Packages:

ami.aws.infrastructure.cluster.x-k8s.io/v1beta1

Package v1beta1 contains API Schema definitions for the AMI v1beta1 API group

Resource Types:

    AWSAMI

    AWSAMI defines an AMI.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    AWSAMISpec


    os
    string
    region
    string
    imageID
    string
    kubernetesVersion
    string

    AWSAMISpec

    (Appears on:AWSAMI)

    AWSAMISpec defines an AMI.

    Field Description
    os
    string
    region
    string
    imageID
    string
    kubernetesVersion
    string

    bootstrap.aws.infrastructure.cluster.x-k8s.io/v1alpha1

    Package v1alpha1 contains API Schema definitions for the bootstrap v1alpha1 API group

    Resource Types:

      AWSIAMConfiguration

      AWSIAMConfiguration controls the creation of AWS Identity and Access Management (IAM) resources for use by Kubernetes clusters and Kubernetes Cluster API Provider AWS.

      Field Description
      spec
      AWSIAMConfigurationSpec


      namePrefix
      string

      NamePrefix will be prepended to every AWS IAM role, user and policy created by clusterawsadm. Defaults to “”.

      nameSuffix
      string

      NameSuffix will be appended to every AWS IAM role, user and policy created by clusterawsadm. Defaults to “.cluster-api-provider-aws.sigs.k8s.io”.

      controlPlane
      ControlPlane

      ControlPlane controls the configuration of the AWS IAM role for a Kubernetes cluster’s control plane nodes.

      clusterAPIControllers
      ClusterAPIControllers

      ClusterAPIControllers controls the configuration of an IAM role and policy specifically for Kubernetes Cluster API Provider AWS.

      nodes
      Nodes

      Nodes controls the configuration of the AWS IAM role for all nodes in a Kubernetes cluster.

      bootstrapUser
      BootstrapUser

      BootstrapUser contains a list of elements that is specific to the configuration and enablement of an IAM user.

      stackName
      string

      StackName defines the name of the AWS CloudFormation stack.

      region
      string

      Region controls which region the control-plane is created in if not specified on the command line or via environment variables.

      eks
      EKSConfig

      EKS controls the configuration related to EKS. Settings in here affect the control plane and nodes roles

      eventBridge
      EventBridgeConfig

      EventBridge controls configuration for consuming EventBridge events

      partition
      string

      Partition is the AWS security partition being used. Defaults to “aws”

      secureSecretBackends
      []SecretBackend

      SecureSecretsBackend, when set to parameter-store will create AWS Systems Manager Parameter Storage policies. By default or with the value of secrets-manager, will generate AWS Secrets Manager policies instead.

      AWSIAMConfigurationSpec

      (Appears on:AWSIAMConfiguration)

      AWSIAMConfigurationSpec defines the specification of the AWSIAMConfiguration.

      Field Description
      namePrefix
      string

      NamePrefix will be prepended to every AWS IAM role, user and policy created by clusterawsadm. Defaults to “”.

      nameSuffix
      string

      NameSuffix will be appended to every AWS IAM role, user and policy created by clusterawsadm. Defaults to “.cluster-api-provider-aws.sigs.k8s.io”.

      controlPlane
      ControlPlane

      ControlPlane controls the configuration of the AWS IAM role for a Kubernetes cluster’s control plane nodes.

      clusterAPIControllers
      ClusterAPIControllers

      ClusterAPIControllers controls the configuration of an IAM role and policy specifically for Kubernetes Cluster API Provider AWS.

      nodes
      Nodes

      Nodes controls the configuration of the AWS IAM role for all nodes in a Kubernetes cluster.

      bootstrapUser
      BootstrapUser

      BootstrapUser contains a list of elements that is specific to the configuration and enablement of an IAM user.

      stackName
      string

      StackName defines the name of the AWS CloudFormation stack.

      region
      string

      Region controls which region the control-plane is created in if not specified on the command line or via environment variables.

      eks
      EKSConfig

      EKS controls the configuration related to EKS. Settings in here affect the control plane and nodes roles

      eventBridge
      EventBridgeConfig

      EventBridge controls configuration for consuming EventBridge events

      partition
      string

      Partition is the AWS security partition being used. Defaults to “aws”

      secureSecretBackends
      []SecretBackend

      SecureSecretsBackend, when set to parameter-store will create AWS Systems Manager Parameter Storage policies. By default or with the value of secrets-manager, will generate AWS Secrets Manager policies instead.

      AWSIAMRoleSpec

      (Appears on:ClusterAPIControllers, ControlPlane, EKSConfig, Nodes)

      AWSIAMRoleSpec defines common configuration for AWS IAM roles created by Kubernetes Cluster API Provider AWS.

      Field Description
      disable
      bool

      Disable if set to true will not create the AWS IAM role. Defaults to false.

      extraPolicyAttachments
      []string

      ExtraPolicyAttachments is a list of additional policies to be attached to the IAM role.

      extraStatements
      []Cluster API AWS iam/api/v1beta1.StatementEntry

      ExtraStatements are additional IAM statements to be included inline for the role.

      trustStatements
      []Cluster API AWS iam/api/v1beta1.StatementEntry

      TrustStatements is an IAM PolicyDocument defining what identities are allowed to assume this role. See “sigs.k8s.io/cluster-api-provider-aws/v2/cmd/clusterawsadm/api/iam/v1beta1” for more documentation.

      tags
      Tags

      Tags is a map of tags to be applied to the AWS IAM role.

      BootstrapUser

      (Appears on:AWSIAMConfigurationSpec)

      BootstrapUser contains a list of elements that is specific to the configuration and enablement of an IAM user.

      Field Description
      enable
      bool

      Enable controls whether or not a bootstrap AWS IAM user will be created. This can be used to scope down the initial credentials used to bootstrap the cluster. Defaults to false.

      userName
      string

      UserName controls the username of the bootstrap user. Defaults to “bootstrapper.cluster-api-provider-aws.sigs.k8s.io”

      groupName
      string

      GroupName controls the group the user will belong to. Defaults to “bootstrapper.cluster-api-provider-aws.sigs.k8s.io”

      extraPolicyAttachments
      []string

      ExtraPolicyAttachments is a list of additional policies to be attached to the IAM user.

      extraGroups
      []string

      ExtraGroups is a list of groups to add this user to.

      extraStatements
      []Cluster API AWS iam/api/v1beta1.StatementEntry

      ExtraStatements are additional AWS IAM policy document statements to be included inline for the user.

      tags
      Tags

      Tags is a map of tags to be applied to the AWS IAM user.

      ClusterAPIControllers

      (Appears on:AWSIAMConfigurationSpec)

      ClusterAPIControllers controls the configuration of the AWS IAM role for the Kubernetes Cluster API Provider AWS controller.

      Field Description
      AWSIAMRoleSpec
      AWSIAMRoleSpec

      (Members of AWSIAMRoleSpec are embedded into this type.)

      allowedEC2InstanceProfiles
      []string

      AllowedEC2InstanceProfiles controls which EC2 roles are allowed to be consumed by Cluster API when creating an ec2 instance. Defaults to *., where suffix is defaulted to .cluster-api-provider-aws.sigs.k8s.io

      ControlPlane

      (Appears on:AWSIAMConfigurationSpec)

      ControlPlane controls the configuration of the AWS IAM role for the control plane of provisioned Kubernetes clusters.

      Field Description
      AWSIAMRoleSpec
      AWSIAMRoleSpec

      (Members of AWSIAMRoleSpec are embedded into this type.)

      disableClusterAPIControllerPolicyAttachment
      bool

      DisableClusterAPIControllerPolicyAttachment, if set to true, will not attach the AWS IAM policy for Cluster API Provider AWS to the control plane role. Defaults to false.

      disableCloudProviderPolicy
      bool

      DisableCloudProviderPolicy if set to true, will not generate and attach the AWS IAM policy for the AWS Cloud Provider.

      enableCSIPolicy
      bool

      EnableCSIPolicy if set to true, will generate and attach the AWS IAM policy for the EBS CSI Driver.

      EKSConfig

      (Appears on:AWSIAMConfigurationSpec)

      EKSConfig represents the EKS related configuration config.

      Field Description
      disable
      bool

      Disable controls whether EKS-related permissions are granted

      iamRoleCreation
      bool

      AllowIAMRoleCreation controls whether the EKS controllers have permissions for creating IAM roles per cluster

      enableUserEKSConsolePolicy
      bool

      EnableUserEKSConsolePolicy controls the creation of the policy to view EKS nodes and workloads.

      defaultControlPlaneRole
      AWSIAMRoleSpec

      DefaultControlPlaneRole controls the configuration of the AWS IAM role for the EKS control plane. This is the default role that will be used if no role is included in the spec and automatic creation of the role isn’t enabled

      managedMachinePool
      AWSIAMRoleSpec

      ManagedMachinePool controls the configuration of the AWS IAM role for used by EKS managed machine pools.

      fargate
      AWSIAMRoleSpec

      Fargate controls the configuration of the AWS IAM role for used by EKS managed machine pools.

      kmsAliasPrefix
      string

      KMSAliasPrefix is prefix to use to restrict permission to KMS keys to only those that have an alias name that is prefixed by this. Defaults to cluster-api-provider-aws-*

      EventBridgeConfig

      (Appears on:AWSIAMConfigurationSpec)

      EventBridgeConfig represents configuration for enabling experimental feature to consume EventBridge EC2 events.

      Field Description
      enable
      bool

      Enable controls whether permissions are granted to consume EC2 events

      Nodes

      (Appears on:AWSIAMConfigurationSpec)

      Nodes controls the configuration of the AWS IAM role for worker nodes in a cluster created by Kubernetes Cluster API Provider AWS.

      Field Description
      AWSIAMRoleSpec
      AWSIAMRoleSpec

      (Members of AWSIAMRoleSpec are embedded into this type.)

      disableCloudProviderPolicy
      bool

      DisableCloudProviderPolicy if set to true, will not generate and attach the policy for the AWS Cloud Provider. Defaults to false.

      ec2ContainerRegistryReadOnly
      bool

      EC2ContainerRegistryReadOnly controls whether the node has read-only access to the EC2 container registry


      bootstrap.aws.infrastructure.cluster.x-k8s.io/v1beta1

      Package v1beta1 contains API Schema definitions for the bootstrap v1beta1 API group

      Resource Types:

        AWSIAMConfiguration

        AWSIAMConfiguration controls the creation of AWS Identity and Access Management (IAM) resources for use by Kubernetes clusters and Kubernetes Cluster API Provider AWS.

        Field Description
        spec
        AWSIAMConfigurationSpec


        namePrefix
        string

        NamePrefix will be prepended to every AWS IAM role, user and policy created by clusterawsadm. Defaults to “”.

        nameSuffix
        string

        NameSuffix will be appended to every AWS IAM role, user and policy created by clusterawsadm. Defaults to “.cluster-api-provider-aws.sigs.k8s.io”.

        controlPlane
        ControlPlane

        ControlPlane controls the configuration of the AWS IAM role for a Kubernetes cluster’s control plane nodes.

        clusterAPIControllers
        ClusterAPIControllers

        ClusterAPIControllers controls the configuration of an IAM role and policy specifically for Kubernetes Cluster API Provider AWS.

        nodes
        Nodes

        Nodes controls the configuration of the AWS IAM role for all nodes in a Kubernetes cluster.

        bootstrapUser
        BootstrapUser

        BootstrapUser contains a list of elements that is specific to the configuration and enablement of an IAM user.

        stackName
        string

        StackName defines the name of the AWS CloudFormation stack.

        stackTags
        map[string]string
        (Optional)

        StackTags defines the tags of the AWS CloudFormation stack.

        region
        string

        Region controls which region the control-plane is created in if not specified on the command line or via environment variables.

        eks
        EKSConfig

        EKS controls the configuration related to EKS. Settings in here affect the control plane and nodes roles

        eventBridge
        EventBridgeConfig

        EventBridge controls configuration for consuming EventBridge events

        partition
        string

        Partition is the AWS security partition being used. Defaults to “aws”

        secureSecretBackends
        []SecretBackend

        SecureSecretsBackend, when set to parameter-store will create AWS Systems Manager Parameter Storage policies. By default or with the value of secrets-manager, will generate AWS Secrets Manager policies instead.

        s3Buckets
        S3Buckets
        (Optional)

        S3Buckets, when enabled, will add controller nodes permissions to create S3 Buckets for workload clusters. TODO: This field could be a pointer, but it seems it breaks setting default values?

        allowAssumeRole
        bool

        AllowAssumeRole enables the sts:AssumeRole permission within the CAPA policies

        AWSIAMConfigurationSpec

        (Appears on:AWSIAMConfiguration)

        AWSIAMConfigurationSpec defines the specification of the AWSIAMConfiguration.

        Field Description
        namePrefix
        string

        NamePrefix will be prepended to every AWS IAM role, user and policy created by clusterawsadm. Defaults to “”.

        nameSuffix
        string

        NameSuffix will be appended to every AWS IAM role, user and policy created by clusterawsadm. Defaults to “.cluster-api-provider-aws.sigs.k8s.io”.

        controlPlane
        ControlPlane

        ControlPlane controls the configuration of the AWS IAM role for a Kubernetes cluster’s control plane nodes.

        clusterAPIControllers
        ClusterAPIControllers

        ClusterAPIControllers controls the configuration of an IAM role and policy specifically for Kubernetes Cluster API Provider AWS.

        nodes
        Nodes

        Nodes controls the configuration of the AWS IAM role for all nodes in a Kubernetes cluster.

        bootstrapUser
        BootstrapUser

        BootstrapUser contains a list of elements that is specific to the configuration and enablement of an IAM user.

        stackName
        string

        StackName defines the name of the AWS CloudFormation stack.

        stackTags
        map[string]string
        (Optional)

        StackTags defines the tags of the AWS CloudFormation stack.

        region
        string

        Region controls which region the control-plane is created in if not specified on the command line or via environment variables.

        eks
        EKSConfig

        EKS controls the configuration related to EKS. Settings in here affect the control plane and nodes roles

        eventBridge
        EventBridgeConfig

        EventBridge controls configuration for consuming EventBridge events

        partition
        string

        Partition is the AWS security partition being used. Defaults to “aws”

        secureSecretBackends
        []SecretBackend

        SecureSecretsBackend, when set to parameter-store will create AWS Systems Manager Parameter Storage policies. By default or with the value of secrets-manager, will generate AWS Secrets Manager policies instead.

        s3Buckets
        S3Buckets
        (Optional)

        S3Buckets, when enabled, will add controller nodes permissions to create S3 Buckets for workload clusters. TODO: This field could be a pointer, but it seems it breaks setting default values?

        allowAssumeRole
        bool

        AllowAssumeRole enables the sts:AssumeRole permission within the CAPA policies

        AWSIAMRoleSpec

        (Appears on:ClusterAPIControllers, ControlPlane, EKSConfig, Nodes)

        AWSIAMRoleSpec defines common configuration for AWS IAM roles created by Kubernetes Cluster API Provider AWS.

        Field Description
        disable
        bool

        Disable if set to true will not create the AWS IAM role. Defaults to false.

        extraPolicyAttachments
        []string

        ExtraPolicyAttachments is a list of additional policies to be attached to the IAM role.

        extraStatements
        []Cluster API AWS iam/api/v1beta1.StatementEntry

        ExtraStatements are additional IAM statements to be included inline for the role.

        trustStatements
        []Cluster API AWS iam/api/v1beta1.StatementEntry

        TrustStatements is an IAM PolicyDocument defining what identities are allowed to assume this role. See “sigs.k8s.io/cluster-api-provider-aws/v2/cmd/clusterawsadm/api/iam/v1beta1” for more documentation.

        tags
        Tags

        Tags is a map of tags to be applied to the AWS IAM role.

        BootstrapUser

        (Appears on:AWSIAMConfigurationSpec)

        BootstrapUser contains a list of elements that is specific to the configuration and enablement of an IAM user.

        Field Description
        enable
        bool

        Enable controls whether or not a bootstrap AWS IAM user will be created. This can be used to scope down the initial credentials used to bootstrap the cluster. Defaults to false.

        userName
        string

        UserName controls the username of the bootstrap user. Defaults to “bootstrapper.cluster-api-provider-aws.sigs.k8s.io”

        groupName
        string

        GroupName controls the group the user will belong to. Defaults to “bootstrapper.cluster-api-provider-aws.sigs.k8s.io”

        extraPolicyAttachments
        []string

        ExtraPolicyAttachments is a list of additional policies to be attached to the IAM user.

        extraGroups
        []string

        ExtraGroups is a list of groups to add this user to.

        extraStatements
        []Cluster API AWS iam/api/v1beta1.StatementEntry

        ExtraStatements are additional AWS IAM policy document statements to be included inline for the user.

        tags
        Tags

        Tags is a map of tags to be applied to the AWS IAM user.

        ClusterAPIControllers

        (Appears on:AWSIAMConfigurationSpec)

        ClusterAPIControllers controls the configuration of the AWS IAM role for the Kubernetes Cluster API Provider AWS controller.

        Field Description
        AWSIAMRoleSpec
        AWSIAMRoleSpec

        (Members of AWSIAMRoleSpec are embedded into this type.)

        allowedEC2InstanceProfiles
        []string

        AllowedEC2InstanceProfiles controls which EC2 roles are allowed to be consumed by Cluster API when creating an ec2 instance. Defaults to *., where suffix is defaulted to .cluster-api-provider-aws.sigs.k8s.io

        ControlPlane

        (Appears on:AWSIAMConfigurationSpec)

        ControlPlane controls the configuration of the AWS IAM role for the control plane of provisioned Kubernetes clusters.

        Field Description
        AWSIAMRoleSpec
        AWSIAMRoleSpec

        (Members of AWSIAMRoleSpec are embedded into this type.)

        disableClusterAPIControllerPolicyAttachment
        bool

        DisableClusterAPIControllerPolicyAttachment, if set to true, will not attach the AWS IAM policy for Cluster API Provider AWS to the control plane role. Defaults to false.

        disableCloudProviderPolicy
        bool

        DisableCloudProviderPolicy if set to true, will not generate and attach the AWS IAM policy for the AWS Cloud Provider.

        enableCSIPolicy
        bool

        EnableCSIPolicy if set to true, will generate and attach the AWS IAM policy for the EBS CSI Driver.

        EKSConfig

        (Appears on:AWSIAMConfigurationSpec)

        EKSConfig represents the EKS related configuration config.

        Field Description
        disable
        bool

        Disable controls whether EKS-related permissions are granted

        iamRoleCreation
        bool

        AllowIAMRoleCreation controls whether the EKS controllers have permissions for creating IAM roles per cluster

        enableUserEKSConsolePolicy
        bool

        EnableUserEKSConsolePolicy controls the creation of the policy to view EKS nodes and workloads.

        defaultControlPlaneRole
        AWSIAMRoleSpec

        DefaultControlPlaneRole controls the configuration of the AWS IAM role for the EKS control plane. This is the default role that will be used if no role is included in the spec and automatic creation of the role isn’t enabled

        managedMachinePool
        AWSIAMRoleSpec

        ManagedMachinePool controls the configuration of the AWS IAM role for used by EKS managed machine pools.

        fargate
        AWSIAMRoleSpec

        Fargate controls the configuration of the AWS IAM role for used by EKS managed machine pools.

        kmsAliasPrefix
        string

        KMSAliasPrefix is prefix to use to restrict permission to KMS keys to only those that have an alias name that is prefixed by this. Defaults to cluster-api-provider-aws-*

        EventBridgeConfig

        (Appears on:AWSIAMConfigurationSpec)

        EventBridgeConfig represents configuration for enabling experimental feature to consume EventBridge EC2 events.

        Field Description
        enable
        bool

        Enable controls whether permissions are granted to consume EC2 events

        Nodes

        (Appears on:AWSIAMConfigurationSpec)

        Nodes controls the configuration of the AWS IAM role for worker nodes in a cluster created by Kubernetes Cluster API Provider AWS.

        Field Description
        AWSIAMRoleSpec
        AWSIAMRoleSpec

        (Members of AWSIAMRoleSpec are embedded into this type.)

        disableCloudProviderPolicy
        bool

        DisableCloudProviderPolicy if set to true, will not generate and attach the policy for the AWS Cloud Provider. Defaults to false.

        ec2ContainerRegistryReadOnly
        bool

        EC2ContainerRegistryReadOnly controls whether the node has read-only access to the EC2 container registry

        S3Buckets

        (Appears on:AWSIAMConfigurationSpec)

        S3Buckets controls the configuration of the AWS IAM role for S3 buckets which can be created for storing bootstrap data for nodes requiring it.

        Field Description
        enable
        bool

        Enable controls whether permissions are granted to manage S3 buckets.

        namePrefix
        string

        NamePrefix will be prepended to every AWS IAM role bucket name. Defaults to “cluster-api-provider-aws-”. AWSCluster S3 Bucket name must be prefixed with the same prefix.


        bootstrap.cluster.x-k8s.io/v1beta1

        Resource Types:

          EKSConfig

          EKSConfig is the schema for the Amazon EKS Machine Bootstrap Configuration API.

          Field Description
          metadata
          Kubernetes meta/v1.ObjectMeta
          Refer to the Kubernetes API documentation for the fields of the metadata field.
          spec
          EKSConfigSpec


          kubeletExtraArgs
          map[string]string
          (Optional)

          KubeletExtraArgs passes the specified kubelet args into the Amazon EKS machine bootstrap script

          containerRuntime
          string
          (Optional)

          ContainerRuntime specify the container runtime to use when bootstrapping EKS.

          dnsClusterIP
          string
          (Optional)

          DNSClusterIP overrides the IP address to use for DNS queries within the cluster.

          dockerConfigJson
          string
          (Optional)

          DockerConfigJson is used for the contents of the /etc/docker/daemon.json file. Useful if you want a custom config differing from the default one in the AMI. This is expected to be a json string.

          apiRetryAttempts
          int
          (Optional)

          APIRetryAttempts is the number of retry attempts for AWS API call.

          pauseContainer
          PauseContainer
          (Optional)

          PauseContainer allows customization of the pause container to use.

          useMaxPods
          bool
          (Optional)

          UseMaxPods sets –max-pods for the kubelet when true.

          serviceIPV6Cidr
          string
          (Optional)

          ServiceIPV6Cidr is the ipv6 cidr range of the cluster. If this is specified then the ip family will be set to ipv6.

          status
          EKSConfigStatus

          EKSConfigSpec

          (Appears on:EKSConfig, EKSConfigTemplateResource)

          EKSConfigSpec defines the desired state of Amazon EKS Bootstrap Configuration.

          Field Description
          kubeletExtraArgs
          map[string]string
          (Optional)

          KubeletExtraArgs passes the specified kubelet args into the Amazon EKS machine bootstrap script

          containerRuntime
          string
          (Optional)

          ContainerRuntime specify the container runtime to use when bootstrapping EKS.

          dnsClusterIP
          string
          (Optional)

          DNSClusterIP overrides the IP address to use for DNS queries within the cluster.

          dockerConfigJson
          string
          (Optional)

          DockerConfigJson is used for the contents of the /etc/docker/daemon.json file. Useful if you want a custom config differing from the default one in the AMI. This is expected to be a json string.

          apiRetryAttempts
          int
          (Optional)

          APIRetryAttempts is the number of retry attempts for AWS API call.

          pauseContainer
          PauseContainer
          (Optional)

          PauseContainer allows customization of the pause container to use.

          useMaxPods
          bool
          (Optional)

          UseMaxPods sets –max-pods for the kubelet when true.

          serviceIPV6Cidr
          string
          (Optional)

          ServiceIPV6Cidr is the ipv6 cidr range of the cluster. If this is specified then the ip family will be set to ipv6.

          EKSConfigStatus

          (Appears on:EKSConfig)

          EKSConfigStatus defines the observed state of the Amazon EKS Bootstrap Configuration.

          Field Description
          ready
          bool

          Ready indicates the BootstrapData secret is ready to be consumed

          dataSecretName
          string
          (Optional)

          DataSecretName is the name of the secret that stores the bootstrap data script.

          failureReason
          string
          (Optional)

          FailureReason will be set on non-retryable errors

          failureMessage
          string
          (Optional)

          FailureMessage will be set on non-retryable errors

          observedGeneration
          int64
          (Optional)

          ObservedGeneration is the latest generation observed by the controller.

          conditions
          Cluster API api/v1beta1.Conditions
          (Optional)

          Conditions defines current service state of the EKSConfig.

          EKSConfigTemplate

          EKSConfigTemplate is the Amazon EKS Bootstrap Configuration Template API.

          Field Description
          metadata
          Kubernetes meta/v1.ObjectMeta
          Refer to the Kubernetes API documentation for the fields of the metadata field.
          spec
          EKSConfigTemplateSpec


          template
          EKSConfigTemplateResource

          EKSConfigTemplateResource

          (Appears on:EKSConfigTemplateSpec)

          EKSConfigTemplateResource defines the Template structure.

          Field Description
          spec
          EKSConfigSpec


          kubeletExtraArgs
          map[string]string
          (Optional)

          KubeletExtraArgs passes the specified kubelet args into the Amazon EKS machine bootstrap script

          containerRuntime
          string
          (Optional)

          ContainerRuntime specify the container runtime to use when bootstrapping EKS.

          dnsClusterIP
          string
          (Optional)

          DNSClusterIP overrides the IP address to use for DNS queries within the cluster.

          dockerConfigJson
          string
          (Optional)

          DockerConfigJson is used for the contents of the /etc/docker/daemon.json file. Useful if you want a custom config differing from the default one in the AMI. This is expected to be a json string.

          apiRetryAttempts
          int
          (Optional)

          APIRetryAttempts is the number of retry attempts for AWS API call.

          pauseContainer
          PauseContainer
          (Optional)

          PauseContainer allows customization of the pause container to use.

          useMaxPods
          bool
          (Optional)

          UseMaxPods sets –max-pods for the kubelet when true.

          serviceIPV6Cidr
          string
          (Optional)

          ServiceIPV6Cidr is the ipv6 cidr range of the cluster. If this is specified then the ip family will be set to ipv6.

          EKSConfigTemplateSpec

          (Appears on:EKSConfigTemplate)

          EKSConfigTemplateSpec defines the desired state of templated EKSConfig Amazon EKS Bootstrap Configuration resources.

          Field Description
          template
          EKSConfigTemplateResource

          PauseContainer

          (Appears on:EKSConfigSpec)

          PauseContainer contains details of pause container.

          Field Description
          accountNumber
          string

          AccountNumber is the AWS account number to pull the pause container from.

          version
          string

          Version is the tag of the pause container to use.


          bootstrap.cluster.x-k8s.io/v1beta2

          Package v1beta2 contains API Schema definitions for the Amazon EKS Bootstrap v1beta2 API group.

          Resource Types:

            DiskSetup

            (Appears on:EKSConfigSpec)

            DiskSetup defines input for generated disk_setup and fs_setup in cloud-init.

            Field Description
            partitions
            []Partition
            (Optional)

            Partitions specifies the list of the partitions to setup.

            filesystems
            []Filesystem
            (Optional)

            Filesystems specifies the list of file systems to setup.

            EKSConfig

            EKSConfig is the schema for the Amazon EKS Machine Bootstrap Configuration API.

            Field Description
            metadata
            Kubernetes meta/v1.ObjectMeta
            Refer to the Kubernetes API documentation for the fields of the metadata field.
            spec
            EKSConfigSpec


            kubeletExtraArgs
            map[string]string
            (Optional)

            KubeletExtraArgs passes the specified kubelet args into the Amazon EKS machine bootstrap script

            containerRuntime
            string
            (Optional)

            ContainerRuntime specify the container runtime to use when bootstrapping EKS.

            dnsClusterIP
            string
            (Optional)

            DNSClusterIP overrides the IP address to use for DNS queries within the cluster.

            dockerConfigJson
            string
            (Optional)

            DockerConfigJson is used for the contents of the /etc/docker/daemon.json file. Useful if you want a custom config differing from the default one in the AMI. This is expected to be a json string.

            apiRetryAttempts
            int
            (Optional)

            APIRetryAttempts is the number of retry attempts for AWS API call.

            pauseContainer
            PauseContainer
            (Optional)

            PauseContainer allows customization of the pause container to use.

            useMaxPods
            bool
            (Optional)

            UseMaxPods sets –max-pods for the kubelet when true.

            serviceIPV6Cidr
            string
            (Optional)

            ServiceIPV6Cidr is the ipv6 cidr range of the cluster. If this is specified then the ip family will be set to ipv6.

            preBootstrapCommands
            []string
            (Optional)

            PreBootstrapCommands specifies extra commands to run before bootstrapping nodes to the cluster

            postBootstrapCommands
            []string
            (Optional)

            PostBootstrapCommands specifies extra commands to run after bootstrapping nodes to the cluster

            boostrapCommandOverride
            string
            (Optional)

            BootstrapCommandOverride allows you to override the bootstrap command to use for EKS nodes.

            files
            []File
            (Optional)

            Files specifies extra files to be passed to user_data upon creation.

            diskSetup
            DiskSetup
            (Optional)

            DiskSetup specifies options for the creation of partition tables and file systems on devices.

            mounts
            []MountPoints
            (Optional)

            Mounts specifies a list of mount points to be setup.

            users
            []User
            (Optional)

            Users specifies extra users to add

            ntp
            NTP
            (Optional)

            NTP specifies NTP configuration

            status
            EKSConfigStatus

            EKSConfigSpec

            (Appears on:EKSConfig, EKSConfigTemplateResource)

            EKSConfigSpec defines the desired state of Amazon EKS Bootstrap Configuration.

            Field Description
            kubeletExtraArgs
            map[string]string
            (Optional)

            KubeletExtraArgs passes the specified kubelet args into the Amazon EKS machine bootstrap script

            containerRuntime
            string
            (Optional)

            ContainerRuntime specify the container runtime to use when bootstrapping EKS.

            dnsClusterIP
            string
            (Optional)

            DNSClusterIP overrides the IP address to use for DNS queries within the cluster.

            dockerConfigJson
            string
            (Optional)

            DockerConfigJson is used for the contents of the /etc/docker/daemon.json file. Useful if you want a custom config differing from the default one in the AMI. This is expected to be a json string.

            apiRetryAttempts
            int
            (Optional)

            APIRetryAttempts is the number of retry attempts for AWS API call.

            pauseContainer
            PauseContainer
            (Optional)

            PauseContainer allows customization of the pause container to use.

            useMaxPods
            bool
            (Optional)

            UseMaxPods sets –max-pods for the kubelet when true.

            serviceIPV6Cidr
            string
            (Optional)

            ServiceIPV6Cidr is the ipv6 cidr range of the cluster. If this is specified then the ip family will be set to ipv6.

            preBootstrapCommands
            []string
            (Optional)

            PreBootstrapCommands specifies extra commands to run before bootstrapping nodes to the cluster

            postBootstrapCommands
            []string
            (Optional)

            PostBootstrapCommands specifies extra commands to run after bootstrapping nodes to the cluster

            boostrapCommandOverride
            string
            (Optional)

            BootstrapCommandOverride allows you to override the bootstrap command to use for EKS nodes.

            files
            []File
            (Optional)

            Files specifies extra files to be passed to user_data upon creation.

            diskSetup
            DiskSetup
            (Optional)

            DiskSetup specifies options for the creation of partition tables and file systems on devices.

            mounts
            []MountPoints
            (Optional)

            Mounts specifies a list of mount points to be setup.

            users
            []User
            (Optional)

            Users specifies extra users to add

            ntp
            NTP
            (Optional)

            NTP specifies NTP configuration

            EKSConfigStatus

            (Appears on:EKSConfig)

            EKSConfigStatus defines the observed state of the Amazon EKS Bootstrap Configuration.

            Field Description
            ready
            bool

            Ready indicates the BootstrapData secret is ready to be consumed

            dataSecretName
            string
            (Optional)

            DataSecretName is the name of the secret that stores the bootstrap data script.

            failureReason
            string
            (Optional)

            FailureReason will be set on non-retryable errors

            failureMessage
            string
            (Optional)

            FailureMessage will be set on non-retryable errors

            observedGeneration
            int64
            (Optional)

            ObservedGeneration is the latest generation observed by the controller.

            conditions
            Cluster API api/v1beta1.Conditions
            (Optional)

            Conditions defines current service state of the EKSConfig.

            EKSConfigTemplate

            EKSConfigTemplate is the Amazon EKS Bootstrap Configuration Template API.

            Field Description
            metadata
            Kubernetes meta/v1.ObjectMeta
            Refer to the Kubernetes API documentation for the fields of the metadata field.
            spec
            EKSConfigTemplateSpec


            template
            EKSConfigTemplateResource

            EKSConfigTemplateResource

            (Appears on:EKSConfigTemplateSpec)

            EKSConfigTemplateResource defines the Template structure.

            Field Description
            spec
            EKSConfigSpec


            kubeletExtraArgs
            map[string]string
            (Optional)

            KubeletExtraArgs passes the specified kubelet args into the Amazon EKS machine bootstrap script

            containerRuntime
            string
            (Optional)

            ContainerRuntime specify the container runtime to use when bootstrapping EKS.

            dnsClusterIP
            string
            (Optional)

            DNSClusterIP overrides the IP address to use for DNS queries within the cluster.

            dockerConfigJson
            string
            (Optional)

            DockerConfigJson is used for the contents of the /etc/docker/daemon.json file. Useful if you want a custom config differing from the default one in the AMI. This is expected to be a json string.

            apiRetryAttempts
            int
            (Optional)

            APIRetryAttempts is the number of retry attempts for AWS API call.

            pauseContainer
            PauseContainer
            (Optional)

            PauseContainer allows customization of the pause container to use.

            useMaxPods
            bool
            (Optional)

            UseMaxPods sets –max-pods for the kubelet when true.

            serviceIPV6Cidr
            string
            (Optional)

            ServiceIPV6Cidr is the ipv6 cidr range of the cluster. If this is specified then the ip family will be set to ipv6.

            preBootstrapCommands
            []string
            (Optional)

            PreBootstrapCommands specifies extra commands to run before bootstrapping nodes to the cluster

            postBootstrapCommands
            []string
            (Optional)

            PostBootstrapCommands specifies extra commands to run after bootstrapping nodes to the cluster

            boostrapCommandOverride
            string
            (Optional)

            BootstrapCommandOverride allows you to override the bootstrap command to use for EKS nodes.

            files
            []File
            (Optional)

            Files specifies extra files to be passed to user_data upon creation.

            diskSetup
            DiskSetup
            (Optional)

            DiskSetup specifies options for the creation of partition tables and file systems on devices.

            mounts
            []MountPoints
            (Optional)

            Mounts specifies a list of mount points to be setup.

            users
            []User
            (Optional)

            Users specifies extra users to add

            ntp
            NTP
            (Optional)

            NTP specifies NTP configuration

            EKSConfigTemplateSpec

            (Appears on:EKSConfigTemplate)

            EKSConfigTemplateSpec defines the desired state of templated EKSConfig Amazon EKS Bootstrap Configuration resources.

            Field Description
            template
            EKSConfigTemplateResource

            Encoding (string alias)

            (Appears on:File)

            Encoding specifies the cloud-init file encoding.

            Value Description

            "base64"

            Base64 implies the contents of the file are encoded as base64.

            "gzip"

            Gzip implies the contents of the file are encoded with gzip.

            "gzip+base64"

            GzipBase64 implies the contents of the file are first base64 encoded and then gzip encoded.

            File

            (Appears on:EKSConfigSpec)

            File defines the input for generating write_files in cloud-init.

            Field Description
            path
            string

            Path specifies the full path on disk where to store the file.

            owner
            string
            (Optional)

            Owner specifies the ownership of the file, e.g. “root:root”.

            permissions
            string
            (Optional)

            Permissions specifies the permissions to assign to the file, e.g. “0640”.

            encoding
            Encoding
            (Optional)

            Encoding specifies the encoding of the file contents.

            append
            bool
            (Optional)

            Append specifies whether to append Content to existing file if Path exists.

            content
            string
            (Optional)

            Content is the actual content of the file.

            contentFrom
            FileSource
            (Optional)

            ContentFrom is a referenced source of content to populate the file.

            FileSource

            (Appears on:File)

            FileSource is a union of all possible external source types for file data. Only one field may be populated in any given instance. Developers adding new sources of data for target systems should add them here.

            Field Description
            secret
            SecretFileSource

            Secret represents a secret that should populate this file.

            Filesystem

            (Appears on:DiskSetup)

            Filesystem defines the file systems to be created.

            Field Description
            device
            string

            Device specifies the device name

            filesystem
            string

            Filesystem specifies the file system type.

            label
            string

            Label specifies the file system label to be used. If set to None, no label is used.

            partition
            string
            (Optional)

            Partition specifies the partition to use. The valid options are: “auto|any”, “auto”, “any”, “none”, and , where NUM is the actual partition number.

            overwrite
            bool
            (Optional)

            Overwrite defines whether or not to overwrite any existing filesystem. If true, any pre-existing file system will be destroyed. Use with Caution.

            extraOpts
            []string
            (Optional)

            ExtraOpts defined extra options to add to the command for creating the file system.

            MountPoints ([]string alias)

            (Appears on:EKSConfigSpec)

            MountPoints defines input for generated mounts in cloud-init.

            NTP

            (Appears on:EKSConfigSpec)

            NTP defines input for generated ntp in cloud-init.

            Field Description
            servers
            []string
            (Optional)

            Servers specifies which NTP servers to use

            enabled
            bool
            (Optional)

            Enabled specifies whether NTP should be enabled

            Partition

            (Appears on:DiskSetup)

            Partition defines how to create and layout a partition.

            Field Description
            device
            string

            Device is the name of the device.

            layout
            bool

            Layout specifies the device layout. If it is true, a single partition will be created for the entire device. When layout is false, it means don’t partition or ignore existing partitioning.

            overwrite
            bool
            (Optional)

            Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is ‘false’.

            tableType
            string
            (Optional)

            TableType specifies the tupe of partition table. The following are supported: ‘mbr’: default and setups a MS-DOS partition table ‘gpt’: setups a GPT partition table

            PasswdSource

            (Appears on:User)

            PasswdSource is a union of all possible external source types for passwd data. Only one field may be populated in any given instance. Developers adding new sources of data for target systems should add them here.

            Field Description
            secret
            SecretPasswdSource

            Secret represents a secret that should populate this password.

            PauseContainer

            (Appears on:EKSConfigSpec)

            PauseContainer contains details of pause container.

            Field Description
            accountNumber
            string

            AccountNumber is the AWS account number to pull the pause container from.

            version
            string

            Version is the tag of the pause container to use.

            SecretFileSource

            (Appears on:FileSource)

            SecretFileSource adapts a Secret into a FileSource.

            The contents of the target Secret’s Data field will be presented as files using the keys in the Data field as the file names.

            Field Description
            name
            string

            Name of the secret in the KubeadmBootstrapConfig’s namespace to use.

            key
            string

            Key is the key in the secret’s data map for this value.

            SecretPasswdSource

            (Appears on:PasswdSource)

            SecretPasswdSource adapts a Secret into a PasswdSource.

            The contents of the target Secret’s Data field will be presented as passwd using the keys in the Data field as the file names.

            Field Description
            name
            string

            Name of the secret in the KubeadmBootstrapConfig’s namespace to use.

            key
            string

            Key is the key in the secret’s data map for this value.

            User

            (Appears on:EKSConfigSpec)

            User defines the input for a generated user in cloud-init.

            Field Description
            name
            string

            Name specifies the username

            gecos
            string
            (Optional)

            Gecos specifies the gecos to use for the user

            groups
            string
            (Optional)

            Groups specifies the additional groups for the user

            homeDir
            string
            (Optional)

            HomeDir specifies the home directory to use for the user

            inactive
            bool
            (Optional)

            Inactive specifies whether to mark the user as inactive

            shell
            string
            (Optional)

            Shell specifies the user’s shell

            passwd
            string
            (Optional)

            Passwd specifies a hashed password for the user

            passwdFrom
            PasswdSource
            (Optional)

            PasswdFrom is a referenced source of passwd to populate the passwd.

            primaryGroup
            string
            (Optional)

            PrimaryGroup specifies the primary group for the user

            lockPassword
            bool
            (Optional)

            LockPassword specifies if password login should be disabled

            sudo
            string
            (Optional)

            Sudo specifies a sudo role for the user

            sshAuthorizedKeys
            []string
            (Optional)

            SSHAuthorizedKeys specifies a list of ssh authorized keys for the user


            controlplane.cluster.x-k8s.io/v1beta1

            Package v1beta1 contains API Schema definitions for the controlplane v1beta1 API group

            Resource Types:

              AWSManagedControlPlane

              AWSManagedControlPlane is the schema for the Amazon EKS Managed Control Plane API.

              Field Description
              metadata
              Kubernetes meta/v1.ObjectMeta
              Refer to the Kubernetes API documentation for the fields of the metadata field.
              spec
              AWSManagedControlPlaneSpec


              eksClusterName
              string
              (Optional)

              EKSClusterName allows you to specify the name of the EKS cluster in AWS. If you don’t specify a name then a default name will be created based on the namespace and name of the managed control plane.

              identityRef
              AWSIdentityReference

              IdentityRef is a reference to an identity to be used when reconciling the managed control plane. If no identity is specified, the default identity for this controller will be used.

              network
              NetworkSpec

              NetworkSpec encapsulates all things related to AWS network.

              secondaryCidrBlock
              string
              (Optional)

              SecondaryCidrBlock is the additional CIDR range to use for pod IPs. Must be within the 100.64.0.0/10 or 198.19.0.0/16 range.

              region
              string

              The AWS Region the cluster lives in.

              sshKeyName
              string
              (Optional)

              SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

              version
              string
              (Optional)

              Version defines the desired Kubernetes version. If no version number is supplied then the latest version of Kubernetes that EKS supports will be used.

              roleName
              string
              (Optional)

              RoleName specifies the name of IAM role that gives EKS permission to make API calls. If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created.

              roleAdditionalPolicies
              []string
              (Optional)

              RoleAdditionalPolicies allows you to attach additional polices to the control plane role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role.

              logging
              ControlPlaneLoggingSpec
              (Optional)

              Logging specifies which EKS Cluster logs should be enabled. Entries for each of the enabled logs will be sent to CloudWatch

              encryptionConfig
              EncryptionConfig
              (Optional)

              EncryptionConfig specifies the encryption configuration for the cluster

              additionalTags
              Tags
              (Optional)

              AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

              iamAuthenticatorConfig
              IAMAuthenticatorConfig
              (Optional)

              IAMAuthenticatorConfig allows the specification of any additional user or role mappings for use when generating the aws-iam-authenticator configuration. If this is nil the default configuration is still generated for the cluster.

              endpointAccess
              EndpointAccess
              (Optional)

              Endpoints specifies access to this cluster’s control plane endpoints

              controlPlaneEndpoint
              Cluster API api/v1beta1.APIEndpoint
              (Optional)

              ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

              imageLookupFormat
              string
              (Optional)

              ImageLookupFormat is the AMI naming format to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

              imageLookupOrg
              string
              (Optional)

              ImageLookupOrg is the AWS Organization ID to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg.

              imageLookupBaseOS
              string

              ImageLookupBaseOS is the name of the base operating system used to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupBaseOS.

              bastion
              Bastion
              (Optional)

              Bastion contains options to configure the bastion host.

              tokenMethod
              EKSTokenMethod

              TokenMethod is used to specify the method for obtaining a client token for communicating with EKS iam-authenticator - obtains a client token using iam-authentictor aws-cli - obtains a client token using the AWS CLI Defaults to iam-authenticator

              associateOIDCProvider
              bool

              AssociateOIDCProvider can be enabled to automatically create an identity provider for the controller for use with IAM roles for service accounts

              addons
              []sigs.k8s.io/cluster-api-provider-aws/v2/controlplane/eks/api/v1beta1.Addon
              (Optional)

              Addons defines the EKS addons to enable with the EKS cluster.

              oidcIdentityProviderConfig
              OIDCIdentityProviderConfig
              (Optional)

              IdentityProviderconfig is used to specify the oidc provider config to be attached with this eks cluster

              disableVPCCNI
              bool

              DisableVPCCNI indicates that the Amazon VPC CNI should be disabled. With EKS clusters the Amazon VPC CNI is automatically installed into the cluster. For clusters where you want to use an alternate CNI this option provides a way to specify that the Amazon VPC CNI should be deleted. You cannot set this to true if you are using the Amazon VPC CNI addon.

              vpcCni
              VpcCni
              (Optional)

              VpcCni is used to set configuration options for the VPC CNI plugin

              kubeProxy
              KubeProxy

              KubeProxy defines managed attributes of the kube-proxy daemonset

              status
              AWSManagedControlPlaneStatus

              AWSManagedControlPlaneSpec

              (Appears on:AWSManagedControlPlane)

              AWSManagedControlPlaneSpec defines the desired state of an Amazon EKS Cluster.

              Field Description
              eksClusterName
              string
              (Optional)

              EKSClusterName allows you to specify the name of the EKS cluster in AWS. If you don’t specify a name then a default name will be created based on the namespace and name of the managed control plane.

              identityRef
              AWSIdentityReference

              IdentityRef is a reference to an identity to be used when reconciling the managed control plane. If no identity is specified, the default identity for this controller will be used.

              network
              NetworkSpec

              NetworkSpec encapsulates all things related to AWS network.

              secondaryCidrBlock
              string
              (Optional)

              SecondaryCidrBlock is the additional CIDR range to use for pod IPs. Must be within the 100.64.0.0/10 or 198.19.0.0/16 range.

              region
              string

              The AWS Region the cluster lives in.

              sshKeyName
              string
              (Optional)

              SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

              version
              string
              (Optional)

              Version defines the desired Kubernetes version. If no version number is supplied then the latest version of Kubernetes that EKS supports will be used.

              roleName
              string
              (Optional)

              RoleName specifies the name of IAM role that gives EKS permission to make API calls. If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created.

              roleAdditionalPolicies
              []string
              (Optional)

              RoleAdditionalPolicies allows you to attach additional polices to the control plane role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role.

              logging
              ControlPlaneLoggingSpec
              (Optional)

              Logging specifies which EKS Cluster logs should be enabled. Entries for each of the enabled logs will be sent to CloudWatch

              encryptionConfig
              EncryptionConfig
              (Optional)

              EncryptionConfig specifies the encryption configuration for the cluster

              additionalTags
              Tags
              (Optional)

              AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

              iamAuthenticatorConfig
              IAMAuthenticatorConfig
              (Optional)

              IAMAuthenticatorConfig allows the specification of any additional user or role mappings for use when generating the aws-iam-authenticator configuration. If this is nil the default configuration is still generated for the cluster.

              endpointAccess
              EndpointAccess
              (Optional)

              Endpoints specifies access to this cluster’s control plane endpoints

              controlPlaneEndpoint
              Cluster API api/v1beta1.APIEndpoint
              (Optional)

              ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

              imageLookupFormat
              string
              (Optional)

              ImageLookupFormat is the AMI naming format to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

              imageLookupOrg
              string
              (Optional)

              ImageLookupOrg is the AWS Organization ID to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg.

              imageLookupBaseOS
              string

              ImageLookupBaseOS is the name of the base operating system used to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupBaseOS.

              bastion
              Bastion
              (Optional)

              Bastion contains options to configure the bastion host.

              tokenMethod
              EKSTokenMethod

              TokenMethod is used to specify the method for obtaining a client token for communicating with EKS iam-authenticator - obtains a client token using iam-authentictor aws-cli - obtains a client token using the AWS CLI Defaults to iam-authenticator

              associateOIDCProvider
              bool

              AssociateOIDCProvider can be enabled to automatically create an identity provider for the controller for use with IAM roles for service accounts

              addons
              []sigs.k8s.io/cluster-api-provider-aws/v2/controlplane/eks/api/v1beta1.Addon
              (Optional)

              Addons defines the EKS addons to enable with the EKS cluster.

              oidcIdentityProviderConfig
              OIDCIdentityProviderConfig
              (Optional)

              IdentityProviderconfig is used to specify the oidc provider config to be attached with this eks cluster

              disableVPCCNI
              bool

              DisableVPCCNI indicates that the Amazon VPC CNI should be disabled. With EKS clusters the Amazon VPC CNI is automatically installed into the cluster. For clusters where you want to use an alternate CNI this option provides a way to specify that the Amazon VPC CNI should be deleted. You cannot set this to true if you are using the Amazon VPC CNI addon.

              vpcCni
              VpcCni
              (Optional)

              VpcCni is used to set configuration options for the VPC CNI plugin

              kubeProxy
              KubeProxy

              KubeProxy defines managed attributes of the kube-proxy daemonset

              AWSManagedControlPlaneStatus

              (Appears on:AWSManagedControlPlane)

              AWSManagedControlPlaneStatus defines the observed state of an Amazon EKS Cluster.

              Field Description
              networkStatus
              NetworkStatus
              (Optional)

              Networks holds details about the AWS networking resources used by the control plane

              failureDomains
              Cluster API api/v1beta1.FailureDomains
              (Optional)

              FailureDomains specifies a list fo available availability zones that can be used

              bastion
              Instance
              (Optional)

              Bastion holds details of the instance that is used as a bastion jump box

              oidcProvider
              OIDCProviderStatus
              (Optional)

              OIDCProvider holds the status of the identity provider for this cluster

              externalManagedControlPlane
              bool

              ExternalManagedControlPlane indicates to cluster-api that the control plane is managed by an external service such as AKS, EKS, GKE, etc.

              initialized
              bool
              (Optional)

              Initialized denotes whether or not the control plane has the uploaded kubernetes config-map.

              ready
              bool

              Ready denotes that the AWSManagedControlPlane API Server is ready to receive requests and that the VPC infra is ready.

              failureMessage
              string
              (Optional)

              ErrorMessage indicates that there is a terminal problem reconciling the state, and will be set to a descriptive error message.

              conditions
              Cluster API api/v1beta1.Conditions

              Conditions specifies the cpnditions for the managed control plane

              addons
              []AddonState
              (Optional)

              Addons holds the current status of the EKS addons

              identityProviderStatus
              IdentityProviderStatus
              (Optional)

              IdentityProviderStatus holds the status for associated identity provider

              Addon

              Addon represents a EKS addon.

              Field Description
              name
              string

              Name is the name of the addon

              version
              string

              Version is the version of the addon to use

              configuration
              string
              (Optional)

              Configuration of the EKS addon

              conflictResolution
              AddonResolution

              ConflictResolution is used to declare what should happen if there are parameter conflicts. Defaults to none

              serviceAccountRoleARN
              string
              (Optional)

              ServiceAccountRoleArn is the ARN of an IAM role to bind to the addons service account

              AddonIssue

              (Appears on:AddonState)

              AddonIssue represents an issue with an addon.

              Field Description
              code
              string

              Code is the issue code

              message
              string

              Message is the textual description of the issue

              resourceIds
              []string

              ResourceIDs is a list of resource ids for the issue

              AddonResolution (string alias)

              (Appears on:Addon)

              AddonResolution defines the method for resolving parameter conflicts.

              AddonState

              (Appears on:AWSManagedControlPlaneStatus)

              AddonState represents the state of an addon.

              Field Description
              name
              string

              Name is the name of the addon

              version
              string

              Version is the version of the addon to use

              arn
              string

              ARN is the AWS ARN of the addon

              serviceAccountRoleARN
              string

              ServiceAccountRoleArn is the ARN of the IAM role used for the service account

              createdAt
              Kubernetes meta/v1.Time

              CreatedAt is the date and time the addon was created at

              modifiedAt
              Kubernetes meta/v1.Time

              ModifiedAt is the date and time the addon was last modified

              status
              string

              Status is the status of the addon

              issues
              []AddonIssue

              Issues is a list of issue associated with the addon

              AddonStatus (string alias)

              AddonStatus defines the status for an addon.

              ControlPlaneLoggingSpec

              (Appears on:AWSManagedControlPlaneSpec)

              ControlPlaneLoggingSpec defines what EKS control plane logs that should be enabled.

              Field Description
              apiServer
              bool

              APIServer indicates if the Kubernetes API Server log (kube-apiserver) shoulkd be enabled

              audit
              bool

              Audit indicates if the Kubernetes API audit log should be enabled

              authenticator
              bool

              Authenticator indicates if the iam authenticator log should be enabled

              controllerManager
              bool

              ControllerManager indicates if the controller manager (kube-controller-manager) log should be enabled

              scheduler
              bool

              Scheduler indicates if the Kubernetes scheduler (kube-scheduler) log should be enabled

              EKSTokenMethod (string alias)

              (Appears on:AWSManagedControlPlaneSpec)

              EKSTokenMethod defines the method for obtaining a client token to use when connecting to EKS.

              EncryptionConfig

              (Appears on:AWSManagedControlPlaneSpec)

              EncryptionConfig specifies the encryption configuration for the EKS clsuter.

              Field Description
              provider
              string

              Provider specifies the ARN or alias of the CMK (in AWS KMS)

              resources
              []*string

              Resources specifies the resources to be encrypted

              EndpointAccess

              (Appears on:AWSManagedControlPlaneSpec)

              EndpointAccess specifies how control plane endpoints are accessible.

              Field Description
              public
              bool
              (Optional)

              Public controls whether control plane endpoints are publicly accessible

              publicCIDRs
              []*string
              (Optional)

              PublicCIDRs specifies which blocks can access the public endpoint

              private
              bool
              (Optional)

              Private points VPC-internal control plane access to the private endpoint

              IAMAuthenticatorConfig

              (Appears on:AWSManagedControlPlaneSpec)

              IAMAuthenticatorConfig represents an aws-iam-authenticator configuration.

              Field Description
              mapRoles
              []RoleMapping
              (Optional)

              RoleMappings is a list of role mappings

              mapUsers
              []UserMapping
              (Optional)

              UserMappings is a list of user mappings

              IdentityProviderStatus

              (Appears on:AWSManagedControlPlaneStatus)

              IdentityProviderStatus holds the status for associated identity provider

              Field Description
              arn
              string

              ARN holds the ARN of associated identity provider

              status
              string

              Status holds current status of associated identity provider

              KubeProxy

              (Appears on:AWSManagedControlPlaneSpec)

              KubeProxy specifies how the kube-proxy daemonset is managed.

              Field Description
              disable
              bool

              Disable set to true indicates that kube-proxy should be disabled. With EKS clusters kube-proxy is automatically installed into the cluster. For clusters where you want to use kube-proxy functionality that is provided with an alternate CNI, this option provides a way to specify that the kube-proxy daemonset should be deleted. You cannot set this to true if you are using the Amazon kube-proxy addon.

              KubernetesMapping

              (Appears on:RoleMapping, UserMapping)

              KubernetesMapping represents the kubernetes RBAC mapping.

              Field Description
              username
              string

              UserName is a kubernetes RBAC user subject

              groups
              []string

              Groups is a list of kubernetes RBAC groups

              OIDCIdentityProviderConfig

              (Appears on:AWSManagedControlPlaneSpec)

              OIDCIdentityProviderConfig defines the configuration for an OIDC identity provider.

              Field Description
              clientId
              string

              This is also known as audience. The ID for the client application that makes authentication requests to the OpenID identity provider.

              groupsClaim
              string
              (Optional)

              The JWT claim that the provider uses to return your groups.

              groupsPrefix
              string
              (Optional)

              The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the valueoidc: will create group names like oidc:engineering and oidc:infra.

              identityProviderConfigName
              string

              The name of the OIDC provider configuration.

              IdentityProviderConfigName is a required field

              issuerUrl
              string

              The URL of the OpenID identity provider that allows the API server to discover public signing keys for verifying tokens. The URL must begin with https:// and should correspond to the iss claim in the provider’s OIDC ID tokens. Per the OIDC standard, path components are allowed but query parameters are not. Typically the URL consists of only a hostname, like https://server.example.org or https://example.com. This URL should point to the level below .well-known/openid-configuration and must be publicly accessible over the internet.

              requiredClaims
              map[string]string
              (Optional)

              The key value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value. For the maximum number of claims that you can require, see Amazon EKS service quotas (https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the Amazon EKS User Guide.

              usernameClaim
              string
              (Optional)

              The JSON Web Token (JWT) claim to use as the username. The default is sub, which is expected to be a unique identifier of the end user. You can choose other claims, such as email or name, depending on the OpenID identity provider. Claims other than email are prefixed with the issuer URL to prevent naming clashes with other plug-ins.

              usernamePrefix
              string
              (Optional)

              The prefix that is prepended to username claims to prevent clashes with existing names. If you do not provide this field, and username is a value other than email, the prefix defaults to issuerurl#. You can use the value - to disable all prefixing.

              tags
              Tags
              (Optional)

              tags to apply to oidc identity provider association

              OIDCProviderStatus

              (Appears on:AWSManagedControlPlaneStatus)

              OIDCProviderStatus holds the status of the AWS OIDC identity provider.

              Field Description
              arn
              string

              ARN holds the ARN of the provider

              trustPolicy
              string

              TrustPolicy contains the boilerplate IAM trust policy to use for IRSA

              RoleMapping

              (Appears on:IAMAuthenticatorConfig)

              RoleMapping represents a mapping from a IAM role to Kubernetes users and groups.

              Field Description
              rolearn
              string

              RoleARN is the AWS ARN for the role to map

              KubernetesMapping
              KubernetesMapping

              (Members of KubernetesMapping are embedded into this type.)

              KubernetesMapping holds the RBAC details for the mapping

              UserMapping

              (Appears on:IAMAuthenticatorConfig)

              UserMapping represents a mapping from an IAM user to Kubernetes users and groups.

              Field Description
              userarn
              string

              UserARN is the AWS ARN for the user to map

              KubernetesMapping
              KubernetesMapping

              (Members of KubernetesMapping are embedded into this type.)

              KubernetesMapping holds the RBAC details for the mapping

              VpcCni

              (Appears on:AWSManagedControlPlaneSpec)

              VpcCni specifies configuration related to the VPC CNI.

              Field Description
              env
              []Kubernetes core/v1.EnvVar
              (Optional)

              Env defines a list of environment variables to apply to the aws-node DaemonSet


              controlplane.cluster.x-k8s.io/v1beta2

              Package v1beta2 contains API Schema definitions for the controlplane v1beta2 API group

              Resource Types:

                AWSManagedControlPlane

                AWSManagedControlPlane is the schema for the Amazon EKS Managed Control Plane API.

                Field Description
                metadata
                Kubernetes meta/v1.ObjectMeta
                Refer to the Kubernetes API documentation for the fields of the metadata field.
                spec
                AWSManagedControlPlaneSpec


                eksClusterName
                string
                (Optional)

                EKSClusterName allows you to specify the name of the EKS cluster in AWS. If you don’t specify a name then a default name will be created based on the namespace and name of the managed control plane.

                identityRef
                AWSIdentityReference

                IdentityRef is a reference to an identity to be used when reconciling the managed control plane. If no identity is specified, the default identity for this controller will be used.

                network
                NetworkSpec

                NetworkSpec encapsulates all things related to AWS network.

                secondaryCidrBlock
                string
                (Optional)

                SecondaryCidrBlock is the additional CIDR range to use for pod IPs. Must be within the 100.64.0.0/10 or 198.19.0.0/16 range.

                region
                string

                The AWS Region the cluster lives in.

                partition
                string
                (Optional)

                Partition is the AWS security partition being used. Defaults to “aws”

                sshKeyName
                string
                (Optional)

                SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                version
                string
                (Optional)

                Version defines the desired Kubernetes version. If no version number is supplied then the latest version of Kubernetes that EKS supports will be used.

                roleName
                string
                (Optional)

                RoleName specifies the name of IAM role that gives EKS permission to make API calls. If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created.

                roleAdditionalPolicies
                []string
                (Optional)

                RoleAdditionalPolicies allows you to attach additional polices to the control plane role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role.

                logging
                ControlPlaneLoggingSpec
                (Optional)

                Logging specifies which EKS Cluster logs should be enabled. Entries for each of the enabled logs will be sent to CloudWatch

                encryptionConfig
                EncryptionConfig
                (Optional)

                EncryptionConfig specifies the encryption configuration for the cluster

                additionalTags
                Tags
                (Optional)

                AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                iamAuthenticatorConfig
                IAMAuthenticatorConfig
                (Optional)

                IAMAuthenticatorConfig allows the specification of any additional user or role mappings for use when generating the aws-iam-authenticator configuration. If this is nil the default configuration is still generated for the cluster.

                endpointAccess
                EndpointAccess
                (Optional)

                Endpoints specifies access to this cluster’s control plane endpoints

                controlPlaneEndpoint
                Cluster API api/v1beta1.APIEndpoint
                (Optional)

                ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                imageLookupFormat
                string
                (Optional)

                ImageLookupFormat is the AMI naming format to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                imageLookupOrg
                string
                (Optional)

                ImageLookupOrg is the AWS Organization ID to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg.

                imageLookupBaseOS
                string

                ImageLookupBaseOS is the name of the base operating system used to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupBaseOS.

                bastion
                Bastion
                (Optional)

                Bastion contains options to configure the bastion host.

                tokenMethod
                EKSTokenMethod

                TokenMethod is used to specify the method for obtaining a client token for communicating with EKS iam-authenticator - obtains a client token using iam-authentictor aws-cli - obtains a client token using the AWS CLI Defaults to iam-authenticator

                associateOIDCProvider
                bool

                AssociateOIDCProvider can be enabled to automatically create an identity provider for the controller for use with IAM roles for service accounts

                addons
                []sigs.k8s.io/cluster-api-provider-aws/v2/controlplane/eks/api/v1beta2.Addon
                (Optional)

                Addons defines the EKS addons to enable with the EKS cluster.

                oidcIdentityProviderConfig
                OIDCIdentityProviderConfig
                (Optional)

                IdentityProviderconfig is used to specify the oidc provider config to be attached with this eks cluster

                vpcCni
                VpcCni
                (Optional)

                VpcCni is used to set configuration options for the VPC CNI plugin

                restrictPrivateSubnets
                bool

                RestrictPrivateSubnets indicates that the EKS control plane should only use private subnets.

                kubeProxy
                KubeProxy

                KubeProxy defines managed attributes of the kube-proxy daemonset

                status
                AWSManagedControlPlaneStatus

                AWSManagedControlPlaneSpec

                (Appears on:AWSManagedControlPlane)

                AWSManagedControlPlaneSpec defines the desired state of an Amazon EKS Cluster.

                Field Description
                eksClusterName
                string
                (Optional)

                EKSClusterName allows you to specify the name of the EKS cluster in AWS. If you don’t specify a name then a default name will be created based on the namespace and name of the managed control plane.

                identityRef
                AWSIdentityReference

                IdentityRef is a reference to an identity to be used when reconciling the managed control plane. If no identity is specified, the default identity for this controller will be used.

                network
                NetworkSpec

                NetworkSpec encapsulates all things related to AWS network.

                secondaryCidrBlock
                string
                (Optional)

                SecondaryCidrBlock is the additional CIDR range to use for pod IPs. Must be within the 100.64.0.0/10 or 198.19.0.0/16 range.

                region
                string

                The AWS Region the cluster lives in.

                partition
                string
                (Optional)

                Partition is the AWS security partition being used. Defaults to “aws”

                sshKeyName
                string
                (Optional)

                SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                version
                string
                (Optional)

                Version defines the desired Kubernetes version. If no version number is supplied then the latest version of Kubernetes that EKS supports will be used.

                roleName
                string
                (Optional)

                RoleName specifies the name of IAM role that gives EKS permission to make API calls. If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created.

                roleAdditionalPolicies
                []string
                (Optional)

                RoleAdditionalPolicies allows you to attach additional polices to the control plane role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role.

                logging
                ControlPlaneLoggingSpec
                (Optional)

                Logging specifies which EKS Cluster logs should be enabled. Entries for each of the enabled logs will be sent to CloudWatch

                encryptionConfig
                EncryptionConfig
                (Optional)

                EncryptionConfig specifies the encryption configuration for the cluster

                additionalTags
                Tags
                (Optional)

                AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                iamAuthenticatorConfig
                IAMAuthenticatorConfig
                (Optional)

                IAMAuthenticatorConfig allows the specification of any additional user or role mappings for use when generating the aws-iam-authenticator configuration. If this is nil the default configuration is still generated for the cluster.

                endpointAccess
                EndpointAccess
                (Optional)

                Endpoints specifies access to this cluster’s control plane endpoints

                controlPlaneEndpoint
                Cluster API api/v1beta1.APIEndpoint
                (Optional)

                ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                imageLookupFormat
                string
                (Optional)

                ImageLookupFormat is the AMI naming format to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                imageLookupOrg
                string
                (Optional)

                ImageLookupOrg is the AWS Organization ID to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg.

                imageLookupBaseOS
                string

                ImageLookupBaseOS is the name of the base operating system used to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupBaseOS.

                bastion
                Bastion
                (Optional)

                Bastion contains options to configure the bastion host.

                tokenMethod
                EKSTokenMethod

                TokenMethod is used to specify the method for obtaining a client token for communicating with EKS iam-authenticator - obtains a client token using iam-authentictor aws-cli - obtains a client token using the AWS CLI Defaults to iam-authenticator

                associateOIDCProvider
                bool

                AssociateOIDCProvider can be enabled to automatically create an identity provider for the controller for use with IAM roles for service accounts

                addons
                []sigs.k8s.io/cluster-api-provider-aws/v2/controlplane/eks/api/v1beta2.Addon
                (Optional)

                Addons defines the EKS addons to enable with the EKS cluster.

                oidcIdentityProviderConfig
                OIDCIdentityProviderConfig
                (Optional)

                IdentityProviderconfig is used to specify the oidc provider config to be attached with this eks cluster

                vpcCni
                VpcCni
                (Optional)

                VpcCni is used to set configuration options for the VPC CNI plugin

                restrictPrivateSubnets
                bool

                RestrictPrivateSubnets indicates that the EKS control plane should only use private subnets.

                kubeProxy
                KubeProxy

                KubeProxy defines managed attributes of the kube-proxy daemonset

                AWSManagedControlPlaneStatus

                (Appears on:AWSManagedControlPlane)

                AWSManagedControlPlaneStatus defines the observed state of an Amazon EKS Cluster.

                Field Description
                networkStatus
                NetworkStatus
                (Optional)

                Networks holds details about the AWS networking resources used by the control plane

                failureDomains
                Cluster API api/v1beta1.FailureDomains
                (Optional)

                FailureDomains specifies a list fo available availability zones that can be used

                bastion
                Instance
                (Optional)

                Bastion holds details of the instance that is used as a bastion jump box

                oidcProvider
                OIDCProviderStatus
                (Optional)

                OIDCProvider holds the status of the identity provider for this cluster

                externalManagedControlPlane
                bool

                ExternalManagedControlPlane indicates to cluster-api that the control plane is managed by an external service such as AKS, EKS, GKE, etc.

                initialized
                bool
                (Optional)

                Initialized denotes whether or not the control plane has the uploaded kubernetes config-map.

                ready
                bool

                Ready denotes that the AWSManagedControlPlane API Server is ready to receive requests and that the VPC infra is ready.

                failureMessage
                string
                (Optional)

                ErrorMessage indicates that there is a terminal problem reconciling the state, and will be set to a descriptive error message.

                conditions
                Cluster API api/v1beta1.Conditions

                Conditions specifies the cpnditions for the managed control plane

                addons
                []AddonState
                (Optional)

                Addons holds the current status of the EKS addons

                identityProviderStatus
                IdentityProviderStatus
                (Optional)

                IdentityProviderStatus holds the status for associated identity provider

                Addon

                Addon represents a EKS addon.

                Field Description
                name
                string

                Name is the name of the addon

                version
                string

                Version is the version of the addon to use

                configuration
                string
                (Optional)

                Configuration of the EKS addon

                conflictResolution
                AddonResolution

                ConflictResolution is used to declare what should happen if there are parameter conflicts. Defaults to none

                serviceAccountRoleARN
                string
                (Optional)

                ServiceAccountRoleArn is the ARN of an IAM role to bind to the addons service account

                AddonIssue

                (Appears on:AddonState)

                AddonIssue represents an issue with an addon.

                Field Description
                code
                string

                Code is the issue code

                message
                string

                Message is the textual description of the issue

                resourceIds
                []string

                ResourceIDs is a list of resource ids for the issue

                AddonResolution (string alias)

                (Appears on:Addon)

                AddonResolution defines the method for resolving parameter conflicts.

                AddonState

                (Appears on:AWSManagedControlPlaneStatus)

                AddonState represents the state of an addon.

                Field Description
                name
                string

                Name is the name of the addon

                version
                string

                Version is the version of the addon to use

                arn
                string

                ARN is the AWS ARN of the addon

                serviceAccountRoleARN
                string

                ServiceAccountRoleArn is the ARN of the IAM role used for the service account

                createdAt
                Kubernetes meta/v1.Time

                CreatedAt is the date and time the addon was created at

                modifiedAt
                Kubernetes meta/v1.Time

                ModifiedAt is the date and time the addon was last modified

                status
                string

                Status is the status of the addon

                issues
                []AddonIssue

                Issues is a list of issue associated with the addon

                AddonStatus (string alias)

                AddonStatus defines the status for an addon.

                ControlPlaneLoggingSpec

                (Appears on:AWSManagedControlPlaneSpec)

                ControlPlaneLoggingSpec defines what EKS control plane logs that should be enabled.

                Field Description
                apiServer
                bool

                APIServer indicates if the Kubernetes API Server log (kube-apiserver) shoulkd be enabled

                audit
                bool

                Audit indicates if the Kubernetes API audit log should be enabled

                authenticator
                bool

                Authenticator indicates if the iam authenticator log should be enabled

                controllerManager
                bool

                ControllerManager indicates if the controller manager (kube-controller-manager) log should be enabled

                scheduler
                bool

                Scheduler indicates if the Kubernetes scheduler (kube-scheduler) log should be enabled

                EKSTokenMethod (string alias)

                (Appears on:AWSManagedControlPlaneSpec)

                EKSTokenMethod defines the method for obtaining a client token to use when connecting to EKS.

                EncryptionConfig

                (Appears on:AWSManagedControlPlaneSpec)

                EncryptionConfig specifies the encryption configuration for the EKS clsuter.

                Field Description
                provider
                string

                Provider specifies the ARN or alias of the CMK (in AWS KMS)

                resources
                []*string

                Resources specifies the resources to be encrypted

                EndpointAccess

                (Appears on:AWSManagedControlPlaneSpec)

                EndpointAccess specifies how control plane endpoints are accessible.

                Field Description
                public
                bool
                (Optional)

                Public controls whether control plane endpoints are publicly accessible

                publicCIDRs
                []*string
                (Optional)

                PublicCIDRs specifies which blocks can access the public endpoint

                private
                bool
                (Optional)

                Private points VPC-internal control plane access to the private endpoint

                IAMAuthenticatorConfig

                (Appears on:AWSManagedControlPlaneSpec)

                IAMAuthenticatorConfig represents an aws-iam-authenticator configuration.

                Field Description
                mapRoles
                []RoleMapping
                (Optional)

                RoleMappings is a list of role mappings

                mapUsers
                []UserMapping
                (Optional)

                UserMappings is a list of user mappings

                IdentityProviderStatus

                (Appears on:AWSManagedControlPlaneStatus)

                IdentityProviderStatus holds the status for associated identity provider.

                Field Description
                arn
                string

                ARN holds the ARN of associated identity provider

                status
                string

                Status holds current status of associated identity provider

                KubeProxy

                (Appears on:AWSManagedControlPlaneSpec)

                KubeProxy specifies how the kube-proxy daemonset is managed.

                Field Description
                disable
                bool

                Disable set to true indicates that kube-proxy should be disabled. With EKS clusters kube-proxy is automatically installed into the cluster. For clusters where you want to use kube-proxy functionality that is provided with an alternate CNI, this option provides a way to specify that the kube-proxy daemonset should be deleted. You cannot set this to true if you are using the Amazon kube-proxy addon.

                KubernetesMapping

                (Appears on:RoleMapping, UserMapping)

                KubernetesMapping represents the kubernetes RBAC mapping.

                Field Description
                username
                string

                UserName is a kubernetes RBAC user subject

                groups
                []string

                Groups is a list of kubernetes RBAC groups

                OIDCIdentityProviderConfig

                (Appears on:AWSManagedControlPlaneSpec)

                OIDCIdentityProviderConfig represents the configuration for an OIDC identity provider.

                Field Description
                clientId
                string

                This is also known as audience. The ID for the client application that makes authentication requests to the OpenID identity provider.

                groupsClaim
                string
                (Optional)

                The JWT claim that the provider uses to return your groups.

                groupsPrefix
                string
                (Optional)

                The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the valueoidc: will create group names like oidc:engineering and oidc:infra.

                identityProviderConfigName
                string

                The name of the OIDC provider configuration.

                IdentityProviderConfigName is a required field

                issuerUrl
                string

                The URL of the OpenID identity provider that allows the API server to discover public signing keys for verifying tokens. The URL must begin with https:// and should correspond to the iss claim in the provider’s OIDC ID tokens. Per the OIDC standard, path components are allowed but query parameters are not. Typically the URL consists of only a hostname, like https://server.example.org or https://example.com. This URL should point to the level below .well-known/openid-configuration and must be publicly accessible over the internet.

                requiredClaims
                map[string]string
                (Optional)

                The key value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value. For the maximum number of claims that you can require, see Amazon EKS service quotas (https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the Amazon EKS User Guide.

                usernameClaim
                string
                (Optional)

                The JSON Web Token (JWT) claim to use as the username. The default is sub, which is expected to be a unique identifier of the end user. You can choose other claims, such as email or name, depending on the OpenID identity provider. Claims other than email are prefixed with the issuer URL to prevent naming clashes with other plug-ins.

                usernamePrefix
                string
                (Optional)

                The prefix that is prepended to username claims to prevent clashes with existing names. If you do not provide this field, and username is a value other than email, the prefix defaults to issuerurl#. You can use the value - to disable all prefixing.

                tags
                Tags
                (Optional)

                tags to apply to oidc identity provider association

                OIDCProviderStatus

                (Appears on:AWSManagedControlPlaneStatus)

                OIDCProviderStatus holds the status of the AWS OIDC identity provider.

                Field Description
                arn
                string

                ARN holds the ARN of the provider

                trustPolicy
                string

                TrustPolicy contains the boilerplate IAM trust policy to use for IRSA

                RoleMapping

                (Appears on:IAMAuthenticatorConfig)

                RoleMapping represents a mapping from a IAM role to Kubernetes users and groups.

                Field Description
                rolearn
                string

                RoleARN is the AWS ARN for the role to map

                KubernetesMapping
                KubernetesMapping

                (Members of KubernetesMapping are embedded into this type.)

                KubernetesMapping holds the RBAC details for the mapping

                UserMapping

                (Appears on:IAMAuthenticatorConfig)

                UserMapping represents a mapping from an IAM user to Kubernetes users and groups.

                Field Description
                userarn
                string

                UserARN is the AWS ARN for the user to map

                KubernetesMapping
                KubernetesMapping

                (Members of KubernetesMapping are embedded into this type.)

                KubernetesMapping holds the RBAC details for the mapping

                VpcCni

                (Appears on:AWSManagedControlPlaneSpec)

                VpcCni specifies configuration related to the VPC CNI.

                Field Description
                disable
                bool

                Disable indicates that the Amazon VPC CNI should be disabled. With EKS clusters the Amazon VPC CNI is automatically installed into the cluster. For clusters where you want to use an alternate CNI this option provides a way to specify that the Amazon VPC CNI should be deleted. You cannot set this to true if you are using the Amazon VPC CNI addon.

                env
                []Kubernetes core/v1.EnvVar
                (Optional)

                Env defines a list of environment variables to apply to the aws-node DaemonSet

                AWSRolesRef

                (Appears on:RosaControlPlaneSpec)

                AWSRolesRef contains references to various AWS IAM roles required for operators to make calls against the AWS API.

                Field Description
                ingressARN
                string

                The referenced role must have a trust relationship that allows it to be assumed via web identity. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html. Example: { “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Principal”: { “Federated”: “{{ .ProviderARN }}” }, “Action”: “sts:AssumeRoleWithWebIdentity”, “Condition”: { “StringEquals”: { “{{ .ProviderName }}:sub”: {{ .ServiceAccounts }} } } } ] }

                IngressARN is an ARN value referencing a role appropriate for the Ingress Operator.

                The following is an example of a valid policy document:

                { “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Action”: [ “elasticloadbalancing:DescribeLoadBalancers”, “tag:GetResources”, “route53:ListHostedZones” ], “Resource”: “*” }, { “Effect”: “Allow”, “Action”: [ “route53:ChangeResourceRecordSets” ], “Resource”: [ “arn:aws:route53:::PUBLIC_ZONE_ID”, “arn:aws:route53:::PRIVATE_ZONE_ID” ] } ] }

                imageRegistryARN
                string

                ImageRegistryARN is an ARN value referencing a role appropriate for the Image Registry Operator.

                The following is an example of a valid policy document:

                { “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Action”: [ “s3:CreateBucket”, “s3:DeleteBucket”, “s3:PutBucketTagging”, “s3:GetBucketTagging”, “s3:PutBucketPublicAccessBlock”, “s3:GetBucketPublicAccessBlock”, “s3:PutEncryptionConfiguration”, “s3:GetEncryptionConfiguration”, “s3:PutLifecycleConfiguration”, “s3:GetLifecycleConfiguration”, “s3:GetBucketLocation”, “s3:ListBucket”, “s3:GetObject”, “s3:PutObject”, “s3:DeleteObject”, “s3:ListBucketMultipartUploads”, “s3:AbortMultipartUpload”, “s3:ListMultipartUploadParts” ], “Resource”: “*” } ] }

                storageARN
                string

                StorageARN is an ARN value referencing a role appropriate for the Storage Operator.

                The following is an example of a valid policy document:

                { “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Action”: [ “ec2:AttachVolume”, “ec2:CreateSnapshot”, “ec2:CreateTags”, “ec2:CreateVolume”, “ec2:DeleteSnapshot”, “ec2:DeleteTags”, “ec2:DeleteVolume”, “ec2:DescribeInstances”, “ec2:DescribeSnapshots”, “ec2:DescribeTags”, “ec2:DescribeVolumes”, “ec2:DescribeVolumesModifications”, “ec2:DetachVolume”, “ec2:ModifyVolume” ], “Resource”: “*” } ] }

                networkARN
                string

                NetworkARN is an ARN value referencing a role appropriate for the Network Operator.

                The following is an example of a valid policy document:

                { “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Action”: [ “ec2:DescribeInstances”, “ec2:DescribeInstanceStatus”, “ec2:DescribeInstanceTypes”, “ec2:UnassignPrivateIpAddresses”, “ec2:AssignPrivateIpAddresses”, “ec2:UnassignIpv6Addresses”, “ec2:AssignIpv6Addresses”, “ec2:DescribeSubnets”, “ec2:DescribeNetworkInterfaces” ], “Resource”: “*” } ] }

                kubeCloudControllerARN
                string

                KubeCloudControllerARN is an ARN value referencing a role appropriate for the KCM/KCC. Source: https://cloud-provider-aws.sigs.k8s.io/prerequisites/#iam-policies

                The following is an example of a valid policy document:

                { “Version”: “2012-10-17”, “Statement”: [ { “Action”: [ “autoscaling:DescribeAutoScalingGroups”, “autoscaling:DescribeLaunchConfigurations”, “autoscaling:DescribeTags”, “ec2:DescribeAvailabilityZones”, “ec2:DescribeInstances”, “ec2:DescribeImages”, “ec2:DescribeRegions”, “ec2:DescribeRouteTables”, “ec2:DescribeSecurityGroups”, “ec2:DescribeSubnets”, “ec2:DescribeVolumes”, “ec2:CreateSecurityGroup”, “ec2:CreateTags”, “ec2:CreateVolume”, “ec2:ModifyInstanceAttribute”, “ec2:ModifyVolume”, “ec2:AttachVolume”, “ec2:AuthorizeSecurityGroupIngress”, “ec2:CreateRoute”, “ec2:DeleteRoute”, “ec2:DeleteSecurityGroup”, “ec2:DeleteVolume”, “ec2:DetachVolume”, “ec2:RevokeSecurityGroupIngress”, “ec2:DescribeVpcs”, “elasticloadbalancing:AddTags”, “elasticloadbalancing:AttachLoadBalancerToSubnets”, “elasticloadbalancing:ApplySecurityGroupsToLoadBalancer”, “elasticloadbalancing:CreateLoadBalancer”, “elasticloadbalancing:CreateLoadBalancerPolicy”, “elasticloadbalancing:CreateLoadBalancerListeners”, “elasticloadbalancing:ConfigureHealthCheck”, “elasticloadbalancing:DeleteLoadBalancer”, “elasticloadbalancing:DeleteLoadBalancerListeners”, “elasticloadbalancing:DescribeLoadBalancers”, “elasticloadbalancing:DescribeLoadBalancerAttributes”, “elasticloadbalancing:DetachLoadBalancerFromSubnets”, “elasticloadbalancing:DeregisterInstancesFromLoadBalancer”, “elasticloadbalancing:ModifyLoadBalancerAttributes”, “elasticloadbalancing:RegisterInstancesWithLoadBalancer”, “elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer”, “elasticloadbalancing:AddTags”, “elasticloadbalancing:CreateListener”, “elasticloadbalancing:CreateTargetGroup”, “elasticloadbalancing:DeleteListener”, “elasticloadbalancing:DeleteTargetGroup”, “elasticloadbalancing:DeregisterTargets”, “elasticloadbalancing:DescribeListeners”, “elasticloadbalancing:DescribeLoadBalancerPolicies”, “elasticloadbalancing:DescribeTargetGroups”, “elasticloadbalancing:DescribeTargetHealth”, “elasticloadbalancing:ModifyListener”, “elasticloadbalancing:ModifyTargetGroup”, “elasticloadbalancing:RegisterTargets”, “elasticloadbalancing:SetLoadBalancerPoliciesOfListener”, “iam:CreateServiceLinkedRole”, “kms:DescribeKey” ], “Resource”: [ “*” ], “Effect”: “Allow” } ] }

                nodePoolManagementARN
                string

                NodePoolManagementARN is an ARN value referencing a role appropriate for the CAPI Controller.

                The following is an example of a valid policy document:

                { “Version”: “2012-10-17”, “Statement”: [ { “Action”: [ “ec2:AssociateRouteTable”, “ec2:AttachInternetGateway”, “ec2:AuthorizeSecurityGroupIngress”, “ec2:CreateInternetGateway”, “ec2:CreateNatGateway”, “ec2:CreateRoute”, “ec2:CreateRouteTable”, “ec2:CreateSecurityGroup”, “ec2:CreateSubnet”, “ec2:CreateTags”, “ec2:DeleteInternetGateway”, “ec2:DeleteNatGateway”, “ec2:DeleteRouteTable”, “ec2:DeleteSecurityGroup”, “ec2:DeleteSubnet”, “ec2:DeleteTags”, “ec2:DescribeAccountAttributes”, “ec2:DescribeAddresses”, “ec2:DescribeAvailabilityZones”, “ec2:DescribeImages”, “ec2:DescribeInstances”, “ec2:DescribeInternetGateways”, “ec2:DescribeNatGateways”, “ec2:DescribeNetworkInterfaces”, “ec2:DescribeNetworkInterfaceAttribute”, “ec2:DescribeRouteTables”, “ec2:DescribeSecurityGroups”, “ec2:DescribeSubnets”, “ec2:DescribeVpcs”, “ec2:DescribeVpcAttribute”, “ec2:DescribeVolumes”, “ec2:DetachInternetGateway”, “ec2:DisassociateRouteTable”, “ec2:DisassociateAddress”, “ec2:ModifyInstanceAttribute”, “ec2:ModifyNetworkInterfaceAttribute”, “ec2:ModifySubnetAttribute”, “ec2:RevokeSecurityGroupIngress”, “ec2:RunInstances”, “ec2:TerminateInstances”, “tag:GetResources”, “ec2:CreateLaunchTemplate”, “ec2:CreateLaunchTemplateVersion”, “ec2:DescribeLaunchTemplates”, “ec2:DescribeLaunchTemplateVersions”, “ec2:DeleteLaunchTemplate”, “ec2:DeleteLaunchTemplateVersions” ], “Resource”: [ “” ], “Effect”: “Allow” }, { “Condition”: { “StringLike”: { “iam:AWSServiceName”: “elasticloadbalancing.amazonaws.com” } }, “Action”: [ “iam:CreateServiceLinkedRole” ], “Resource”: [ “arn::iam:::role/aws-service-role/elasticloadbalancing.amazonaws.com/AWSServiceRoleForElasticLoadBalancing” ], “Effect”: “Allow” }, { “Action”: [ “iam:PassRole” ], “Resource”: [ “arn::iam:::role/-worker-role” ], “Effect”: “Allow” }, { “Effect”: “Allow”, “Action”: [ “kms:Decrypt”, “kms:ReEncrypt”, “kms:GenerateDataKeyWithoutPlainText”, “kms:DescribeKey” ], “Resource”: “” }, { “Effect”: “Allow”, “Action”: [ “kms:CreateGrant” ], “Resource”: “”, “Condition”: { “Bool”: { “kms:GrantIsForAWSResource”: true } } } ] }

                controlPlaneOperatorARN
                string

                ControlPlaneOperatorARN is an ARN value referencing a role appropriate for the Control Plane Operator.

                The following is an example of a valid policy document:

                { “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Action”: [ “ec2:CreateVpcEndpoint”, “ec2:DescribeVpcEndpoints”, “ec2:ModifyVpcEndpoint”, “ec2:DeleteVpcEndpoints”, “ec2:CreateTags”, “route53:ListHostedZones”, “ec2:CreateSecurityGroup”, “ec2:AuthorizeSecurityGroupIngress”, “ec2:AuthorizeSecurityGroupEgress”, “ec2:DeleteSecurityGroup”, “ec2:RevokeSecurityGroupIngress”, “ec2:RevokeSecurityGroupEgress”, “ec2:DescribeSecurityGroups”, “ec2:DescribeVpcs”, ], “Resource”: “*” }, { “Effect”: “Allow”, “Action”: [ “route53:ChangeResourceRecordSets”, “route53:ListResourceRecordSets” ], “Resource”: “arn:aws:route53:::%s” } ] }

                kmsProviderARN
                string

                DefaultMachinePoolSpec

                (Appears on:RosaControlPlaneSpec)

                DefaultMachinePoolSpec defines the configuration for the required worker nodes provisioned as part of the cluster creation.

                Field Description
                instanceType
                string
                (Optional)

                The instance type to use, for example r5.xlarge. Instance type ref; https://aws.amazon.com/ec2/instance-types/

                autoscaling
                RosaMachinePoolAutoScaling
                (Optional)

                Autoscaling specifies auto scaling behaviour for the default MachinePool. Autoscaling min/max value must be equal or multiple of the availability zones count.

                ExternalAuthProvider

                (Appears on:RosaControlPlaneSpec)

                ExternalAuthProvider is an external OIDC identity provider that can issue tokens for this cluster

                Field Description
                name
                string

                Name of the OIDC provider

                issuer
                TokenIssuer

                Issuer describes attributes of the OIDC token issuer

                oidcClients
                []OIDCClientConfig
                (Optional)

                OIDCClients contains configuration for the platform’s clients that need to request tokens from the issuer

                claimMappings
                TokenClaimMappings
                (Optional)

                ClaimMappings describes rules on how to transform information from an ID token into a cluster identity

                claimValidationRules
                []TokenClaimValidationRule

                ClaimValidationRules are rules that are applied to validate token claims to authenticate users.

                LocalObjectReference

                (Appears on:OIDCClientConfig, TokenIssuer)

                LocalObjectReference references an object in the same namespace.

                Field Description
                name
                string

                Name is the metadata.name of the referenced object.

                NetworkSpec

                (Appears on:RosaControlPlaneSpec)

                NetworkSpec for ROSA-HCP.

                Field Description
                machineCIDR
                string
                (Optional)

                IP addresses block used by OpenShift while installing the cluster, for example “10.0.0.0/16”.

                podCIDR
                string
                (Optional)

                IP address block from which to assign pod IP addresses, for example 10.128.0.0/14.

                serviceCIDR
                string
                (Optional)

                IP address block from which to assign service IP addresses, for example 172.30.0.0/16.

                hostPrefix
                int
                (Optional)

                Network host prefix which is defaulted to 23 if not specified.

                networkType
                string
                (Optional)

                The CNI network type default is OVNKubernetes.

                OIDCClientConfig

                (Appears on:ExternalAuthProvider)

                OIDCClientConfig contains configuration for the platform’s client that need to request tokens from the issuer.

                Field Description
                componentName
                string

                ComponentName is the name of the component that is supposed to consume this client configuration

                componentNamespace
                string

                ComponentNamespace is the namespace of the component that is supposed to consume this client configuration

                clientID
                string

                ClientID is the identifier of the OIDC client from the OIDC provider

                clientSecret
                LocalObjectReference

                ClientSecret refers to a secret that contains the client secret in the clientSecret key of the .data field

                extraScopes
                []string
                (Optional)

                ExtraScopes is an optional set of scopes to request tokens with.

                PrefixedClaimMapping

                (Appears on:TokenClaimMappings)

                PrefixedClaimMapping defines claims with a prefix.

                Field Description
                claim
                string

                Claim is a JWT token claim to be used in the mapping

                prefix
                string

                Prefix is a string to prefix the value from the token in the result of the claim mapping.

                By default, no prefixing occurs.

                Example: if prefix is set to “myoidc:”” and the claim in JWT contains an array of strings “a”, “b” and “c”, the mapping will result in an array of string “myoidc:a”, “myoidc:b” and “myoidc:c”.

                ROSAControlPlane

                ROSAControlPlane is the Schema for the ROSAControlPlanes API.

                Field Description
                metadata
                Kubernetes meta/v1.ObjectMeta
                Refer to the Kubernetes API documentation for the fields of the metadata field.
                spec
                RosaControlPlaneSpec


                rosaClusterName
                string

                Cluster name must be valid DNS-1035 label, so it must consist of lower case alphanumeric characters or ‘-’, start with an alphabetic character, end with an alphanumeric character and have a max length of 54 characters.

                domainPrefix
                string
                (Optional)

                DomainPrefix is an optional prefix added to the cluster’s domain name. It will be used when generating a sub-domain for the cluster on openshiftapps domain. It must be valid DNS-1035 label consisting of lower case alphanumeric characters or ‘-’, start with an alphabetic character end with an alphanumeric character and have a max length of 15 characters.

                subnets
                []string

                The Subnet IDs to use when installing the cluster. SubnetIDs should come in pairs; two per availability zone, one private and one public.

                availabilityZones
                []string

                AvailabilityZones describe AWS AvailabilityZones of the worker nodes. should match the AvailabilityZones of the provided Subnets. a machinepool will be created for each availabilityZone.

                region
                string

                The AWS Region the cluster lives in.

                version
                string

                OpenShift semantic version, for example “4.14.5”.

                rolesRef
                AWSRolesRef

                AWS IAM roles used to perform credential requests by the openshift operators.

                oidcID
                string

                The ID of the internal OpenID Connect Provider.

                enableExternalAuthProviders
                bool
                (Optional)

                EnableExternalAuthProviders enables external authentication configuration for the cluster.

                externalAuthProviders
                []ExternalAuthProvider

                ExternalAuthProviders are external OIDC identity providers that can issue tokens for this cluster. Can only be set if “enableExternalAuthProviders” is set to “True”.

                At most one provider can be configured.

                installerRoleARN
                string

                InstallerRoleARN is an AWS IAM role that OpenShift Cluster Manager will assume to create the cluster..

                supportRoleARN
                string

                SupportRoleARN is an AWS IAM role used by Red Hat SREs to enable access to the cluster account in order to provide support.

                workerRoleARN
                string

                WorkerRoleARN is an AWS IAM role that will be attached to worker instances.

                billingAccount
                string
                (Optional)

                BillingAccount is an optional AWS account to use for billing the subscription fees for ROSA clusters. The cost of running each ROSA cluster will be billed to the infrastructure account in which the cluster is running.

                defaultMachinePoolSpec
                DefaultMachinePoolSpec
                (Optional)

                DefaultMachinePoolSpec defines the configuration for the default machinepool(s) provisioned as part of the cluster creation. One MachinePool will be created with this configuration per AvailabilityZone. Those default machinepools are required for openshift cluster operators to work properly. As these machinepool not created using ROSAMachinePool CR, they will not be visible/managed by ROSA CAPI provider. rosa list machinepools -c <rosaClusterName> can be used to view those machinepools.

                This field will be removed in the future once the current limitation is resolved.

                network
                NetworkSpec
                (Optional)

                Network config for the ROSA HCP cluster.

                endpointAccess
                RosaEndpointAccessType
                (Optional)

                EndpointAccess specifies the publishing scope of cluster endpoints. The default is Public.

                additionalTags
                Tags
                (Optional)

                AdditionalTags are user-defined tags to be added on the AWS resources associated with the control plane.

                etcdEncryptionKMSARN
                string
                (Optional)

                EtcdEncryptionKMSARN is the ARN of the KMS key used to encrypt etcd. The key itself needs to be created out-of-band by the user and tagged with red-hat:true.

                auditLogRoleARN
                string
                (Optional)

                AuditLogRoleARN defines the role that is used to forward audit logs to AWS CloudWatch. If not set, audit log forwarding is disabled.

                provisionShardID
                string
                (Optional)

                ProvisionShardID defines the shard where rosa control plane components will be hosted.

                credentialsSecretRef
                Kubernetes core/v1.LocalObjectReference
                (Optional)

                CredentialsSecretRef references a secret with necessary credentials to connect to the OCM API. The secret should contain the following data keys: - ocmToken: eyJhbGciOiJIUzI1NiIsI…. - ocmApiUrl: Optional, defaults to ‘https://api.openshift.com’

                identityRef
                AWSIdentityReference
                (Optional)

                IdentityRef is a reference to an identity to be used when reconciling the managed control plane. If no identity is specified, the default identity for this controller will be used.

                controlPlaneEndpoint
                Cluster API api/v1beta1.APIEndpoint
                (Optional)

                ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                status
                RosaControlPlaneStatus

                RosaControlPlaneSpec

                (Appears on:ROSAControlPlane)

                RosaControlPlaneSpec defines the desired state of ROSAControlPlane.

                Field Description
                rosaClusterName
                string

                Cluster name must be valid DNS-1035 label, so it must consist of lower case alphanumeric characters or ‘-’, start with an alphabetic character, end with an alphanumeric character and have a max length of 54 characters.

                domainPrefix
                string
                (Optional)

                DomainPrefix is an optional prefix added to the cluster’s domain name. It will be used when generating a sub-domain for the cluster on openshiftapps domain. It must be valid DNS-1035 label consisting of lower case alphanumeric characters or ‘-’, start with an alphabetic character end with an alphanumeric character and have a max length of 15 characters.

                subnets
                []string

                The Subnet IDs to use when installing the cluster. SubnetIDs should come in pairs; two per availability zone, one private and one public.

                availabilityZones
                []string

                AvailabilityZones describe AWS AvailabilityZones of the worker nodes. should match the AvailabilityZones of the provided Subnets. a machinepool will be created for each availabilityZone.

                region
                string

                The AWS Region the cluster lives in.

                version
                string

                OpenShift semantic version, for example “4.14.5”.

                rolesRef
                AWSRolesRef

                AWS IAM roles used to perform credential requests by the openshift operators.

                oidcID
                string

                The ID of the internal OpenID Connect Provider.

                enableExternalAuthProviders
                bool
                (Optional)

                EnableExternalAuthProviders enables external authentication configuration for the cluster.

                externalAuthProviders
                []ExternalAuthProvider

                ExternalAuthProviders are external OIDC identity providers that can issue tokens for this cluster. Can only be set if “enableExternalAuthProviders” is set to “True”.

                At most one provider can be configured.

                installerRoleARN
                string

                InstallerRoleARN is an AWS IAM role that OpenShift Cluster Manager will assume to create the cluster..

                supportRoleARN
                string

                SupportRoleARN is an AWS IAM role used by Red Hat SREs to enable access to the cluster account in order to provide support.

                workerRoleARN
                string

                WorkerRoleARN is an AWS IAM role that will be attached to worker instances.

                billingAccount
                string
                (Optional)

                BillingAccount is an optional AWS account to use for billing the subscription fees for ROSA clusters. The cost of running each ROSA cluster will be billed to the infrastructure account in which the cluster is running.

                defaultMachinePoolSpec
                DefaultMachinePoolSpec
                (Optional)

                DefaultMachinePoolSpec defines the configuration for the default machinepool(s) provisioned as part of the cluster creation. One MachinePool will be created with this configuration per AvailabilityZone. Those default machinepools are required for openshift cluster operators to work properly. As these machinepool not created using ROSAMachinePool CR, they will not be visible/managed by ROSA CAPI provider. rosa list machinepools -c <rosaClusterName> can be used to view those machinepools.

                This field will be removed in the future once the current limitation is resolved.

                network
                NetworkSpec
                (Optional)

                Network config for the ROSA HCP cluster.

                endpointAccess
                RosaEndpointAccessType
                (Optional)

                EndpointAccess specifies the publishing scope of cluster endpoints. The default is Public.

                additionalTags
                Tags
                (Optional)

                AdditionalTags are user-defined tags to be added on the AWS resources associated with the control plane.

                etcdEncryptionKMSARN
                string
                (Optional)

                EtcdEncryptionKMSARN is the ARN of the KMS key used to encrypt etcd. The key itself needs to be created out-of-band by the user and tagged with red-hat:true.

                auditLogRoleARN
                string
                (Optional)

                AuditLogRoleARN defines the role that is used to forward audit logs to AWS CloudWatch. If not set, audit log forwarding is disabled.

                provisionShardID
                string
                (Optional)

                ProvisionShardID defines the shard where rosa control plane components will be hosted.

                credentialsSecretRef
                Kubernetes core/v1.LocalObjectReference
                (Optional)

                CredentialsSecretRef references a secret with necessary credentials to connect to the OCM API. The secret should contain the following data keys: - ocmToken: eyJhbGciOiJIUzI1NiIsI…. - ocmApiUrl: Optional, defaults to ‘https://api.openshift.com’

                identityRef
                AWSIdentityReference
                (Optional)

                IdentityRef is a reference to an identity to be used when reconciling the managed control plane. If no identity is specified, the default identity for this controller will be used.

                controlPlaneEndpoint
                Cluster API api/v1beta1.APIEndpoint
                (Optional)

                ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                RosaControlPlaneStatus

                (Appears on:ROSAControlPlane)

                RosaControlPlaneStatus defines the observed state of ROSAControlPlane.

                Field Description
                externalManagedControlPlane
                bool

                ExternalManagedControlPlane indicates to cluster-api that the control plane is managed by an external service such as AKS, EKS, GKE, etc.

                initialized
                bool
                (Optional)

                Initialized denotes whether or not the control plane has the uploaded kubernetes config-map.

                ready
                bool

                Ready denotes that the ROSAControlPlane API Server is ready to receive requests.

                failureMessage
                string
                (Optional)

                FailureMessage will be set in the event that there is a terminal problem reconciling the state and will be set to a descriptive error message.

                This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the spec or the configuration of the controller, and that manual intervention is required.

                conditions
                Cluster API api/v1beta1.Conditions

                Conditions specifies the conditions for the managed control plane

                id
                string

                ID is the cluster ID given by ROSA.

                consoleURL
                string

                ConsoleURL is the url for the openshift console.

                oidcEndpointURL
                string

                OIDCEndpointURL is the endpoint url for the managed OIDC provider.

                RosaEndpointAccessType (string alias)

                (Appears on:RosaControlPlaneSpec)

                RosaEndpointAccessType specifies the publishing scope of cluster endpoints.

                Value Description

                "Private"

                Private endpoint access allows only private API server access and private node communication with the control plane.

                "Public"

                Public endpoint access allows public API server access and private node communication with the control plane.

                TokenAudience (string alias)

                (Appears on:TokenIssuer)

                TokenAudience is the audience that the token was issued for.

                TokenClaimMappings

                (Appears on:ExternalAuthProvider)

                TokenClaimMappings describes rules on how to transform information from an ID token into a cluster identity.

                Field Description
                username
                UsernameClaimMapping
                (Optional)

                Username is a name of the claim that should be used to construct usernames for the cluster identity.

                Default value: “sub”

                groups
                PrefixedClaimMapping
                (Optional)

                Groups is a name of the claim that should be used to construct groups for the cluster identity. The referenced claim must use array of strings values.

                TokenClaimValidationRule

                (Appears on:ExternalAuthProvider)

                TokenClaimValidationRule validates token claims to authenticate users.

                Field Description
                type
                TokenValidationRuleType

                Type sets the type of the validation rule

                requiredClaim
                TokenRequiredClaim

                RequiredClaim allows configuring a required claim name and its expected value

                TokenIssuer

                (Appears on:ExternalAuthProvider)

                TokenIssuer describes attributes of the OIDC token issuer

                Field Description
                issuerURL
                string

                URL is the serving URL of the token issuer. Must use the https:// scheme.

                audiences
                []TokenAudience

                Audiences is an array of audiences that the token was issued for. Valid tokens must include at least one of these values in their “aud” claim. Must be set to exactly one value.

                issuerCertificateAuthority
                LocalObjectReference

                CertificateAuthority is a reference to a config map in the configuration namespace. The .data of the configMap must contain the “ca-bundle.crt” key. If unset, system trust is used instead.

                TokenRequiredClaim

                (Appears on:TokenClaimValidationRule)

                TokenRequiredClaim allows configuring a required claim name and its expected value.

                Field Description
                claim
                string

                Claim is a name of a required claim. Only claims with string values are supported.

                requiredValue
                string

                RequiredValue is the required value for the claim.

                TokenValidationRuleType (string alias)

                (Appears on:TokenClaimValidationRule)

                TokenValidationRuleType defines the type of the validation rule.

                Value Description

                "RequiredClaim"

                TokenValidationRuleTypeRequiredClaim defines the type for RequiredClaim.

                UsernameClaimMapping

                (Appears on:TokenClaimMappings)

                UsernameClaimMapping defines the claim that should be used to construct usernames for the cluster identity.

                Field Description
                claim
                string

                Claim is a JWT token claim to be used in the mapping

                prefixPolicy
                UsernamePrefixPolicy
                (Optional)

                PrefixPolicy specifies how a prefix should apply.

                By default, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.

                Set to “NoPrefix” to disable prefixing.

                Example: (1) prefix is set to “myoidc:” and claim is set to “username”. If the JWT claim username contains value userA, the resulting mapped value will be “myoidc:userA”. (2) prefix is set to “myoidc:” and claim is set to “email”. If the JWT email claim contains value “userA@myoidc.tld”, the resulting mapped value will be “myoidc:userA@myoidc.tld”. (3) prefix is unset, issuerURL is set to https://myoidc.tld, the JWT claims include “username”:“userA” and “email”:“userA@myoidc.tld”, and claim is set to: (a) “username”: the mapped value will be “https://myoidc.tld#userA” (b) “email”: the mapped value will be “userA@myoidc.tld”

                prefix
                string
                (Optional)

                Prefix is prepended to claim to prevent clashes with existing names.

                UsernamePrefixPolicy (string alias)

                (Appears on:UsernameClaimMapping)

                UsernamePrefixPolicy specifies how a prefix should apply.

                Value Description

                ""

                NoOpinion let’s the cluster assign prefixes. If the username claim is email, there is no prefix If the username claim is anything else, it is prefixed by the issuerURL

                "NoPrefix"

                NoPrefix means the username claim value will not have any prefix

                "Prefix"

                Prefix means the prefix value must be specified. It cannot be empty


                infrastructure.cluster.x-k8s.io/v1beta1

                Package v1beta1 contains the v1beta1 API implementation.

                Resource Types:

                  AMIReference

                  (Appears on:AWSMachineSpec)

                  AMIReference is a reference to a specific AWS resource by ID, ARN, or filters. Only one of ID, ARN or Filters may be specified. Specifying more than one will result in a validation error.

                  Field Description
                  id
                  string
                  (Optional)

                  ID of resource

                  eksLookupType
                  EKSAMILookupType
                  (Optional)

                  EKSOptimizedLookupType If specified, will look up an EKS Optimized image in SSM Parameter store

                  AWSCluster

                  AWSCluster is the schema for Amazon EC2 based Kubernetes Cluster API.

                  Field Description
                  metadata
                  Kubernetes meta/v1.ObjectMeta
                  Refer to the Kubernetes API documentation for the fields of the metadata field.
                  spec
                  AWSClusterSpec


                  network
                  NetworkSpec

                  NetworkSpec encapsulates all things related to AWS network.

                  region
                  string

                  The AWS Region the cluster lives in.

                  sshKeyName
                  string
                  (Optional)

                  SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                  controlPlaneEndpoint
                  Cluster API api/v1beta1.APIEndpoint
                  (Optional)

                  ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                  additionalTags
                  Tags
                  (Optional)

                  AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                  controlPlaneLoadBalancer
                  AWSLoadBalancerSpec
                  (Optional)

                  ControlPlaneLoadBalancer is optional configuration for customizing control plane behavior.

                  imageLookupFormat
                  string
                  (Optional)

                  ImageLookupFormat is the AMI naming format to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                  imageLookupOrg
                  string
                  (Optional)

                  ImageLookupOrg is the AWS Organization ID to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg.

                  imageLookupBaseOS
                  string

                  ImageLookupBaseOS is the name of the base operating system used to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupBaseOS.

                  bastion
                  Bastion
                  (Optional)

                  Bastion contains options to configure the bastion host.

                  identityRef
                  AWSIdentityReference

                  IdentityRef is a reference to an identity to be used when reconciling the managed control plane. If no identity is specified, the default identity for this controller will be used.

                  s3Bucket
                  S3Bucket
                  (Optional)

                  S3Bucket contains options to configure a supporting S3 bucket for this cluster - currently used for nodes requiring Ignition (https://coreos.github.io/ignition/) for bootstrapping (requires BootstrapFormatIgnition feature flag to be enabled).

                  status
                  AWSClusterStatus

                  AWSClusterControllerIdentity

                  AWSClusterControllerIdentity is the Schema for the awsclustercontrolleridentities API It is used to grant access to use Cluster API Provider AWS Controller credentials.

                  Field Description
                  metadata
                  Kubernetes meta/v1.ObjectMeta
                  Refer to the Kubernetes API documentation for the fields of the metadata field.
                  spec
                  AWSClusterControllerIdentitySpec

                  Spec for this AWSClusterControllerIdentity.



                  AWSClusterIdentitySpec
                  AWSClusterIdentitySpec

                  (Members of AWSClusterIdentitySpec are embedded into this type.)

                  AWSClusterControllerIdentitySpec

                  (Appears on:AWSClusterControllerIdentity)

                  AWSClusterControllerIdentitySpec defines the specifications for AWSClusterControllerIdentity.

                  Field Description
                  AWSClusterIdentitySpec
                  AWSClusterIdentitySpec

                  (Members of AWSClusterIdentitySpec are embedded into this type.)

                  AWSClusterIdentitySpec

                  (Appears on:AWSClusterControllerIdentitySpec, AWSClusterRoleIdentitySpec, AWSClusterStaticIdentitySpec)

                  AWSClusterIdentitySpec defines the Spec struct for AWSClusterIdentity types.

                  Field Description
                  allowedNamespaces
                  AllowedNamespaces
                  (Optional)

                  AllowedNamespaces is used to identify which namespaces are allowed to use the identity from. Namespaces can be selected either using an array of namespaces or with label selector. An empty allowedNamespaces object indicates that AWSClusters can use this identity from any namespace. If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) A namespace should be either in the NamespaceList or match with Selector to use the identity.

                  AWSClusterRoleIdentity

                  AWSClusterRoleIdentity is the Schema for the awsclusterroleidentities API It is used to assume a role using the provided sourceRef.

                  Field Description
                  metadata
                  Kubernetes meta/v1.ObjectMeta
                  Refer to the Kubernetes API documentation for the fields of the metadata field.
                  spec
                  AWSClusterRoleIdentitySpec

                  Spec for this AWSClusterRoleIdentity.



                  AWSClusterIdentitySpec
                  AWSClusterIdentitySpec

                  (Members of AWSClusterIdentitySpec are embedded into this type.)

                  AWSRoleSpec
                  AWSRoleSpec

                  (Members of AWSRoleSpec are embedded into this type.)

                  externalID
                  string
                  (Optional)

                  A unique identifier that might be required when you assume a role in another account. If the administrator of the account to which the role belongs provided you with an external ID, then provide that value in the ExternalId parameter. This value can be any string, such as a passphrase or account number. A cross-account role is usually set up to trust everyone in an account. Therefore, the administrator of the trusting account might send an external ID to the administrator of the trusted account. That way, only someone with the ID can assume the role, rather than everyone in the account. For more information about the external ID, see How to Use an External ID When Granting Access to Your AWS Resources to a Third Party in the IAM User Guide.

                  sourceIdentityRef
                  AWSIdentityReference

                  SourceIdentityRef is a reference to another identity which will be chained to do role assumption. All identity types are accepted.

                  AWSClusterRoleIdentitySpec

                  (Appears on:AWSClusterRoleIdentity)

                  AWSClusterRoleIdentitySpec defines the specifications for AWSClusterRoleIdentity.

                  Field Description
                  AWSClusterIdentitySpec
                  AWSClusterIdentitySpec

                  (Members of AWSClusterIdentitySpec are embedded into this type.)

                  AWSRoleSpec
                  AWSRoleSpec

                  (Members of AWSRoleSpec are embedded into this type.)

                  externalID
                  string
                  (Optional)

                  A unique identifier that might be required when you assume a role in another account. If the administrator of the account to which the role belongs provided you with an external ID, then provide that value in the ExternalId parameter. This value can be any string, such as a passphrase or account number. A cross-account role is usually set up to trust everyone in an account. Therefore, the administrator of the trusting account might send an external ID to the administrator of the trusted account. That way, only someone with the ID can assume the role, rather than everyone in the account. For more information about the external ID, see How to Use an External ID When Granting Access to Your AWS Resources to a Third Party in the IAM User Guide.

                  sourceIdentityRef
                  AWSIdentityReference

                  SourceIdentityRef is a reference to another identity which will be chained to do role assumption. All identity types are accepted.

                  AWSClusterSpec

                  (Appears on:AWSCluster, AWSClusterTemplateResource)

                  AWSClusterSpec defines the desired state of an EC2-based Kubernetes cluster.

                  Field Description
                  network
                  NetworkSpec

                  NetworkSpec encapsulates all things related to AWS network.

                  region
                  string

                  The AWS Region the cluster lives in.

                  sshKeyName
                  string
                  (Optional)

                  SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                  controlPlaneEndpoint
                  Cluster API api/v1beta1.APIEndpoint
                  (Optional)

                  ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                  additionalTags
                  Tags
                  (Optional)

                  AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                  controlPlaneLoadBalancer
                  AWSLoadBalancerSpec
                  (Optional)

                  ControlPlaneLoadBalancer is optional configuration for customizing control plane behavior.

                  imageLookupFormat
                  string
                  (Optional)

                  ImageLookupFormat is the AMI naming format to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                  imageLookupOrg
                  string
                  (Optional)

                  ImageLookupOrg is the AWS Organization ID to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg.

                  imageLookupBaseOS
                  string

                  ImageLookupBaseOS is the name of the base operating system used to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupBaseOS.

                  bastion
                  Bastion
                  (Optional)

                  Bastion contains options to configure the bastion host.

                  identityRef
                  AWSIdentityReference

                  IdentityRef is a reference to an identity to be used when reconciling the managed control plane. If no identity is specified, the default identity for this controller will be used.

                  s3Bucket
                  S3Bucket
                  (Optional)

                  S3Bucket contains options to configure a supporting S3 bucket for this cluster - currently used for nodes requiring Ignition (https://coreos.github.io/ignition/) for bootstrapping (requires BootstrapFormatIgnition feature flag to be enabled).

                  AWSClusterStaticIdentity

                  AWSClusterStaticIdentity is the Schema for the awsclusterstaticidentities API It represents a reference to an AWS access key ID and secret access key, stored in a secret.

                  Field Description
                  metadata
                  Kubernetes meta/v1.ObjectMeta
                  Refer to the Kubernetes API documentation for the fields of the metadata field.
                  spec
                  AWSClusterStaticIdentitySpec

                  Spec for this AWSClusterStaticIdentity



                  AWSClusterIdentitySpec
                  AWSClusterIdentitySpec

                  (Members of AWSClusterIdentitySpec are embedded into this type.)

                  secretRef
                  string

                  Reference to a secret containing the credentials. The secret should contain the following data keys: AccessKeyID: AKIAIOSFODNN7EXAMPLE SecretAccessKey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY SessionToken: Optional

                  AWSClusterStaticIdentitySpec

                  (Appears on:AWSClusterStaticIdentity)

                  AWSClusterStaticIdentitySpec defines the specifications for AWSClusterStaticIdentity.

                  Field Description
                  AWSClusterIdentitySpec
                  AWSClusterIdentitySpec

                  (Members of AWSClusterIdentitySpec are embedded into this type.)

                  secretRef
                  string

                  Reference to a secret containing the credentials. The secret should contain the following data keys: AccessKeyID: AKIAIOSFODNN7EXAMPLE SecretAccessKey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY SessionToken: Optional

                  AWSClusterStatus

                  (Appears on:AWSCluster)

                  AWSClusterStatus defines the observed state of AWSCluster.

                  Field Description
                  ready
                  bool
                  networkStatus
                  NetworkStatus
                  failureDomains
                  Cluster API api/v1beta1.FailureDomains
                  bastion
                  Instance
                  conditions
                  Cluster API api/v1beta1.Conditions

                  AWSClusterTemplate

                  AWSClusterTemplate is the schema for Amazon EC2 based Kubernetes Cluster Templates.

                  Field Description
                  metadata
                  Kubernetes meta/v1.ObjectMeta
                  Refer to the Kubernetes API documentation for the fields of the metadata field.
                  spec
                  AWSClusterTemplateSpec


                  template
                  AWSClusterTemplateResource

                  AWSClusterTemplateResource

                  (Appears on:AWSClusterTemplateSpec)

                  AWSClusterTemplateResource defines the desired state of AWSClusterTemplate.

                  Field Description
                  metadata
                  Cluster API api/v1beta1.ObjectMeta
                  (Optional)

                  Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

                  Refer to the Kubernetes API documentation for the fields of the metadata field.
                  spec
                  AWSClusterSpec


                  network
                  NetworkSpec

                  NetworkSpec encapsulates all things related to AWS network.

                  region
                  string

                  The AWS Region the cluster lives in.

                  sshKeyName
                  string
                  (Optional)

                  SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                  controlPlaneEndpoint
                  Cluster API api/v1beta1.APIEndpoint
                  (Optional)

                  ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                  additionalTags
                  Tags
                  (Optional)

                  AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                  controlPlaneLoadBalancer
                  AWSLoadBalancerSpec
                  (Optional)

                  ControlPlaneLoadBalancer is optional configuration for customizing control plane behavior.

                  imageLookupFormat
                  string
                  (Optional)

                  ImageLookupFormat is the AMI naming format to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                  imageLookupOrg
                  string
                  (Optional)

                  ImageLookupOrg is the AWS Organization ID to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg.

                  imageLookupBaseOS
                  string

                  ImageLookupBaseOS is the name of the base operating system used to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupBaseOS.

                  bastion
                  Bastion
                  (Optional)

                  Bastion contains options to configure the bastion host.

                  identityRef
                  AWSIdentityReference

                  IdentityRef is a reference to an identity to be used when reconciling the managed control plane. If no identity is specified, the default identity for this controller will be used.

                  s3Bucket
                  S3Bucket
                  (Optional)

                  S3Bucket contains options to configure a supporting S3 bucket for this cluster - currently used for nodes requiring Ignition (https://coreos.github.io/ignition/) for bootstrapping (requires BootstrapFormatIgnition feature flag to be enabled).

                  AWSClusterTemplateSpec

                  (Appears on:AWSClusterTemplate)

                  AWSClusterTemplateSpec defines the desired state of AWSClusterTemplate.

                  Field Description
                  template
                  AWSClusterTemplateResource

                  AWSIdentityKind (string alias)

                  (Appears on:AWSIdentityReference)

                  AWSIdentityKind defines allowed AWS identity types.

                  AWSIdentityReference

                  (Appears on:AWSClusterRoleIdentitySpec, AWSClusterSpec)

                  AWSIdentityReference specifies a identity.

                  Field Description
                  name
                  string

                  Name of the identity.

                  kind
                  AWSIdentityKind

                  Kind of the identity.

                  AWSLoadBalancerSpec

                  (Appears on:AWSClusterSpec)

                  AWSLoadBalancerSpec defines the desired state of an AWS load balancer.

                  Field Description
                  name
                  string
                  (Optional)

                  Name sets the name of the classic ELB load balancer. As per AWS, the name must be unique within your set of load balancers for the region, must have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and cannot begin or end with a hyphen. Once set, the value cannot be changed.

                  scheme
                  ClassicELBScheme
                  (Optional)

                  Scheme sets the scheme of the load balancer (defaults to internet-facing)

                  crossZoneLoadBalancing
                  bool
                  (Optional)

                  CrossZoneLoadBalancing enables the classic ELB cross availability zone balancing.

                  With cross-zone load balancing, each load balancer node for your Classic Load Balancer distributes requests evenly across the registered instances in all enabled Availability Zones. If cross-zone load balancing is disabled, each load balancer node distributes requests evenly across the registered instances in its Availability Zone only.

                  Defaults to false.

                  subnets
                  []string
                  (Optional)

                  Subnets sets the subnets that should be applied to the control plane load balancer (defaults to discovered subnets for managed VPCs or an empty set for unmanaged VPCs)

                  healthCheckProtocol
                  ClassicELBProtocol
                  (Optional)

                  HealthCheckProtocol sets the protocol type for classic ELB health check target default value is ClassicELBProtocolSSL

                  additionalSecurityGroups
                  []string
                  (Optional)

                  AdditionalSecurityGroups sets the security groups used by the load balancer. Expected to be security group IDs This is optional - if not provided new security groups will be created for the load balancer

                  AWSMachine

                  AWSMachine is the schema for Amazon EC2 machines.

                  Field Description
                  metadata
                  Kubernetes meta/v1.ObjectMeta
                  Refer to the Kubernetes API documentation for the fields of the metadata field.
                  spec
                  AWSMachineSpec


                  providerID
                  string

                  ProviderID is the unique identifier as specified by the cloud provider.

                  instanceID
                  string

                  InstanceID is the EC2 instance ID for this machine.

                  ami
                  AMIReference

                  AMI is the reference to the AMI from which to create the machine instance.

                  imageLookupFormat
                  string
                  (Optional)

                  ImageLookupFormat is the AMI naming format to look up the image for this machine It will be ignored if an explicit AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                  imageLookupOrg
                  string

                  ImageLookupOrg is the AWS Organization ID to use for image lookup if AMI is not set.

                  imageLookupBaseOS
                  string

                  ImageLookupBaseOS is the name of the base operating system to use for image lookup the AMI is not set.

                  instanceType
                  string

                  InstanceType is the type of instance to create. Example: m4.xlarge

                  additionalTags
                  Tags
                  (Optional)

                  AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the AWS provider. If both the AWSCluster and the AWSMachine specify the same tag name with different values, the AWSMachine’s value takes precedence.

                  iamInstanceProfile
                  string
                  (Optional)

                  IAMInstanceProfile is a name of an IAM instance profile to assign to the instance

                  publicIP
                  bool
                  (Optional)

                  PublicIP specifies whether the instance should get a public IP. Precedence for this setting is as follows: 1. This field if set 2. Cluster/flavor setting 3. Subnet default

                  additionalSecurityGroups
                  []AWSResourceReference
                  (Optional)

                  AdditionalSecurityGroups is an array of references to security groups that should be applied to the instance. These security groups would be set in addition to any security groups defined at the cluster level or in the actuator. It is possible to specify either IDs of Filters. Using Filters will cause additional requests to AWS API and if tags change the attached security groups might change too.

                  failureDomain
                  string

                  FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. For this infrastructure provider, the ID is equivalent to an AWS Availability Zone. If multiple subnets are matched for the availability zone, the first one returned is picked.

                  subnet
                  AWSResourceReference
                  (Optional)

                  Subnet is a reference to the subnet to use for this instance. If not specified, the cluster subnet will be used.

                  sshKeyName
                  string
                  (Optional)

                  SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                  rootVolume
                  Volume
                  (Optional)

                  RootVolume encapsulates the configuration options for the root volume

                  nonRootVolumes
                  []Volume
                  (Optional)

                  Configuration options for the non root storage volumes.

                  networkInterfaces
                  []string
                  (Optional)

                  NetworkInterfaces is a list of ENIs to associate with the instance. A maximum of 2 may be specified.

                  uncompressedUserData
                  bool
                  (Optional)

                  UncompressedUserData specify whether the user data is gzip-compressed before it is sent to ec2 instance. cloud-init has built-in support for gzip-compressed user data user data stored in aws secret manager is always gzip-compressed.

                  cloudInit
                  CloudInit
                  (Optional)

                  CloudInit defines options related to the bootstrapping systems where CloudInit is used.

                  ignition
                  Ignition
                  (Optional)

                  Ignition defined options related to the bootstrapping systems where Ignition is used.

                  spotMarketOptions
                  SpotMarketOptions
                  (Optional)

                  SpotMarketOptions allows users to configure instances to be run using AWS Spot instances.

                  tenancy
                  string
                  (Optional)

                  Tenancy indicates if instance should run on shared or single-tenant hardware.

                  status
                  AWSMachineStatus

                  AWSMachineProviderConditionType (string alias)

                  AWSMachineProviderConditionType is a valid value for AWSMachineProviderCondition.Type.

                  AWSMachineSpec

                  (Appears on:AWSMachine, AWSMachineTemplateResource)

                  AWSMachineSpec defines the desired state of an Amazon EC2 instance.

                  Field Description
                  providerID
                  string

                  ProviderID is the unique identifier as specified by the cloud provider.

                  instanceID
                  string

                  InstanceID is the EC2 instance ID for this machine.

                  ami
                  AMIReference

                  AMI is the reference to the AMI from which to create the machine instance.

                  imageLookupFormat
                  string
                  (Optional)

                  ImageLookupFormat is the AMI naming format to look up the image for this machine It will be ignored if an explicit AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                  imageLookupOrg
                  string

                  ImageLookupOrg is the AWS Organization ID to use for image lookup if AMI is not set.

                  imageLookupBaseOS
                  string

                  ImageLookupBaseOS is the name of the base operating system to use for image lookup the AMI is not set.

                  instanceType
                  string

                  InstanceType is the type of instance to create. Example: m4.xlarge

                  additionalTags
                  Tags
                  (Optional)

                  AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the AWS provider. If both the AWSCluster and the AWSMachine specify the same tag name with different values, the AWSMachine’s value takes precedence.

                  iamInstanceProfile
                  string
                  (Optional)

                  IAMInstanceProfile is a name of an IAM instance profile to assign to the instance

                  publicIP
                  bool
                  (Optional)

                  PublicIP specifies whether the instance should get a public IP. Precedence for this setting is as follows: 1. This field if set 2. Cluster/flavor setting 3. Subnet default

                  additionalSecurityGroups
                  []AWSResourceReference
                  (Optional)

                  AdditionalSecurityGroups is an array of references to security groups that should be applied to the instance. These security groups would be set in addition to any security groups defined at the cluster level or in the actuator. It is possible to specify either IDs of Filters. Using Filters will cause additional requests to AWS API and if tags change the attached security groups might change too.

                  failureDomain
                  string

                  FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. For this infrastructure provider, the ID is equivalent to an AWS Availability Zone. If multiple subnets are matched for the availability zone, the first one returned is picked.

                  subnet
                  AWSResourceReference
                  (Optional)

                  Subnet is a reference to the subnet to use for this instance. If not specified, the cluster subnet will be used.

                  sshKeyName
                  string
                  (Optional)

                  SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                  rootVolume
                  Volume
                  (Optional)

                  RootVolume encapsulates the configuration options for the root volume

                  nonRootVolumes
                  []Volume
                  (Optional)

                  Configuration options for the non root storage volumes.

                  networkInterfaces
                  []string
                  (Optional)

                  NetworkInterfaces is a list of ENIs to associate with the instance. A maximum of 2 may be specified.

                  uncompressedUserData
                  bool
                  (Optional)

                  UncompressedUserData specify whether the user data is gzip-compressed before it is sent to ec2 instance. cloud-init has built-in support for gzip-compressed user data user data stored in aws secret manager is always gzip-compressed.

                  cloudInit
                  CloudInit
                  (Optional)

                  CloudInit defines options related to the bootstrapping systems where CloudInit is used.

                  ignition
                  Ignition
                  (Optional)

                  Ignition defined options related to the bootstrapping systems where Ignition is used.

                  spotMarketOptions
                  SpotMarketOptions
                  (Optional)

                  SpotMarketOptions allows users to configure instances to be run using AWS Spot instances.

                  tenancy
                  string
                  (Optional)

                  Tenancy indicates if instance should run on shared or single-tenant hardware.

                  AWSMachineStatus

                  (Appears on:AWSMachine)

                  AWSMachineStatus defines the observed state of AWSMachine.

                  Field Description
                  ready
                  bool
                  (Optional)

                  Ready is true when the provider resource is ready.

                  interruptible
                  bool
                  (Optional)

                  Interruptible reports that this machine is using spot instances and can therefore be interrupted by CAPI when it receives a notice that the spot instance is to be terminated by AWS. This will be set to true when SpotMarketOptions is not nil (i.e. this machine is using a spot instance).

                  addresses
                  []Cluster API api/v1beta1.MachineAddress

                  Addresses contains the AWS instance associated addresses.

                  instanceState
                  InstanceState
                  (Optional)

                  InstanceState is the state of the AWS instance for this machine.

                  failureReason
                  Cluster API errors.MachineStatusError
                  (Optional)

                  FailureReason will be set in the event that there is a terminal problem reconciling the Machine and will contain a succinct value suitable for machine interpretation.

                  This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                  Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller’s output.

                  failureMessage
                  string
                  (Optional)

                  FailureMessage will be set in the event that there is a terminal problem reconciling the Machine and will contain a more verbose string suitable for logging and human consumption.

                  This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                  Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller’s output.

                  conditions
                  Cluster API api/v1beta1.Conditions
                  (Optional)

                  Conditions defines current service state of the AWSMachine.

                  AWSMachineTemplate

                  AWSMachineTemplate is the schema for the Amazon EC2 Machine Templates API.

                  Field Description
                  metadata
                  Kubernetes meta/v1.ObjectMeta
                  Refer to the Kubernetes API documentation for the fields of the metadata field.
                  spec
                  AWSMachineTemplateSpec


                  template
                  AWSMachineTemplateResource
                  status
                  AWSMachineTemplateStatus

                  AWSMachineTemplateResource

                  (Appears on:AWSMachineTemplateSpec)

                  AWSMachineTemplateResource describes the data needed to create am AWSMachine from a template.

                  Field Description
                  metadata
                  Cluster API api/v1beta1.ObjectMeta
                  (Optional)

                  Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

                  Refer to the Kubernetes API documentation for the fields of the metadata field.
                  spec
                  AWSMachineSpec

                  Spec is the specification of the desired behavior of the machine.



                  providerID
                  string

                  ProviderID is the unique identifier as specified by the cloud provider.

                  instanceID
                  string

                  InstanceID is the EC2 instance ID for this machine.

                  ami
                  AMIReference

                  AMI is the reference to the AMI from which to create the machine instance.

                  imageLookupFormat
                  string
                  (Optional)

                  ImageLookupFormat is the AMI naming format to look up the image for this machine It will be ignored if an explicit AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                  imageLookupOrg
                  string

                  ImageLookupOrg is the AWS Organization ID to use for image lookup if AMI is not set.

                  imageLookupBaseOS
                  string

                  ImageLookupBaseOS is the name of the base operating system to use for image lookup the AMI is not set.

                  instanceType
                  string

                  InstanceType is the type of instance to create. Example: m4.xlarge

                  additionalTags
                  Tags
                  (Optional)

                  AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the AWS provider. If both the AWSCluster and the AWSMachine specify the same tag name with different values, the AWSMachine’s value takes precedence.

                  iamInstanceProfile
                  string
                  (Optional)

                  IAMInstanceProfile is a name of an IAM instance profile to assign to the instance

                  publicIP
                  bool
                  (Optional)

                  PublicIP specifies whether the instance should get a public IP. Precedence for this setting is as follows: 1. This field if set 2. Cluster/flavor setting 3. Subnet default

                  additionalSecurityGroups
                  []AWSResourceReference
                  (Optional)

                  AdditionalSecurityGroups is an array of references to security groups that should be applied to the instance. These security groups would be set in addition to any security groups defined at the cluster level or in the actuator. It is possible to specify either IDs of Filters. Using Filters will cause additional requests to AWS API and if tags change the attached security groups might change too.

                  failureDomain
                  string

                  FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. For this infrastructure provider, the ID is equivalent to an AWS Availability Zone. If multiple subnets are matched for the availability zone, the first one returned is picked.

                  subnet
                  AWSResourceReference
                  (Optional)

                  Subnet is a reference to the subnet to use for this instance. If not specified, the cluster subnet will be used.

                  sshKeyName
                  string
                  (Optional)

                  SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                  rootVolume
                  Volume
                  (Optional)

                  RootVolume encapsulates the configuration options for the root volume

                  nonRootVolumes
                  []Volume
                  (Optional)

                  Configuration options for the non root storage volumes.

                  networkInterfaces
                  []string
                  (Optional)

                  NetworkInterfaces is a list of ENIs to associate with the instance. A maximum of 2 may be specified.

                  uncompressedUserData
                  bool
                  (Optional)

                  UncompressedUserData specify whether the user data is gzip-compressed before it is sent to ec2 instance. cloud-init has built-in support for gzip-compressed user data user data stored in aws secret manager is always gzip-compressed.

                  cloudInit
                  CloudInit
                  (Optional)

                  CloudInit defines options related to the bootstrapping systems where CloudInit is used.

                  ignition
                  Ignition
                  (Optional)

                  Ignition defined options related to the bootstrapping systems where Ignition is used.

                  spotMarketOptions
                  SpotMarketOptions
                  (Optional)

                  SpotMarketOptions allows users to configure instances to be run using AWS Spot instances.

                  tenancy
                  string
                  (Optional)

                  Tenancy indicates if instance should run on shared or single-tenant hardware.

                  AWSMachineTemplateSpec

                  (Appears on:AWSMachineTemplate)

                  AWSMachineTemplateSpec defines the desired state of AWSMachineTemplate.

                  Field Description
                  template
                  AWSMachineTemplateResource

                  AWSMachineTemplateStatus

                  (Appears on:AWSMachineTemplate)

                  AWSMachineTemplateStatus defines a status for an AWSMachineTemplate.

                  Field Description
                  capacity
                  Kubernetes core/v1.ResourceList
                  (Optional)

                  Capacity defines the resource capacity for this machine. This value is used for autoscaling from zero operations as defined in: https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20210310-opt-in-autoscaling-from-zero.md

                  AWSResourceReference

                  (Appears on:AWSMachineSpec)

                  AWSResourceReference is a reference to a specific AWS resource by ID or filters. Only one of ID or Filters may be specified. Specifying more than one will result in a validation error.

                  Field Description
                  id
                  string
                  (Optional)

                  ID of resource

                  arn
                  string
                  (Optional)

                  ARN of resource. Deprecated: This field has no function and is going to be removed in the next release.

                  filters
                  []Filter
                  (Optional)

                  Filters is a set of key/value pairs used to identify a resource They are applied according to the rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html

                  AWSRoleSpec

                  (Appears on:AWSClusterRoleIdentitySpec)

                  AWSRoleSpec defines the specifications for all identities based around AWS roles.

                  Field Description
                  roleARN
                  string

                  The Amazon Resource Name (ARN) of the role to assume.

                  sessionName
                  string

                  An identifier for the assumed role session

                  durationSeconds
                  int32

                  The duration, in seconds, of the role session before it is renewed.

                  inlinePolicy
                  string

                  An IAM policy as a JSON-encoded string that you want to use as an inline session policy.

                  policyARNs
                  []string

                  The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session policies. The policies must exist in the same account as the role.

                  AZSelectionScheme (string alias)

                  (Appears on:VPCSpec)

                  AZSelectionScheme defines the scheme of selecting AZs.

                  AllowedNamespaces

                  (Appears on:AWSClusterIdentitySpec)

                  AllowedNamespaces is a selector of namespaces that AWSClusters can use this ClusterPrincipal from. This is a standard Kubernetes LabelSelector, a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed.

                  Field Description
                  list
                  []string
                  (Optional)

                  An nil or empty list indicates that AWSClusters cannot use the identity from any namespace.

                  selector
                  Kubernetes meta/v1.LabelSelector
                  (Optional)

                  An empty selector indicates that AWSClusters cannot use this AWSClusterIdentity from any namespace.

                  Bastion

                  (Appears on:AWSClusterSpec)

                  Bastion defines a bastion host.

                  Field Description
                  enabled
                  bool
                  (Optional)

                  Enabled allows this provider to create a bastion host instance with a public ip to access the VPC private network.

                  disableIngressRules
                  bool
                  (Optional)

                  DisableIngressRules will ensure there are no Ingress rules in the bastion host’s security group. Requires AllowedCIDRBlocks to be empty.

                  allowedCIDRBlocks
                  []string
                  (Optional)

                  AllowedCIDRBlocks is a list of CIDR blocks allowed to access the bastion host. They are set as ingress rules for the Bastion host’s Security Group (defaults to 0.0.0.0/0).

                  instanceType
                  string

                  InstanceType will use the specified instance type for the bastion. If not specified, Cluster API Provider AWS will use t3.micro for all regions except us-east-1, where t2.micro will be the default.

                  ami
                  string
                  (Optional)

                  AMI will use the specified AMI to boot the bastion. If not specified, the AMI will default to one picked out in public space.

                  BuildParams

                  BuildParams is used to build tags around an aws resource.

                  Field Description
                  Lifecycle
                  ResourceLifecycle

                  Lifecycle determines the resource lifecycle.

                  ClusterName
                  string

                  ClusterName is the cluster associated with the resource.

                  ResourceID
                  string

                  ResourceID is the unique identifier of the resource to be tagged.

                  Name
                  string
                  (Optional)

                  Name is the name of the resource, it’s applied as the tag “Name” on AWS.

                  Role
                  string
                  (Optional)

                  Role is the role associated to the resource.

                  Additional
                  Tags
                  (Optional)

                  Any additional tags to be added to the resource.

                  CNIIngressRule

                  CNIIngressRule defines an AWS ingress rule for CNI requirements.

                  Field Description
                  description
                  string
                  protocol
                  SecurityGroupProtocol
                  fromPort
                  int64
                  toPort
                  int64

                  CNIIngressRules ([]sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta1.CNIIngressRule alias)

                  (Appears on:CNISpec)

                  CNIIngressRules is a slice of CNIIngressRule.

                  CNISpec

                  (Appears on:NetworkSpec)

                  CNISpec defines configuration for CNI.

                  Field Description
                  cniIngressRules
                  CNIIngressRules

                  CNIIngressRules specify rules to apply to control plane and worker node security groups. The source for the rule will be set to control plane and worker security group IDs.

                  ClassicELB

                  (Appears on:NetworkStatus)

                  ClassicELB defines an AWS classic load balancer.

                  Field Description
                  name
                  string
                  (Optional)

                  The name of the load balancer. It must be unique within the set of load balancers defined in the region. It also serves as identifier.

                  dnsName
                  string

                  DNSName is the dns name of the load balancer.

                  scheme
                  ClassicELBScheme

                  Scheme is the load balancer scheme, either internet-facing or private.

                  availabilityZones
                  []string

                  AvailabilityZones is an array of availability zones in the VPC attached to the load balancer.

                  subnetIds
                  []string

                  SubnetIDs is an array of subnets in the VPC attached to the load balancer.

                  securityGroupIds
                  []string

                  SecurityGroupIDs is an array of security groups assigned to the load balancer.

                  listeners
                  []ClassicELBListener

                  Listeners is an array of classic elb listeners associated with the load balancer. There must be at least one.

                  healthChecks
                  ClassicELBHealthCheck

                  HealthCheck is the classic elb health check associated with the load balancer.

                  attributes
                  ClassicELBAttributes

                  Attributes defines extra attributes associated with the load balancer.

                  tags
                  map[string]string

                  Tags is a map of tags associated with the load balancer.

                  ClassicELBAttributes

                  (Appears on:ClassicELB)

                  ClassicELBAttributes defines extra attributes associated with a classic load balancer.

                  Field Description
                  idleTimeout
                  time.Duration

                  IdleTimeout is time that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer.

                  crossZoneLoadBalancing
                  bool
                  (Optional)

                  CrossZoneLoadBalancing enables the classic load balancer load balancing.

                  ClassicELBHealthCheck

                  (Appears on:ClassicELB)

                  ClassicELBHealthCheck defines an AWS classic load balancer health check.

                  Field Description
                  target
                  string
                  interval
                  time.Duration
                  timeout
                  time.Duration
                  healthyThreshold
                  int64
                  unhealthyThreshold
                  int64

                  ClassicELBListener

                  (Appears on:ClassicELB)

                  ClassicELBListener defines an AWS classic load balancer listener.

                  Field Description
                  protocol
                  ClassicELBProtocol
                  port
                  int64
                  instanceProtocol
                  ClassicELBProtocol
                  instancePort
                  int64

                  ClassicELBProtocol (string alias)

                  (Appears on:AWSLoadBalancerSpec, ClassicELBListener)

                  ClassicELBProtocol defines listener protocols for a classic load balancer.

                  ClassicELBScheme (string alias)

                  (Appears on:AWSLoadBalancerSpec, ClassicELB)

                  ClassicELBScheme defines the scheme of a classic load balancer.

                  CloudInit

                  (Appears on:AWSMachineSpec)

                  CloudInit defines options related to the bootstrapping systems where CloudInit is used.

                  Field Description
                  insecureSkipSecretsManager
                  bool

                  InsecureSkipSecretsManager, when set to true will not use AWS Secrets Manager or AWS Systems Manager Parameter Store to ensure privacy of userdata. By default, a cloud-init boothook shell script is prepended to download the userdata from Secrets Manager and additionally delete the secret.

                  secretCount
                  int32
                  (Optional)

                  SecretCount is the number of secrets used to form the complete secret

                  secretPrefix
                  string
                  (Optional)

                  SecretPrefix is the prefix for the secret name. This is stored temporarily, and deleted when the machine registers as a node against the workload cluster.

                  secureSecretsBackend
                  SecretBackend
                  (Optional)

                  SecureSecretsBackend, when set to parameter-store will utilize the AWS Systems Manager Parameter Storage to distribute secrets. By default or with the value of secrets-manager, will use AWS Secrets Manager instead.

                  EKSAMILookupType (string alias)

                  (Appears on:AMIReference)

                  EKSAMILookupType specifies which AWS AMI to use for a AWSMachine and AWSMachinePool.

                  Filter

                  (Appears on:AWSResourceReference)

                  Filter is a filter used to identify an AWS resource.

                  Field Description
                  name
                  string

                  Name of the filter. Filter names are case-sensitive.

                  values
                  []string

                  Values includes one or more filter values. Filter values are case-sensitive.

                  IPv6

                  (Appears on:VPCSpec)

                  IPv6 contains ipv6 specific settings for the network.

                  Field Description
                  cidrBlock
                  string
                  (Optional)

                  CidrBlock is the CIDR block provided by Amazon when VPC has enabled IPv6.

                  poolId
                  string
                  (Optional)

                  PoolID is the IP pool which must be defined in case of BYO IP is defined.

                  egressOnlyInternetGatewayId
                  string
                  (Optional)

                  EgressOnlyInternetGatewayID is the id of the egress only internet gateway associated with an IPv6 enabled VPC.

                  Ignition

                  (Appears on:AWSMachineSpec)

                  Ignition defines options related to the bootstrapping systems where Ignition is used.

                  Field Description
                  version
                  string
                  (Optional)

                  Version defines which version of Ignition will be used to generate bootstrap data.

                  IngressRule

                  IngressRule defines an AWS ingress rule for security groups.

                  Field Description
                  description
                  string
                  protocol
                  SecurityGroupProtocol
                  fromPort
                  int64
                  toPort
                  int64
                  cidrBlocks
                  []string
                  (Optional)

                  List of CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID.

                  ipv6CidrBlocks
                  []string
                  (Optional)

                  List of IPv6 CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID.

                  sourceSecurityGroupIds
                  []string
                  (Optional)

                  The security group id to allow access from. Cannot be specified with CidrBlocks.

                  IngressRules ([]sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta1.IngressRule alias)

                  (Appears on:SecurityGroup)

                  IngressRules is a slice of AWS ingress rules for security groups.

                  Instance

                  (Appears on:AWSClusterStatus)

                  Instance describes an AWS instance.

                  Field Description
                  id
                  string
                  instanceState
                  InstanceState

                  The current state of the instance.

                  type
                  string

                  The instance type.

                  subnetId
                  string

                  The ID of the subnet of the instance.

                  imageId
                  string

                  The ID of the AMI used to launch the instance.

                  sshKeyName
                  string

                  The name of the SSH key pair.

                  securityGroupIds
                  []string

                  SecurityGroupIDs are one or more security group IDs this instance belongs to.

                  userData
                  string

                  UserData is the raw data script passed to the instance which is run upon bootstrap. This field must not be base64 encoded and should only be used when running a new instance.

                  iamProfile
                  string

                  The name of the IAM instance profile associated with the instance, if applicable.

                  addresses
                  []Cluster API api/v1beta1.MachineAddress

                  Addresses contains the AWS instance associated addresses.

                  privateIp
                  string

                  The private IPv4 address assigned to the instance.

                  publicIp
                  string

                  The public IPv4 address assigned to the instance, if applicable.

                  enaSupport
                  bool

                  Specifies whether enhanced networking with ENA is enabled.

                  ebsOptimized
                  bool

                  Indicates whether the instance is optimized for Amazon EBS I/O.

                  rootVolume
                  Volume
                  (Optional)

                  Configuration options for the root storage volume.

                  nonRootVolumes
                  []Volume
                  (Optional)

                  Configuration options for the non root storage volumes.

                  networkInterfaces
                  []string

                  Specifies ENIs attached to instance

                  tags
                  map[string]string

                  The tags associated with the instance.

                  availabilityZone
                  string

                  Availability zone of instance

                  spotMarketOptions
                  SpotMarketOptions

                  SpotMarketOptions option for configuring instances to be run using AWS Spot instances.

                  tenancy
                  string
                  (Optional)

                  Tenancy indicates if instance should run on shared or single-tenant hardware.

                  volumeIDs
                  []string
                  (Optional)

                  IDs of the instance’s volumes

                  InstanceState (string alias)

                  (Appears on:AWSMachineStatus, Instance)

                  InstanceState describes the state of an AWS instance.

                  NetworkSpec

                  (Appears on:AWSClusterSpec)

                  NetworkSpec encapsulates all things related to AWS network.

                  Field Description
                  vpc
                  VPCSpec
                  (Optional)

                  VPC configuration.

                  subnets
                  Subnets
                  (Optional)

                  Subnets configuration.

                  cni
                  CNISpec
                  (Optional)

                  CNI configuration

                  securityGroupOverrides
                  map[sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta1.SecurityGroupRole]string
                  (Optional)

                  SecurityGroupOverrides is an optional set of security groups to use for cluster instances This is optional - if not provided new security groups will be created for the cluster

                  NetworkStatus

                  (Appears on:AWSClusterStatus)

                  NetworkStatus encapsulates AWS networking resources.

                  Field Description
                  securityGroups
                  map[sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta1.SecurityGroupRole]sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta1.SecurityGroup

                  SecurityGroups is a map from the role/kind of the security group to its unique name, if any.

                  apiServerElb
                  ClassicELB

                  APIServerELB is the Kubernetes api server classic load balancer.

                  ResourceLifecycle (string alias)

                  (Appears on:BuildParams)

                  ResourceLifecycle configures the lifecycle of a resource.

                  RouteTable

                  RouteTable defines an AWS routing table.

                  Field Description
                  id
                  string

                  S3Bucket

                  (Appears on:AWSClusterSpec)

                  S3Bucket defines a supporting S3 bucket for the cluster, currently can be optionally used for Ignition.

                  Field Description
                  controlPlaneIAMInstanceProfile
                  string

                  ControlPlaneIAMInstanceProfile is a name of the IAMInstanceProfile, which will be allowed to read control-plane node bootstrap data from S3 Bucket.

                  nodesIAMInstanceProfiles
                  []string

                  NodesIAMInstanceProfiles is a list of IAM instance profiles, which will be allowed to read worker nodes bootstrap data from S3 Bucket.

                  name
                  string

                  Name defines name of S3 Bucket to be created.

                  SecretBackend (string alias)

                  (Appears on:CloudInit)

                  SecretBackend defines variants for backend secret storage.

                  SecurityGroup

                  (Appears on:NetworkStatus)

                  SecurityGroup defines an AWS security group.

                  Field Description
                  id
                  string

                  ID is a unique identifier.

                  name
                  string

                  Name is the security group name.

                  ingressRule
                  IngressRules
                  (Optional)

                  IngressRules is the inbound rules associated with the security group.

                  tags
                  Tags

                  Tags is a map of tags associated with the security group.

                  SecurityGroupProtocol (string alias)

                  (Appears on:CNIIngressRule, IngressRule)

                  SecurityGroupProtocol defines the protocol type for a security group rule.

                  SecurityGroupRole (string alias)

                  SecurityGroupRole defines the unique role of a security group.

                  SpotMarketOptions

                  (Appears on:AWSMachineSpec, Instance)

                  SpotMarketOptions defines the options available to a user when configuring Machines to run on Spot instances. Most users should provide an empty struct.

                  Field Description
                  maxPrice
                  string
                  (Optional)

                  MaxPrice defines the maximum price the user is willing to pay for Spot VM instances

                  SubnetSpec

                  SubnetSpec configures an AWS Subnet.

                  Field Description
                  id
                  string

                  ID defines a unique identifier to reference this resource.

                  cidrBlock
                  string

                  CidrBlock is the CIDR block to be used when the provider creates a managed VPC.

                  ipv6CidrBlock
                  string
                  (Optional)

                  IPv6CidrBlock is the IPv6 CIDR block to be used when the provider creates a managed VPC. A subnet can have an IPv4 and an IPv6 address. IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object.

                  availabilityZone
                  string

                  AvailabilityZone defines the availability zone to use for this subnet in the cluster’s region.

                  isPublic
                  bool
                  (Optional)

                  IsPublic defines the subnet as a public subnet. A subnet is public when it is associated with a route table that has a route to an internet gateway.

                  isIpv6
                  bool
                  (Optional)

                  IsIPv6 defines the subnet as an IPv6 subnet. A subnet is IPv6 when it is associated with a VPC that has IPv6 enabled. IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object.

                  routeTableId
                  string
                  (Optional)

                  RouteTableID is the routing table id associated with the subnet.

                  natGatewayId
                  string
                  (Optional)

                  NatGatewayID is the NAT gateway id associated with the subnet. Ignored unless the subnet is managed by the provider, in which case this is set on the public subnet where the NAT gateway resides. It is then used to determine routes for private subnets in the same AZ as the public subnet.

                  tags
                  Tags

                  Tags is a collection of tags describing the resource.

                  Subnets ([]sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta1.SubnetSpec alias)

                  (Appears on:NetworkSpec)

                  Subnets is a slice of Subnet.

                  Tags (map[string]string alias)

                  (Appears on:AWSClusterSpec, AWSMachineSpec, BuildParams, SecurityGroup, SubnetSpec, VPCSpec)

                  Tags defines a map of tags.

                  VPCSpec

                  (Appears on:NetworkSpec)

                  VPCSpec configures an AWS VPC.

                  Field Description
                  id
                  string

                  ID is the vpc-id of the VPC this provider should use to create resources.

                  cidrBlock
                  string

                  CidrBlock is the CIDR block to be used when the provider creates a managed VPC. Defaults to 10.0.0.0/16.

                  ipv6
                  IPv6
                  (Optional)

                  IPv6 contains ipv6 specific settings for the network. Supported only in managed clusters. This field cannot be set on AWSCluster object.

                  internetGatewayId
                  string
                  (Optional)

                  InternetGatewayID is the id of the internet gateway associated with the VPC.

                  tags
                  Tags

                  Tags is a collection of tags describing the resource.

                  availabilityZoneUsageLimit
                  int

                  AvailabilityZoneUsageLimit specifies the maximum number of availability zones (AZ) that should be used in a region when automatically creating subnets. If a region has more than this number of AZs then this number of AZs will be picked randomly when creating default subnets. Defaults to 3

                  availabilityZoneSelection
                  AZSelectionScheme

                  AvailabilityZoneSelection specifies how AZs should be selected if there are more AZs in a region than specified by AvailabilityZoneUsageLimit. There are 2 selection schemes: Ordered - selects based on alphabetical order Random - selects AZs randomly in a region Defaults to Ordered

                  Volume

                  (Appears on:AWSMachineSpec, Instance)

                  Volume encapsulates the configuration options for the storage device.

                  Field Description
                  deviceName
                  string
                  (Optional)

                  Device name

                  size
                  int64

                  Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater).

                  type
                  VolumeType
                  (Optional)

                  Type is the type of the volume (e.g. gp2, io1, etc…).

                  iops
                  int64
                  (Optional)

                  IOPS is the number of IOPS requested for the disk. Not applicable to all types.

                  throughput
                  int64
                  (Optional)

                  Throughput to provision in MiB/s supported for the volume type. Not applicable to all types.

                  encrypted
                  bool
                  (Optional)

                  Encrypted is whether the volume should be encrypted or not.

                  encryptionKey
                  string
                  (Optional)

                  EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. If Encrypted is set and this is omitted, the default AWS key will be used. The key must already exist and be accessible by the controller.

                  VolumeType (string alias)

                  (Appears on:Volume)

                  VolumeType describes the EBS volume type. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html

                  ASGStatus (string alias)

                  (Appears on:AWSMachinePoolStatus, AutoScalingGroup)

                  ASGStatus is a status string returned by the autoscaling API.

                  AWSFargateProfile

                  AWSFargateProfile is the Schema for the awsfargateprofiles API.

                  Field Description
                  metadata
                  Kubernetes meta/v1.ObjectMeta
                  Refer to the Kubernetes API documentation for the fields of the metadata field.
                  spec
                  FargateProfileSpec


                  clusterName
                  string

                  ClusterName is the name of the Cluster this object belongs to.

                  profileName
                  string

                  ProfileName specifies the profile name.

                  subnetIDs
                  []string
                  (Optional)

                  SubnetIDs specifies which subnets are used for the auto scaling group of this nodegroup.

                  additionalTags
                  Tags
                  (Optional)

                  AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                  roleName
                  string
                  (Optional)

                  RoleName specifies the name of IAM role for this fargate pool If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created.

                  selectors
                  []FargateSelector

                  Selectors specify fargate pod selectors.

                  status
                  FargateProfileStatus

                  AWSLaunchTemplate

                  (Appears on:AWSMachinePoolSpec, AWSManagedMachinePoolSpec)

                  AWSLaunchTemplate defines the desired state of AWSLaunchTemplate.

                  Field Description
                  name
                  string

                  The name of the launch template.

                  iamInstanceProfile
                  string

                  The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The instance profile contains the IAM role.

                  ami
                  AMIReference
                  (Optional)

                  AMI is the reference to the AMI from which to create the machine instance.

                  imageLookupFormat
                  string
                  (Optional)

                  ImageLookupFormat is the AMI naming format to look up the image for this machine It will be ignored if an explicit AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                  imageLookupOrg
                  string

                  ImageLookupOrg is the AWS Organization ID to use for image lookup if AMI is not set.

                  imageLookupBaseOS
                  string

                  ImageLookupBaseOS is the name of the base operating system to use for image lookup the AMI is not set.

                  instanceType
                  string

                  InstanceType is the type of instance to create. Example: m4.xlarge

                  rootVolume
                  Volume
                  (Optional)

                  RootVolume encapsulates the configuration options for the root volume

                  sshKeyName
                  string
                  (Optional)

                  SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                  versionNumber
                  int64

                  VersionNumber is the version of the launch template that is applied. Typically a new version is created when at least one of the following happens: 1) A new launch template spec is applied. 2) One or more parameters in an existing template is changed. 3) A new AMI is discovered.

                  additionalSecurityGroups
                  []AWSResourceReference
                  (Optional)

                  AdditionalSecurityGroups is an array of references to security groups that should be applied to the instances. These security groups would be set in addition to any security groups defined at the cluster level or in the actuator.

                  spotMarketOptions
                  SpotMarketOptions

                  SpotMarketOptions are options for configuring AWSMachinePool instances to be run using AWS Spot instances.

                  AWSMachinePool

                  AWSMachinePool is the Schema for the awsmachinepools API.

                  Field Description
                  metadata
                  Kubernetes meta/v1.ObjectMeta
                  Refer to the Kubernetes API documentation for the fields of the metadata field.
                  spec
                  AWSMachinePoolSpec


                  providerID
                  string
                  (Optional)

                  ProviderID is the ARN of the associated ASG

                  minSize
                  int32

                  MinSize defines the minimum size of the group.

                  maxSize
                  int32

                  MaxSize defines the maximum size of the group.

                  availabilityZones
                  []string

                  AvailabilityZones is an array of availability zones instances can run in

                  subnets
                  []AWSResourceReference
                  (Optional)

                  Subnets is an array of subnet configurations

                  additionalTags
                  Tags
                  (Optional)

                  AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the AWS provider.

                  awsLaunchTemplate
                  AWSLaunchTemplate

                  AWSLaunchTemplate specifies the launch template and version to use when an instance is launched.

                  mixedInstancesPolicy
                  MixedInstancesPolicy

                  MixedInstancesPolicy describes how multiple instance types will be used by the ASG.

                  providerIDList
                  []string
                  (Optional)

                  ProviderIDList are the identification IDs of machine instances provided by the provider. This field must match the provider IDs as seen on the node objects corresponding to a machine pool’s machine instances.

                  defaultCoolDown
                  Kubernetes meta/v1.Duration
                  (Optional)

                  The amount of time, in seconds, after a scaling activity completes before another scaling activity can start. If no value is supplied by user a default value of 300 seconds is set

                  refreshPreferences
                  RefreshPreferences
                  (Optional)

                  RefreshPreferences describes set of preferences associated with the instance refresh request.

                  capacityRebalance
                  bool
                  (Optional)

                  Enable or disable the capacity rebalance autoscaling group feature

                  status
                  AWSMachinePoolStatus

                  AWSMachinePoolInstanceStatus

                  (Appears on:AWSMachinePoolStatus)

                  AWSMachinePoolInstanceStatus defines the status of the AWSMachinePoolInstance.

                  Field Description
                  instanceID
                  string
                  (Optional)

                  InstanceID is the identification of the Machine Instance within ASG

                  version
                  string
                  (Optional)

                  Version defines the Kubernetes version for the Machine Instance

                  AWSMachinePoolSpec

                  (Appears on:AWSMachinePool)

                  AWSMachinePoolSpec defines the desired state of AWSMachinePool.

                  Field Description
                  providerID
                  string
                  (Optional)

                  ProviderID is the ARN of the associated ASG

                  minSize
                  int32

                  MinSize defines the minimum size of the group.

                  maxSize
                  int32

                  MaxSize defines the maximum size of the group.

                  availabilityZones
                  []string

                  AvailabilityZones is an array of availability zones instances can run in

                  subnets
                  []AWSResourceReference
                  (Optional)

                  Subnets is an array of subnet configurations

                  additionalTags
                  Tags
                  (Optional)

                  AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the AWS provider.

                  awsLaunchTemplate
                  AWSLaunchTemplate

                  AWSLaunchTemplate specifies the launch template and version to use when an instance is launched.

                  mixedInstancesPolicy
                  MixedInstancesPolicy

                  MixedInstancesPolicy describes how multiple instance types will be used by the ASG.

                  providerIDList
                  []string
                  (Optional)

                  ProviderIDList are the identification IDs of machine instances provided by the provider. This field must match the provider IDs as seen on the node objects corresponding to a machine pool’s machine instances.

                  defaultCoolDown
                  Kubernetes meta/v1.Duration
                  (Optional)

                  The amount of time, in seconds, after a scaling activity completes before another scaling activity can start. If no value is supplied by user a default value of 300 seconds is set

                  refreshPreferences
                  RefreshPreferences
                  (Optional)

                  RefreshPreferences describes set of preferences associated with the instance refresh request.

                  capacityRebalance
                  bool
                  (Optional)

                  Enable or disable the capacity rebalance autoscaling group feature

                  AWSMachinePoolStatus

                  (Appears on:AWSMachinePool)

                  AWSMachinePoolStatus defines the observed state of AWSMachinePool.

                  Field Description
                  ready
                  bool
                  (Optional)

                  Ready is true when the provider resource is ready.

                  replicas
                  int32
                  (Optional)

                  Replicas is the most recently observed number of replicas

                  conditions
                  Cluster API api/v1beta1.Conditions
                  (Optional)

                  Conditions defines current service state of the AWSMachinePool.

                  instances
                  []AWSMachinePoolInstanceStatus
                  (Optional)

                  Instances contains the status for each instance in the pool

                  launchTemplateID
                  string

                  The ID of the launch template

                  launchTemplateVersion
                  string
                  (Optional)

                  The version of the launch template

                  failureReason
                  Cluster API errors.MachineStatusError
                  (Optional)

                  FailureReason will be set in the event that there is a terminal problem reconciling the Machine and will contain a succinct value suitable for machine interpretation.

                  This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                  Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller’s output.

                  failureMessage
                  string
                  (Optional)

                  FailureMessage will be set in the event that there is a terminal problem reconciling the Machine and will contain a more verbose string suitable for logging and human consumption.

                  This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                  Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller’s output.

                  asgStatus
                  ASGStatus

                  AWSManagedMachinePool

                  AWSManagedMachinePool is the Schema for the awsmanagedmachinepools API.

                  Field Description
                  metadata
                  Kubernetes meta/v1.ObjectMeta
                  Refer to the Kubernetes API documentation for the fields of the metadata field.
                  spec
                  AWSManagedMachinePoolSpec


                  eksNodegroupName
                  string
                  (Optional)

                  EKSNodegroupName specifies the name of the nodegroup in AWS corresponding to this MachinePool. If you don’t specify a name then a default name will be created based on the namespace and name of the managed machine pool.

                  availabilityZones
                  []string

                  AvailabilityZones is an array of availability zones instances can run in

                  subnetIDs
                  []string
                  (Optional)

                  SubnetIDs specifies which subnets are used for the auto scaling group of this nodegroup

                  additionalTags
                  Tags
                  (Optional)

                  AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                  roleAdditionalPolicies
                  []string
                  (Optional)

                  RoleAdditionalPolicies allows you to attach additional polices to the node group role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role.

                  roleName
                  string
                  (Optional)

                  RoleName specifies the name of IAM role for the node group. If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created.

                  amiVersion
                  string
                  (Optional)

                  AMIVersion defines the desired AMI release version. If no version number is supplied then the latest version for the Kubernetes version will be used

                  amiType
                  ManagedMachineAMIType
                  (Optional)

                  AMIType defines the AMI type

                  labels
                  map[string]string
                  (Optional)

                  Labels specifies labels for the Kubernetes node objects

                  taints
                  Taints
                  (Optional)

                  Taints specifies the taints to apply to the nodes of the machine pool

                  diskSize
                  int32
                  (Optional)

                  DiskSize specifies the root disk size

                  instanceType
                  string
                  (Optional)

                  InstanceType specifies the AWS instance type

                  scaling
                  ManagedMachinePoolScaling
                  (Optional)

                  Scaling specifies scaling for the ASG behind this pool

                  remoteAccess
                  ManagedRemoteAccess
                  (Optional)

                  RemoteAccess specifies how machines can be accessed remotely

                  providerIDList
                  []string
                  (Optional)

                  ProviderIDList are the provider IDs of instances in the autoscaling group corresponding to the nodegroup represented by this machine pool

                  capacityType
                  ManagedMachinePoolCapacityType
                  (Optional)

                  CapacityType specifies the capacity type for the ASG behind this pool

                  updateConfig
                  UpdateConfig
                  (Optional)

                  UpdateConfig holds the optional config to control the behaviour of the update to the nodegroup.

                  awsLaunchTemplate
                  AWSLaunchTemplate
                  (Optional)

                  AWSLaunchTemplate specifies the launch template to use to create the managed node group. If AWSLaunchTemplate is specified, certain node group configuraions outside of launch template are prohibited (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html).

                  status
                  AWSManagedMachinePoolStatus

                  AWSManagedMachinePoolSpec

                  (Appears on:AWSManagedMachinePool)

                  AWSManagedMachinePoolSpec defines the desired state of AWSManagedMachinePool.

                  Field Description
                  eksNodegroupName
                  string
                  (Optional)

                  EKSNodegroupName specifies the name of the nodegroup in AWS corresponding to this MachinePool. If you don’t specify a name then a default name will be created based on the namespace and name of the managed machine pool.

                  availabilityZones
                  []string

                  AvailabilityZones is an array of availability zones instances can run in

                  subnetIDs
                  []string
                  (Optional)

                  SubnetIDs specifies which subnets are used for the auto scaling group of this nodegroup

                  additionalTags
                  Tags
                  (Optional)

                  AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                  roleAdditionalPolicies
                  []string
                  (Optional)

                  RoleAdditionalPolicies allows you to attach additional polices to the node group role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role.

                  roleName
                  string
                  (Optional)

                  RoleName specifies the name of IAM role for the node group. If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created.

                  amiVersion
                  string
                  (Optional)

                  AMIVersion defines the desired AMI release version. If no version number is supplied then the latest version for the Kubernetes version will be used

                  amiType
                  ManagedMachineAMIType
                  (Optional)

                  AMIType defines the AMI type

                  labels
                  map[string]string
                  (Optional)

                  Labels specifies labels for the Kubernetes node objects

                  taints
                  Taints
                  (Optional)

                  Taints specifies the taints to apply to the nodes of the machine pool

                  diskSize
                  int32
                  (Optional)

                  DiskSize specifies the root disk size

                  instanceType
                  string
                  (Optional)

                  InstanceType specifies the AWS instance type

                  scaling
                  ManagedMachinePoolScaling
                  (Optional)

                  Scaling specifies scaling for the ASG behind this pool

                  remoteAccess
                  ManagedRemoteAccess
                  (Optional)

                  RemoteAccess specifies how machines can be accessed remotely

                  providerIDList
                  []string
                  (Optional)

                  ProviderIDList are the provider IDs of instances in the autoscaling group corresponding to the nodegroup represented by this machine pool

                  capacityType
                  ManagedMachinePoolCapacityType
                  (Optional)

                  CapacityType specifies the capacity type for the ASG behind this pool

                  updateConfig
                  UpdateConfig
                  (Optional)

                  UpdateConfig holds the optional config to control the behaviour of the update to the nodegroup.

                  awsLaunchTemplate
                  AWSLaunchTemplate
                  (Optional)

                  AWSLaunchTemplate specifies the launch template to use to create the managed node group. If AWSLaunchTemplate is specified, certain node group configuraions outside of launch template are prohibited (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html).

                  AWSManagedMachinePoolStatus

                  (Appears on:AWSManagedMachinePool)

                  AWSManagedMachinePoolStatus defines the observed state of AWSManagedMachinePool.

                  Field Description
                  ready
                  bool

                  Ready denotes that the AWSManagedMachinePool nodegroup has joined the cluster

                  replicas
                  int32
                  (Optional)

                  Replicas is the most recently observed number of replicas.

                  launchTemplateID
                  string
                  (Optional)

                  The ID of the launch template

                  launchTemplateVersion
                  string
                  (Optional)

                  The version of the launch template

                  failureReason
                  Cluster API errors.MachineStatusError
                  (Optional)

                  FailureReason will be set in the event that there is a terminal problem reconciling the MachinePool and will contain a succinct value suitable for machine interpretation.

                  This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                  Any transient errors that occur during the reconciliation of MachinePools can be added as events to the MachinePool object and/or logged in the controller’s output.

                  failureMessage
                  string
                  (Optional)

                  FailureMessage will be set in the event that there is a terminal problem reconciling the MachinePool and will contain a more verbose string suitable for logging and human consumption.

                  This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the MachinePool’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                  Any transient errors that occur during the reconciliation of MachinePools can be added as events to the MachinePool object and/or logged in the controller’s output.

                  conditions
                  Cluster API api/v1beta1.Conditions
                  (Optional)

                  Conditions defines current service state of the managed machine pool

                  AutoScalingGroup

                  AutoScalingGroup describes an AWS autoscaling group.

                  Field Description
                  id
                  string

                  The tags associated with the instance.

                  tags
                  Tags
                  name
                  string
                  desiredCapacity
                  int32
                  maxSize
                  int32
                  minSize
                  int32
                  placementGroup
                  string
                  subnets
                  []string
                  defaultCoolDown
                  Kubernetes meta/v1.Duration
                  capacityRebalance
                  bool
                  mixedInstancesPolicy
                  MixedInstancesPolicy
                  Status
                  ASGStatus
                  instances
                  []Instance

                  BlockDeviceMapping

                  BlockDeviceMapping specifies the block devices for the instance. You can specify virtual devices and EBS volumes.

                  Field Description
                  deviceName
                  string

                  The device name exposed to the EC2 instance (for example, /dev/sdh or xvdh).

                  ebs
                  EBS
                  (Optional)

                  You can specify either VirtualName or Ebs, but not both.

                  EBS

                  (Appears on:BlockDeviceMapping)

                  EBS can be used to automatically set up EBS volumes when an instance is launched.

                  Field Description
                  encrypted
                  bool
                  (Optional)

                  Encrypted is whether the volume should be encrypted or not.

                  volumeSize
                  int64
                  (Optional)

                  The size of the volume, in GiB. This can be a number from 1-1,024 for standard, 4-16,384 for io1, 1-16,384 for gp2, and 500-16,384 for st1 and sc1. If you specify a snapshot, the volume size must be equal to or larger than the snapshot size.

                  volumeType
                  string
                  (Optional)

                  The volume type For more information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html)

                  FargateProfileSpec

                  (Appears on:AWSFargateProfile)

                  FargateProfileSpec defines the desired state of FargateProfile.

                  Field Description
                  clusterName
                  string

                  ClusterName is the name of the Cluster this object belongs to.

                  profileName
                  string

                  ProfileName specifies the profile name.

                  subnetIDs
                  []string
                  (Optional)

                  SubnetIDs specifies which subnets are used for the auto scaling group of this nodegroup.

                  additionalTags
                  Tags
                  (Optional)

                  AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                  roleName
                  string
                  (Optional)

                  RoleName specifies the name of IAM role for this fargate pool If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created.

                  selectors
                  []FargateSelector

                  Selectors specify fargate pod selectors.

                  FargateProfileStatus

                  (Appears on:AWSFargateProfile)

                  FargateProfileStatus defines the observed state of FargateProfile.

                  Field Description
                  ready
                  bool

                  Ready denotes that the FargateProfile is available.

                  failureReason
                  Cluster API errors.MachineStatusError
                  (Optional)

                  FailureReason will be set in the event that there is a terminal problem reconciling the FargateProfile and will contain a succinct value suitable for machine interpretation.

                  This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the FargateProfile’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                  Any transient errors that occur during the reconciliation of FargateProfiles can be added as events to the FargateProfile object and/or logged in the controller’s output.

                  failureMessage
                  string
                  (Optional)

                  FailureMessage will be set in the event that there is a terminal problem reconciling the FargateProfile and will contain a more verbose string suitable for logging and human consumption.

                  This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the FargateProfile’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                  Any transient errors that occur during the reconciliation of FargateProfiles can be added as events to the FargateProfile object and/or logged in the controller’s output.

                  conditions
                  Cluster API api/v1beta1.Conditions
                  (Optional)

                  Conditions defines current state of the Fargate profile.

                  FargateSelector

                  (Appears on:FargateProfileSpec)

                  FargateSelector specifies a selector for pods that should run on this fargate pool.

                  Field Description
                  labels
                  map[string]string

                  Labels specifies which pod labels this selector should match.

                  namespace
                  string

                  Namespace specifies which namespace this selector should match.

                  InstancesDistribution

                  (Appears on:MixedInstancesPolicy)

                  InstancesDistribution to configure distribution of On-Demand Instances and Spot Instances.

                  Field Description
                  onDemandAllocationStrategy
                  OnDemandAllocationStrategy
                  spotAllocationStrategy
                  SpotAllocationStrategy
                  onDemandBaseCapacity
                  int64
                  onDemandPercentageAboveBaseCapacity
                  int64

                  ManagedMachineAMIType (string alias)

                  (Appears on:AWSManagedMachinePoolSpec)

                  ManagedMachineAMIType specifies which AWS AMI to use for a managed MachinePool.

                  Value Description

                  "AL2023_ARM_64_STANDARD"

                  Al2023Arm64 is the AL2023 Arm AMI type.

                  "AL2023_x86_64_STANDARD"

                  Al2023x86_64 is the AL2023 x86-64 AMI type.

                  "AL2_ARM_64"

                  Al2Arm64 is the Arm AMI type.

                  "AL2_x86_64"

                  Al2x86_64 is the default AMI type.

                  "AL2_x86_64_GPU"

                  Al2x86_64GPU is the x86-64 GPU AMI type.

                  ManagedMachinePoolCapacityType (string alias)

                  (Appears on:AWSManagedMachinePoolSpec)

                  ManagedMachinePoolCapacityType specifies the capacity type to be used for the managed MachinePool.

                  Value Description

                  "onDemand"

                  ManagedMachinePoolCapacityTypeOnDemand is the default capacity type, to launch on-demand instances.

                  "spot"

                  ManagedMachinePoolCapacityTypeSpot is the spot instance capacity type to launch spot instances.

                  ManagedMachinePoolScaling

                  (Appears on:AWSManagedMachinePoolSpec)

                  ManagedMachinePoolScaling specifies scaling options.

                  Field Description
                  minSize
                  int32
                  maxSize
                  int32

                  ManagedRemoteAccess

                  (Appears on:AWSManagedMachinePoolSpec)

                  ManagedRemoteAccess specifies remote access settings for EC2 instances.

                  Field Description
                  sshKeyName
                  string

                  SSHKeyName specifies which EC2 SSH key can be used to access machines. If left empty, the key from the control plane is used.

                  sourceSecurityGroups
                  []string

                  SourceSecurityGroups specifies which security groups are allowed access

                  public
                  bool

                  Public specifies whether to open port 22 to the public internet

                  MixedInstancesPolicy

                  (Appears on:AWSMachinePoolSpec, AutoScalingGroup)

                  MixedInstancesPolicy for an Auto Scaling group.

                  Field Description
                  instancesDistribution
                  InstancesDistribution
                  overrides
                  []Overrides

                  OnDemandAllocationStrategy (string alias)

                  (Appears on:InstancesDistribution)

                  OnDemandAllocationStrategy indicates how to allocate instance types to fulfill On-Demand capacity.

                  Overrides

                  (Appears on:MixedInstancesPolicy)

                  Overrides are used to override the instance type specified by the launch template with multiple instance types that can be used to launch On-Demand Instances and Spot Instances.

                  Field Description
                  instanceType
                  string

                  RefreshPreferences

                  (Appears on:AWSMachinePoolSpec)

                  RefreshPreferences defines the specs for instance refreshing.

                  Field Description
                  strategy
                  string
                  (Optional)

                  The strategy to use for the instance refresh. The only valid value is Rolling. A rolling update is an update that is applied to all instances in an Auto Scaling group until all instances have been updated.

                  instanceWarmup
                  int64
                  (Optional)

                  The number of seconds until a newly launched instance is configured and ready to use. During this time, the next replacement will not be initiated. The default is to use the value for the health check grace period defined for the group.

                  minHealthyPercentage
                  int64
                  (Optional)

                  The amount of capacity as a percentage in ASG that must remain healthy during an instance refresh. The default is 90.

                  SpotAllocationStrategy (string alias)

                  (Appears on:InstancesDistribution)

                  SpotAllocationStrategy indicates how to allocate instances across Spot Instance pools.

                  Tags (map[string]string alias)

                  Tags is a mapping for tags.

                  Taint

                  Taint defines the specs for a Kubernetes taint.

                  Field Description
                  effect
                  TaintEffect

                  Effect specifies the effect for the taint

                  key
                  string

                  Key is the key of the taint

                  value
                  string

                  Value is the value of the taint

                  TaintEffect (string alias)

                  (Appears on:Taint)

                  TaintEffect is the effect for a Kubernetes taint.

                  Taints ([]sigs.k8s.io/cluster-api-provider-aws/v2/exp/api/v1beta1.Taint alias)

                  (Appears on:AWSManagedMachinePoolSpec)

                  Taints is an array of Taints.

                  UpdateConfig

                  (Appears on:AWSManagedMachinePoolSpec)

                  UpdateConfig is the configuration options for updating a nodegroup. Only one of MaxUnavailable and MaxUnavailablePercentage should be specified.

                  Field Description
                  maxUnavailable
                  int
                  (Optional)

                  MaxUnavailable is the maximum number of nodes unavailable at once during a version update. Nodes will be updated in parallel. The maximum number is 100.

                  maxUnavailablePrecentage
                  int
                  (Optional)

                  MaxUnavailablePercentage is the maximum percentage of nodes unavailable during a version update. This percentage of nodes will be updated in parallel, up to 100 nodes at once.


                  infrastructure.cluster.x-k8s.io/v1beta2

                  Package v1beta2 contains the v1beta2 API implementation.

                  Resource Types:

                    AMIReference

                    (Appears on:AWSMachineSpec, AWSLaunchTemplate, AWSLaunchTemplate)

                    AMIReference is a reference to a specific AWS resource by ID, ARN, or filters. Only one of ID, ARN or Filters may be specified. Specifying more than one will result in a validation error.

                    Field Description
                    id
                    string
                    (Optional)

                    ID of resource

                    eksLookupType
                    EKSAMILookupType
                    (Optional)

                    EKSOptimizedLookupType If specified, will look up an EKS Optimized image in SSM Parameter store

                    AWSCluster

                    AWSCluster is the schema for Amazon EC2 based Kubernetes Cluster API.

                    Field Description
                    metadata
                    Kubernetes meta/v1.ObjectMeta
                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    AWSClusterSpec


                    network
                    NetworkSpec

                    NetworkSpec encapsulates all things related to AWS network.

                    region
                    string

                    The AWS Region the cluster lives in.

                    partition
                    string
                    (Optional)

                    Partition is the AWS security partition being used. Defaults to “aws”

                    sshKeyName
                    string
                    (Optional)

                    SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                    controlPlaneEndpoint
                    Cluster API api/v1beta1.APIEndpoint
                    (Optional)

                    ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                    controlPlaneLoadBalancer
                    AWSLoadBalancerSpec
                    (Optional)

                    ControlPlaneLoadBalancer is optional configuration for customizing control plane behavior.

                    secondaryControlPlaneLoadBalancer
                    AWSLoadBalancerSpec
                    (Optional)

                    SecondaryControlPlaneLoadBalancer is an additional load balancer that can be used for the control plane.

                    An example use case is to have a separate internal load balancer for internal traffic, and a separate external load balancer for external traffic.

                    imageLookupFormat
                    string
                    (Optional)

                    ImageLookupFormat is the AMI naming format to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                    imageLookupOrg
                    string
                    (Optional)

                    ImageLookupOrg is the AWS Organization ID to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg.

                    imageLookupBaseOS
                    string

                    ImageLookupBaseOS is the name of the base operating system used to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupBaseOS.

                    bastion
                    Bastion
                    (Optional)

                    Bastion contains options to configure the bastion host.

                    identityRef
                    AWSIdentityReference

                    IdentityRef is a reference to an identity to be used when reconciling the managed control plane. If no identity is specified, the default identity for this controller will be used.

                    s3Bucket
                    S3Bucket
                    (Optional)

                    S3Bucket contains options to configure a supporting S3 bucket for this cluster - currently used for nodes requiring Ignition (https://coreos.github.io/ignition/) for bootstrapping (requires BootstrapFormatIgnition feature flag to be enabled).

                    status
                    AWSClusterStatus

                    AWSClusterControllerIdentity

                    AWSClusterControllerIdentity is the Schema for the awsclustercontrolleridentities API It is used to grant access to use Cluster API Provider AWS Controller credentials.

                    Field Description
                    metadata
                    Kubernetes meta/v1.ObjectMeta
                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    AWSClusterControllerIdentitySpec

                    Spec for this AWSClusterControllerIdentity.



                    AWSClusterIdentitySpec
                    AWSClusterIdentitySpec

                    (Members of AWSClusterIdentitySpec are embedded into this type.)

                    AWSClusterControllerIdentitySpec

                    (Appears on:AWSClusterControllerIdentity)

                    AWSClusterControllerIdentitySpec defines the specifications for AWSClusterControllerIdentity.

                    Field Description
                    AWSClusterIdentitySpec
                    AWSClusterIdentitySpec

                    (Members of AWSClusterIdentitySpec are embedded into this type.)

                    AWSClusterIdentitySpec

                    (Appears on:AWSClusterControllerIdentitySpec, AWSClusterRoleIdentitySpec, AWSClusterStaticIdentitySpec)

                    AWSClusterIdentitySpec defines the Spec struct for AWSClusterIdentity types.

                    Field Description
                    allowedNamespaces
                    AllowedNamespaces
                    (Optional)

                    AllowedNamespaces is used to identify which namespaces are allowed to use the identity from. Namespaces can be selected either using an array of namespaces or with label selector. An empty allowedNamespaces object indicates that AWSClusters can use this identity from any namespace. If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) A namespace should be either in the NamespaceList or match with Selector to use the identity.

                    AWSClusterRoleIdentity

                    AWSClusterRoleIdentity is the Schema for the awsclusterroleidentities API It is used to assume a role using the provided sourceRef.

                    Field Description
                    metadata
                    Kubernetes meta/v1.ObjectMeta
                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    AWSClusterRoleIdentitySpec

                    Spec for this AWSClusterRoleIdentity.



                    AWSClusterIdentitySpec
                    AWSClusterIdentitySpec

                    (Members of AWSClusterIdentitySpec are embedded into this type.)

                    AWSRoleSpec
                    AWSRoleSpec

                    (Members of AWSRoleSpec are embedded into this type.)

                    externalID
                    string
                    (Optional)

                    A unique identifier that might be required when you assume a role in another account. If the administrator of the account to which the role belongs provided you with an external ID, then provide that value in the ExternalId parameter. This value can be any string, such as a passphrase or account number. A cross-account role is usually set up to trust everyone in an account. Therefore, the administrator of the trusting account might send an external ID to the administrator of the trusted account. That way, only someone with the ID can assume the role, rather than everyone in the account. For more information about the external ID, see How to Use an External ID When Granting Access to Your AWS Resources to a Third Party in the IAM User Guide.

                    sourceIdentityRef
                    AWSIdentityReference

                    SourceIdentityRef is a reference to another identity which will be chained to do role assumption. All identity types are accepted.

                    AWSClusterRoleIdentitySpec

                    (Appears on:AWSClusterRoleIdentity)

                    AWSClusterRoleIdentitySpec defines the specifications for AWSClusterRoleIdentity.

                    Field Description
                    AWSClusterIdentitySpec
                    AWSClusterIdentitySpec

                    (Members of AWSClusterIdentitySpec are embedded into this type.)

                    AWSRoleSpec
                    AWSRoleSpec

                    (Members of AWSRoleSpec are embedded into this type.)

                    externalID
                    string
                    (Optional)

                    A unique identifier that might be required when you assume a role in another account. If the administrator of the account to which the role belongs provided you with an external ID, then provide that value in the ExternalId parameter. This value can be any string, such as a passphrase or account number. A cross-account role is usually set up to trust everyone in an account. Therefore, the administrator of the trusting account might send an external ID to the administrator of the trusted account. That way, only someone with the ID can assume the role, rather than everyone in the account. For more information about the external ID, see How to Use an External ID When Granting Access to Your AWS Resources to a Third Party in the IAM User Guide.

                    sourceIdentityRef
                    AWSIdentityReference

                    SourceIdentityRef is a reference to another identity which will be chained to do role assumption. All identity types are accepted.

                    AWSClusterSpec

                    (Appears on:AWSCluster, AWSClusterTemplateResource)

                    AWSClusterSpec defines the desired state of an EC2-based Kubernetes cluster.

                    Field Description
                    network
                    NetworkSpec

                    NetworkSpec encapsulates all things related to AWS network.

                    region
                    string

                    The AWS Region the cluster lives in.

                    partition
                    string
                    (Optional)

                    Partition is the AWS security partition being used. Defaults to “aws”

                    sshKeyName
                    string
                    (Optional)

                    SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                    controlPlaneEndpoint
                    Cluster API api/v1beta1.APIEndpoint
                    (Optional)

                    ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                    controlPlaneLoadBalancer
                    AWSLoadBalancerSpec
                    (Optional)

                    ControlPlaneLoadBalancer is optional configuration for customizing control plane behavior.

                    secondaryControlPlaneLoadBalancer
                    AWSLoadBalancerSpec
                    (Optional)

                    SecondaryControlPlaneLoadBalancer is an additional load balancer that can be used for the control plane.

                    An example use case is to have a separate internal load balancer for internal traffic, and a separate external load balancer for external traffic.

                    imageLookupFormat
                    string
                    (Optional)

                    ImageLookupFormat is the AMI naming format to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                    imageLookupOrg
                    string
                    (Optional)

                    ImageLookupOrg is the AWS Organization ID to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg.

                    imageLookupBaseOS
                    string

                    ImageLookupBaseOS is the name of the base operating system used to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupBaseOS.

                    bastion
                    Bastion
                    (Optional)

                    Bastion contains options to configure the bastion host.

                    identityRef
                    AWSIdentityReference

                    IdentityRef is a reference to an identity to be used when reconciling the managed control plane. If no identity is specified, the default identity for this controller will be used.

                    s3Bucket
                    S3Bucket
                    (Optional)

                    S3Bucket contains options to configure a supporting S3 bucket for this cluster - currently used for nodes requiring Ignition (https://coreos.github.io/ignition/) for bootstrapping (requires BootstrapFormatIgnition feature flag to be enabled).

                    AWSClusterStaticIdentity

                    AWSClusterStaticIdentity is the Schema for the awsclusterstaticidentities API It represents a reference to an AWS access key ID and secret access key, stored in a secret.

                    Field Description
                    metadata
                    Kubernetes meta/v1.ObjectMeta
                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    AWSClusterStaticIdentitySpec

                    Spec for this AWSClusterStaticIdentity



                    AWSClusterIdentitySpec
                    AWSClusterIdentitySpec

                    (Members of AWSClusterIdentitySpec are embedded into this type.)

                    secretRef
                    string

                    Reference to a secret containing the credentials. The secret should contain the following data keys: AccessKeyID: AKIAIOSFODNN7EXAMPLE SecretAccessKey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY SessionToken: Optional

                    AWSClusterStaticIdentitySpec

                    (Appears on:AWSClusterStaticIdentity)

                    AWSClusterStaticIdentitySpec defines the specifications for AWSClusterStaticIdentity.

                    Field Description
                    AWSClusterIdentitySpec
                    AWSClusterIdentitySpec

                    (Members of AWSClusterIdentitySpec are embedded into this type.)

                    secretRef
                    string

                    Reference to a secret containing the credentials. The secret should contain the following data keys: AccessKeyID: AKIAIOSFODNN7EXAMPLE SecretAccessKey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY SessionToken: Optional

                    AWSClusterStatus

                    (Appears on:AWSCluster)

                    AWSClusterStatus defines the observed state of AWSCluster.

                    Field Description
                    ready
                    bool
                    networkStatus
                    NetworkStatus
                    failureDomains
                    Cluster API api/v1beta1.FailureDomains
                    bastion
                    Instance
                    conditions
                    Cluster API api/v1beta1.Conditions

                    AWSClusterTemplate

                    AWSClusterTemplate is the schema for Amazon EC2 based Kubernetes Cluster Templates.

                    Field Description
                    metadata
                    Kubernetes meta/v1.ObjectMeta
                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    AWSClusterTemplateSpec


                    template
                    AWSClusterTemplateResource

                    AWSClusterTemplateResource

                    (Appears on:AWSClusterTemplateSpec)

                    AWSClusterTemplateResource defines the desired state of AWSClusterTemplateResource.

                    Field Description
                    metadata
                    Cluster API api/v1beta1.ObjectMeta
                    (Optional)

                    Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    AWSClusterSpec


                    network
                    NetworkSpec

                    NetworkSpec encapsulates all things related to AWS network.

                    region
                    string

                    The AWS Region the cluster lives in.

                    partition
                    string
                    (Optional)

                    Partition is the AWS security partition being used. Defaults to “aws”

                    sshKeyName
                    string
                    (Optional)

                    SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                    controlPlaneEndpoint
                    Cluster API api/v1beta1.APIEndpoint
                    (Optional)

                    ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                    controlPlaneLoadBalancer
                    AWSLoadBalancerSpec
                    (Optional)

                    ControlPlaneLoadBalancer is optional configuration for customizing control plane behavior.

                    secondaryControlPlaneLoadBalancer
                    AWSLoadBalancerSpec
                    (Optional)

                    SecondaryControlPlaneLoadBalancer is an additional load balancer that can be used for the control plane.

                    An example use case is to have a separate internal load balancer for internal traffic, and a separate external load balancer for external traffic.

                    imageLookupFormat
                    string
                    (Optional)

                    ImageLookupFormat is the AMI naming format to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                    imageLookupOrg
                    string
                    (Optional)

                    ImageLookupOrg is the AWS Organization ID to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupOrg.

                    imageLookupBaseOS
                    string

                    ImageLookupBaseOS is the name of the base operating system used to look up machine images when a machine does not specify an AMI. When set, this will be used for all cluster machines unless a machine specifies a different ImageLookupBaseOS.

                    bastion
                    Bastion
                    (Optional)

                    Bastion contains options to configure the bastion host.

                    identityRef
                    AWSIdentityReference

                    IdentityRef is a reference to an identity to be used when reconciling the managed control plane. If no identity is specified, the default identity for this controller will be used.

                    s3Bucket
                    S3Bucket
                    (Optional)

                    S3Bucket contains options to configure a supporting S3 bucket for this cluster - currently used for nodes requiring Ignition (https://coreos.github.io/ignition/) for bootstrapping (requires BootstrapFormatIgnition feature flag to be enabled).

                    AWSClusterTemplateSpec

                    (Appears on:AWSClusterTemplate)

                    AWSClusterTemplateSpec defines the desired state of AWSClusterTemplate.

                    Field Description
                    template
                    AWSClusterTemplateResource

                    AWSIdentityKind (string alias)

                    (Appears on:AWSIdentityReference)

                    AWSIdentityKind defines allowed AWS identity types.

                    AWSIdentityReference

                    (Appears on:AWSClusterRoleIdentitySpec, AWSClusterSpec, AWSManagedControlPlaneSpec, AWSManagedControlPlaneSpec, RosaControlPlaneSpec)

                    AWSIdentityReference specifies a identity.

                    Field Description
                    name
                    string

                    Name of the identity.

                    kind
                    AWSIdentityKind

                    Kind of the identity.

                    AWSLoadBalancerSpec

                    (Appears on:AWSClusterSpec)

                    AWSLoadBalancerSpec defines the desired state of an AWS load balancer.

                    Field Description
                    name
                    string
                    (Optional)

                    Name sets the name of the classic ELB load balancer. As per AWS, the name must be unique within your set of load balancers for the region, must have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and cannot begin or end with a hyphen. Once set, the value cannot be changed.

                    scheme
                    ELBScheme
                    (Optional)

                    Scheme sets the scheme of the load balancer (defaults to internet-facing)

                    crossZoneLoadBalancing
                    bool
                    (Optional)

                    CrossZoneLoadBalancing enables the classic ELB cross availability zone balancing.

                    With cross-zone load balancing, each load balancer node for your Classic Load Balancer distributes requests evenly across the registered instances in all enabled Availability Zones. If cross-zone load balancing is disabled, each load balancer node distributes requests evenly across the registered instances in its Availability Zone only.

                    Defaults to false.

                    subnets
                    []string
                    (Optional)

                    Subnets sets the subnets that should be applied to the control plane load balancer (defaults to discovered subnets for managed VPCs or an empty set for unmanaged VPCs)

                    healthCheckProtocol
                    ELBProtocol
                    (Optional)

                    HealthCheckProtocol sets the protocol type for ELB health check target default value is ELBProtocolSSL

                    healthCheck
                    TargetGroupHealthCheckAPISpec
                    (Optional)

                    HealthCheck sets custom health check configuration to the API target group.

                    additionalSecurityGroups
                    []string
                    (Optional)

                    AdditionalSecurityGroups sets the security groups used by the load balancer. Expected to be security group IDs This is optional - if not provided new security groups will be created for the load balancer

                    additionalListeners
                    []AdditionalListenerSpec
                    (Optional)

                    AdditionalListeners sets the additional listeners for the control plane load balancer. This is only applicable to Network Load Balancer (NLB) types for the time being.

                    ingressRules
                    []IngressRule
                    (Optional)

                    IngressRules sets the ingress rules for the control plane load balancer.

                    loadBalancerType
                    LoadBalancerType

                    LoadBalancerType sets the type for a load balancer. The default type is classic.

                    disableHostsRewrite
                    bool

                    DisableHostsRewrite disabled the hair pinning issue solution that adds the NLB’s address as 127.0.0.1 to the hosts file of each instance. This is by default, false.

                    preserveClientIP
                    bool

                    PreserveClientIP lets the user control if preservation of client ips must be retained or not. If this is enabled 6443 will be opened to 0.0.0.0/0.

                    AWSMachine

                    AWSMachine is the schema for Amazon EC2 machines.

                    Field Description
                    metadata
                    Kubernetes meta/v1.ObjectMeta
                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    AWSMachineSpec


                    providerID
                    string

                    ProviderID is the unique identifier as specified by the cloud provider.

                    instanceID
                    string

                    InstanceID is the EC2 instance ID for this machine.

                    instanceMetadataOptions
                    InstanceMetadataOptions
                    (Optional)

                    InstanceMetadataOptions is the metadata options for the EC2 instance.

                    ami
                    AMIReference

                    AMI is the reference to the AMI from which to create the machine instance.

                    imageLookupFormat
                    string
                    (Optional)

                    ImageLookupFormat is the AMI naming format to look up the image for this machine It will be ignored if an explicit AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                    imageLookupOrg
                    string

                    ImageLookupOrg is the AWS Organization ID to use for image lookup if AMI is not set.

                    imageLookupBaseOS
                    string

                    ImageLookupBaseOS is the name of the base operating system to use for image lookup the AMI is not set.

                    instanceType
                    string

                    InstanceType is the type of instance to create. Example: m4.xlarge

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the AWS provider. If both the AWSCluster and the AWSMachine specify the same tag name with different values, the AWSMachine’s value takes precedence.

                    iamInstanceProfile
                    string
                    (Optional)

                    IAMInstanceProfile is a name of an IAM instance profile to assign to the instance

                    publicIP
                    bool
                    (Optional)

                    PublicIP specifies whether the instance should get a public IP. Precedence for this setting is as follows: 1. This field if set 2. Cluster/flavor setting 3. Subnet default

                    elasticIpPool
                    ElasticIPPool
                    (Optional)

                    ElasticIPPool is the configuration to allocate Public IPv4 address (Elastic IP/EIP) from user-defined pool.

                    additionalSecurityGroups
                    []AWSResourceReference
                    (Optional)

                    AdditionalSecurityGroups is an array of references to security groups that should be applied to the instance. These security groups would be set in addition to any security groups defined at the cluster level or in the actuator. It is possible to specify either IDs of Filters. Using Filters will cause additional requests to AWS API and if tags change the attached security groups might change too.

                    subnet
                    AWSResourceReference
                    (Optional)

                    Subnet is a reference to the subnet to use for this instance. If not specified, the cluster subnet will be used.

                    securityGroupOverrides
                    map[sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta2.SecurityGroupRole]string
                    (Optional)

                    SecurityGroupOverrides is an optional set of security groups to use for the node. This is optional - if not provided security groups from the cluster will be used.

                    sshKeyName
                    string
                    (Optional)

                    SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                    rootVolume
                    Volume
                    (Optional)

                    RootVolume encapsulates the configuration options for the root volume

                    nonRootVolumes
                    []Volume
                    (Optional)

                    Configuration options for the non root storage volumes.

                    networkInterfaces
                    []string
                    (Optional)

                    NetworkInterfaces is a list of ENIs to associate with the instance. A maximum of 2 may be specified.

                    uncompressedUserData
                    bool
                    (Optional)

                    UncompressedUserData specify whether the user data is gzip-compressed before it is sent to ec2 instance. cloud-init has built-in support for gzip-compressed user data user data stored in aws secret manager is always gzip-compressed.

                    cloudInit
                    CloudInit
                    (Optional)

                    CloudInit defines options related to the bootstrapping systems where CloudInit is used.

                    ignition
                    Ignition
                    (Optional)

                    Ignition defined options related to the bootstrapping systems where Ignition is used.

                    spotMarketOptions
                    SpotMarketOptions
                    (Optional)

                    SpotMarketOptions allows users to configure instances to be run using AWS Spot instances.

                    placementGroupName
                    string
                    (Optional)

                    PlacementGroupName specifies the name of the placement group in which to launch the instance.

                    placementGroupPartition
                    int64
                    (Optional)

                    PlacementGroupPartition is the partition number within the placement group in which to launch the instance. This value is only valid if the placement group, referred in PlacementGroupName, was created with strategy set to partition.

                    tenancy
                    string
                    (Optional)

                    Tenancy indicates if instance should run on shared or single-tenant hardware.

                    privateDnsName
                    PrivateDNSName
                    (Optional)

                    PrivateDNSName is the options for the instance hostname.

                    capacityReservationId
                    string
                    (Optional)

                    CapacityReservationID specifies the target Capacity Reservation into which the instance should be launched.

                    status
                    AWSMachineStatus

                    AWSMachineProviderConditionType (string alias)

                    AWSMachineProviderConditionType is a valid value for AWSMachineProviderCondition.Type.

                    AWSMachineSpec

                    (Appears on:AWSMachine, AWSMachineTemplateResource)

                    AWSMachineSpec defines the desired state of an Amazon EC2 instance.

                    Field Description
                    providerID
                    string

                    ProviderID is the unique identifier as specified by the cloud provider.

                    instanceID
                    string

                    InstanceID is the EC2 instance ID for this machine.

                    instanceMetadataOptions
                    InstanceMetadataOptions
                    (Optional)

                    InstanceMetadataOptions is the metadata options for the EC2 instance.

                    ami
                    AMIReference

                    AMI is the reference to the AMI from which to create the machine instance.

                    imageLookupFormat
                    string
                    (Optional)

                    ImageLookupFormat is the AMI naming format to look up the image for this machine It will be ignored if an explicit AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                    imageLookupOrg
                    string

                    ImageLookupOrg is the AWS Organization ID to use for image lookup if AMI is not set.

                    imageLookupBaseOS
                    string

                    ImageLookupBaseOS is the name of the base operating system to use for image lookup the AMI is not set.

                    instanceType
                    string

                    InstanceType is the type of instance to create. Example: m4.xlarge

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the AWS provider. If both the AWSCluster and the AWSMachine specify the same tag name with different values, the AWSMachine’s value takes precedence.

                    iamInstanceProfile
                    string
                    (Optional)

                    IAMInstanceProfile is a name of an IAM instance profile to assign to the instance

                    publicIP
                    bool
                    (Optional)

                    PublicIP specifies whether the instance should get a public IP. Precedence for this setting is as follows: 1. This field if set 2. Cluster/flavor setting 3. Subnet default

                    elasticIpPool
                    ElasticIPPool
                    (Optional)

                    ElasticIPPool is the configuration to allocate Public IPv4 address (Elastic IP/EIP) from user-defined pool.

                    additionalSecurityGroups
                    []AWSResourceReference
                    (Optional)

                    AdditionalSecurityGroups is an array of references to security groups that should be applied to the instance. These security groups would be set in addition to any security groups defined at the cluster level or in the actuator. It is possible to specify either IDs of Filters. Using Filters will cause additional requests to AWS API and if tags change the attached security groups might change too.

                    subnet
                    AWSResourceReference
                    (Optional)

                    Subnet is a reference to the subnet to use for this instance. If not specified, the cluster subnet will be used.

                    securityGroupOverrides
                    map[sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta2.SecurityGroupRole]string
                    (Optional)

                    SecurityGroupOverrides is an optional set of security groups to use for the node. This is optional - if not provided security groups from the cluster will be used.

                    sshKeyName
                    string
                    (Optional)

                    SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                    rootVolume
                    Volume
                    (Optional)

                    RootVolume encapsulates the configuration options for the root volume

                    nonRootVolumes
                    []Volume
                    (Optional)

                    Configuration options for the non root storage volumes.

                    networkInterfaces
                    []string
                    (Optional)

                    NetworkInterfaces is a list of ENIs to associate with the instance. A maximum of 2 may be specified.

                    uncompressedUserData
                    bool
                    (Optional)

                    UncompressedUserData specify whether the user data is gzip-compressed before it is sent to ec2 instance. cloud-init has built-in support for gzip-compressed user data user data stored in aws secret manager is always gzip-compressed.

                    cloudInit
                    CloudInit
                    (Optional)

                    CloudInit defines options related to the bootstrapping systems where CloudInit is used.

                    ignition
                    Ignition
                    (Optional)

                    Ignition defined options related to the bootstrapping systems where Ignition is used.

                    spotMarketOptions
                    SpotMarketOptions
                    (Optional)

                    SpotMarketOptions allows users to configure instances to be run using AWS Spot instances.

                    placementGroupName
                    string
                    (Optional)

                    PlacementGroupName specifies the name of the placement group in which to launch the instance.

                    placementGroupPartition
                    int64
                    (Optional)

                    PlacementGroupPartition is the partition number within the placement group in which to launch the instance. This value is only valid if the placement group, referred in PlacementGroupName, was created with strategy set to partition.

                    tenancy
                    string
                    (Optional)

                    Tenancy indicates if instance should run on shared or single-tenant hardware.

                    privateDnsName
                    PrivateDNSName
                    (Optional)

                    PrivateDNSName is the options for the instance hostname.

                    capacityReservationId
                    string
                    (Optional)

                    CapacityReservationID specifies the target Capacity Reservation into which the instance should be launched.

                    AWSMachineStatus

                    (Appears on:AWSMachine)

                    AWSMachineStatus defines the observed state of AWSMachine.

                    Field Description
                    ready
                    bool
                    (Optional)

                    Ready is true when the provider resource is ready.

                    interruptible
                    bool
                    (Optional)

                    Interruptible reports that this machine is using spot instances and can therefore be interrupted by CAPI when it receives a notice that the spot instance is to be terminated by AWS. This will be set to true when SpotMarketOptions is not nil (i.e. this machine is using a spot instance).

                    addresses
                    []Cluster API api/v1beta1.MachineAddress

                    Addresses contains the AWS instance associated addresses.

                    instanceState
                    InstanceState
                    (Optional)

                    InstanceState is the state of the AWS instance for this machine.

                    failureReason
                    Cluster API errors.MachineStatusError
                    (Optional)

                    FailureReason will be set in the event that there is a terminal problem reconciling the Machine and will contain a succinct value suitable for machine interpretation.

                    This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                    Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller’s output.

                    failureMessage
                    string
                    (Optional)

                    FailureMessage will be set in the event that there is a terminal problem reconciling the Machine and will contain a more verbose string suitable for logging and human consumption.

                    This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                    Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller’s output.

                    conditions
                    Cluster API api/v1beta1.Conditions
                    (Optional)

                    Conditions defines current service state of the AWSMachine.

                    AWSMachineTemplate

                    AWSMachineTemplate is the schema for the Amazon EC2 Machine Templates API.

                    Field Description
                    metadata
                    Kubernetes meta/v1.ObjectMeta
                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    AWSMachineTemplateSpec


                    template
                    AWSMachineTemplateResource
                    status
                    AWSMachineTemplateStatus

                    AWSMachineTemplateResource

                    (Appears on:AWSMachineTemplateSpec)

                    AWSMachineTemplateResource describes the data needed to create am AWSMachine from a template.

                    Field Description
                    metadata
                    Cluster API api/v1beta1.ObjectMeta
                    (Optional)

                    Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    AWSMachineSpec

                    Spec is the specification of the desired behavior of the machine.



                    providerID
                    string

                    ProviderID is the unique identifier as specified by the cloud provider.

                    instanceID
                    string

                    InstanceID is the EC2 instance ID for this machine.

                    instanceMetadataOptions
                    InstanceMetadataOptions
                    (Optional)

                    InstanceMetadataOptions is the metadata options for the EC2 instance.

                    ami
                    AMIReference

                    AMI is the reference to the AMI from which to create the machine instance.

                    imageLookupFormat
                    string
                    (Optional)

                    ImageLookupFormat is the AMI naming format to look up the image for this machine It will be ignored if an explicit AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                    imageLookupOrg
                    string

                    ImageLookupOrg is the AWS Organization ID to use for image lookup if AMI is not set.

                    imageLookupBaseOS
                    string

                    ImageLookupBaseOS is the name of the base operating system to use for image lookup the AMI is not set.

                    instanceType
                    string

                    InstanceType is the type of instance to create. Example: m4.xlarge

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the AWS provider. If both the AWSCluster and the AWSMachine specify the same tag name with different values, the AWSMachine’s value takes precedence.

                    iamInstanceProfile
                    string
                    (Optional)

                    IAMInstanceProfile is a name of an IAM instance profile to assign to the instance

                    publicIP
                    bool
                    (Optional)

                    PublicIP specifies whether the instance should get a public IP. Precedence for this setting is as follows: 1. This field if set 2. Cluster/flavor setting 3. Subnet default

                    elasticIpPool
                    ElasticIPPool
                    (Optional)

                    ElasticIPPool is the configuration to allocate Public IPv4 address (Elastic IP/EIP) from user-defined pool.

                    additionalSecurityGroups
                    []AWSResourceReference
                    (Optional)

                    AdditionalSecurityGroups is an array of references to security groups that should be applied to the instance. These security groups would be set in addition to any security groups defined at the cluster level or in the actuator. It is possible to specify either IDs of Filters. Using Filters will cause additional requests to AWS API and if tags change the attached security groups might change too.

                    subnet
                    AWSResourceReference
                    (Optional)

                    Subnet is a reference to the subnet to use for this instance. If not specified, the cluster subnet will be used.

                    securityGroupOverrides
                    map[sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta2.SecurityGroupRole]string
                    (Optional)

                    SecurityGroupOverrides is an optional set of security groups to use for the node. This is optional - if not provided security groups from the cluster will be used.

                    sshKeyName
                    string
                    (Optional)

                    SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                    rootVolume
                    Volume
                    (Optional)

                    RootVolume encapsulates the configuration options for the root volume

                    nonRootVolumes
                    []Volume
                    (Optional)

                    Configuration options for the non root storage volumes.

                    networkInterfaces
                    []string
                    (Optional)

                    NetworkInterfaces is a list of ENIs to associate with the instance. A maximum of 2 may be specified.

                    uncompressedUserData
                    bool
                    (Optional)

                    UncompressedUserData specify whether the user data is gzip-compressed before it is sent to ec2 instance. cloud-init has built-in support for gzip-compressed user data user data stored in aws secret manager is always gzip-compressed.

                    cloudInit
                    CloudInit
                    (Optional)

                    CloudInit defines options related to the bootstrapping systems where CloudInit is used.

                    ignition
                    Ignition
                    (Optional)

                    Ignition defined options related to the bootstrapping systems where Ignition is used.

                    spotMarketOptions
                    SpotMarketOptions
                    (Optional)

                    SpotMarketOptions allows users to configure instances to be run using AWS Spot instances.

                    placementGroupName
                    string
                    (Optional)

                    PlacementGroupName specifies the name of the placement group in which to launch the instance.

                    placementGroupPartition
                    int64
                    (Optional)

                    PlacementGroupPartition is the partition number within the placement group in which to launch the instance. This value is only valid if the placement group, referred in PlacementGroupName, was created with strategy set to partition.

                    tenancy
                    string
                    (Optional)

                    Tenancy indicates if instance should run on shared or single-tenant hardware.

                    privateDnsName
                    PrivateDNSName
                    (Optional)

                    PrivateDNSName is the options for the instance hostname.

                    capacityReservationId
                    string
                    (Optional)

                    CapacityReservationID specifies the target Capacity Reservation into which the instance should be launched.

                    AWSMachineTemplateSpec

                    (Appears on:AWSMachineTemplate)

                    AWSMachineTemplateSpec defines the desired state of AWSMachineTemplate.

                    Field Description
                    template
                    AWSMachineTemplateResource

                    AWSMachineTemplateStatus

                    (Appears on:AWSMachineTemplate)

                    AWSMachineTemplateStatus defines a status for an AWSMachineTemplate.

                    Field Description
                    capacity
                    Kubernetes core/v1.ResourceList
                    (Optional)

                    Capacity defines the resource capacity for this machine. This value is used for autoscaling from zero operations as defined in: https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20210310-opt-in-autoscaling-from-zero.md

                    AWSMachineTemplateWebhook

                    AWSMachineTemplateWebhook implements a custom validation webhook for AWSMachineTemplate. Note: we use a custom validator to access the request context for SSA of AWSMachineTemplate.

                    AWSManagedCluster

                    AWSManagedCluster is the Schema for the awsmanagedclusters API

                    Field Description
                    metadata
                    Kubernetes meta/v1.ObjectMeta
                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    AWSManagedClusterSpec


                    controlPlaneEndpoint
                    Cluster API api/v1beta1.APIEndpoint
                    (Optional)

                    ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                    status
                    AWSManagedClusterStatus

                    AWSManagedClusterSpec

                    (Appears on:AWSManagedCluster)

                    AWSManagedClusterSpec defines the desired state of AWSManagedCluster

                    Field Description
                    controlPlaneEndpoint
                    Cluster API api/v1beta1.APIEndpoint
                    (Optional)

                    ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                    AWSManagedClusterStatus

                    (Appears on:AWSManagedCluster)

                    AWSManagedClusterStatus defines the observed state of AWSManagedCluster

                    Field Description
                    ready
                    bool
                    (Optional)

                    Ready is when the AWSManagedControlPlane has a API server URL.

                    failureDomains
                    Cluster API api/v1beta1.FailureDomains
                    (Optional)

                    FailureDomains specifies a list fo available availability zones that can be used

                    AWSResourceReference

                    (Appears on:AWSMachineSpec, AWSLaunchTemplate, AWSMachinePoolSpec, AWSLaunchTemplate, AWSMachinePoolSpec)

                    AWSResourceReference is a reference to a specific AWS resource by ID or filters. Only one of ID or Filters may be specified. Specifying more than one will result in a validation error.

                    Field Description
                    id
                    string
                    (Optional)

                    ID of resource

                    filters
                    []Filter
                    (Optional)

                    Filters is a set of key/value pairs used to identify a resource They are applied according to the rules defined by the AWS API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html

                    AWSRoleSpec

                    (Appears on:AWSClusterRoleIdentitySpec)

                    AWSRoleSpec defines the specifications for all identities based around AWS roles.

                    Field Description
                    roleARN
                    string

                    The Amazon Resource Name (ARN) of the role to assume.

                    sessionName
                    string

                    An identifier for the assumed role session

                    durationSeconds
                    int32

                    The duration, in seconds, of the role session before it is renewed.

                    inlinePolicy
                    string

                    An IAM policy as a JSON-encoded string that you want to use as an inline session policy.

                    policyARNs
                    []string

                    The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session policies. The policies must exist in the same account as the role.

                    AZSelectionScheme (string alias)

                    (Appears on:VPCSpec)

                    AZSelectionScheme defines the scheme of selecting AZs.

                    AdditionalListenerSpec

                    (Appears on:AWSLoadBalancerSpec)

                    AdditionalListenerSpec defines the desired state of an additional listener on an AWS load balancer.

                    Field Description
                    port
                    int64

                    Port sets the port for the additional listener.

                    protocol
                    ELBProtocol

                    Protocol sets the protocol for the additional listener. Currently only TCP is supported.

                    healthCheck
                    TargetGroupHealthCheckAdditionalSpec
                    (Optional)

                    HealthCheck sets the optional custom health check configuration to the API target group.

                    AllowedNamespaces

                    (Appears on:AWSClusterIdentitySpec)

                    AllowedNamespaces is a selector of namespaces that AWSClusters can use this ClusterPrincipal from. This is a standard Kubernetes LabelSelector, a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed.

                    Field Description
                    list
                    []string
                    (Optional)

                    An nil or empty list indicates that AWSClusters cannot use the identity from any namespace.

                    selector
                    Kubernetes meta/v1.LabelSelector
                    (Optional)

                    An empty selector indicates that AWSClusters cannot use this AWSClusterIdentity from any namespace.

                    Bastion

                    (Appears on:AWSClusterSpec, AWSManagedControlPlaneSpec, AWSManagedControlPlaneSpec)

                    Bastion defines a bastion host.

                    Field Description
                    enabled
                    bool
                    (Optional)

                    Enabled allows this provider to create a bastion host instance with a public ip to access the VPC private network.

                    disableIngressRules
                    bool
                    (Optional)

                    DisableIngressRules will ensure there are no Ingress rules in the bastion host’s security group. Requires AllowedCIDRBlocks to be empty.

                    allowedCIDRBlocks
                    []string
                    (Optional)

                    AllowedCIDRBlocks is a list of CIDR blocks allowed to access the bastion host. They are set as ingress rules for the Bastion host’s Security Group (defaults to 0.0.0.0/0).

                    instanceType
                    string

                    InstanceType will use the specified instance type for the bastion. If not specified, Cluster API Provider AWS will use t3.micro for all regions except us-east-1, where t2.micro will be the default.

                    ami
                    string
                    (Optional)

                    AMI will use the specified AMI to boot the bastion. If not specified, the AMI will default to one picked out in public space.

                    BuildParams

                    BuildParams is used to build tags around an aws resource.

                    Field Description
                    Lifecycle
                    ResourceLifecycle

                    Lifecycle determines the resource lifecycle.

                    ClusterName
                    string

                    ClusterName is the cluster associated with the resource.

                    ResourceID
                    string

                    ResourceID is the unique identifier of the resource to be tagged.

                    Name
                    string
                    (Optional)

                    Name is the name of the resource, it’s applied as the tag “Name” on AWS.

                    Role
                    string
                    (Optional)

                    Role is the role associated to the resource.

                    Additional
                    Tags
                    (Optional)

                    Any additional tags to be added to the resource.

                    CNIIngressRule

                    CNIIngressRule defines an AWS ingress rule for CNI requirements.

                    Field Description
                    description
                    string
                    protocol
                    SecurityGroupProtocol
                    fromPort
                    int64
                    toPort
                    int64

                    CNIIngressRules ([]sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta2.CNIIngressRule alias)

                    (Appears on:CNISpec)

                    CNIIngressRules is a slice of CNIIngressRule.

                    CNISpec

                    (Appears on:NetworkSpec)

                    CNISpec defines configuration for CNI.

                    Field Description
                    cniIngressRules
                    CNIIngressRules

                    CNIIngressRules specify rules to apply to control plane and worker node security groups. The source for the rule will be set to control plane and worker security group IDs.

                    ClassicELBAttributes

                    (Appears on:LoadBalancer)

                    ClassicELBAttributes defines extra attributes associated with a classic load balancer.

                    Field Description
                    idleTimeout
                    time.Duration

                    IdleTimeout is time that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer.

                    crossZoneLoadBalancing
                    bool
                    (Optional)

                    CrossZoneLoadBalancing enables the classic load balancer load balancing.

                    ClassicELBHealthCheck

                    (Appears on:LoadBalancer)

                    ClassicELBHealthCheck defines an AWS classic load balancer health check.

                    Field Description
                    target
                    string
                    interval
                    time.Duration
                    timeout
                    time.Duration
                    healthyThreshold
                    int64
                    unhealthyThreshold
                    int64

                    ClassicELBListener

                    (Appears on:LoadBalancer)

                    ClassicELBListener defines an AWS classic load balancer listener.

                    Field Description
                    protocol
                    ELBProtocol
                    port
                    int64
                    instanceProtocol
                    ELBProtocol
                    instancePort
                    int64

                    CloudInit

                    (Appears on:AWSMachineSpec)

                    CloudInit defines options related to the bootstrapping systems where CloudInit is used.

                    Field Description
                    insecureSkipSecretsManager
                    bool

                    InsecureSkipSecretsManager, when set to true will not use AWS Secrets Manager or AWS Systems Manager Parameter Store to ensure privacy of userdata. By default, a cloud-init boothook shell script is prepended to download the userdata from Secrets Manager and additionally delete the secret.

                    secretCount
                    int32
                    (Optional)

                    SecretCount is the number of secrets used to form the complete secret

                    secretPrefix
                    string
                    (Optional)

                    SecretPrefix is the prefix for the secret name. This is stored temporarily, and deleted when the machine registers as a node against the workload cluster.

                    secureSecretsBackend
                    SecretBackend
                    (Optional)

                    SecureSecretsBackend, when set to parameter-store will utilize the AWS Systems Manager Parameter Storage to distribute secrets. By default or with the value of secrets-manager, will use AWS Secrets Manager instead.

                    EKSAMILookupType (string alias)

                    (Appears on:AMIReference)

                    EKSAMILookupType specifies which AWS AMI to use for a AWSMachine and AWSMachinePool.

                    ELBProtocol (string alias)

                    (Appears on:AWSLoadBalancerSpec, AdditionalListenerSpec, ClassicELBListener, Listener, TargetGroupSpec)

                    ELBProtocol defines listener protocols for a load balancer.

                    ELBScheme (string alias)

                    (Appears on:AWSLoadBalancerSpec, LoadBalancer)

                    ELBScheme defines the scheme of a load balancer.

                    ElasticIPPool

                    (Appears on:AWSMachineSpec, VPCSpec)

                    ElasticIPPool allows configuring a Elastic IP pool for resources allocating public IPv4 addresses on public subnets.

                    Field Description
                    publicIpv4Pool
                    string
                    (Optional)

                    PublicIpv4Pool sets a custom Public IPv4 Pool used to create Elastic IP address for resources created in public IPv4 subnets. Every IPv4 address, Elastic IP, will be allocated from the custom Public IPv4 pool that you brought to AWS, instead of Amazon-provided pool. The public IPv4 pool resource ID starts with ‘ipv4pool-ec2’.

                    publicIpv4PoolFallbackOrder
                    PublicIpv4PoolFallbackOrder
                    (Optional)

                    PublicIpv4PoolFallBackOrder defines the fallback action when the Public IPv4 Pool has been exhausted, no more IPv4 address available in the pool.

                    When set to ‘amazon-pool’, the controller check if the pool has available IPv4 address, when pool has reached the IPv4 limit, the address will be claimed from Amazon-pool (default).

                    When set to ‘none’, the controller will fail the Elastic IP allocation when the publicIpv4Pool is exhausted.

                    Filter

                    (Appears on:AWSResourceReference)

                    Filter is a filter used to identify an AWS resource.

                    Field Description
                    name
                    string

                    Name of the filter. Filter names are case-sensitive.

                    values
                    []string

                    Values includes one or more filter values. Filter values are case-sensitive.

                    GCTask (string alias)

                    GCTask defines a task to be executed by the garbage collector.

                    HTTPTokensState (string alias)

                    (Appears on:InstanceMetadataOptions)

                    HTTPTokensState describes the state of InstanceMetadataOptions.HTTPTokensState

                    IPAMPool

                    (Appears on:IPv6, VPCSpec)

                    IPAMPool defines the IPAM pool to be used for VPC.

                    Field Description
                    id
                    string

                    ID is the ID of the IPAM pool this provider should use to create VPC.

                    name
                    string

                    Name is the name of the IPAM pool this provider should use to create VPC.

                    netmaskLength
                    int64

                    The netmask length of the IPv4 CIDR you want to allocate to VPC from an Amazon VPC IP Address Manager (IPAM) pool. Defaults to /16 for IPv4 if not specified.

                    IPv6

                    (Appears on:VPCSpec)

                    IPv6 contains ipv6 specific settings for the network.

                    Field Description
                    cidrBlock
                    string
                    (Optional)

                    CidrBlock is the CIDR block provided by Amazon when VPC has enabled IPv6. Mutually exclusive with IPAMPool.

                    poolId
                    string
                    (Optional)

                    PoolID is the IP pool which must be defined in case of BYO IP is defined. Must be specified if CidrBlock is set. Mutually exclusive with IPAMPool.

                    egressOnlyInternetGatewayId
                    string
                    (Optional)

                    EgressOnlyInternetGatewayID is the id of the egress only internet gateway associated with an IPv6 enabled VPC.

                    ipamPool
                    IPAMPool
                    (Optional)

                    IPAMPool defines the IPAMv6 pool to be used for VPC. Mutually exclusive with CidrBlock.

                    Ignition

                    (Appears on:AWSMachineSpec)

                    Ignition defines options related to the bootstrapping systems where Ignition is used. For more information on Ignition configuration, see https://coreos.github.io/butane/specs/

                    Field Description
                    version
                    string
                    (Optional)

                    Version defines which version of Ignition will be used to generate bootstrap data.

                    storageType
                    IgnitionStorageTypeOption
                    (Optional)

                    StorageType defines how to store the boostrap user data for Ignition. This can be used to instruct Ignition from where to fetch the user data to bootstrap an instance.

                    When omitted, the storage option will default to ClusterObjectStore.

                    When set to “ClusterObjectStore”, if the capability is available and a Cluster ObjectStore configuration is correctly provided in the Cluster object (under .spec.s3Bucket), an object store will be used to store bootstrap user data.

                    When set to “UnencryptedUserData”, EC2 Instance User Data will be used to store the machine bootstrap user data, unencrypted. This option is considered less secure than others as user data may contain sensitive informations (keys, certificates, etc.) and users with ec2:DescribeInstances permission or users running pods that can access the ec2 metadata service have access to this sensitive information. So this is only to be used at ones own risk, and only when other more secure options are not viable.

                    proxy
                    IgnitionProxy
                    (Optional)

                    Proxy defines proxy settings for Ignition. Only valid for Ignition versions 3.1 and above.

                    tls
                    IgnitionTLS
                    (Optional)

                    TLS defines TLS settings for Ignition. Only valid for Ignition versions 3.1 and above.

                    IgnitionCASource (string alias)

                    (Appears on:IgnitionTLS)

                    IgnitionCASource defines the source of the certificate authority to use for Ignition.

                    IgnitionNoProxy (string alias)

                    (Appears on:IgnitionProxy)

                    IgnitionNoProxy defines the list of domains to not proxy for Ignition.

                    IgnitionProxy

                    (Appears on:Ignition)

                    IgnitionProxy defines proxy settings for Ignition.

                    Field Description
                    httpProxy
                    string
                    (Optional)

                    HTTPProxy is the HTTP proxy to use for Ignition. A single URL that specifies the proxy server to use for HTTP and HTTPS requests, unless overridden by the HTTPSProxy or NoProxy options.

                    httpsProxy
                    string
                    (Optional)

                    HTTPSProxy is the HTTPS proxy to use for Ignition. A single URL that specifies the proxy server to use for HTTPS requests, unless overridden by the NoProxy option.

                    noProxy
                    []IgnitionNoProxy
                    (Optional)

                    NoProxy is the list of domains to not proxy for Ignition. Specifies a list of strings to hosts that should be excluded from proxying.

                    Each value is represented by: - An IP address prefix (1.2.3.4) - An IP address prefix in CIDR notation (1.2.3.48) - A domain name - A domain name matches that name and all subdomains - A domain name with a leading . matches subdomains only - A special DNS label (*), indicates that no proxying should be done

                    An IP address prefix and domain name can also include a literal port number (1.2.3.4:80).

                    IgnitionStorageTypeOption (string alias)

                    (Appears on:Ignition)

                    IgnitionStorageTypeOption defines the different storage types for Ignition.

                    IgnitionTLS

                    (Appears on:Ignition)

                    IgnitionTLS defines TLS settings for Ignition.

                    Field Description
                    certificateAuthorities
                    []IgnitionCASource
                    (Optional)

                    CASources defines the list of certificate authorities to use for Ignition. The value is the certificate bundle (in PEM format). The bundle can contain multiple concatenated certificates. Supported schemes are http, https, tftp, s3, arn, gs, and data (RFC 2397) URL scheme.

                    IngressRule

                    (Appears on:AWSLoadBalancerSpec, NetworkSpec)

                    IngressRule defines an AWS ingress rule for security groups.

                    Field Description
                    description
                    string

                    Description provides extended information about the ingress rule.

                    protocol
                    SecurityGroupProtocol

                    Protocol is the protocol for the ingress rule. Accepted values are “-1” (all), “4” (IP in IP),“tcp”, “udp”, “icmp”, and “58” (ICMPv6), “50” (ESP).

                    fromPort
                    int64

                    FromPort is the start of port range.

                    toPort
                    int64

                    ToPort is the end of port range.

                    cidrBlocks
                    []string
                    (Optional)

                    List of CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID.

                    ipv6CidrBlocks
                    []string
                    (Optional)

                    List of IPv6 CIDR blocks to allow access from. Cannot be specified with SourceSecurityGroupID.

                    sourceSecurityGroupIds
                    []string
                    (Optional)

                    The security group id to allow access from. Cannot be specified with CidrBlocks.

                    sourceSecurityGroupRoles
                    []SecurityGroupRole
                    (Optional)

                    The security group role to allow access from. Cannot be specified with CidrBlocks. The field will be combined with source security group IDs if specified.

                    natGatewaysIPsSource
                    bool
                    (Optional)

                    NatGatewaysIPsSource use the NAT gateways IPs as the source for the ingress rule.

                    IngressRules ([]sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta2.IngressRule alias)

                    (Appears on:SecurityGroup)

                    IngressRules is a slice of AWS ingress rules for security groups.

                    Instance

                    (Appears on:AWSClusterStatus, AWSManagedControlPlaneStatus, AWSManagedControlPlaneStatus, AutoScalingGroup, AutoScalingGroup)

                    Instance describes an AWS instance.

                    Field Description
                    id
                    string
                    instanceState
                    InstanceState

                    The current state of the instance.

                    type
                    string

                    The instance type.

                    subnetId
                    string

                    The ID of the subnet of the instance.

                    imageId
                    string

                    The ID of the AMI used to launch the instance.

                    sshKeyName
                    string

                    The name of the SSH key pair.

                    securityGroupIds
                    []string

                    SecurityGroupIDs are one or more security group IDs this instance belongs to.

                    userData
                    string

                    UserData is the raw data script passed to the instance which is run upon bootstrap. This field must not be base64 encoded and should only be used when running a new instance.

                    iamProfile
                    string

                    The name of the IAM instance profile associated with the instance, if applicable.

                    addresses
                    []Cluster API api/v1beta1.MachineAddress

                    Addresses contains the AWS instance associated addresses.

                    privateIp
                    string

                    The private IPv4 address assigned to the instance.

                    publicIp
                    string

                    The public IPv4 address assigned to the instance, if applicable.

                    enaSupport
                    bool

                    Specifies whether enhanced networking with ENA is enabled.

                    ebsOptimized
                    bool

                    Indicates whether the instance is optimized for Amazon EBS I/O.

                    rootVolume
                    Volume
                    (Optional)

                    Configuration options for the root storage volume.

                    nonRootVolumes
                    []Volume
                    (Optional)

                    Configuration options for the non root storage volumes.

                    networkInterfaces
                    []string

                    Specifies ENIs attached to instance

                    tags
                    map[string]string

                    The tags associated with the instance.

                    availabilityZone
                    string

                    Availability zone of instance

                    spotMarketOptions
                    SpotMarketOptions

                    SpotMarketOptions option for configuring instances to be run using AWS Spot instances.

                    placementGroupName
                    string
                    (Optional)

                    PlacementGroupName specifies the name of the placement group in which to launch the instance.

                    placementGroupPartition
                    int64
                    (Optional)

                    PlacementGroupPartition is the partition number within the placement group in which to launch the instance. This value is only valid if the placement group, referred in PlacementGroupName, was created with strategy set to partition.

                    tenancy
                    string
                    (Optional)

                    Tenancy indicates if instance should run on shared or single-tenant hardware.

                    volumeIDs
                    []string
                    (Optional)

                    IDs of the instance’s volumes

                    instanceMetadataOptions
                    InstanceMetadataOptions
                    (Optional)

                    InstanceMetadataOptions is the metadata options for the EC2 instance.

                    privateDnsName
                    PrivateDNSName
                    (Optional)

                    PrivateDNSName is the options for the instance hostname.

                    publicIPOnLaunch
                    bool
                    (Optional)

                    PublicIPOnLaunch is the option to associate a public IP on instance launch

                    capacityReservationId
                    string
                    (Optional)

                    CapacityReservationID specifies the target Capacity Reservation into which the instance should be launched.

                    InstanceMetadataOptions

                    (Appears on:AWSMachineSpec, Instance, AWSLaunchTemplate)

                    InstanceMetadataOptions describes metadata options for the EC2 instance.

                    Field Description
                    httpEndpoint
                    InstanceMetadataState

                    Enables or disables the HTTP metadata endpoint on your instances.

                    If you specify a value of disabled, you cannot access your instance metadata.

                    Default: enabled

                    httpPutResponseHopLimit
                    int64

                    The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.

                    Default: 1

                    httpTokens
                    HTTPTokensState

                    The state of token usage for your instance metadata requests.

                    If the state is optional, you can choose to retrieve instance metadata with or without a session token on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid session token, the version 2.0 role credentials are returned.

                    If the state is required, you must send a session token with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version 1.0 credentials are not available.

                    Default: optional

                    instanceMetadataTags
                    InstanceMetadataState

                    Set to enabled to allow access to instance tags from the instance metadata. Set to disabled to turn off access to instance tags from the instance metadata. For more information, see Work with instance tags using the instance metadata (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS).

                    Default: disabled

                    InstanceMetadataState (string alias)

                    (Appears on:InstanceMetadataOptions)

                    InstanceMetadataState describes the state of InstanceMetadataOptions.HttpEndpoint and InstanceMetadataOptions.InstanceMetadataTags

                    InstanceState (string alias)

                    (Appears on:AWSMachineStatus, Instance)

                    InstanceState describes the state of an AWS instance.

                    Listener

                    (Appears on:LoadBalancer)

                    Listener defines an AWS network load balancer listener.

                    Field Description
                    protocol
                    ELBProtocol
                    port
                    int64
                    targetGroup
                    TargetGroupSpec

                    LoadBalancer

                    (Appears on:NetworkStatus)

                    LoadBalancer defines an AWS load balancer.

                    Field Description
                    arn
                    string

                    ARN of the load balancer. Unlike the ClassicLB, ARN is used mostly to define and get it.

                    name
                    string
                    (Optional)

                    The name of the load balancer. It must be unique within the set of load balancers defined in the region. It also serves as identifier.

                    dnsName
                    string

                    DNSName is the dns name of the load balancer.

                    scheme
                    ELBScheme

                    Scheme is the load balancer scheme, either internet-facing or private.

                    availabilityZones
                    []string

                    AvailabilityZones is an array of availability zones in the VPC attached to the load balancer.

                    subnetIds
                    []string

                    SubnetIDs is an array of subnets in the VPC attached to the load balancer.

                    securityGroupIds
                    []string

                    SecurityGroupIDs is an array of security groups assigned to the load balancer.

                    listeners
                    []ClassicELBListener

                    ClassicELBListeners is an array of classic elb listeners associated with the load balancer. There must be at least one.

                    healthChecks
                    ClassicELBHealthCheck

                    HealthCheck is the classic elb health check associated with the load balancer.

                    attributes
                    ClassicELBAttributes

                    ClassicElbAttributes defines extra attributes associated with the load balancer.

                    tags
                    map[string]string

                    Tags is a map of tags associated with the load balancer.

                    elbListeners
                    []Listener

                    ELBListeners is an array of listeners associated with the load balancer. There must be at least one.

                    elbAttributes
                    map[string]*string

                    ELBAttributes defines extra attributes associated with v2 load balancers.

                    loadBalancerType
                    LoadBalancerType

                    LoadBalancerType sets the type for a load balancer. The default type is classic.

                    LoadBalancerAttribute (string alias)

                    LoadBalancerAttribute defines a set of attributes for a V2 load balancer.

                    LoadBalancerType (string alias)

                    (Appears on:AWSLoadBalancerSpec, LoadBalancer)

                    LoadBalancerType defines the type of load balancer to use.

                    NetworkSpec

                    (Appears on:AWSClusterSpec, AWSManagedControlPlaneSpec, AWSManagedControlPlaneSpec)

                    NetworkSpec encapsulates all things related to AWS network.

                    Field Description
                    vpc
                    VPCSpec
                    (Optional)

                    VPC configuration.

                    subnets
                    Subnets
                    (Optional)

                    Subnets configuration.

                    cni
                    CNISpec
                    (Optional)

                    CNI configuration

                    securityGroupOverrides
                    map[sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta2.SecurityGroupRole]string
                    (Optional)

                    SecurityGroupOverrides is an optional set of security groups to use for cluster instances This is optional - if not provided new security groups will be created for the cluster

                    additionalControlPlaneIngressRules
                    []IngressRule
                    (Optional)

                    AdditionalControlPlaneIngressRules is an optional set of ingress rules to add to the control plane

                    NetworkStatus

                    (Appears on:AWSClusterStatus, AWSManagedControlPlaneStatus, AWSManagedControlPlaneStatus)

                    NetworkStatus encapsulates AWS networking resources.

                    Field Description
                    securityGroups
                    map[sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta2.SecurityGroupRole]sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta2.SecurityGroup

                    SecurityGroups is a map from the role/kind of the security group to its unique name, if any.

                    apiServerElb
                    LoadBalancer

                    APIServerELB is the Kubernetes api server load balancer.

                    secondaryAPIServerELB
                    LoadBalancer

                    SecondaryAPIServerELB is the secondary Kubernetes api server load balancer.

                    natGatewaysIPs
                    []string

                    NatGatewaysIPs contains the public IPs of the NAT Gateways

                    PrivateDNSName

                    (Appears on:AWSMachineSpec, Instance, AWSLaunchTemplate)

                    PrivateDNSName is the options for the instance hostname.

                    Field Description
                    enableResourceNameDnsAAAARecord
                    bool
                    (Optional)

                    EnableResourceNameDNSAAAARecord indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.

                    enableResourceNameDnsARecord
                    bool
                    (Optional)

                    EnableResourceNameDNSARecord indicates whether to respond to DNS queries for instance hostnames with DNS A records.

                    hostnameType
                    string
                    (Optional)

                    The type of hostname to assign to an instance.

                    PublicIpv4PoolFallbackOrder (string alias)

                    (Appears on:ElasticIPPool)

                    PublicIpv4PoolFallbackOrder defines the list of available fallback action when the PublicIpv4Pool is exhausted. ‘none’ let the controllers return failures when the PublicIpv4Pool is exhausted - no more IPv4 available. ‘amazon-pool’ let the controllers to skip the PublicIpv4Pool and use the Amazon pool, the default.

                    ResourceLifecycle (string alias)

                    (Appears on:BuildParams)

                    ResourceLifecycle configures the lifecycle of a resource.

                    RouteTable

                    RouteTable defines an AWS routing table.

                    Field Description
                    id
                    string

                    S3Bucket

                    (Appears on:AWSClusterSpec)

                    S3Bucket defines a supporting S3 bucket for the cluster, currently can be optionally used for Ignition.

                    Field Description
                    controlPlaneIAMInstanceProfile
                    string
                    (Optional)

                    ControlPlaneIAMInstanceProfile is a name of the IAMInstanceProfile, which will be allowed to read control-plane node bootstrap data from S3 Bucket.

                    nodesIAMInstanceProfiles
                    []string
                    (Optional)

                    NodesIAMInstanceProfiles is a list of IAM instance profiles, which will be allowed to read worker nodes bootstrap data from S3 Bucket.

                    presignedURLDuration
                    Kubernetes meta/v1.Duration
                    (Optional)

                    PresignedURLDuration defines the duration for which presigned URLs are valid.

                    This is used to generate presigned URLs for S3 Bucket objects, which are used by control-plane and worker nodes to fetch bootstrap data.

                    When enabled, the IAM instance profiles specified are not used.

                    name
                    string

                    Name defines name of S3 Bucket to be created.

                    bestEffortDeleteObjects
                    bool
                    (Optional)

                    BestEffortDeleteObjects defines whether access/permission errors during object deletion should be ignored.

                    SecretBackend (string alias)

                    (Appears on:CloudInit, AWSIAMConfigurationSpec, AWSIAMConfigurationSpec)

                    SecretBackend defines variants for backend secret storage.

                    SecurityGroup

                    (Appears on:NetworkStatus)

                    SecurityGroup defines an AWS security group.

                    Field Description
                    id
                    string

                    ID is a unique identifier.

                    name
                    string

                    Name is the security group name.

                    ingressRule
                    IngressRules
                    (Optional)

                    IngressRules is the inbound rules associated with the security group.

                    tags
                    Tags

                    Tags is a map of tags associated with the security group.

                    SecurityGroupProtocol (string alias)

                    (Appears on:CNIIngressRule, IngressRule)

                    SecurityGroupProtocol defines the protocol type for a security group rule.

                    SecurityGroupRole (string alias)

                    (Appears on:IngressRule)

                    SecurityGroupRole defines the unique role of a security group.

                    SpotMarketOptions

                    (Appears on:AWSMachineSpec, Instance, AWSLaunchTemplate, AWSLaunchTemplate)

                    SpotMarketOptions defines the options available to a user when configuring Machines to run on Spot instances. Most users should provide an empty struct.

                    Field Description
                    maxPrice
                    string
                    (Optional)

                    MaxPrice defines the maximum price the user is willing to pay for Spot VM instances

                    SubnetSchemaType (string alias)

                    (Appears on:VPCSpec)

                    SubnetSchemaType specifies how given network should be divided on subnets in the VPC depending on the number of AZs.

                    SubnetSpec

                    SubnetSpec configures an AWS Subnet.

                    Field Description
                    id
                    string

                    ID defines a unique identifier to reference this resource. If you’re bringing your subnet, set the AWS subnet-id here, it must start with subnet-.

                    When the VPC is managed by CAPA, and you’d like the provider to create a subnet for you, the id can be set to any placeholder value that does not start with subnet-; upon creation, the subnet AWS identifier will be populated in the ResourceID field and the id field is going to be used as the subnet name. If you specify a tag called Name, it takes precedence.

                    resourceID
                    string
                    (Optional)

                    ResourceID is the subnet identifier from AWS, READ ONLY. This field is populated when the provider manages the subnet.

                    cidrBlock
                    string

                    CidrBlock is the CIDR block to be used when the provider creates a managed VPC.

                    ipv6CidrBlock
                    string
                    (Optional)

                    IPv6CidrBlock is the IPv6 CIDR block to be used when the provider creates a managed VPC. A subnet can have an IPv4 and an IPv6 address. IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object.

                    availabilityZone
                    string

                    AvailabilityZone defines the availability zone to use for this subnet in the cluster’s region.

                    isPublic
                    bool
                    (Optional)

                    IsPublic defines the subnet as a public subnet. A subnet is public when it is associated with a route table that has a route to an internet gateway.

                    isIpv6
                    bool
                    (Optional)

                    IsIPv6 defines the subnet as an IPv6 subnet. A subnet is IPv6 when it is associated with a VPC that has IPv6 enabled. IPv6 is only supported in managed clusters, this field cannot be set on AWSCluster object.

                    routeTableId
                    string
                    (Optional)

                    RouteTableID is the routing table id associated with the subnet.

                    natGatewayId
                    string
                    (Optional)

                    NatGatewayID is the NAT gateway id associated with the subnet. Ignored unless the subnet is managed by the provider, in which case this is set on the public subnet where the NAT gateway resides. It is then used to determine routes for private subnets in the same AZ as the public subnet.

                    tags
                    Tags

                    Tags is a collection of tags describing the resource.

                    zoneType
                    ZoneType
                    (Optional)

                    ZoneType defines the type of the zone where the subnet is created.

                    The valid values are availability-zone, local-zone, and wavelength-zone.

                    Subnet with zone type availability-zone (regular) is always selected to create cluster resources, like Load Balancers, NAT Gateways, Contol Plane nodes, etc.

                    Subnet with zone type local-zone or wavelength-zone is not eligible to automatically create regular cluster resources.

                    The public subnet in availability-zone or local-zone is associated with regular public route table with default route entry to a Internet Gateway.

                    The public subnet in wavelength-zone is associated with a carrier public route table with default route entry to a Carrier Gateway.

                    The private subnet in the availability-zone is associated with a private route table with the default route entry to a NAT Gateway created in that zone.

                    The private subnet in the local-zone or wavelength-zone is associated with a private route table with the default route entry re-using the NAT Gateway in the Region (preferred from the parent zone, the zone type availability-zone in the region, or first table available).

                    parentZoneName
                    string
                    (Optional)

                    ParentZoneName is the zone name where the current subnet’s zone is tied when the zone is a Local Zone.

                    The subnets in Local Zone or Wavelength Zone locations consume the ParentZoneName to select the correct private route table to egress traffic to the internet.

                    Subnets ([]sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta2.SubnetSpec alias)

                    (Appears on:NetworkSpec)

                    Subnets is a slice of Subnet.

                    Tags (map[string]string alias)

                    (Appears on:AWSClusterSpec, AWSMachineSpec, BuildParams, SecurityGroup, SubnetSpec, VPCSpec, AWSIAMRoleSpec, BootstrapUser, AWSIAMRoleSpec, BootstrapUser, AWSManagedControlPlaneSpec, OIDCIdentityProviderConfig, AWSManagedControlPlaneSpec, OIDCIdentityProviderConfig, RosaControlPlaneSpec, AWSMachinePoolSpec, AWSManagedMachinePoolSpec, AutoScalingGroup, FargateProfileSpec, AWSMachinePoolSpec, AWSManagedMachinePoolSpec, AutoScalingGroup, FargateProfileSpec, RosaMachinePoolSpec)

                    Tags defines a map of tags.

                    TargetGroupAttribute (string alias)

                    TargetGroupAttribute defines attribute key values for V2 Load Balancer Attributes.

                    TargetGroupHealthCheck

                    (Appears on:TargetGroupSpec)

                    TargetGroupHealthCheck defines health check settings for the target group.

                    Field Description
                    protocol
                    string
                    path
                    string
                    port
                    string
                    intervalSeconds
                    int64
                    timeoutSeconds
                    int64
                    thresholdCount
                    int64
                    unhealthyThresholdCount
                    int64

                    TargetGroupHealthCheckAPISpec

                    (Appears on:AWSLoadBalancerSpec)

                    TargetGroupHealthCheckAPISpec defines the optional health check settings for the API target group.

                    Field Description
                    intervalSeconds
                    int64
                    (Optional)

                    The approximate amount of time, in seconds, between health checks of an individual target.

                    timeoutSeconds
                    int64
                    (Optional)

                    The amount of time, in seconds, during which no response from a target means a failed health check.

                    thresholdCount
                    int64
                    (Optional)

                    The number of consecutive health check successes required before considering a target healthy.

                    unhealthyThresholdCount
                    int64
                    (Optional)

                    The number of consecutive health check failures required before considering a target unhealthy.

                    TargetGroupHealthCheckAdditionalSpec

                    (Appears on:AdditionalListenerSpec)

                    TargetGroupHealthCheckAdditionalSpec defines the optional health check settings for the additional target groups.

                    Field Description
                    protocol
                    string
                    (Optional)

                    The protocol to use to health check connect with the target. When not specified the Protocol will be the same of the listener.

                    port
                    string
                    (Optional)

                    The port the load balancer uses when performing health checks for additional target groups. When not specified this value will be set for the same of listener port.

                    path
                    string
                    (Optional)

                    The destination for health checks on the targets when using the protocol HTTP or HTTPS, otherwise the path will be ignored.

                    intervalSeconds
                    int64
                    (Optional)

                    The approximate amount of time, in seconds, between health checks of an individual target.

                    timeoutSeconds
                    int64
                    (Optional)

                    The amount of time, in seconds, during which no response from a target means a failed health check.

                    thresholdCount
                    int64
                    (Optional)

                    The number of consecutive health check successes required before considering a target healthy.

                    unhealthyThresholdCount
                    int64
                    (Optional)

                    The number of consecutive health check failures required before considering a target unhealthy.

                    TargetGroupSpec

                    (Appears on:Listener)

                    TargetGroupSpec specifies target group settings for a given listener. This is created first, and the ARN is then passed to the listener.

                    Field Description
                    name
                    string

                    Name of the TargetGroup. Must be unique over the same group of listeners.

                    port
                    int64

                    Port is the exposed port

                    protocol
                    ELBProtocol
                    vpcId
                    string
                    targetGroupHealthCheck
                    TargetGroupHealthCheck

                    HealthCheck is the elb health check associated with the load balancer.

                    VPCSpec

                    (Appears on:NetworkSpec)

                    VPCSpec configures an AWS VPC.

                    Field Description
                    id
                    string

                    ID is the vpc-id of the VPC this provider should use to create resources.

                    cidrBlock
                    string

                    CidrBlock is the CIDR block to be used when the provider creates a managed VPC. Defaults to 10.0.0.0/16. Mutually exclusive with IPAMPool.

                    secondaryCidrBlocks
                    []VpcCidrBlock
                    (Optional)

                    SecondaryCidrBlocks are additional CIDR blocks to be associated when the provider creates a managed VPC. Defaults to none. Mutually exclusive with IPAMPool. This makes sense to use if, for example, you want to use a separate IP range for pods (e.g. Cilium ENI mode).

                    ipamPool
                    IPAMPool

                    IPAMPool defines the IPAMv4 pool to be used for VPC. Mutually exclusive with CidrBlock.

                    ipv6
                    IPv6
                    (Optional)

                    IPv6 contains ipv6 specific settings for the network. Supported only in managed clusters. This field cannot be set on AWSCluster object.

                    internetGatewayId
                    string
                    (Optional)

                    InternetGatewayID is the id of the internet gateway associated with the VPC.

                    carrierGatewayId
                    string
                    (Optional)

                    CarrierGatewayID is the id of the internet gateway associated with the VPC, for carrier network (Wavelength Zones).

                    tags
                    Tags

                    Tags is a collection of tags describing the resource.

                    availabilityZoneUsageLimit
                    int

                    AvailabilityZoneUsageLimit specifies the maximum number of availability zones (AZ) that should be used in a region when automatically creating subnets. If a region has more than this number of AZs then this number of AZs will be picked randomly when creating default subnets. Defaults to 3

                    availabilityZoneSelection
                    AZSelectionScheme

                    AvailabilityZoneSelection specifies how AZs should be selected if there are more AZs in a region than specified by AvailabilityZoneUsageLimit. There are 2 selection schemes: Ordered - selects based on alphabetical order Random - selects AZs randomly in a region Defaults to Ordered

                    emptyRoutesDefaultVPCSecurityGroup
                    bool
                    (Optional)

                    EmptyRoutesDefaultVPCSecurityGroup specifies whether the default VPC security group ingress and egress rules should be removed.

                    By default, when creating a VPC, AWS creates a security group called default with ingress and egress rules that allow traffic from anywhere. The group could be used as a potential surface attack and it’s generally suggested that the group rules are removed or modified appropriately.

                    NOTE: This only applies when the VPC is managed by the Cluster API AWS controller.

                    privateDnsHostnameTypeOnLaunch
                    string
                    (Optional)

                    PrivateDNSHostnameTypeOnLaunch is the type of hostname to assign to instances in the subnet at launch. For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an instance DNS name can be based on the instance IPv4 address (ip-name) or the instance ID (resource-name). For IPv6 only subnets, an instance DNS name must be based on the instance ID (resource-name).

                    elasticIpPool
                    ElasticIPPool
                    (Optional)

                    ElasticIPPool contains specific configuration to allocate Public IPv4 address (Elastic IP) from user-defined pool brought to AWS for core infrastructure resources, like NAT Gateways and Public Network Load Balancers for the API Server.

                    subnetSchema
                    SubnetSchemaType
                    (Optional)

                    SubnetSchema specifies how CidrBlock should be divided on subnets in the VPC depending on the number of AZs. PreferPrivate - one private subnet for each AZ plus one other subnet that will be further sub-divided for the public subnets. PreferPublic - have the reverse logic of PreferPrivate, one public subnet for each AZ plus one other subnet that will be further sub-divided for the private subnets. Defaults to PreferPrivate

                    Volume

                    (Appears on:AWSMachineSpec, Instance, AWSLaunchTemplate, AWSLaunchTemplate)

                    Volume encapsulates the configuration options for the storage device.

                    Field Description
                    deviceName
                    string
                    (Optional)

                    Device name

                    size
                    int64

                    Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater).

                    type
                    VolumeType
                    (Optional)

                    Type is the type of the volume (e.g. gp2, io1, etc…).

                    iops
                    int64
                    (Optional)

                    IOPS is the number of IOPS requested for the disk. Not applicable to all types.

                    throughput
                    int64
                    (Optional)

                    Throughput to provision in MiB/s supported for the volume type. Not applicable to all types.

                    encrypted
                    bool
                    (Optional)

                    Encrypted is whether the volume should be encrypted or not.

                    encryptionKey
                    string
                    (Optional)

                    EncryptionKey is the KMS key to use to encrypt the volume. Can be either a KMS key ID or ARN. If Encrypted is set and this is omitted, the default AWS key will be used. The key must already exist and be accessible by the controller.

                    VolumeType (string alias)

                    (Appears on:Volume)

                    VolumeType describes the EBS volume type. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html

                    VpcCidrBlock

                    (Appears on:VPCSpec)

                    VpcCidrBlock defines the CIDR block and settings to associate with the managed VPC. Currently, only IPv4 is supported.

                    Field Description
                    ipv4CidrBlock
                    string

                    IPv4CidrBlock is the IPv4 CIDR block to associate with the managed VPC.

                    ZoneType (string alias)

                    (Appears on:SubnetSpec)

                    ZoneType defines listener AWS Availability Zone type.

                    ASGStatus (string alias)

                    (Appears on:AWSMachinePoolStatus, AutoScalingGroup)

                    ASGStatus is a status string returned by the autoscaling API.

                    AWSFargateProfile

                    AWSFargateProfile is the Schema for the awsfargateprofiles API.

                    Field Description
                    metadata
                    Kubernetes meta/v1.ObjectMeta
                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    FargateProfileSpec


                    clusterName
                    string

                    ClusterName is the name of the Cluster this object belongs to.

                    profileName
                    string

                    ProfileName specifies the profile name.

                    subnetIDs
                    []string
                    (Optional)

                    SubnetIDs specifies which subnets are used for the auto scaling group of this nodegroup.

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                    roleName
                    string
                    (Optional)

                    RoleName specifies the name of IAM role for this fargate pool If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created.

                    selectors
                    []FargateSelector

                    Selectors specify fargate pod selectors.

                    status
                    FargateProfileStatus

                    AWSLaunchTemplate

                    (Appears on:AWSMachinePoolSpec, AWSManagedMachinePoolSpec)

                    AWSLaunchTemplate defines the desired state of AWSLaunchTemplate.

                    Field Description
                    name
                    string

                    The name of the launch template.

                    iamInstanceProfile
                    string

                    The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The instance profile contains the IAM role.

                    ami
                    AMIReference
                    (Optional)

                    AMI is the reference to the AMI from which to create the machine instance.

                    imageLookupFormat
                    string
                    (Optional)

                    ImageLookupFormat is the AMI naming format to look up the image for this machine It will be ignored if an explicit AMI is set. Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base OS and kubernetes version, respectively. The BaseOS will be the value in ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as defined by the packages produced by kubernetes/release without v as a prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See also: https://golang.org/pkg/text/template/

                    imageLookupOrg
                    string

                    ImageLookupOrg is the AWS Organization ID to use for image lookup if AMI is not set.

                    imageLookupBaseOS
                    string

                    ImageLookupBaseOS is the name of the base operating system to use for image lookup the AMI is not set.

                    instanceType
                    string

                    InstanceType is the type of instance to create. Example: m4.xlarge

                    rootVolume
                    Volume
                    (Optional)

                    RootVolume encapsulates the configuration options for the root volume

                    nonRootVolumes
                    []Volume
                    (Optional)

                    Configuration options for the non root storage volumes.

                    sshKeyName
                    string
                    (Optional)

                    SSHKeyName is the name of the ssh key to attach to the instance. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)

                    versionNumber
                    int64

                    VersionNumber is the version of the launch template that is applied. Typically a new version is created when at least one of the following happens: 1) A new launch template spec is applied. 2) One or more parameters in an existing template is changed. 3) A new AMI is discovered.

                    additionalSecurityGroups
                    []AWSResourceReference
                    (Optional)

                    AdditionalSecurityGroups is an array of references to security groups that should be applied to the instances. These security groups would be set in addition to any security groups defined at the cluster level or in the actuator.

                    spotMarketOptions
                    SpotMarketOptions

                    SpotMarketOptions are options for configuring AWSMachinePool instances to be run using AWS Spot instances.

                    instanceMetadataOptions
                    InstanceMetadataOptions
                    (Optional)

                    InstanceMetadataOptions defines the behavior for applying metadata to instances.

                    privateDnsName
                    PrivateDNSName
                    (Optional)

                    PrivateDNSName is the options for the instance hostname.

                    AWSMachinePool

                    AWSMachinePool is the Schema for the awsmachinepools API.

                    Field Description
                    metadata
                    Kubernetes meta/v1.ObjectMeta
                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    AWSMachinePoolSpec


                    providerID
                    string
                    (Optional)

                    ProviderID is the ARN of the associated ASG

                    minSize
                    int32

                    MinSize defines the minimum size of the group.

                    maxSize
                    int32

                    MaxSize defines the maximum size of the group.

                    availabilityZones
                    []string

                    AvailabilityZones is an array of availability zones instances can run in

                    availabilityZoneSubnetType
                    AZSubnetType
                    (Optional)

                    AvailabilityZoneSubnetType specifies which type of subnets to use when an availability zone is specified.

                    subnets
                    []AWSResourceReference
                    (Optional)

                    Subnets is an array of subnet configurations

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the AWS provider.

                    awsLaunchTemplate
                    AWSLaunchTemplate

                    AWSLaunchTemplate specifies the launch template and version to use when an instance is launched.

                    mixedInstancesPolicy
                    MixedInstancesPolicy

                    MixedInstancesPolicy describes how multiple instance types will be used by the ASG.

                    providerIDList
                    []string
                    (Optional)

                    ProviderIDList are the identification IDs of machine instances provided by the provider. This field must match the provider IDs as seen on the node objects corresponding to a machine pool’s machine instances.

                    defaultCoolDown
                    Kubernetes meta/v1.Duration
                    (Optional)

                    The amount of time, in seconds, after a scaling activity completes before another scaling activity can start. If no value is supplied by user a default value of 300 seconds is set

                    defaultInstanceWarmup
                    Kubernetes meta/v1.Duration
                    (Optional)

                    The amount of time, in seconds, until a new instance is considered to have finished initializing and resource consumption to become stable after it enters the InService state. If no value is supplied by user a default value of 300 seconds is set

                    refreshPreferences
                    RefreshPreferences
                    (Optional)

                    RefreshPreferences describes set of preferences associated with the instance refresh request.

                    capacityRebalance
                    bool
                    (Optional)

                    Enable or disable the capacity rebalance autoscaling group feature

                    suspendProcesses
                    SuspendProcessesTypes

                    SuspendProcesses defines a list of processes to suspend for the given ASG. This is constantly reconciled. If a process is removed from this list it will automatically be resumed.

                    status
                    AWSMachinePoolStatus

                    AWSMachinePoolInstanceStatus

                    (Appears on:AWSMachinePoolStatus)

                    AWSMachinePoolInstanceStatus defines the status of the AWSMachinePoolInstance.

                    Field Description
                    instanceID
                    string
                    (Optional)

                    InstanceID is the identification of the Machine Instance within ASG

                    version
                    string
                    (Optional)

                    Version defines the Kubernetes version for the Machine Instance

                    AWSMachinePoolSpec

                    (Appears on:AWSMachinePool)

                    AWSMachinePoolSpec defines the desired state of AWSMachinePool.

                    Field Description
                    providerID
                    string
                    (Optional)

                    ProviderID is the ARN of the associated ASG

                    minSize
                    int32

                    MinSize defines the minimum size of the group.

                    maxSize
                    int32

                    MaxSize defines the maximum size of the group.

                    availabilityZones
                    []string

                    AvailabilityZones is an array of availability zones instances can run in

                    availabilityZoneSubnetType
                    AZSubnetType
                    (Optional)

                    AvailabilityZoneSubnetType specifies which type of subnets to use when an availability zone is specified.

                    subnets
                    []AWSResourceReference
                    (Optional)

                    Subnets is an array of subnet configurations

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the AWS provider.

                    awsLaunchTemplate
                    AWSLaunchTemplate

                    AWSLaunchTemplate specifies the launch template and version to use when an instance is launched.

                    mixedInstancesPolicy
                    MixedInstancesPolicy

                    MixedInstancesPolicy describes how multiple instance types will be used by the ASG.

                    providerIDList
                    []string
                    (Optional)

                    ProviderIDList are the identification IDs of machine instances provided by the provider. This field must match the provider IDs as seen on the node objects corresponding to a machine pool’s machine instances.

                    defaultCoolDown
                    Kubernetes meta/v1.Duration
                    (Optional)

                    The amount of time, in seconds, after a scaling activity completes before another scaling activity can start. If no value is supplied by user a default value of 300 seconds is set

                    defaultInstanceWarmup
                    Kubernetes meta/v1.Duration
                    (Optional)

                    The amount of time, in seconds, until a new instance is considered to have finished initializing and resource consumption to become stable after it enters the InService state. If no value is supplied by user a default value of 300 seconds is set

                    refreshPreferences
                    RefreshPreferences
                    (Optional)

                    RefreshPreferences describes set of preferences associated with the instance refresh request.

                    capacityRebalance
                    bool
                    (Optional)

                    Enable or disable the capacity rebalance autoscaling group feature

                    suspendProcesses
                    SuspendProcessesTypes

                    SuspendProcesses defines a list of processes to suspend for the given ASG. This is constantly reconciled. If a process is removed from this list it will automatically be resumed.

                    AWSMachinePoolStatus

                    (Appears on:AWSMachinePool)

                    AWSMachinePoolStatus defines the observed state of AWSMachinePool.

                    Field Description
                    ready
                    bool
                    (Optional)

                    Ready is true when the provider resource is ready.

                    replicas
                    int32
                    (Optional)

                    Replicas is the most recently observed number of replicas

                    conditions
                    Cluster API api/v1beta1.Conditions
                    (Optional)

                    Conditions defines current service state of the AWSMachinePool.

                    instances
                    []AWSMachinePoolInstanceStatus
                    (Optional)

                    Instances contains the status for each instance in the pool

                    launchTemplateID
                    string

                    The ID of the launch template

                    launchTemplateVersion
                    string
                    (Optional)

                    The version of the launch template

                    failureReason
                    Cluster API errors.MachineStatusError
                    (Optional)

                    FailureReason will be set in the event that there is a terminal problem reconciling the Machine and will contain a succinct value suitable for machine interpretation.

                    This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                    Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller’s output.

                    failureMessage
                    string
                    (Optional)

                    FailureMessage will be set in the event that there is a terminal problem reconciling the Machine and will contain a more verbose string suitable for logging and human consumption.

                    This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                    Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller’s output.

                    asgStatus
                    ASGStatus

                    AWSManagedMachinePool

                    AWSManagedMachinePool is the Schema for the awsmanagedmachinepools API.

                    Field Description
                    metadata
                    Kubernetes meta/v1.ObjectMeta
                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    AWSManagedMachinePoolSpec


                    eksNodegroupName
                    string
                    (Optional)

                    EKSNodegroupName specifies the name of the nodegroup in AWS corresponding to this MachinePool. If you don’t specify a name then a default name will be created based on the namespace and name of the managed machine pool.

                    availabilityZones
                    []string

                    AvailabilityZones is an array of availability zones instances can run in

                    availabilityZoneSubnetType
                    AZSubnetType
                    (Optional)

                    AvailabilityZoneSubnetType specifies which type of subnets to use when an availability zone is specified.

                    subnetIDs
                    []string
                    (Optional)

                    SubnetIDs specifies which subnets are used for the auto scaling group of this nodegroup

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                    roleAdditionalPolicies
                    []string
                    (Optional)

                    RoleAdditionalPolicies allows you to attach additional polices to the node group role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role.

                    roleName
                    string
                    (Optional)

                    RoleName specifies the name of IAM role for the node group. If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created.

                    amiVersion
                    string
                    (Optional)

                    AMIVersion defines the desired AMI release version. If no version number is supplied then the latest version for the Kubernetes version will be used

                    amiType
                    ManagedMachineAMIType
                    (Optional)

                    AMIType defines the AMI type

                    labels
                    map[string]string
                    (Optional)

                    Labels specifies labels for the Kubernetes node objects

                    taints
                    Taints
                    (Optional)

                    Taints specifies the taints to apply to the nodes of the machine pool

                    diskSize
                    int32
                    (Optional)

                    DiskSize specifies the root disk size

                    instanceType
                    string
                    (Optional)

                    InstanceType specifies the AWS instance type

                    scaling
                    ManagedMachinePoolScaling
                    (Optional)

                    Scaling specifies scaling for the ASG behind this pool

                    remoteAccess
                    ManagedRemoteAccess
                    (Optional)

                    RemoteAccess specifies how machines can be accessed remotely

                    providerIDList
                    []string
                    (Optional)

                    ProviderIDList are the provider IDs of instances in the autoscaling group corresponding to the nodegroup represented by this machine pool

                    capacityType
                    ManagedMachinePoolCapacityType
                    (Optional)

                    CapacityType specifies the capacity type for the ASG behind this pool

                    updateConfig
                    UpdateConfig
                    (Optional)

                    UpdateConfig holds the optional config to control the behaviour of the update to the nodegroup.

                    awsLaunchTemplate
                    AWSLaunchTemplate
                    (Optional)

                    AWSLaunchTemplate specifies the launch template to use to create the managed node group. If AWSLaunchTemplate is specified, certain node group configuraions outside of launch template are prohibited (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html).

                    status
                    AWSManagedMachinePoolStatus

                    AWSManagedMachinePoolSpec

                    (Appears on:AWSManagedMachinePool)

                    AWSManagedMachinePoolSpec defines the desired state of AWSManagedMachinePool.

                    Field Description
                    eksNodegroupName
                    string
                    (Optional)

                    EKSNodegroupName specifies the name of the nodegroup in AWS corresponding to this MachinePool. If you don’t specify a name then a default name will be created based on the namespace and name of the managed machine pool.

                    availabilityZones
                    []string

                    AvailabilityZones is an array of availability zones instances can run in

                    availabilityZoneSubnetType
                    AZSubnetType
                    (Optional)

                    AvailabilityZoneSubnetType specifies which type of subnets to use when an availability zone is specified.

                    subnetIDs
                    []string
                    (Optional)

                    SubnetIDs specifies which subnets are used for the auto scaling group of this nodegroup

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                    roleAdditionalPolicies
                    []string
                    (Optional)

                    RoleAdditionalPolicies allows you to attach additional polices to the node group role. You must enable the EKSAllowAddRoles feature flag to incorporate these into the created role.

                    roleName
                    string
                    (Optional)

                    RoleName specifies the name of IAM role for the node group. If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created.

                    amiVersion
                    string
                    (Optional)

                    AMIVersion defines the desired AMI release version. If no version number is supplied then the latest version for the Kubernetes version will be used

                    amiType
                    ManagedMachineAMIType
                    (Optional)

                    AMIType defines the AMI type

                    labels
                    map[string]string
                    (Optional)

                    Labels specifies labels for the Kubernetes node objects

                    taints
                    Taints
                    (Optional)

                    Taints specifies the taints to apply to the nodes of the machine pool

                    diskSize
                    int32
                    (Optional)

                    DiskSize specifies the root disk size

                    instanceType
                    string
                    (Optional)

                    InstanceType specifies the AWS instance type

                    scaling
                    ManagedMachinePoolScaling
                    (Optional)

                    Scaling specifies scaling for the ASG behind this pool

                    remoteAccess
                    ManagedRemoteAccess
                    (Optional)

                    RemoteAccess specifies how machines can be accessed remotely

                    providerIDList
                    []string
                    (Optional)

                    ProviderIDList are the provider IDs of instances in the autoscaling group corresponding to the nodegroup represented by this machine pool

                    capacityType
                    ManagedMachinePoolCapacityType
                    (Optional)

                    CapacityType specifies the capacity type for the ASG behind this pool

                    updateConfig
                    UpdateConfig
                    (Optional)

                    UpdateConfig holds the optional config to control the behaviour of the update to the nodegroup.

                    awsLaunchTemplate
                    AWSLaunchTemplate
                    (Optional)

                    AWSLaunchTemplate specifies the launch template to use to create the managed node group. If AWSLaunchTemplate is specified, certain node group configuraions outside of launch template are prohibited (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html).

                    AWSManagedMachinePoolStatus

                    (Appears on:AWSManagedMachinePool)

                    AWSManagedMachinePoolStatus defines the observed state of AWSManagedMachinePool.

                    Field Description
                    ready
                    bool

                    Ready denotes that the AWSManagedMachinePool nodegroup has joined the cluster

                    replicas
                    int32
                    (Optional)

                    Replicas is the most recently observed number of replicas.

                    launchTemplateID
                    string
                    (Optional)

                    The ID of the launch template

                    launchTemplateVersion
                    string
                    (Optional)

                    The version of the launch template

                    failureReason
                    Cluster API errors.MachineStatusError
                    (Optional)

                    FailureReason will be set in the event that there is a terminal problem reconciling the MachinePool and will contain a succinct value suitable for machine interpretation.

                    This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                    Any transient errors that occur during the reconciliation of MachinePools can be added as events to the MachinePool object and/or logged in the controller’s output.

                    failureMessage
                    string
                    (Optional)

                    FailureMessage will be set in the event that there is a terminal problem reconciling the MachinePool and will contain a more verbose string suitable for logging and human consumption.

                    This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the MachinePool’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                    Any transient errors that occur during the reconciliation of MachinePools can be added as events to the MachinePool object and/or logged in the controller’s output.

                    conditions
                    Cluster API api/v1beta1.Conditions
                    (Optional)

                    Conditions defines current service state of the managed machine pool

                    AZSubnetType (string alias)

                    (Appears on:AWSMachinePoolSpec, AWSManagedMachinePoolSpec)

                    AZSubnetType is the type of subnet to use when an availability zone is specified.

                    Value Description

                    "all"

                    AZSubnetTypeAll is all subnets in an availability zone.

                    "private"

                    AZSubnetTypePrivate is a private subnet.

                    "public"

                    AZSubnetTypePublic is a public subnet.

                    AutoScalingGroup

                    AutoScalingGroup describes an AWS autoscaling group.

                    Field Description
                    id
                    string

                    The tags associated with the instance.

                    tags
                    Tags
                    name
                    string
                    desiredCapacity
                    int32
                    maxSize
                    int32
                    minSize
                    int32
                    placementGroup
                    string
                    subnets
                    []string
                    defaultCoolDown
                    Kubernetes meta/v1.Duration
                    defaultInstanceWarmup
                    Kubernetes meta/v1.Duration
                    capacityRebalance
                    bool
                    mixedInstancesPolicy
                    MixedInstancesPolicy
                    Status
                    ASGStatus
                    instances
                    []Instance
                    currentlySuspendProcesses
                    []string

                    BlockDeviceMapping

                    BlockDeviceMapping specifies the block devices for the instance. You can specify virtual devices and EBS volumes.

                    Field Description
                    deviceName
                    string

                    The device name exposed to the EC2 instance (for example, /dev/sdh or xvdh).

                    ebs
                    EBS
                    (Optional)

                    You can specify either VirtualName or Ebs, but not both.

                    EBS

                    (Appears on:BlockDeviceMapping)

                    EBS can be used to automatically set up EBS volumes when an instance is launched.

                    Field Description
                    encrypted
                    bool
                    (Optional)

                    Encrypted is whether the volume should be encrypted or not.

                    volumeSize
                    int64
                    (Optional)

                    The size of the volume, in GiB. This can be a number from 1-1,024 for standard, 4-16,384 for io1, 1-16,384 for gp2, and 500-16,384 for st1 and sc1. If you specify a snapshot, the volume size must be equal to or larger than the snapshot size.

                    volumeType
                    string
                    (Optional)

                    The volume type For more information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html)

                    FargateProfileSpec

                    (Appears on:AWSFargateProfile)

                    FargateProfileSpec defines the desired state of FargateProfile.

                    Field Description
                    clusterName
                    string

                    ClusterName is the name of the Cluster this object belongs to.

                    profileName
                    string

                    ProfileName specifies the profile name.

                    subnetIDs
                    []string
                    (Optional)

                    SubnetIDs specifies which subnets are used for the auto scaling group of this nodegroup.

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the ones added by default.

                    roleName
                    string
                    (Optional)

                    RoleName specifies the name of IAM role for this fargate pool If the role is pre-existing we will treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM feature flag is true and no name is supplied then a role is created.

                    selectors
                    []FargateSelector

                    Selectors specify fargate pod selectors.

                    FargateProfileStatus

                    (Appears on:AWSFargateProfile)

                    FargateProfileStatus defines the observed state of FargateProfile.

                    Field Description
                    ready
                    bool

                    Ready denotes that the FargateProfile is available.

                    failureReason
                    Cluster API errors.MachineStatusError
                    (Optional)

                    FailureReason will be set in the event that there is a terminal problem reconciling the FargateProfile and will contain a succinct value suitable for machine interpretation.

                    This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the FargateProfile’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                    Any transient errors that occur during the reconciliation of FargateProfiles can be added as events to the FargateProfile object and/or logged in the controller’s output.

                    failureMessage
                    string
                    (Optional)

                    FailureMessage will be set in the event that there is a terminal problem reconciling the FargateProfile and will contain a more verbose string suitable for logging and human consumption.

                    This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the FargateProfile’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

                    Any transient errors that occur during the reconciliation of FargateProfiles can be added as events to the FargateProfile object and/or logged in the controller’s output.

                    conditions
                    Cluster API api/v1beta1.Conditions
                    (Optional)

                    Conditions defines current state of the Fargate profile.

                    FargateSelector

                    (Appears on:FargateProfileSpec)

                    FargateSelector specifies a selector for pods that should run on this fargate pool.

                    Field Description
                    labels
                    map[string]string

                    Labels specifies which pod labels this selector should match.

                    namespace
                    string

                    Namespace specifies which namespace this selector should match.

                    InstancesDistribution

                    (Appears on:MixedInstancesPolicy)

                    InstancesDistribution to configure distribution of On-Demand Instances and Spot Instances.

                    Field Description
                    onDemandAllocationStrategy
                    OnDemandAllocationStrategy
                    spotAllocationStrategy
                    SpotAllocationStrategy
                    onDemandBaseCapacity
                    int64
                    onDemandPercentageAboveBaseCapacity
                    int64

                    ManagedMachineAMIType (string alias)

                    (Appears on:AWSManagedMachinePoolSpec)

                    ManagedMachineAMIType specifies which AWS AMI to use for a managed MachinePool.

                    Value Description

                    "AL2023_ARM_64_STANDARD"

                    Al2023Arm64 is the AL2023 Arm AMI type.

                    "AL2023_x86_64_STANDARD"

                    Al2023x86_64 is the AL2023 x86-64 AMI type.

                    "AL2_ARM_64"

                    Al2Arm64 is the Arm AMI type.

                    "AL2_x86_64"

                    Al2x86_64 is the default AMI type.

                    "AL2_x86_64_GPU"

                    Al2x86_64GPU is the x86-64 GPU AMI type.

                    ManagedMachinePoolCapacityType (string alias)

                    (Appears on:AWSManagedMachinePoolSpec)

                    ManagedMachinePoolCapacityType specifies the capacity type to be used for the managed MachinePool.

                    Value Description

                    "onDemand"

                    ManagedMachinePoolCapacityTypeOnDemand is the default capacity type, to launch on-demand instances.

                    "spot"

                    ManagedMachinePoolCapacityTypeSpot is the spot instance capacity type to launch spot instances.

                    ManagedMachinePoolScaling

                    (Appears on:AWSManagedMachinePoolSpec)

                    ManagedMachinePoolScaling specifies scaling options.

                    Field Description
                    minSize
                    int32
                    maxSize
                    int32

                    ManagedRemoteAccess

                    (Appears on:AWSManagedMachinePoolSpec)

                    ManagedRemoteAccess specifies remote access settings for EC2 instances.

                    Field Description
                    sshKeyName
                    string

                    SSHKeyName specifies which EC2 SSH key can be used to access machines. If left empty, the key from the control plane is used.

                    sourceSecurityGroups
                    []string

                    SourceSecurityGroups specifies which security groups are allowed access

                    public
                    bool

                    Public specifies whether to open port 22 to the public internet

                    MixedInstancesPolicy

                    (Appears on:AWSMachinePoolSpec, AutoScalingGroup)

                    MixedInstancesPolicy for an Auto Scaling group.

                    Field Description
                    instancesDistribution
                    InstancesDistribution
                    overrides
                    []Overrides

                    OnDemandAllocationStrategy (string alias)

                    (Appears on:InstancesDistribution)

                    OnDemandAllocationStrategy indicates how to allocate instance types to fulfill On-Demand capacity.

                    Overrides

                    (Appears on:MixedInstancesPolicy)

                    Overrides are used to override the instance type specified by the launch template with multiple instance types that can be used to launch On-Demand Instances and Spot Instances.

                    Field Description
                    instanceType
                    string

                    Processes

                    (Appears on:SuspendProcessesTypes)

                    Processes defines the processes which can be enabled or disabled individually.

                    Field Description
                    launch
                    bool
                    terminate
                    bool
                    addToLoadBalancer
                    bool
                    alarmNotification
                    bool
                    azRebalance
                    bool
                    healthCheck
                    bool
                    instanceRefresh
                    bool
                    replaceUnhealthy
                    bool
                    scheduledActions
                    bool

                    ROSACluster

                    ROSACluster is the Schema for the ROSAClusters API.

                    Field Description
                    metadata
                    Kubernetes meta/v1.ObjectMeta
                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    ROSAClusterSpec


                    controlPlaneEndpoint
                    Cluster API api/v1beta1.APIEndpoint
                    (Optional)

                    ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                    status
                    ROSAClusterStatus

                    ROSAClusterSpec

                    (Appears on:ROSACluster)

                    ROSAClusterSpec defines the desired state of ROSACluster.

                    Field Description
                    controlPlaneEndpoint
                    Cluster API api/v1beta1.APIEndpoint
                    (Optional)

                    ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.

                    ROSAClusterStatus

                    (Appears on:ROSACluster)

                    ROSAClusterStatus defines the observed state of ROSACluster.

                    Field Description
                    ready
                    bool
                    (Optional)

                    Ready is when the ROSAControlPlane has a API server URL.

                    failureDomains
                    Cluster API api/v1beta1.FailureDomains
                    (Optional)

                    FailureDomains specifies a list fo available availability zones that can be used

                    ROSAMachinePool

                    ROSAMachinePool is the Schema for the rosamachinepools API.

                    Field Description
                    metadata
                    Kubernetes meta/v1.ObjectMeta
                    Refer to the Kubernetes API documentation for the fields of the metadata field.
                    spec
                    RosaMachinePoolSpec


                    nodePoolName
                    string

                    NodePoolName specifies the name of the nodepool in Rosa must be a valid DNS-1035 label, so it must consist of lower case alphanumeric and have a max length of 15 characters.

                    version
                    string
                    (Optional)

                    Version specifies the OpenShift version of the nodes associated with this machinepool. ROSAControlPlane version is used if not set.

                    availabilityZone
                    string
                    (Optional)

                    AvailabilityZone is an optinal field specifying the availability zone where instances of this machine pool should run For Multi-AZ clusters, you can create a machine pool in a Single-AZ of your choice.

                    subnet
                    string
                    (Optional)
                    labels
                    map[string]string
                    (Optional)

                    Labels specifies labels for the Kubernetes node objects

                    taints
                    []RosaTaint
                    (Optional)

                    Taints specifies the taints to apply to the nodes of the machine pool

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags are user-defined tags to be added on the underlying EC2 instances associated with this machine pool.

                    autoRepair
                    bool
                    (Optional)

                    AutoRepair specifies whether health checks should be enabled for machines in the NodePool. The default is true.

                    instanceType
                    string

                    InstanceType specifies the AWS instance type

                    autoscaling
                    RosaMachinePoolAutoScaling
                    (Optional)

                    Autoscaling specifies auto scaling behaviour for this MachinePool. required if Replicas is not configured

                    tuningConfigs
                    []string
                    (Optional)

                    TuningConfigs specifies the names of the tuning configs to be applied to this MachinePool. Tuning configs must already exist.

                    additionalSecurityGroups
                    []string
                    (Optional)

                    AdditionalSecurityGroups is an optional set of security groups to associate with all node instances of the machine pool.

                    providerIDList
                    []string
                    (Optional)

                    ProviderIDList contain a ProviderID for each machine instance that’s currently managed by this machine pool.

                    nodeDrainGracePeriod
                    Kubernetes meta/v1.Duration
                    (Optional)

                    NodeDrainGracePeriod is grace period for how long Pod Disruption Budget-protected workloads will be respected during upgrades. After this grace period, any workloads protected by Pod Disruption Budgets that have not been successfully drained from a node will be forcibly evicted.

                    Valid values are from 0 to 1 week(10080m|168h) . 0 or empty value means that the MachinePool can be drained without any time limitation.

                    updateConfig
                    RosaUpdateConfig
                    (Optional)

                    UpdateConfig specifies update configurations.

                    status
                    RosaMachinePoolStatus

                    RefreshPreferences

                    (Appears on:AWSMachinePoolSpec)

                    RefreshPreferences defines the specs for instance refreshing.

                    Field Description
                    disable
                    bool
                    (Optional)

                    Disable, if true, disables instance refresh from triggering when new launch templates are detected. This is useful in scenarios where ASG nodes are externally managed.

                    strategy
                    string
                    (Optional)

                    The strategy to use for the instance refresh. The only valid value is Rolling. A rolling update is an update that is applied to all instances in an Auto Scaling group until all instances have been updated.

                    instanceWarmup
                    int64
                    (Optional)

                    The number of seconds until a newly launched instance is configured and ready to use. During this time, the next replacement will not be initiated. The default is to use the value for the health check grace period defined for the group.

                    minHealthyPercentage
                    int64
                    (Optional)

                    The amount of capacity as a percentage in ASG that must remain healthy during an instance refresh. The default is 90.

                    maxHealthyPercentage
                    int64
                    (Optional)

                    The amount of capacity as a percentage in ASG that can be in service and healthy, or pending, to support your workload when replacing instances. The value is expressed as a percentage of the desired capacity of the ASG. Value range is 100 to 200. If you specify MaxHealthyPercentage , you must also specify MinHealthyPercentage , and the difference between them cannot be greater than 100. A larger range increases the number of instances that can be replaced at the same time.

                    RollingUpdate

                    (Appears on:RosaUpdateConfig)

                    RollingUpdate specifies MaxUnavailable & MaxSurge number of nodes during update.

                    Field Description
                    maxUnavailable
                    k8s.io/apimachinery/pkg/util/intstr.IntOrString
                    (Optional)

                    MaxUnavailable is the maximum number of nodes that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired nodes (ex: 10%). Absolute number is calculated from percentage by rounding down.

                    MaxUnavailable can not be 0 if MaxSurge is 0, default is 0. Both MaxUnavailable & MaxSurge must use the same units (absolute value or percentage).

                    Example: when MaxUnavailable is set to 30%, old nodes can be deleted down to 70% of desired nodes immediately when the rolling update starts. Once new nodes are ready, more old nodes be deleted, followed by provisioning new nodes, ensuring that the total number of nodes available at all times during the update is at least 70% of desired nodes.

                    maxSurge
                    k8s.io/apimachinery/pkg/util/intstr.IntOrString
                    (Optional)

                    MaxSurge is the maximum number of nodes that can be provisioned above the desired number of nodes. Value can be an absolute number (ex: 5) or a percentage of desired nodes (ex: 10%). Absolute number is calculated from percentage by rounding up.

                    MaxSurge can not be 0 if MaxUnavailable is 0, default is 1. Both MaxSurge & MaxUnavailable must use the same units (absolute value or percentage).

                    Example: when MaxSurge is set to 30%, new nodes can be provisioned immediately when the rolling update starts, such that the total number of old and new nodes do not exceed 130% of desired nodes. Once old nodes have been deleted, new nodes can be provisioned, ensuring that total number of nodes running at any time during the update is at most 130% of desired nodes.

                    RosaMachinePoolAutoScaling

                    (Appears on:DefaultMachinePoolSpec, RosaMachinePoolSpec)

                    RosaMachinePoolAutoScaling specifies scaling options.

                    Field Description
                    minReplicas
                    int
                    maxReplicas
                    int

                    RosaMachinePoolSpec

                    (Appears on:ROSAMachinePool)

                    RosaMachinePoolSpec defines the desired state of RosaMachinePool.

                    Field Description
                    nodePoolName
                    string

                    NodePoolName specifies the name of the nodepool in Rosa must be a valid DNS-1035 label, so it must consist of lower case alphanumeric and have a max length of 15 characters.

                    version
                    string
                    (Optional)

                    Version specifies the OpenShift version of the nodes associated with this machinepool. ROSAControlPlane version is used if not set.

                    availabilityZone
                    string
                    (Optional)

                    AvailabilityZone is an optinal field specifying the availability zone where instances of this machine pool should run For Multi-AZ clusters, you can create a machine pool in a Single-AZ of your choice.

                    subnet
                    string
                    (Optional)
                    labels
                    map[string]string
                    (Optional)

                    Labels specifies labels for the Kubernetes node objects

                    taints
                    []RosaTaint
                    (Optional)

                    Taints specifies the taints to apply to the nodes of the machine pool

                    additionalTags
                    Tags
                    (Optional)

                    AdditionalTags are user-defined tags to be added on the underlying EC2 instances associated with this machine pool.

                    autoRepair
                    bool
                    (Optional)

                    AutoRepair specifies whether health checks should be enabled for machines in the NodePool. The default is true.

                    instanceType
                    string

                    InstanceType specifies the AWS instance type

                    autoscaling
                    RosaMachinePoolAutoScaling
                    (Optional)

                    Autoscaling specifies auto scaling behaviour for this MachinePool. required if Replicas is not configured

                    tuningConfigs
                    []string
                    (Optional)

                    TuningConfigs specifies the names of the tuning configs to be applied to this MachinePool. Tuning configs must already exist.

                    additionalSecurityGroups
                    []string
                    (Optional)

                    AdditionalSecurityGroups is an optional set of security groups to associate with all node instances of the machine pool.

                    providerIDList
                    []string
                    (Optional)

                    ProviderIDList contain a ProviderID for each machine instance that’s currently managed by this machine pool.

                    nodeDrainGracePeriod
                    Kubernetes meta/v1.Duration
                    (Optional)

                    NodeDrainGracePeriod is grace period for how long Pod Disruption Budget-protected workloads will be respected during upgrades. After this grace period, any workloads protected by Pod Disruption Budgets that have not been successfully drained from a node will be forcibly evicted.

                    Valid values are from 0 to 1 week(10080m|168h) . 0 or empty value means that the MachinePool can be drained without any time limitation.

                    updateConfig
                    RosaUpdateConfig
                    (Optional)

                    UpdateConfig specifies update configurations.

                    RosaMachinePoolStatus

                    (Appears on:ROSAMachinePool)

                    RosaMachinePoolStatus defines the observed state of RosaMachinePool.

                    Field Description
                    ready
                    bool

                    Ready denotes that the RosaMachinePool nodepool has joined the cluster

                    replicas
                    int32
                    (Optional)

                    Replicas is the most recently observed number of replicas.

                    conditions
                    Cluster API api/v1beta1.Conditions
                    (Optional)

                    Conditions defines current service state of the managed machine pool

                    failureMessage
                    string
                    (Optional)

                    FailureMessage will be set in the event that there is a terminal problem reconciling the state and will be set to a descriptive error message.

                    This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the spec or the configuration of the controller, and that manual intervention is required.

                    id
                    string

                    ID is the ID given by ROSA.

                    RosaTaint

                    (Appears on:RosaMachinePoolSpec)

                    RosaTaint represents a taint to be applied to a node.

                    Field Description
                    key
                    string

                    The taint key to be applied to a node.

                    value
                    string
                    (Optional)

                    The taint value corresponding to the taint key.

                    effect
                    Kubernetes core/v1.TaintEffect

                    The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute.

                    RosaUpdateConfig

                    (Appears on:RosaMachinePoolSpec)

                    RosaUpdateConfig specifies update configuration

                    Field Description
                    rollingUpdate
                    RollingUpdate
                    (Optional)

                    RollingUpdate specifies MaxUnavailable & MaxSurge number of nodes during update.

                    SpotAllocationStrategy (string alias)

                    (Appears on:InstancesDistribution)

                    SpotAllocationStrategy indicates how to allocate instances across Spot Instance pools.

                    SuspendProcessesTypes

                    (Appears on:AWSMachinePoolSpec)

                    SuspendProcessesTypes contains user friendly auto-completable values for suspended process names.

                    Field Description
                    all
                    bool
                    processes
                    Processes

                    Tags (map[string]string alias)

                    Tags is a mapping for tags.

                    Taint

                    Taint defines the specs for a Kubernetes taint.

                    Field Description
                    effect
                    TaintEffect

                    Effect specifies the effect for the taint

                    key
                    string

                    Key is the key of the taint

                    value
                    string

                    Value is the value of the taint

                    TaintEffect (string alias)

                    (Appears on:Taint)

                    TaintEffect is the effect for a Kubernetes taint.

                    Taints ([]sigs.k8s.io/cluster-api-provider-aws/v2/exp/api/v1beta2.Taint alias)

                    (Appears on:AWSManagedMachinePoolSpec)

                    Taints is an array of Taints.

                    UpdateConfig

                    (Appears on:AWSManagedMachinePoolSpec)

                    UpdateConfig is the configuration options for updating a nodegroup. Only one of MaxUnavailable and MaxUnavailablePercentage should be specified.

                    Field Description
                    maxUnavailable
                    int
                    (Optional)

                    MaxUnavailable is the maximum number of nodes unavailable at once during a version update. Nodes will be updated in parallel. The maximum number is 100.

                    maxUnavailablePercentage
                    int
                    (Optional)

                    MaxUnavailablePercentage is the maximum percentage of nodes unavailable during a version update. This percentage of nodes will be updated in parallel, up to 100 nodes at once.