# Copyright 2023 Google LLC. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. info: title: ContainerAws/Cluster description: An Anthos cluster running on AWS. x-dcl-struct-name: Cluster x-dcl-has-iam: false x-dcl-ref: text: API reference url: https://cloud.google.com/anthos/clusters/docs/multi-cloud/reference/rest/v1/projects.locations.awsClusters x-dcl-guides: - text: Multicloud overview url: https://cloud.google.com/anthos/clusters/docs/multi-cloud paths: get: description: The function used to get information about a Cluster parameters: - name: cluster required: true description: A full instance of a Cluster apply: description: The function used to apply information about a Cluster parameters: - name: cluster required: true description: A full instance of a Cluster delete: description: The function used to delete a Cluster parameters: - name: cluster required: true description: A full instance of a Cluster deleteAll: description: The function used to delete all Cluster parameters: - name: project required: true schema: type: string - name: location required: true schema: type: string list: description: The function used to list information about many Cluster parameters: - name: project required: true schema: type: string - name: location required: true schema: type: string components: schemas: Cluster: title: Cluster x-dcl-id: projects/{{project}}/locations/{{location}}/awsClusters/{{name}} x-dcl-parent-container: project x-dcl-has-create: true x-dcl-has-iam: false x-dcl-read-timeout: 0 x-dcl-apply-timeout: 0 x-dcl-delete-timeout: 0 type: object required: - name - networking - awsRegion - controlPlane - authorization - project - location - fleet properties: annotations: type: object additionalProperties: type: string x-dcl-go-name: Annotations description: 'Optional. Annotations on the cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.' authorization: type: object x-dcl-go-name: Authorization x-dcl-go-type: ClusterAuthorization description: Configuration related to the cluster RBAC settings. required: - adminUsers properties: adminUsers: type: array x-dcl-go-name: AdminUsers description: Users to perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the `cluster-admin` ClusterRole to the users. Up to ten admin users can be provided. For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles x-dcl-send-empty: true x-dcl-list-type: list items: type: object x-dcl-go-type: ClusterAuthorizationAdminUsers required: - username properties: username: type: string x-dcl-go-name: Username description: The name of the user, e.g. `my-gcp-id@gmail.com`. awsRegion: type: string x-dcl-go-name: AwsRegion description: The AWS region where the cluster runs. Each Google Cloud region supports a subset of nearby AWS regions. You can call to list all supported AWS regions within a given Google Cloud region. x-kubernetes-immutable: true controlPlane: type: object x-dcl-go-name: ControlPlane x-dcl-go-type: ClusterControlPlane description: Configuration related to the cluster control plane. required: - version - subnetIds - configEncryption - iamInstanceProfile - databaseEncryption - awsServicesAuthentication properties: awsServicesAuthentication: type: object x-dcl-go-name: AwsServicesAuthentication x-dcl-go-type: ClusterControlPlaneAwsServicesAuthentication description: Authentication configuration for management of AWS resources. required: - roleArn properties: roleArn: type: string x-dcl-go-name: RoleArn description: The Amazon Resource Name (ARN) of the role that the Anthos Multi-Cloud API will assume when managing AWS resources on your account. roleSessionName: type: string x-dcl-go-name: RoleSessionName description: Optional. An identifier for the assumed role session. When unspecified, it defaults to `multicloud-service-agent`. x-dcl-server-default: true configEncryption: type: object x-dcl-go-name: ConfigEncryption x-dcl-go-type: ClusterControlPlaneConfigEncryption description: The ARN of the AWS KMS key used to encrypt cluster configuration. required: - kmsKeyArn properties: kmsKeyArn: type: string x-dcl-go-name: KmsKeyArn description: The ARN of the AWS KMS key used to encrypt cluster configuration. databaseEncryption: type: object x-dcl-go-name: DatabaseEncryption x-dcl-go-type: ClusterControlPlaneDatabaseEncryption description: The ARN of the AWS KMS key used to encrypt cluster secrets. x-kubernetes-immutable: true required: - kmsKeyArn properties: kmsKeyArn: type: string x-dcl-go-name: KmsKeyArn description: The ARN of the AWS KMS key used to encrypt cluster secrets. x-kubernetes-immutable: true iamInstanceProfile: type: string x-dcl-go-name: IamInstanceProfile description: The name of the AWS IAM instance pofile to assign to each control plane replica. instanceType: type: string x-dcl-go-name: InstanceType description: Optional. The AWS instance type. When unspecified, it defaults to `m5.large`. x-dcl-server-default: true mainVolume: type: object x-dcl-go-name: MainVolume x-dcl-go-type: ClusterControlPlaneMainVolume description: Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 8 GiB with the GP2 volume type. x-kubernetes-immutable: true x-dcl-server-default: true properties: iops: type: integer format: int64 x-dcl-go-name: Iops description: Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume. x-kubernetes-immutable: true x-dcl-server-default: true kmsKeyArn: type: string x-dcl-go-name: KmsKeyArn description: Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used. x-kubernetes-immutable: true sizeGib: type: integer format: int64 x-dcl-go-name: SizeGib description: Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource. x-kubernetes-immutable: true x-dcl-server-default: true throughput: type: integer format: int64 x-dcl-go-name: Throughput description: Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. x-kubernetes-immutable: true x-dcl-server-default: true volumeType: type: string x-dcl-go-name: VolumeType x-dcl-go-type: ClusterControlPlaneMainVolumeVolumeTypeEnum description: 'Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3' x-kubernetes-immutable: true x-dcl-server-default: true enum: - VOLUME_TYPE_UNSPECIFIED - GP2 - GP3 proxyConfig: type: object x-dcl-go-name: ProxyConfig x-dcl-go-type: ClusterControlPlaneProxyConfig description: Proxy configuration for outbound HTTP(S) traffic. required: - secretArn - secretVersion properties: secretArn: type: string x-dcl-go-name: SecretArn description: The ARN of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration. secretVersion: type: string x-dcl-go-name: SecretVersion description: The version string of the AWS Secret Manager secret that contains the HTTP(S) proxy configuration. rootVolume: type: object x-dcl-go-name: RootVolume x-dcl-go-type: ClusterControlPlaneRootVolume description: Optional. Configuration related to the root volume provisioned for each control plane replica. Volumes will be provisioned in the availability zone associated with the corresponding subnet. When unspecified, it defaults to 32 GiB with the GP2 volume type. x-dcl-server-default: true properties: iops: type: integer format: int64 x-dcl-go-name: Iops description: Optional. The number of I/O operations per second (IOPS) to provision for GP3 volume. x-dcl-server-default: true kmsKeyArn: type: string x-dcl-go-name: KmsKeyArn description: Optional. The Amazon Resource Name (ARN) of the Customer Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified, the default Amazon managed key associated to the AWS region where this cluster runs will be used. sizeGib: type: integer format: int64 x-dcl-go-name: SizeGib description: Optional. The size of the volume, in GiBs. When unspecified, a default value is provided. See the specific reference in the parent resource. x-dcl-server-default: true throughput: type: integer format: int64 x-dcl-go-name: Throughput description: Optional. The throughput to provision for the volume, in MiB/s. Only valid if the volume type is GP3. x-dcl-server-default: true volumeType: type: string x-dcl-go-name: VolumeType x-dcl-go-type: ClusterControlPlaneRootVolumeVolumeTypeEnum description: 'Optional. Type of the EBS volume. When unspecified, it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED, GP2, GP3' x-dcl-server-default: true enum: - VOLUME_TYPE_UNSPECIFIED - GP2 - GP3 securityGroupIds: type: array x-dcl-go-name: SecurityGroupIds description: Optional. The IDs of additional security groups to add to control plane replicas. The Anthos Multi-Cloud API will automatically create and manage security groups with the minimum rules needed for a functioning cluster. x-dcl-send-empty: true x-dcl-list-type: list items: type: string x-dcl-go-type: string sshConfig: type: object x-dcl-go-name: SshConfig x-dcl-go-type: ClusterControlPlaneSshConfig description: Optional. SSH configuration for how to access the underlying control plane machines. required: - ec2KeyPair properties: ec2KeyPair: type: string x-dcl-go-name: Ec2KeyPair description: The name of the EC2 key pair used to login into cluster machines. subnetIds: type: array x-dcl-go-name: SubnetIds description: The list of subnets where control plane replicas will run. A replica will be provisioned on each subnet and up to three values can be provided. Each subnet must be in a different AWS Availability Zone (AZ). x-kubernetes-immutable: true x-dcl-send-empty: true x-dcl-list-type: list items: type: string x-dcl-go-type: string tags: type: object additionalProperties: type: string x-dcl-go-name: Tags description: Optional. A set of AWS resource tags to propagate to all underlying managed AWS resources. Specify at most 50 pairs containing alphanumerics, spaces, and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters. Values can be up to 255 Unicode characters. version: type: string x-dcl-go-name: Version description: The Kubernetes version to run on control plane replicas (e.g. `1.19.10-gke.1000`). You can list all supported versions on a given Google Cloud region by calling . createTime: type: string format: date-time x-dcl-go-name: CreateTime readOnly: true description: Output only. The time at which this cluster was created. x-kubernetes-immutable: true description: type: string x-dcl-go-name: Description description: Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes. endpoint: type: string x-dcl-go-name: Endpoint readOnly: true description: Output only. The endpoint of the cluster's API server. x-kubernetes-immutable: true etag: type: string x-dcl-go-name: Etag readOnly: true description: Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. x-kubernetes-immutable: true fleet: type: object x-dcl-go-name: Fleet x-dcl-go-type: ClusterFleet description: Fleet configuration. x-kubernetes-immutable: true required: - project properties: membership: type: string x-dcl-go-name: Membership readOnly: true description: The name of the managed Hub Membership resource associated to this cluster. Membership names are formatted as projects//locations/global/membership/. x-kubernetes-immutable: true project: type: string x-dcl-go-name: Project description: The number of the Fleet host project where this cluster will be registered. x-kubernetes-immutable: true x-dcl-references: - resource: Cloudresourcemanager/Project field: name parent: true location: type: string x-dcl-go-name: Location description: The location for the resource x-kubernetes-immutable: true name: type: string x-dcl-go-name: Name description: The name of this resource. x-kubernetes-immutable: true networking: type: object x-dcl-go-name: Networking x-dcl-go-type: ClusterNetworking description: Cluster-wide networking configuration. required: - vpcId - podAddressCidrBlocks - serviceAddressCidrBlocks properties: perNodePoolSgRulesDisabled: type: boolean x-dcl-go-name: PerNodePoolSgRulesDisabled description: Disable the per node pool subnet security group rules on the control plane security group. When set to true, you must also provide one or more security groups that ensure node pools are able to send requests to the control plane on TCP/443 and TCP/8132. Failure to do so may result in unavailable node pools. podAddressCidrBlocks: type: array x-dcl-go-name: PodAddressCidrBlocks description: All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation. x-kubernetes-immutable: true x-dcl-send-empty: true x-dcl-list-type: list items: type: string x-dcl-go-type: string serviceAddressCidrBlocks: type: array x-dcl-go-name: ServiceAddressCidrBlocks description: All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation. x-kubernetes-immutable: true x-dcl-send-empty: true x-dcl-list-type: list items: type: string x-dcl-go-type: string vpcId: type: string x-dcl-go-name: VPCId description: The VPC associated with the cluster. All component clusters (i.e. control plane and node pools) run on a single VPC. This field cannot be changed after creation. x-kubernetes-immutable: true project: type: string x-dcl-go-name: Project description: The project for the resource x-kubernetes-immutable: true x-dcl-references: - resource: Cloudresourcemanager/Project field: name parent: true reconciling: type: boolean x-dcl-go-name: Reconciling readOnly: true description: Output only. If set, there are currently changes in flight to the cluster. x-kubernetes-immutable: true state: type: string x-dcl-go-name: State x-dcl-go-type: ClusterStateEnum readOnly: true description: 'Output only. The current state of the cluster. Possible values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, DEGRADED' x-kubernetes-immutable: true enum: - STATE_UNSPECIFIED - PROVISIONING - RUNNING - RECONCILING - STOPPING - ERROR - DEGRADED uid: type: string x-dcl-go-name: Uid readOnly: true description: Output only. A globally unique identifier for the cluster. x-kubernetes-immutable: true updateTime: type: string format: date-time x-dcl-go-name: UpdateTime readOnly: true description: Output only. The time at which this cluster was last updated. x-kubernetes-immutable: true workloadIdentityConfig: type: object x-dcl-go-name: WorkloadIdentityConfig x-dcl-go-type: ClusterWorkloadIdentityConfig readOnly: true description: Output only. Workload Identity settings. x-kubernetes-immutable: true properties: identityProvider: type: string x-dcl-go-name: IdentityProvider description: The ID of the OIDC Identity Provider (IdP) associated to the Workload Identity Pool. x-kubernetes-immutable: true issuerUri: type: string x-dcl-go-name: IssuerUri description: The OIDC issuer URL for this cluster. x-kubernetes-immutable: true workloadPool: type: string x-dcl-go-name: WorkloadPool description: The Workload Identity Pool associated to the cluster. x-kubernetes-immutable: true