000000000"],
        sshConfig: {
            ec2KeyPair: "my--1p-dev-ssh",
        },
        tags: {
            owner: "my@service-account.com",
        },
        instancePlacement: {
            tenancy: "dedicated",
        },
    },
    fleet: {
        project: "my-project-number",
    },
    location: "us-west1",
    name: "name",
    networking: {
        podAddressCidrBlocks: ["10.2.0.0/16"],
        serviceAddressCidrBlocks: ["10.1.0.0/16"],
        vpcId: "vpc-00000000000000000",
    },
    annotations: {
        "label-one": "value-one",
    },
    description: "A sample aws cluster",
    project: "my-project-name",
    loggingConfig: {
        componentConfig: {
            enableComponents: [
                "system_components",
                "workloads",
            ],
        },
    },
});
import pulumi
import pulumi_gcp as gcp
versions = gcp.container.get_aws_versions(project="my-project-name",
    location="us-west1")
primary = gcp.container.AwsCluster("primary",
    authorization={
        "admin_users": [{
            "username": "my@service-account.com",
        }],
    },
    aws_region="my-aws-region",
    control_plane={
        "aws_services_authentication": {
            "role_arn": "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
            "role_session_name": "my--1p-dev-session",
        },
        "config_encryption": {
            "kms_key_arn": "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
        },
        "database_encryption": {
            "kms_key_arn": "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
        },
        "iam_instance_profile": "my--1p-dev-controlplane",
        "subnet_ids": ["subnet-00000000000000000"],
        "version": versions.valid_versions[0],
        "instance_type": "t3.medium",
        "main_volume": {
            "iops": 3000,
            "kms_key_arn": "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            "size_gib": 10,
            "volume_type": "gp3",
        },
        "proxy_config": {
            "secret_arn": "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
            "secret_version": "12345678-ABCD-EFGH-IJKL-987654321098",
        },
        "root_volume": {
            "iops": 3000,
            "kms_key_arn": "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            "size_gib": 10,
            "volume_type": "gp3",
        },
        "security_group_ids": ["sg-00000000000000000"],
        "ssh_config": {
            "ec2_key_pair": "my--1p-dev-ssh",
        },
        "tags": {
            "owner": "my@service-account.com",
        },
        "instance_placement": {
            "tenancy": "dedicated",
        },
    },
    fleet={
        "project": "my-project-number",
    },
    location="us-west1",
    name="name",
    networking={
        "pod_address_cidr_blocks": ["10.2.0.0/16"],
        "service_address_cidr_blocks": ["10.1.0.0/16"],
        "vpc_id": "vpc-00000000000000000",
    },
    annotations={
        "label-one": "value-one",
    },
    description="A sample aws cluster",
    project="my-project-name",
    logging_config={
        "component_config": {
            "enable_components": [
                "system_components",
                "workloads",
            ],
        },
    })
package main
import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/container"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		versions, err := container.GetAwsVersions(ctx, &container.GetAwsVersionsArgs{
			Project:  pulumi.StringRef("my-project-name"),
			Location: pulumi.StringRef("us-west1"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = container.NewAwsCluster(ctx, "primary", &container.AwsClusterArgs{
			Authorization: &container.AwsClusterAuthorizationArgs{
				AdminUsers: container.AwsClusterAuthorizationAdminUserArray{
					&container.AwsClusterAuthorizationAdminUserArgs{
						Username: pulumi.String("my@service-account.com"),
					},
				},
			},
			AwsRegion: pulumi.String("my-aws-region"),
			ControlPlane: &container.AwsClusterControlPlaneArgs{
				AwsServicesAuthentication: &container.AwsClusterControlPlaneAwsServicesAuthenticationArgs{
					RoleArn:         pulumi.String("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform"),
					RoleSessionName: pulumi.String("my--1p-dev-session"),
				},
				ConfigEncryption: &container.AwsClusterControlPlaneConfigEncryptionArgs{
					KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
				},
				DatabaseEncryption: &container.AwsClusterControlPlaneDatabaseEncryptionArgs{
					KmsKeyArn: pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
				},
				IamInstanceProfile: pulumi.String("my--1p-dev-controlplane"),
				SubnetIds: pulumi.StringArray{
					pulumi.String("subnet-00000000000000000"),
				},
				Version:      pulumi.String(versions.ValidVersions[0]),
				InstanceType: pulumi.String("t3.medium"),
				MainVolume: &container.AwsClusterControlPlaneMainVolumeArgs{
					Iops:       pulumi.Int(3000),
					KmsKeyArn:  pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
					SizeGib:    pulumi.Int(10),
					VolumeType: pulumi.String("gp3"),
				},
				ProxyConfig: &container.AwsClusterControlPlaneProxyConfigArgs{
					SecretArn:     pulumi.String("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF"),
					SecretVersion: pulumi.String("12345678-ABCD-EFGH-IJKL-987654321098"),
				},
				RootVolume: &container.AwsClusterControlPlaneRootVolumeArgs{
					Iops:       pulumi.Int(3000),
					KmsKeyArn:  pulumi.String("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111"),
					SizeGib:    pulumi.Int(10),
					VolumeType: pulumi.String("gp3"),
				},
				SecurityGroupIds: pulumi.StringArray{
					pulumi.String("sg-00000000000000000"),
				},
				SshConfig: &container.AwsClusterControlPlaneSshConfigArgs{
					Ec2KeyPair: pulumi.String("my--1p-dev-ssh"),
				},
				Tags: pulumi.StringMap{
					"owner": pulumi.String("my@service-account.com"),
				},
				InstancePlacement: &container.AwsClusterControlPlaneInstancePlacementArgs{
					Tenancy: pulumi.String("dedicated"),
				},
			},
			Fleet: &container.AwsClusterFleetArgs{
				Project: pulumi.String("my-project-number"),
			},
			Location: pulumi.String("us-west1"),
			Name:     pulumi.String("name"),
			Networking: &container.AwsClusterNetworkingArgs{
				PodAddressCidrBlocks: pulumi.StringArray{
					pulumi.String("10.2.0.0/16"),
				},
				ServiceAddressCidrBlocks: pulumi.StringArray{
					pulumi.String("10.1.0.0/16"),
				},
				VpcId: pulumi.String("vpc-00000000000000000"),
			},
			Annotations: pulumi.StringMap{
				"label-one": pulumi.String("value-one"),
			},
			Description: pulumi.String("A sample aws cluster"),
			Project:     pulumi.String("my-project-name"),
			LoggingConfig: &container.AwsClusterLoggingConfigArgs{
				ComponentConfig: &container.AwsClusterLoggingConfigComponentConfigArgs{
					EnableComponents: pulumi.StringArray{
						pulumi.String("system_components"),
						pulumi.String("workloads"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() => 
{
    var versions = Gcp.Container.GetAwsVersions.Invoke(new()
    {
        Project = "my-project-name",
        Location = "us-west1",
    });
    var primary = new Gcp.Container.AwsCluster("primary", new()
    {
        Authorization = new Gcp.Container.Inputs.AwsClusterAuthorizationArgs
        {
            AdminUsers = new[]
            {
                new Gcp.Container.Inputs.AwsClusterAuthorizationAdminUserArgs
                {
                    Username = "my@service-account.com",
                },
            },
        },
        AwsRegion = "my-aws-region",
        ControlPlane = new Gcp.Container.Inputs.AwsClusterControlPlaneArgs
        {
            AwsServicesAuthentication = new Gcp.Container.Inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs
            {
                RoleArn = "arn:aws:iam::012345678910:role/my--1p-dev-oneplatform",
                RoleSessionName = "my--1p-dev-session",
            },
            ConfigEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneConfigEncryptionArgs
            {
                KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            },
            DatabaseEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneDatabaseEncryptionArgs
            {
                KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
            },
            IamInstanceProfile = "my--1p-dev-controlplane",
            SubnetIds = new[]
            {
                "subnet-00000000000000000",
            },
            Version = versions.Apply(getAwsVersionsResult => getAwsVersionsResult.ValidVersions[0]),
            InstanceType = "t3.medium",
            MainVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneMainVolumeArgs
            {
                Iops = 3000,
                KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                SizeGib = 10,
                VolumeType = "gp3",
            },
            ProxyConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneProxyConfigArgs
            {
                SecretArn = "arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF",
                SecretVersion = "12345678-ABCD-EFGH-IJKL-987654321098",
            },
            RootVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneRootVolumeArgs
            {
                Iops = 3000,
                KmsKeyArn = "arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111",
                SizeGib = 10,
                VolumeType = "gp3",
            },
            SecurityGroupIds = new[]
            {
                "sg-00000000000000000",
            },
            SshConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneSshConfigArgs
            {
                Ec2KeyPair = "my--1p-dev-ssh",
            },
            Tags = 
            {
                { "owner", "my@service-account.com" },
            },
            InstancePlacement = new Gcp.Container.Inputs.AwsClusterControlPlaneInstancePlacementArgs
            {
                Tenancy = "dedicated",
            },
        },
        Fleet = new Gcp.Container.Inputs.AwsClusterFleetArgs
        {
            Project = "my-project-number",
        },
        Location = "us-west1",
        Name = "name",
        Networking = new Gcp.Container.Inputs.AwsClusterNetworkingArgs
        {
            PodAddressCidrBlocks = new[]
            {
                "10.2.0.0/16",
            },
            ServiceAddressCidrBlocks = new[]
            {
                "10.1.0.0/16",
            },
            VpcId = "vpc-00000000000000000",
        },
        Annotations = 
        {
            { "label-one", "value-one" },
        },
        Description = "A sample aws cluster",
        Project = "my-project-name",
        LoggingConfig = new Gcp.Container.Inputs.AwsClusterLoggingConfigArgs
        {
            ComponentConfig = new Gcp.Container.Inputs.AwsClusterLoggingConfigComponentConfigArgs
            {
                EnableComponents = new[]
                {
                    "system_components",
                    "workloads",
                },
            },
        },
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.container.ContainerFunctions;
import com.pulumi.gcp.container.inputs.GetAwsVersionsArgs;
import com.pulumi.gcp.container.AwsCluster;
import com.pulumi.gcp.container.AwsClusterArgs;
import com.pulumi.gcp.container.inputs.AwsClusterAuthorizationArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneConfigEncryptionArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneDatabaseEncryptionArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneMainVolumeArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneProxyConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneRootVolumeArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneSshConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterControlPlaneInstancePlacementArgs;
import com.pulumi.gcp.container.inputs.AwsClusterFleetArgs;
import com.pulumi.gcp.container.inputs.AwsClusterNetworkingArgs;
import com.pulumi.gcp.container.inputs.AwsClusterLoggingConfigArgs;
import com.pulumi.gcp.container.inputs.AwsClusterLoggingConfigComponentConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var versions = ContainerFunctions.getAwsVersions(GetAwsVersionsArgs.builder()
            .project("my-project-name")
            .location("us-west1")
            .build());
        var primary = new AwsCluster("primary", AwsClusterArgs.builder()
            .authorization(AwsClusterAuthorizationArgs.builder()
                .adminUsers(AwsClusterAuthorizationAdminUserArgs.builder()
                    .username("my@service-account.com")
                    .build())
                .build())
            .awsRegion("my-aws-region")
            .controlPlane(AwsClusterControlPlaneArgs.builder()
                .awsServicesAuthentication(AwsClusterControlPlaneAwsServicesAuthenticationArgs.builder()
                    .roleArn("arn:aws:iam::012345678910:role/my--1p-dev-oneplatform")
                    .roleSessionName("my--1p-dev-session")
                    .build())
                .configEncryption(AwsClusterControlPlaneConfigEncryptionArgs.builder()
                    .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                    .build())
                .databaseEncryption(AwsClusterControlPlaneDatabaseEncryptionArgs.builder()
                    .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                    .build())
                .iamInstanceProfile("my--1p-dev-controlplane")
                .subnetIds("subnet-00000000000000000")
                .version(versions.validVersions()[0])
                .instanceType("t3.medium")
                .mainVolume(AwsClusterControlPlaneMainVolumeArgs.builder()
                    .iops(3000)
                    .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                    .sizeGib(10)
                    .volumeType("gp3")
                    .build())
                .proxyConfig(AwsClusterControlPlaneProxyConfigArgs.builder()
                    .secretArn("arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF")
                    .secretVersion("12345678-ABCD-EFGH-IJKL-987654321098")
                    .build())
                .rootVolume(AwsClusterControlPlaneRootVolumeArgs.builder()
                    .iops(3000)
                    .kmsKeyArn("arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111")
                    .sizeGib(10)
                    .volumeType("gp3")
                    .build())
                .securityGroupIds("sg-00000000000000000")
                .sshConfig(AwsClusterControlPlaneSshConfigArgs.builder()
                    .ec2KeyPair("my--1p-dev-ssh")
                    .build())
                .tags(Map.of("owner", "my@service-account.com"))
                .instancePlacement(AwsClusterControlPlaneInstancePlacementArgs.builder()
                    .tenancy("dedicated")
                    .build())
                .build())
            .fleet(AwsClusterFleetArgs.builder()
                .project("my-project-number")
                .build())
            .location("us-west1")
            .name("name")
            .networking(AwsClusterNetworkingArgs.builder()
                .podAddressCidrBlocks("10.2.0.0/16")
                .serviceAddressCidrBlocks("10.1.0.0/16")
                .vpcId("vpc-00000000000000000")
                .build())
            .annotations(Map.of("label-one", "value-one"))
            .description("A sample aws cluster")
            .project("my-project-name")
            .loggingConfig(AwsClusterLoggingConfigArgs.builder()
                .componentConfig(AwsClusterLoggingConfigComponentConfigArgs.builder()
                    .enableComponents(                    
                        "system_components",
                        "workloads")
                    .build())
                .build())
            .build());
    }
}
resources:
  primary:
    type: gcp:container:AwsCluster
    properties:
      authorization:
        adminUsers:
          - username: my@service-account.com
      awsRegion: my-aws-region
      controlPlane:
        awsServicesAuthentication:
          roleArn: arn:aws:iam::012345678910:role/my--1p-dev-oneplatform
          roleSessionName: my--1p-dev-session
        configEncryption:
          kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
        databaseEncryption:
          kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
        iamInstanceProfile: my--1p-dev-controlplane
        subnetIds:
          - subnet-00000000000000000
        version: ${versions.validVersions[0]}
        instanceType: t3.medium
        mainVolume:
          iops: 3000
          kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
          sizeGib: 10
          volumeType: gp3
        proxyConfig:
          secretArn: arn:aws:secretsmanager:us-west-2:126285863215:secret:proxy_config20210824150329476300000001-ABCDEF
          secretVersion: 12345678-ABCD-EFGH-IJKL-987654321098
        rootVolume:
          iops: 3000
          kmsKeyArn: arn:aws:kms:my-aws-region:012345678910:key/12345678-1234-1234-1234-123456789111
          sizeGib: 10
          volumeType: gp3
        securityGroupIds:
          - sg-00000000000000000
        sshConfig:
          ec2KeyPair: my--1p-dev-ssh
        tags:
          owner: my@service-account.com
        instancePlacement:
          tenancy: dedicated
      fleet:
        project: my-project-number
      location: us-west1
      name: name
      networking:
        podAddressCidrBlocks:
          - 10.2.0.0/16
        serviceAddressCidrBlocks:
          - 10.1.0.0/16
        vpcId: vpc-00000000000000000
      annotations:
        label-one: value-one
      description: A sample aws cluster
      project: my-project-name
      loggingConfig:
        componentConfig:
          enableComponents:
            - system_components
            - workloads
variables:
  versions:
    fn::invoke:
      function: gcp:container:getAwsVersions
      arguments:
        project: my-project-name
        location: us-west1
Create AwsCluster Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AwsCluster(name: string, args: AwsClusterArgs, opts?: CustomResourceOptions);@overload
def AwsCluster(resource_name: str,
               args: AwsClusterArgs,
               opts: Optional[ResourceOptions] = None)
@overload
def AwsCluster(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               authorization: Optional[AwsClusterAuthorizationArgs] = None,
               aws_region: Optional[str] = None,
               control_plane: Optional[AwsClusterControlPlaneArgs] = None,
               fleet: Optional[AwsClusterFleetArgs] = None,
               location: Optional[str] = None,
               networking: Optional[AwsClusterNetworkingArgs] = None,
               annotations: Optional[Mapping[str, str]] = None,
               binary_authorization: Optional[AwsClusterBinaryAuthorizationArgs] = None,
               description: Optional[str] = None,
               logging_config: Optional[AwsClusterLoggingConfigArgs] = None,
               name: Optional[str] = None,
               project: Optional[str] = None)func NewAwsCluster(ctx *Context, name string, args AwsClusterArgs, opts ...ResourceOption) (*AwsCluster, error)public AwsCluster(string name, AwsClusterArgs args, CustomResourceOptions? opts = null)
public AwsCluster(String name, AwsClusterArgs args)
public AwsCluster(String name, AwsClusterArgs args, CustomResourceOptions options)
type: gcp:container:AwsCluster
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AwsClusterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AwsClusterArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AwsClusterArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AwsClusterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AwsClusterArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var awsClusterResource = new Gcp.Container.AwsCluster("awsClusterResource", new()
{
    Authorization = new Gcp.Container.Inputs.AwsClusterAuthorizationArgs
    {
        AdminUsers = new[]
        {
            new Gcp.Container.Inputs.AwsClusterAuthorizationAdminUserArgs
            {
                Username = "string",
            },
        },
        AdminGroups = new[]
        {
            new Gcp.Container.Inputs.AwsClusterAuthorizationAdminGroupArgs
            {
                Group = "string",
            },
        },
    },
    AwsRegion = "string",
    ControlPlane = new Gcp.Container.Inputs.AwsClusterControlPlaneArgs
    {
        AwsServicesAuthentication = new Gcp.Container.Inputs.AwsClusterControlPlaneAwsServicesAuthenticationArgs
        {
            RoleArn = "string",
            RoleSessionName = "string",
        },
        ConfigEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneConfigEncryptionArgs
        {
            KmsKeyArn = "string",
        },
        DatabaseEncryption = new Gcp.Container.Inputs.AwsClusterControlPlaneDatabaseEncryptionArgs
        {
            KmsKeyArn = "string",
        },
        IamInstanceProfile = "string",
        Version = "string",
        SubnetIds = new[]
        {
            "string",
        },
        MainVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneMainVolumeArgs
        {
            Iops = 0,
            KmsKeyArn = "string",
            SizeGib = 0,
            Throughput = 0,
            VolumeType = "string",
        },
        ProxyConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneProxyConfigArgs
        {
            SecretArn = "string",
            SecretVersion = "string",
        },
        RootVolume = new Gcp.Container.Inputs.AwsClusterControlPlaneRootVolumeArgs
        {
            Iops = 0,
            KmsKeyArn = "string",
            SizeGib = 0,
            Throughput = 0,
            VolumeType = "string",
        },
        SecurityGroupIds = new[]
        {
            "string",
        },
        SshConfig = new Gcp.Container.Inputs.AwsClusterControlPlaneSshConfigArgs
        {
            Ec2KeyPair = "string",
        },
        InstanceType = "string",
        Tags = 
        {
            { "string", "string" },
        },
        InstancePlacement = new Gcp.Container.Inputs.AwsClusterControlPlaneInstancePlacementArgs
        {
            Tenancy = "string",
        },
    },
    Fleet = new Gcp.Container.Inputs.AwsClusterFleetArgs
    {
        Membership = "string",
        Project = "string",
    },
    Location = "string",
    Networking = new Gcp.Container.Inputs.AwsClusterNetworkingArgs
    {
        PodAddressCidrBlocks = new[]
        {
            "string",
        },
        ServiceAddressCidrBlocks = new[]
        {
            "string",
        },
        VpcId = "string",
        PerNodePoolSgRulesDisabled = false,
    },
    Annotations = 
    {
        { "string", "string" },
    },
    BinaryAuthorization = new Gcp.Container.Inputs.AwsClusterBinaryAuthorizationArgs
    {
        EvaluationMode = "string",
    },
    Description = "string",
    LoggingConfig = new Gcp.Container.Inputs.AwsClusterLoggingConfigArgs
    {
        ComponentConfig = new Gcp.Container.Inputs.AwsClusterLoggingConfigComponentConfigArgs
        {
            EnableComponents = new[]
            {
                "string",
            },
        },
    },
    Name = "string",
    Project = "string",
});
example, err := container.NewAwsCluster(ctx, "awsClusterResource", &container.AwsClusterArgs{
	Authorization: &container.AwsClusterAuthorizationArgs{
		AdminUsers: container.AwsClusterAuthorizationAdminUserArray{
			&container.AwsClusterAuthorizationAdminUserArgs{
				Username: pulumi.String("string"),
			},
		},
		AdminGroups: container.AwsClusterAuthorizationAdminGroupArray{
			&container.AwsClusterAuthorizationAdminGroupArgs{
				Group: pulumi.String("string"),
			},
		},
	},
	AwsRegion: pulumi.String("string"),
	ControlPlane: &container.AwsClusterControlPlaneArgs{
		AwsServicesAuthentication: &container.AwsClusterControlPlaneAwsServicesAuthenticationArgs{
			RoleArn:         pulumi.String("string"),
			RoleSessionName: pulumi.String("string"),
		},
		ConfigEncryption: &container.AwsClusterControlPlaneConfigEncryptionArgs{
			KmsKeyArn: pulumi.String("string"),
		},
		DatabaseEncryption: &container.AwsClusterControlPlaneDatabaseEncryptionArgs{
			KmsKeyArn: pulumi.String("string"),
		},
		IamInstanceProfile: pulumi.String("string"),
		Version:            pulumi.String("string"),
		SubnetIds: pulumi.StringArray{
			pulumi.String("string"),
		},
		MainVolume: &container.AwsClusterControlPlaneMainVolumeArgs{
			Iops:       pulumi.Int(0),
			KmsKeyArn:  pulumi.String("string"),
			SizeGib:    pulumi.Int(0),
			Throughput: pulumi.Int(0),
			VolumeType: pulumi.String("string"),
		},
		ProxyConfig: &container.AwsClusterControlPlaneProxyConfigArgs{
			SecretArn:     pulumi.String("string"),
			SecretVersion: pulumi.String("string"),
		},
		RootVolume: &container.AwsClusterControlPlaneRootVolumeArgs{
			Iops:       pulumi.Int(0),
			KmsKeyArn:  pulumi.String("string"),
			SizeGib:    pulumi.Int(0),
			Throughput: pulumi.Int(0),
			VolumeType: pulumi.String("string"),
		},
		SecurityGroupIds: pulumi.StringArray{
			pulumi.String("string"),
		},
		SshConfig: &container.AwsClusterControlPlaneSshConfigArgs{
			Ec2KeyPair: pulumi.String("string"),
		},
		InstanceType: pulumi.String("string"),
		Tags: pulumi.StringMap{
			"string": pulumi.String("string"),
		},
		InstancePlacement: &container.AwsClusterControlPlaneInstancePlacementArgs{
			Tenancy: pulumi.String("string"),
		},
	},
	Fleet: &container.AwsClusterFleetArgs{
		Membership: pulumi.String("string"),
		Project:    pulumi.String("string"),
	},
	Location: pulumi.String("string"),
	Networking: &container.AwsClusterNetworkingArgs{
		PodAddressCidrBlocks: pulumi.StringArray{
			pulumi.String("string"),
		},
		ServiceAddressCidrBlocks: pulumi.StringArray{
			pulumi.String("string"),
		},
		VpcId:                      pulumi.String("string"),
		PerNodePoolSgRulesDisabled: pulumi.Bool(false),
	},
	Annotations: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	BinaryAuthorization: &container.AwsClusterBinaryAuthorizationArgs{
		EvaluationMode: pulumi.String("string"),
	},
	Description: pulumi.String("string"),
	LoggingConfig: &container.AwsClusterLoggingConfigArgs{
		ComponentConfig: &container.AwsClusterLoggingConfigComponentConfigArgs{
			EnableComponents: pulumi.StringArray{
				pulumi.String("string"),
			},
		},
	},
	Name:    pulumi.String("string"),
	Project: pulumi.String("string"),
})
var awsClusterResource = new AwsCluster("awsClusterResource", AwsClusterArgs.builder()
    .authorization(AwsClusterAuthorizationArgs.builder()
        .adminUsers(AwsClusterAuthorizationAdminUserArgs.builder()
            .username("string")
            .build())
        .adminGroups(AwsClusterAuthorizationAdminGroupArgs.builder()
            .group("string")
            .build())
        .build())
    .awsRegion("string")
    .controlPlane(AwsClusterControlPlaneArgs.builder()
        .awsServicesAuthentication(AwsClusterControlPlaneAwsServicesAuthenticationArgs.builder()
            .roleArn("string")
            .roleSessionName("string")
            .build())
        .configEncryption(AwsClusterControlPlaneConfigEncryptionArgs.builder()
            .kmsKeyArn("string")
            .build())
        .databaseEncryption(AwsClusterControlPlaneDatabaseEncryptionArgs.builder()
            .kmsKeyArn("string")
            .build())
        .iamInstanceProfile("string")
        .version("string")
        .subnetIds("string")
        .mainVolume(AwsClusterControlPlaneMainVolumeArgs.builder()
            .iops(0)
            .kmsKeyArn("string")
            .sizeGib(0)
            .throughput(0)
            .volumeType("string")
            .build())
        .proxyConfig(AwsClusterControlPlaneProxyConfigArgs.builder()
            .secretArn("string")
            .secretVersion("string")
            .build())
        .rootVolume(AwsClusterControlPlaneRootVolumeArgs.builder()
            .iops(0)
            .kmsKeyArn("string")
            .sizeGib(0)
            .throughput(0)
            .volumeType("string")
            .build())
        .securityGroupIds("string")
        .sshConfig(AwsClusterControlPlaneSshConfigArgs.builder()
            .ec2KeyPair("string")
            .build())
        .instanceType("string")
        .tags(Map.of("string", "string"))
        .instancePlacement(AwsClusterControlPlaneInstancePlacementArgs.builder()
            .tenancy("string")
            .build())
        .build())
    .fleet(AwsClusterFleetArgs.builder()
        .membership("string")
        .project("string")
        .build())
    .location("string")
    .networking(AwsClusterNetworkingArgs.builder()
        .podAddressCidrBlocks("string")
        .serviceAddressCidrBlocks("string")
        .vpcId("string")
        .perNodePoolSgRulesDisabled(false)
        .build())
    .annotations(Map.of("string", "string"))
    .binaryAuthorization(AwsClusterBinaryAuthorizationArgs.builder()
        .evaluationMode("string")
        .build())
    .description("string")
    .loggingConfig(AwsClusterLoggingConfigArgs.builder()
        .componentConfig(AwsClusterLoggingConfigComponentConfigArgs.builder()
            .enableComponents("string")
            .build())
        .build())
    .name("string")
    .project("string")
    .build());
aws_cluster_resource = gcp.container.AwsCluster("awsClusterResource",
    authorization={
        "admin_users": [{
            "username": "string",
        }],
        "admin_groups": [{
            "group": "string",
        }],
    },
    aws_region="string",
    control_plane={
        "aws_services_authentication": {
            "role_arn": "string",
            "role_session_name": "string",
        },
        "config_encryption": {
            "kms_key_arn": "string",
        },
        "database_encryption": {
            "kms_key_arn": "string",
        },
        "iam_instance_profile": "string",
        "version": "string",
        "subnet_ids": ["string"],
        "main_volume": {
            "iops": 0,
            "kms_key_arn": "string",
            "size_gib": 0,
            "throughput": 0,
            "volume_type": "string",
        },
        "proxy_config": {
            "secret_arn": "string",
            "secret_version": "string",
        },
        "root_volume": {
            "iops": 0,
            "kms_key_arn": "string",
            "size_gib": 0,
            "throughput": 0,
            "volume_type": "string",
        },
        "security_group_ids": ["string"],
        "ssh_config": {
            "ec2_key_pair": "string",
        },
        "instance_type": "string",
        "tags": {
            "string": "string",
        },
        "instance_placement": {
            "tenancy": "string",
        },
    },
    fleet={
        "membership": "string",
        "project": "string",
    },
    location="string",
    networking={
        "pod_address_cidr_blocks": ["string"],
        "service_address_cidr_blocks": ["string"],
        "vpc_id": "string",
        "per_node_pool_sg_rules_disabled": False,
    },
    annotations={
        "string": "string",
    },
    binary_authorization={
        "evaluation_mode": "string",
    },
    description="string",
    logging_config={
        "component_config": {
            "enable_components": ["string"],
        },
    },
    name="string",
    project="string")
const awsClusterResource = new gcp.container.AwsCluster("awsClusterResource", {
    authorization: {
        adminUsers: [{
            username: "string",
        }],
        adminGroups: [{
            group: "string",
        }],
    },
    awsRegion: "string",
    controlPlane: {
        awsServicesAuthentication: {
            roleArn: "string",
            roleSessionName: "string",
        },
        configEncryption: {
            kmsKeyArn: "string",
        },
        databaseEncryption: {
            kmsKeyArn: "string",
        },
        iamInstanceProfile: "string",
        version: "string",
        subnetIds: ["string"],
        mainVolume: {
            iops: 0,
            kmsKeyArn: "string",
            sizeGib: 0,
            throughput: 0,
            volumeType: "string",
        },
        proxyConfig: {
            secretArn: "string",
            secretVersion: "string",
        },
        rootVolume: {
            iops: 0,
            kmsKeyArn: "string",
            sizeGib: 0,
            throughput: 0,
            volumeType: "string",
        },
        securityGroupIds: ["string"],
        sshConfig: {
            ec2KeyPair: "string",
        },
        instanceType: "string",
        tags: {
            string: "string",
        },
        instancePlacement: {
            tenancy: "string",
        },
    },
    fleet: {
        membership: "string",
        project: "string",
    },
    location: "string",
    networking: {
        podAddressCidrBlocks: ["string"],
        serviceAddressCidrBlocks: ["string"],
        vpcId: "string",
        perNodePoolSgRulesDisabled: false,
    },
    annotations: {
        string: "string",
    },
    binaryAuthorization: {
        evaluationMode: "string",
    },
    description: "string",
    loggingConfig: {
        componentConfig: {
            enableComponents: ["string"],
        },
    },
    name: "string",
    project: "string",
});
type: gcp:container:AwsCluster
properties:
    annotations:
        string: string
    authorization:
        adminGroups:
            - group: string
        adminUsers:
            - username: string
    awsRegion: string
    binaryAuthorization:
        evaluationMode: string
    controlPlane:
        awsServicesAuthentication:
            roleArn: string
            roleSessionName: string
        configEncryption:
            kmsKeyArn: string
        databaseEncryption:
            kmsKeyArn: string
        iamInstanceProfile: string
        instancePlacement:
            tenancy: string
        instanceType: string
        mainVolume:
            iops: 0
            kmsKeyArn: string
            sizeGib: 0
            throughput: 0
            volumeType: string
        proxyConfig:
            secretArn: string
            secretVersion: string
        rootVolume:
            iops: 0
            kmsKeyArn: string
            sizeGib: 0
            throughput: 0
            volumeType: string
        securityGroupIds:
            - string
        sshConfig:
            ec2KeyPair: string
        subnetIds:
            - string
        tags:
            string: string
        version: string
    description: string
    fleet:
        membership: string
        project: string
    location: string
    loggingConfig:
        componentConfig:
            enableComponents:
                - string
    name: string
    networking:
        perNodePoolSgRulesDisabled: false
        podAddressCidrBlocks:
            - string
        serviceAddressCidrBlocks:
            - string
        vpcId: string
    project: string
AwsCluster Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AwsCluster resource accepts the following input properties:
- 
AwsCluster Authorization 
- Configuration related to the cluster RBAC settings.
- AwsRegion string
- The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- ControlPlane AwsCluster Control Plane 
- Configuration related to the cluster control plane.
- Fleet
AwsCluster Fleet 
- Fleet configuration.
- Location string
- The location for the resource
- Networking
AwsCluster Networking 
- Cluster-wide networking configuration.
- Annotations Dictionary<string, string>
- Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of
all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required),
separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with
alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. Note: This field is
non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field
effective_annotationsfor all of the annotations present on the resource.
- 
AwsCluster Binary Authorization 
- Configuration options for the Binary Authorization feature.
- Description string
- Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- LoggingConfig AwsCluster Logging Config 
- Logging configuration.
- Name string
- The name of this resource.
- Project string
- The project for the resource
- 
AwsCluster Authorization Args 
- Configuration related to the cluster RBAC settings.
- AwsRegion string
- The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- ControlPlane AwsCluster Control Plane Args 
- Configuration related to the cluster control plane.
- Fleet
AwsCluster Fleet Args 
- Fleet configuration.
- Location string
- The location for the resource
- Networking
AwsCluster Networking Args 
- Cluster-wide networking configuration.
- Annotations map[string]string
- Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of
all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required),
separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with
alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. Note: This field is
non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field
effective_annotationsfor all of the annotations present on the resource.
- 
AwsCluster Binary Authorization Args 
- Configuration options for the Binary Authorization feature.
- Description string
- Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- LoggingConfig AwsCluster Logging Config Args 
- Logging configuration.
- Name string
- The name of this resource.
- Project string
- The project for the resource
- 
AwsCluster Authorization 
- Configuration related to the cluster RBAC settings.
- awsRegion String
- The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- controlPlane AwsCluster Control Plane 
- Configuration related to the cluster control plane.
- fleet
AwsCluster Fleet 
- Fleet configuration.
- location String
- The location for the resource
- networking
AwsCluster Networking 
- Cluster-wide networking configuration.
- annotations Map<String,String>
- Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of
all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required),
separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with
alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. Note: This field is
non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field
effective_annotationsfor all of the annotations present on the resource.
- 
AwsCluster Binary Authorization 
- Configuration options for the Binary Authorization feature.
- description String
- Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- loggingConfig AwsCluster Logging Config 
- Logging configuration.
- name String
- The name of this resource.
- project String
- The project for the resource
- 
AwsCluster Authorization 
- Configuration related to the cluster RBAC settings.
- awsRegion string
- The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- controlPlane AwsCluster Control Plane 
- Configuration related to the cluster control plane.
- fleet
AwsCluster Fleet 
- Fleet configuration.
- location string
- The location for the resource
- networking
AwsCluster Networking 
- Cluster-wide networking configuration.
- annotations {[key: string]: string}
- Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of
all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required),
separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with
alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. Note: This field is
non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field
effective_annotationsfor all of the annotations present on the resource.
- 
AwsCluster Binary Authorization 
- Configuration options for the Binary Authorization feature.
- description string
- Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- loggingConfig AwsCluster Logging Config 
- Logging configuration.
- name string
- The name of this resource.
- project string
- The project for the resource
- 
AwsCluster Authorization Args 
- Configuration related to the cluster RBAC settings.
- aws_region str
- The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- control_plane AwsCluster Control Plane Args 
- Configuration related to the cluster control plane.
- fleet
AwsCluster Fleet Args 
- Fleet configuration.
- location str
- The location for the resource
- networking
AwsCluster Networking Args 
- Cluster-wide networking configuration.
- annotations Mapping[str, str]
- Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of
all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required),
separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with
alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. Note: This field is
non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field
effective_annotationsfor all of the annotations present on the resource.
- 
AwsCluster Binary Authorization Args 
- Configuration options for the Binary Authorization feature.
- description str
- Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- logging_config AwsCluster Logging Config Args 
- Logging configuration.
- name str
- The name of this resource.
- project str
- The project for the resource
- Property Map
- Configuration related to the cluster RBAC settings.
- awsRegion String
- The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- controlPlane Property Map
- Configuration related to the cluster control plane.
- fleet Property Map
- Fleet configuration.
- location String
- The location for the resource
- networking Property Map
- Cluster-wide networking configuration.
- annotations Map<String>
- Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of
all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required),
separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with
alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. Note: This field is
non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field
effective_annotationsfor all of the annotations present on the resource.
- Property Map
- Configuration options for the Binary Authorization feature.
- description String
- Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- loggingConfig Property Map
- Logging configuration.
- name String
- The name of this resource.
- project String
- The project for the resource
Outputs
All input properties are implicitly available as output properties. Additionally, the AwsCluster resource produces the following output properties:
- CreateTime string
- Output only. The time at which this cluster was created.
- EffectiveAnnotations Dictionary<string, string>
- Endpoint string
- Output only. The endpoint of the cluster's API server.
- Etag string
- Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Id string
- The provider-assigned unique ID for this managed resource.
- Reconciling bool
- Output only. If set, there are currently changes in flight to the cluster.
- State string
- Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- Uid string
- Output only. A globally unique identifier for the cluster.
- UpdateTime string
- Output only. The time at which this cluster was last updated.
- WorkloadIdentity List<AwsConfigs Cluster Workload Identity Config> 
- Output only. Workload Identity settings.
- CreateTime string
- Output only. The time at which this cluster was created.
- EffectiveAnnotations map[string]string
- Endpoint string
- Output only. The endpoint of the cluster's API server.
- Etag string
- Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Id string
- The provider-assigned unique ID for this managed resource.
- Reconciling bool
- Output only. If set, there are currently changes in flight to the cluster.
- State string
- Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- Uid string
- Output only. A globally unique identifier for the cluster.
- UpdateTime string
- Output only. The time at which this cluster was last updated.
- WorkloadIdentity []AwsConfigs Cluster Workload Identity Config 
- Output only. Workload Identity settings.
- createTime String
- Output only. The time at which this cluster was created.
- effectiveAnnotations Map<String,String>
- endpoint String
- Output only. The endpoint of the cluster's API server.
- etag String
- Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id String
- The provider-assigned unique ID for this managed resource.
- reconciling Boolean
- Output only. If set, there are currently changes in flight to the cluster.
- state String
- Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid String
- Output only. A globally unique identifier for the cluster.
- updateTime String
- Output only. The time at which this cluster was last updated.
- workloadIdentity List<AwsConfigs Cluster Workload Identity Config> 
- Output only. Workload Identity settings.
- createTime string
- Output only. The time at which this cluster was created.
- effectiveAnnotations {[key: string]: string}
- endpoint string
- Output only. The endpoint of the cluster's API server.
- etag string
- Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id string
- The provider-assigned unique ID for this managed resource.
- reconciling boolean
- Output only. If set, there are currently changes in flight to the cluster.
- state string
- Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid string
- Output only. A globally unique identifier for the cluster.
- updateTime string
- Output only. The time at which this cluster was last updated.
- workloadIdentity AwsConfigs Cluster Workload Identity Config[] 
- Output only. Workload Identity settings.
- create_time str
- Output only. The time at which this cluster was created.
- effective_annotations Mapping[str, str]
- endpoint str
- Output only. The endpoint of the cluster's API server.
- etag str
- Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id str
- The provider-assigned unique ID for this managed resource.
- reconciling bool
- Output only. If set, there are currently changes in flight to the cluster.
- state str
- Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid str
- Output only. A globally unique identifier for the cluster.
- update_time str
- Output only. The time at which this cluster was last updated.
- workload_identity_ Sequence[Awsconfigs Cluster Workload Identity Config] 
- Output only. Workload Identity settings.
- createTime String
- Output only. The time at which this cluster was created.
- effectiveAnnotations Map<String>
- endpoint String
- Output only. The endpoint of the cluster's API server.
- etag String
- Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id String
- The provider-assigned unique ID for this managed resource.
- reconciling Boolean
- Output only. If set, there are currently changes in flight to the cluster.
- state String
- Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid String
- Output only. A globally unique identifier for the cluster.
- updateTime String
- Output only. The time at which this cluster was last updated.
- workloadIdentity List<Property Map>Configs 
- Output only. Workload Identity settings.
Look up Existing AwsCluster Resource
Get an existing AwsCluster resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AwsClusterState, opts?: CustomResourceOptions): AwsCluster@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        annotations: Optional[Mapping[str, str]] = None,
        authorization: Optional[AwsClusterAuthorizationArgs] = None,
        aws_region: Optional[str] = None,
        binary_authorization: Optional[AwsClusterBinaryAuthorizationArgs] = None,
        control_plane: Optional[AwsClusterControlPlaneArgs] = None,
        create_time: Optional[str] = None,
        description: Optional[str] = None,
        effective_annotations: Optional[Mapping[str, str]] = None,
        endpoint: Optional[str] = None,
        etag: Optional[str] = None,
        fleet: Optional[AwsClusterFleetArgs] = None,
        location: Optional[str] = None,
        logging_config: Optional[AwsClusterLoggingConfigArgs] = None,
        name: Optional[str] = None,
        networking: Optional[AwsClusterNetworkingArgs] = None,
        project: Optional[str] = None,
        reconciling: Optional[bool] = None,
        state: Optional[str] = None,
        uid: Optional[str] = None,
        update_time: Optional[str] = None,
        workload_identity_configs: Optional[Sequence[AwsClusterWorkloadIdentityConfigArgs]] = None) -> AwsClusterfunc GetAwsCluster(ctx *Context, name string, id IDInput, state *AwsClusterState, opts ...ResourceOption) (*AwsCluster, error)public static AwsCluster Get(string name, Input<string> id, AwsClusterState? state, CustomResourceOptions? opts = null)public static AwsCluster get(String name, Output<String> id, AwsClusterState state, CustomResourceOptions options)resources:  _:    type: gcp:container:AwsCluster    get:      id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Annotations Dictionary<string, string>
- Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of
all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required),
separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with
alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. Note: This field is
non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field
effective_annotationsfor all of the annotations present on the resource.
- 
AwsCluster Authorization 
- Configuration related to the cluster RBAC settings.
- AwsRegion string
- The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- 
AwsCluster Binary Authorization 
- Configuration options for the Binary Authorization feature.
- ControlPlane AwsCluster Control Plane 
- Configuration related to the cluster control plane.
- CreateTime string
- Output only. The time at which this cluster was created.
- Description string
- Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- EffectiveAnnotations Dictionary<string, string>
- Endpoint string
- Output only. The endpoint of the cluster's API server.
- Etag string
- Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Fleet
AwsCluster Fleet 
- Fleet configuration.
- Location string
- The location for the resource
- LoggingConfig AwsCluster Logging Config 
- Logging configuration.
- Name string
- The name of this resource.
- Networking
AwsCluster Networking 
- Cluster-wide networking configuration.
- Project string
- The project for the resource
- Reconciling bool
- Output only. If set, there are currently changes in flight to the cluster.
- State string
- Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- Uid string
- Output only. A globally unique identifier for the cluster.
- UpdateTime string
- Output only. The time at which this cluster was last updated.
- WorkloadIdentity List<AwsConfigs Cluster Workload Identity Config> 
- Output only. Workload Identity settings.
- Annotations map[string]string
- Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of
all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required),
separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with
alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. Note: This field is
non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field
effective_annotationsfor all of the annotations present on the resource.
- 
AwsCluster Authorization Args 
- Configuration related to the cluster RBAC settings.
- AwsRegion string
- The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- 
AwsCluster Binary Authorization Args 
- Configuration options for the Binary Authorization feature.
- ControlPlane AwsCluster Control Plane Args 
- Configuration related to the cluster control plane.
- CreateTime string
- Output only. The time at which this cluster was created.
- Description string
- Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- EffectiveAnnotations map[string]string
- Endpoint string
- Output only. The endpoint of the cluster's API server.
- Etag string
- Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Fleet
AwsCluster Fleet Args 
- Fleet configuration.
- Location string
- The location for the resource
- LoggingConfig AwsCluster Logging Config Args 
- Logging configuration.
- Name string
- The name of this resource.
- Networking
AwsCluster Networking Args 
- Cluster-wide networking configuration.
- Project string
- The project for the resource
- Reconciling bool
- Output only. If set, there are currently changes in flight to the cluster.
- State string
- Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- Uid string
- Output only. A globally unique identifier for the cluster.
- UpdateTime string
- Output only. The time at which this cluster was last updated.
- WorkloadIdentity []AwsConfigs Cluster Workload Identity Config Args 
- Output only. Workload Identity settings.
- annotations Map<String,String>
- Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of
all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required),
separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with
alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. Note: This field is
non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field
effective_annotationsfor all of the annotations present on the resource.
- 
AwsCluster Authorization 
- Configuration related to the cluster RBAC settings.
- awsRegion String
- The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- 
AwsCluster Binary Authorization 
- Configuration options for the Binary Authorization feature.
- controlPlane AwsCluster Control Plane 
- Configuration related to the cluster control plane.
- createTime String
- Output only. The time at which this cluster was created.
- description String
- Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- effectiveAnnotations Map<String,String>
- endpoint String
- Output only. The endpoint of the cluster's API server.
- etag String
- Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- fleet
AwsCluster Fleet 
- Fleet configuration.
- location String
- The location for the resource
- loggingConfig AwsCluster Logging Config 
- Logging configuration.
- name String
- The name of this resource.
- networking
AwsCluster Networking 
- Cluster-wide networking configuration.
- project String
- The project for the resource
- reconciling Boolean
- Output only. If set, there are currently changes in flight to the cluster.
- state String
- Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid String
- Output only. A globally unique identifier for the cluster.
- updateTime String
- Output only. The time at which this cluster was last updated.
- workloadIdentity List<AwsConfigs Cluster Workload Identity Config> 
- Output only. Workload Identity settings.
- annotations {[key: string]: string}
- Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of
all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required),
separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with
alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. Note: This field is
non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field
effective_annotationsfor all of the annotations present on the resource.
- 
AwsCluster Authorization 
- Configuration related to the cluster RBAC settings.
- awsRegion string
- The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- 
AwsCluster Binary Authorization 
- Configuration options for the Binary Authorization feature.
- controlPlane AwsCluster Control Plane 
- Configuration related to the cluster control plane.
- createTime string
- Output only. The time at which this cluster was created.
- description string
- Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- effectiveAnnotations {[key: string]: string}
- endpoint string
- Output only. The endpoint of the cluster's API server.
- etag string
- Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- fleet
AwsCluster Fleet 
- Fleet configuration.
- location string
- The location for the resource
- loggingConfig AwsCluster Logging Config 
- Logging configuration.
- name string
- The name of this resource.
- networking
AwsCluster Networking 
- Cluster-wide networking configuration.
- project string
- The project for the resource
- reconciling boolean
- Output only. If set, there are currently changes in flight to the cluster.
- state string
- Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid string
- Output only. A globally unique identifier for the cluster.
- updateTime string
- Output only. The time at which this cluster was last updated.
- workloadIdentity AwsConfigs Cluster Workload Identity Config[] 
- Output only. Workload Identity settings.
- annotations Mapping[str, str]
- Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of
all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required),
separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with
alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. Note: This field is
non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field
effective_annotationsfor all of the annotations present on the resource.
- 
AwsCluster Authorization Args 
- Configuration related to the cluster RBAC settings.
- aws_region str
- The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- 
AwsCluster Binary Authorization Args 
- Configuration options for the Binary Authorization feature.
- control_plane AwsCluster Control Plane Args 
- Configuration related to the cluster control plane.
- create_time str
- Output only. The time at which this cluster was created.
- description str
- Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- effective_annotations Mapping[str, str]
- endpoint str
- Output only. The endpoint of the cluster's API server.
- etag str
- Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- fleet
AwsCluster Fleet Args 
- Fleet configuration.
- location str
- The location for the resource
- logging_config AwsCluster Logging Config Args 
- Logging configuration.
- name str
- The name of this resource.
- networking
AwsCluster Networking Args 
- Cluster-wide networking configuration.
- project str
- The project for the resource
- reconciling bool
- Output only. If set, there are currently changes in flight to the cluster.
- state str
- Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid str
- Output only. A globally unique identifier for the cluster.
- update_time str
- Output only. The time at which this cluster was last updated.
- workload_identity_ Sequence[Awsconfigs Cluster Workload Identity Config Args] 
- Output only. Workload Identity settings.
- annotations Map<String>
- Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of
all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required),
separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with
alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. Note: This field is
non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field
effective_annotationsfor all of the annotations present on the resource.
- Property Map
- Configuration related to the cluster RBAC settings.
- awsRegion String
- The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region.
- Property Map
- Configuration options for the Binary Authorization feature.
- controlPlane Property Map
- Configuration related to the cluster control plane.
- createTime String
- Output only. The time at which this cluster was created.
- description String
- Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.
- effectiveAnnotations Map<String>
- endpoint String
- Output only. The endpoint of the cluster's API server.
- etag String
- Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- fleet Property Map
- Fleet configuration.
- location String
- The location for the resource
- loggingConfig Property Map
- Logging configuration.
- name String
- The name of this resource.
- networking Property Map
- Cluster-wide networking configuration.
- project String
- The project for the resource
- reconciling Boolean
- Output only. If set, there are currently changes in flight to the cluster.
- state String
- Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED
- uid String
- Output only. A globally unique identifier for the cluster.
- updateTime String
- Output only. The time at which this cluster was last updated.
- workloadIdentity List<Property Map>Configs 
- Output only. Workload Identity settings.
Supporting Types
AwsClusterAuthorization, AwsClusterAuthorizationArgs      
- AdminUsers List<AwsCluster Authorization Admin User> 
- Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-adminClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- AdminGroups List<AwsCluster Authorization Admin Group> 
- Groups of users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-adminClusterRole to the groups. Up to ten admin groups can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- AdminUsers []AwsCluster Authorization Admin User 
- Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-adminClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- AdminGroups []AwsCluster Authorization Admin Group 
- Groups of users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-adminClusterRole to the groups. Up to ten admin groups can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- adminUsers List<AwsCluster Authorization Admin User> 
- Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-adminClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- adminGroups List<AwsCluster Authorization Admin Group> 
- Groups of users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-adminClusterRole to the groups. Up to ten admin groups can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- adminUsers AwsCluster Authorization Admin User[] 
- Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-adminClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- adminGroups AwsCluster Authorization Admin Group[] 
- Groups of users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-adminClusterRole to the groups. Up to ten admin groups can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- admin_users Sequence[AwsCluster Authorization Admin User] 
- Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-adminClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- admin_groups Sequence[AwsCluster Authorization Admin Group] 
- Groups of users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-adminClusterRole to the groups. Up to ten admin groups can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- adminUsers List<Property Map>
- Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-adminClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
- adminGroups List<Property Map>
- Groups of users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-adminClusterRole to the groups. Up to ten admin groups can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
AwsClusterAuthorizationAdminGroup, AwsClusterAuthorizationAdminGroupArgs          
- Group string
- The name of the group, e.g. my-group@domain.com.
- Group string
- The name of the group, e.g. my-group@domain.com.
- group String
- The name of the group, e.g. my-group@domain.com.
- group string
- The name of the group, e.g. my-group@domain.com.
- group str
- The name of the group, e.g. my-group@domain.com.
- group String
- The name of the group, e.g. my-group@domain.com.
AwsClusterAuthorizationAdminUser, AwsClusterAuthorizationAdminUserArgs          
- Username string
- The name of the user, e.g. my-gcp-id@gmail.com.
- Username string
- The name of the user, e.g. my-gcp-id@gmail.com.
- username String
- The name of the user, e.g. my-gcp-id@gmail.com.
- username string
- The name of the user, e.g. my-gcp-id@gmail.com.
- username str
- The name of the user, e.g. my-gcp-id@gmail.com.
- username String
- The name of the user, e.g. my-gcp-id@gmail.com.
AwsClusterBinaryAuthorization, AwsClusterBinaryAuthorizationArgs        
- EvaluationMode string
- Mode of operation for Binary Authorization policy evaluation. Possible values: DISABLED, PROJECT_SINGLETON_POLICY_ENFORCE
- EvaluationMode string
- Mode of operation for Binary Authorization policy evaluation. Possible values: DISABLED, PROJECT_SINGLETON_POLICY_ENFORCE
- evaluationMode String
- Mode of operation for Binary Authorization policy evaluation. Possible values: DISABLED, PROJECT_SINGLETON_POLICY_ENFORCE
- evaluationMode string
- Mode of operation for Binary Authorization policy evaluation. Possible values: DISABLED, PROJECT_SINGLETON_POLICY_ENFORCE
- evaluation_mode str
- Mode of operation for Binary Authorization policy evaluation. Possible values: DISABLED, PROJECT_SINGLETON_POLICY_ENFORCE
- evaluationMode String
- Mode of operation for Binary Authorization policy evaluation. Possible values: DISABLED, PROJECT_SINGLETON_POLICY_ENFORCE
AwsClusterControlPlane, AwsClusterControlPlaneArgs        
- AwsServices AwsAuthentication Cluster Control Plane Aws Services Authentication 
- Authentication configuration for management of AWS resources.
- ConfigEncryption AwsCluster Control Plane Config Encryption 
- The ARN of the AWS KMS key used to encrypt cluster configuration.
- DatabaseEncryption AwsCluster Control Plane Database Encryption 
- The ARN of the AWS KMS key used to encrypt cluster secrets.
- IamInstance stringProfile 
- The name of the AWS IAM instance pofile to assign to each control plane replica.
- SubnetIds List<string>
- The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
- Version string
- The Kubernetes version to run on control plane replicas (e.g. 1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .
- InstancePlacement AwsCluster Control Plane Instance Placement 
- Details of placement information for an instance.
- InstanceType string
- Optional. The AWS instance type. When unspecified, it defaults to m5.large.
- MainVolume AwsCluster Control Plane Main Volume 
- Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
- ProxyConfig AwsCluster Control Plane Proxy Config 
- Proxy configuration for outbound HTTP(S) traffic.
- RootVolume AwsCluster Control Plane Root Volume 
- Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
- SecurityGroup List<string>Ids 
- Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
- SshConfig AwsCluster Control Plane Ssh Config 
- Optional. SSH configuration for how to access the underlying control plane machines.
- Dictionary<string, string>
- Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
- AwsServices AwsAuthentication Cluster Control Plane Aws Services Authentication 
- Authentication configuration for management of AWS resources.
- ConfigEncryption AwsCluster Control Plane Config Encryption 
- The ARN of the AWS KMS key used to encrypt cluster configuration.
- DatabaseEncryption AwsCluster Control Plane Database Encryption 
- The ARN of the AWS KMS key used to encrypt cluster secrets.
- IamInstance stringProfile 
- The name of the AWS IAM instance pofile to assign to each control plane replica.
- SubnetIds []string
- The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
- Version string
- The Kubernetes version to run on control plane replicas (e.g. 1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .
- InstancePlacement AwsCluster Control Plane Instance Placement 
- Details of placement information for an instance.
- InstanceType string
- Optional. The AWS instance type. When unspecified, it defaults to m5.large.
- MainVolume AwsCluster Control Plane Main Volume 
- Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
- ProxyConfig AwsCluster Control Plane Proxy Config 
- Proxy configuration for outbound HTTP(S) traffic.
- RootVolume AwsCluster Control Plane Root Volume 
- Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
- SecurityGroup []stringIds 
- Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
- SshConfig AwsCluster Control Plane Ssh Config 
- Optional. SSH configuration for how to access the underlying control plane machines.
- map[string]string
- Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
- awsServices AwsAuthentication Cluster Control Plane Aws Services Authentication 
- Authentication configuration for management of AWS resources.
- configEncryption AwsCluster Control Plane Config Encryption 
- The ARN of the AWS KMS key used to encrypt cluster configuration.
- databaseEncryption AwsCluster Control Plane Database Encryption 
- The ARN of the AWS KMS key used to encrypt cluster secrets.
- iamInstance StringProfile 
- The name of the AWS IAM instance pofile to assign to each control plane replica.
- subnetIds List<String>
- The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
- version String
- The Kubernetes version to run on control plane replicas (e.g. 1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .
- instancePlacement AwsCluster Control Plane Instance Placement 
- Details of placement information for an instance.
- instanceType String
- Optional. The AWS instance type. When unspecified, it defaults to m5.large.
- mainVolume AwsCluster Control Plane Main Volume 
- Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
- proxyConfig AwsCluster Control Plane Proxy Config 
- Proxy configuration for outbound HTTP(S) traffic.
- rootVolume AwsCluster Control Plane Root Volume 
- Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
- securityGroup List<String>Ids 
- Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
- sshConfig AwsCluster Control Plane Ssh Config 
- Optional. SSH configuration for how to access the underlying control plane machines.
- Map<String,String>
- Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
- awsServices AwsAuthentication Cluster Control Plane Aws Services Authentication 
- Authentication configuration for management of AWS resources.
- configEncryption AwsCluster Control Plane Config Encryption 
- The ARN of the AWS KMS key used to encrypt cluster configuration.
- databaseEncryption AwsCluster Control Plane Database Encryption 
- The ARN of the AWS KMS key used to encrypt cluster secrets.
- iamInstance stringProfile 
- The name of the AWS IAM instance pofile to assign to each control plane replica.
- subnetIds string[]
- The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
- version string
- The Kubernetes version to run on control plane replicas (e.g. 1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .
- instancePlacement AwsCluster Control Plane Instance Placement 
- Details of placement information for an instance.
- instanceType string
- Optional. The AWS instance type. When unspecified, it defaults to m5.large.
- mainVolume AwsCluster Control Plane Main Volume 
- Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
- proxyConfig AwsCluster Control Plane Proxy Config 
- Proxy configuration for outbound HTTP(S) traffic.
- rootVolume AwsCluster Control Plane Root Volume 
- Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
- securityGroup string[]Ids 
- Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
- sshConfig AwsCluster Control Plane Ssh Config 
- Optional. SSH configuration for how to access the underlying control plane machines.
- {[key: string]: string}
- Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
- aws_services_ Awsauthentication Cluster Control Plane Aws Services Authentication 
- Authentication configuration for management of AWS resources.
- config_encryption AwsCluster Control Plane Config Encryption 
- The ARN of the AWS KMS key used to encrypt cluster configuration.
- database_encryption AwsCluster Control Plane Database Encryption 
- The ARN of the AWS KMS key used to encrypt cluster secrets.
- iam_instance_ strprofile 
- The name of the AWS IAM instance pofile to assign to each control plane replica.
- subnet_ids Sequence[str]
- The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
- version str
- The Kubernetes version to run on control plane replicas (e.g. 1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .
- instance_placement AwsCluster Control Plane Instance Placement 
- Details of placement information for an instance.
- instance_type str
- Optional. The AWS instance type. When unspecified, it defaults to m5.large.
- main_volume AwsCluster Control Plane Main Volume 
- Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
- proxy_config AwsCluster Control Plane Proxy Config 
- Proxy configuration for outbound HTTP(S) traffic.
- root_volume AwsCluster Control Plane Root Volume 
- Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
- security_group_ Sequence[str]ids 
- Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
- ssh_config AwsCluster Control Plane Ssh Config 
- Optional. SSH configuration for how to access the underlying control plane machines.
- Mapping[str, str]
- Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
- awsServices Property MapAuthentication 
- Authentication configuration for management of AWS resources.
- configEncryption Property Map
- The ARN of the AWS KMS key used to encrypt cluster configuration.
- databaseEncryption Property Map
- The ARN of the AWS KMS key used to encrypt cluster secrets.
- iamInstance StringProfile 
- The name of the AWS IAM instance pofile to assign to each control plane replica.
- subnetIds List<String>
- The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ).
- version String
- The Kubernetes version to run on control plane replicas (e.g. 1.19.10-gke.1000). You can list all supported versions on a given Google Cloud region by calling .
- instancePlacement Property Map
- Details of placement information for an instance.
- instanceType String
- Optional. The AWS instance type. When unspecified, it defaults to m5.large.
- mainVolume Property Map
- Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type.
- proxyConfig Property Map
- Proxy configuration for outbound HTTP(S) traffic.
- rootVolume Property Map
- Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type.
- securityGroup List<String>Ids 
- Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster.
- sshConfig Property Map
- Optional. SSH configuration for how to access the underlying control plane machines.
- Map<String>
- Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters.
AwsClusterControlPlaneAwsServicesAuthentication, AwsClusterControlPlaneAwsServicesAuthenticationArgs              
- RoleArn string
- The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
- RoleSession stringName 
- Optional. An identifier for the assumed role session. When unspecified, it defaults to multicloud-service-agent.
- RoleArn string
- The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
- RoleSession stringName 
- Optional. An identifier for the assumed role session. When unspecified, it defaults to multicloud-service-agent.
- roleArn String
- The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
- roleSession StringName 
- Optional. An identifier for the assumed role session. When unspecified, it defaults to multicloud-service-agent.
- roleArn string
- The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
- roleSession stringName 
- Optional. An identifier for the assumed role session. When unspecified, it defaults to multicloud-service-agent.
- role_arn str
- The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
- role_session_ strname 
- Optional. An identifier for the assumed role session. When unspecified, it defaults to multicloud-service-agent.
- roleArn String
- The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account.
- roleSession StringName 
- Optional. An identifier for the assumed role session. When unspecified, it defaults to multicloud-service-agent.
AwsClusterControlPlaneConfigEncryption, AwsClusterControlPlaneConfigEncryptionArgs            
- KmsKey stringArn 
- The ARN of the AWS KMS key used to encrypt cluster configuration.
- KmsKey stringArn 
- The ARN of the AWS KMS key used to encrypt cluster configuration.
- kmsKey StringArn 
- The ARN of the AWS KMS key used to encrypt cluster configuration.
- kmsKey stringArn 
- The ARN of the AWS KMS key used to encrypt cluster configuration.
- kms_key_ strarn 
- The ARN of the AWS KMS key used to encrypt cluster configuration.
- kmsKey StringArn 
- The ARN of the AWS KMS key used to encrypt cluster configuration.
AwsClusterControlPlaneDatabaseEncryption, AwsClusterControlPlaneDatabaseEncryptionArgs            
- KmsKey stringArn 
- The ARN of the AWS KMS key used to encrypt cluster secrets.
- KmsKey stringArn 
- The ARN of the AWS KMS key used to encrypt cluster secrets.
- kmsKey StringArn 
- The ARN of the AWS KMS key used to encrypt cluster secrets.
- kmsKey stringArn 
- The ARN of the AWS KMS key used to encrypt cluster secrets.
- kms_key_ strarn 
- The ARN of the AWS KMS key used to encrypt cluster secrets.
- kmsKey StringArn 
- The ARN of the AWS KMS key used to encrypt cluster secrets.
AwsClusterControlPlaneInstancePlacement, AwsClusterControlPlaneInstancePlacementArgs            
- Tenancy string
- The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
- Tenancy string
- The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
- tenancy String
- The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
- tenancy string
- The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
- tenancy str
- The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
- tenancy String
- The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED, DEFAULT, DEDICATED, HOST
AwsClusterControlPlaneMainVolume, AwsClusterControlPlaneMainVolumeArgs            
- Iops int
- Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- KmsKey stringArn 
- Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- SizeGib int
- Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- Throughput int
- Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
- VolumeType string
- Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- Iops int
- Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- KmsKey stringArn 
- Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- SizeGib int
- Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- Throughput int
- Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
- VolumeType string
- Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops Integer
- Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kmsKey StringArn 
- Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- sizeGib Integer
- Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput Integer
- Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
- volumeType String
- Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops number
- Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kmsKey stringArn 
- Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- sizeGib number
- Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput number
- Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
- volumeType string
- Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops int
- Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kms_key_ strarn 
- Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- size_gib int
- Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput int
- Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
- volume_type str
- Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops Number
- Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kmsKey StringArn 
- Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- sizeGib Number
- Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput Number
- Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
- volumeType String
- Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
AwsClusterControlPlaneProxyConfig, AwsClusterControlPlaneProxyConfigArgs            
- SecretArn string
- The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- SecretVersion string
- The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- SecretArn string
- The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- SecretVersion string
- The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secretArn String
- The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secretVersion String
- The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secretArn string
- The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secretVersion string
- The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secret_arn str
- The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secret_version str
- The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secretArn String
- The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
- secretVersion String
- The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration.
AwsClusterControlPlaneRootVolume, AwsClusterControlPlaneRootVolumeArgs            
- Iops int
- Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- KmsKey stringArn 
- Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- SizeGib int
- Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- Throughput int
- Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
- VolumeType string
- Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- Iops int
- Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- KmsKey stringArn 
- Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- SizeGib int
- Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- Throughput int
- Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
- VolumeType string
- Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops Integer
- Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kmsKey StringArn 
- Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- sizeGib Integer
- Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput Integer
- Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
- volumeType String
- Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops number
- Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kmsKey stringArn 
- Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- sizeGib number
- Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput number
- Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
- volumeType string
- Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops int
- Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kms_key_ strarn 
- Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- size_gib int
- Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput int
- Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
- volume_type str
- Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
- iops Number
- Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume.
- kmsKey StringArn 
- Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used.
- sizeGib Number
- Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource.
- throughput Number
- Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. If volume type is gp3 and throughput is not specified, the throughput will defaults to 125.
- volumeType String
- Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3
AwsClusterControlPlaneSshConfig, AwsClusterControlPlaneSshConfigArgs            
- Ec2KeyPair string
- The name of the EC2 key pair used to login into cluster machines.
- Ec2KeyPair string
- The name of the EC2 key pair used to login into cluster machines.
- ec2KeyPair String
- The name of the EC2 key pair used to login into cluster machines.
- ec2KeyPair string
- The name of the EC2 key pair used to login into cluster machines.
- ec2_key_ strpair 
- The name of the EC2 key pair used to login into cluster machines.
- ec2KeyPair String
- The name of the EC2 key pair used to login into cluster machines.
AwsClusterFleet, AwsClusterFleetArgs      
- Membership string
- The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
- Project string
- The number of the Fleet host project where this cluster will be registered.
- Membership string
- The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
- Project string
- The number of the Fleet host project where this cluster will be registered.
- membership String
- The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
- project String
- The number of the Fleet host project where this cluster will be registered.
- membership string
- The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
- project string
- The number of the Fleet host project where this cluster will be registered.
- membership str
- The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
- project str
- The number of the Fleet host project where this cluster will be registered.
- membership String
- The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/.
- project String
- The number of the Fleet host project where this cluster will be registered.
AwsClusterLoggingConfig, AwsClusterLoggingConfigArgs        
- ComponentConfig AwsCluster Logging Config Component Config 
- Configuration of the logging components.
- ComponentConfig AwsCluster Logging Config Component Config 
- Configuration of the logging components.
- componentConfig AwsCluster Logging Config Component Config 
- Configuration of the logging components.
- componentConfig AwsCluster Logging Config Component Config 
- Configuration of the logging components.
- component_config AwsCluster Logging Config Component Config 
- Configuration of the logging components.
- componentConfig Property Map
- Configuration of the logging components.
AwsClusterLoggingConfigComponentConfig, AwsClusterLoggingConfigComponentConfigArgs            
- EnableComponents List<string>
- Components of the logging configuration to be enabled.
- EnableComponents []string
- Components of the logging configuration to be enabled.
- enableComponents List<String>
- Components of the logging configuration to be enabled.
- enableComponents string[]
- Components of the logging configuration to be enabled.
- enable_components Sequence[str]
- Components of the logging configuration to be enabled.
- enableComponents List<String>
- Components of the logging configuration to be enabled.
AwsClusterNetworking, AwsClusterNetworkingArgs      
- PodAddress List<string>Cidr Blocks 
- All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- ServiceAddress List<string>Cidr Blocks 
- All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- VpcId string
- The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.
- PerNode boolPool Sg Rules Disabled 
- Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
- PodAddress []stringCidr Blocks 
- All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- ServiceAddress []stringCidr Blocks 
- All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- VpcId string
- The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.
- PerNode boolPool Sg Rules Disabled 
- Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
- podAddress List<String>Cidr Blocks 
- All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- serviceAddress List<String>Cidr Blocks 
- All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- vpcId String
- The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.
- perNode BooleanPool Sg Rules Disabled 
- Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
- podAddress string[]Cidr Blocks 
- All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- serviceAddress string[]Cidr Blocks 
- All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- vpcId string
- The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.
- perNode booleanPool Sg Rules Disabled 
- Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
- pod_address_ Sequence[str]cidr_ blocks 
- All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- service_address_ Sequence[str]cidr_ blocks 
- All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- vpc_id str
- The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.
- per_node_ boolpool_ sg_ rules_ disabled 
- Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
- podAddress List<String>Cidr Blocks 
- All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- serviceAddress List<String>Cidr Blocks 
- All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation.
- vpcId String
- The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation.
- perNode BooleanPool Sg Rules Disabled 
- Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools.
AwsClusterWorkloadIdentityConfig, AwsClusterWorkloadIdentityConfigArgs          
- IdentityProvider string
- The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool.
- IssuerUri string
- The OIDC issuer URL for this cluster.
- WorkloadPool string
- The Workload Identity Pool associated to the cluster.
- IdentityProvider string
- The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool.
- IssuerUri string
- The OIDC issuer URL for this cluster.
- WorkloadPool string
- The Workload Identity Pool associated to the cluster.
- identityProvider String
- The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool.
- issuerUri String
- The OIDC issuer URL for this cluster.
- workloadPool String
- The Workload Identity Pool associated to the cluster.
- identityProvider string
- The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool.
- issuerUri string
- The OIDC issuer URL for this cluster.
- workloadPool string
- The Workload Identity Pool associated to the cluster.
- identity_provider str
- The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool.
- issuer_uri str
- The OIDC issuer URL for this cluster.
- workload_pool str
- The Workload Identity Pool associated to the cluster.
- identityProvider String
- The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool.
- issuerUri String
- The OIDC issuer URL for this cluster.
- workloadPool String
- The Workload Identity Pool associated to the cluster.
Import
Cluster can be imported using any of these accepted formats:
- projects/{{project}}/locations/{{location}}/awsClusters/{{name}}
- {{project}}/{{location}}/{{name}}
- {{location}}/{{name}}
When using the pulumi import command, Cluster can be imported using one of the formats above. For example:
$ pulumi import gcp:container/awsCluster:AwsCluster default projects/{{project}}/locations/{{location}}/awsClusters/{{name}}
$ pulumi import gcp:container/awsCluster:AwsCluster default {{project}}/{{location}}/{{name}}
$ pulumi import gcp:container/awsCluster:AwsCluster default {{location}}/{{name}}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the google-betaTerraform Provider.