schema.yaml

# yaml-language-server: $schema=https://raw.githubusercontent.com/pulumi/pulumi/master/pkg/codegen/schema/pulumi.json
---
name: lbrlabs-eks
displayName: LBr Labs EKS
publisher: lbrlabs
pluginDownloadURL: "github://api.github.com/lbrlabs"
description: "A batteries included EKS cluster following best practices."
logoUrl: "https://raw.githubusercontent.com/lbrlabs/pulumi-lbrlabs-eks/main/assets/amazon-eks.png" #nolint:golint,lll
keywords:
  - eks
  - kubernetes
  - aws
  - lbrlabs
  - kind/component
  - category/cloud
repository: "https://github.com/lbrlabs/pulumi-lbrlabs-eks"
types:
  lbrlabs-eks:index:BudgetConfig:
    description: Configuration for Autoscaled Node budgets.
    type: object
    properties:
      nodes:
        type: string
        description: The maximum number of nodes that can be scaled down at any time.
      schedule:
        type: string
        description: A cron schedule for when disruption can happen.
      duration:
        type: string
        description: The duration during which disruptuon can happen.
  lbrlabs-eks:index:DisruptionConfig:
    description: Configuration for Autoscaled nodes disruption.
    type: object
    properties:
      consolidationPolicy:
        type: string
        enum:
        - Name: "Empty"
          Description: "Consolidate Nodes when they are empty."
          Value: "WhenEmpty"
        - Name: "Underutilized"
          Description: "Consolidate Nodes when they are underutilized."
          Value: "WhenUnderutilized"
        default: "WhenEmpty"
        description: Describes which types of Nodes Karpenter should consider for consolidation.
      consolidateAfter:
        type: string
        description: The amount of time Karpenter should wait after discovering a consolidation decision. This value can currently only be set when the consolidationPolicy is 'WhenEmpty'. You can choose to disable consolidation entirely by setting the string value 'Never' here.
      expireAfter:
        type: string
        description: The amount of time a Node can live on the cluster before being removed.
      budgets:
        type: array
        items:
          "$ref": "#/types/lbrlabs-eks:index:BudgetConfig"
        description: "Budgets control the speed Karpenter can scale down nodes."
  lbrlabs-eks:index:IngressConfig:
    description: Configuration for the ingress controller.
    type: object
    properties:
      enableMetrics:
        type: boolean
        default: false
        description: Enable metrics for the ingress controller.
      enableServiceMonitor:
        type: boolean
        default: false
        description: Enable the service monitor for kube-prometheus-stackl.
      serviceMonitorNamespace:
        type: string
        description: The namespace to deploy the service monitor to.
      controllerReplicas:
        type: integer
        default: 1
        description: The number of replicas of the ingress controller.
      nlbTargetType:
        type: string
        description: NLB target type for NLB loadbalancers.
        default: "ip"
      additionalConfig:
        type: object
        additionalProperties:
          type: string
        description: Additional configuration for the ingress controller.
  lbrlabs-eks:index:Requirement:
    description: Represents a single requirement with key, operator, and values.
    type: object
    properties:
      key:
        type: string
        description: "The key of the requirement."
      operator:
        type: string
        description: "The operator for the requirement (e.g., In, Gt)."
      values:
        type: array
        items:
          type: string
        description: "The list of values for the requirement."
  lbrlabs-eks:index:Taint:
    description: Represents a taint for a karpenter node.
    type: object
    properties:
      key:
        type: string
        description: "The key of the taint."
      value:
        type: string
        description: "The value of the taint."
      effect:
        type: array
        items:
          type: string
        description: "The effect of the taint."
resources:
  lbrlabs-eks:index:Cluster:
    isComponent: true
    inputProperties:
      ingressConfig:
        "$ref": "#/types/lbrlabs-eks:index:IngressConfig"
        description: Configuration for the ingress controller.
      clusterVersion:
        type: string
        description: The version of the EKS cluster to create.
      karpenterVersion:
        type: string
        description: The version of karpenter to deploy.
        default: "0.36.2"
      clusterEndpointPrivateAccess:
        type: boolean
        description: Indicates whether or not the Amazon EKS private API server endpoint is enabled.
        default: false
      clusterEndpointPublicAccess:
        type: boolean
        description: Indicates whether or not the Amazon EKS public API server endpoint is enabled.
        default: true
      letsEncryptEmail:
        type: string
        description: The email address to use to issue certificates from Lets Encrypt.
        plain: true
      clusterSubnetIds:
        type: array
        items:
          type: string
      nginxIngressVersion:
        type: string
        description: The version of the nginx ingress controller helm chart to deploy.
      nginxIngressRegistry:
        type: string
        description: The container registry to pull images from.
        default: "registry.k8s.io"
      eksIamAuthControllerVersion:
        type: string
        description: The version of the eks-iam-auth-controller helm chart to deploy.
      externalDNSVersion:
        type: string
        description: The version of the external-dns helm chart to deploy.
      certManagerVersion:
        type: string
        description: The version of the cert-manager helm chart to deploy.
      systemNodeSubnetIds:
        type: array
        items:
          type: string
      systemNodeInstanceTypes:
        type: array
        items:
          type: string
      enabledClusterLogTypes:
        type: array
        items:
          type: string
      systemNodeMaxCount:
        type: number
        description: The maximum number of nodes in the system autoscaling group.
      systemNodeMinCount:
        type: number
        description: The minimum number of nodes in the system autoscaling group.
      systemNodeDesiredCount:
        type: number
        description: The initial number of nodes in the system autoscaling group.
      enableOtel:
        type: boolean
        description: Whether to enable the OTEL Distro for EKS.
        default: false
        plain: true
      enableCloudWatchAgent:
        type: boolean
        description: Whether to enable cloudwatch container insights for EKS.
        default: false
        plain: true
      enableExternalDns:
        type: boolean
        description: Whether to enable external dns with route 53 integration.
        default: true
        plain: true
      enableInternalIngress:
        type: boolean
        description: Whether to create an ingress controller for internal traffic.
        default: true
        plain: true
      enableExternalIngress:
        type: boolean
        description: Whether to create an ingress controller for external traffic.
        default: true
        plain: true
      enableCertManager:
        type: boolean
        description: Whether to enable cert-manager with route 53 integration.
        default: true
        plain: true
      enableKarpenter:
        type: boolean
        description: Whether to enable karpenter.
        default: true
        plain: true
      lbType:
        type: "string"
        description: The type of loadbalancer to provision.
        default: "nlb"
      certificateArn:
        type: string
        description: The ARN of the certificate to use for the ingress controller.
      adminAccessPrincipal:
        type: string
        description: The ARN of the AWS principal that should get admin access.
      tags:
        type: object
        additionalProperties:
          type: string
        description: Key-value map of tags to apply to the cluster.
    requiredInputs:
      - clusterSubnetIds
      - systemNodeSubnetIds
    properties:
      clusterName:
        "type": string
        "description": The cluster name
      kubeconfig:
        "type": string
        "description": The kubeconfig for this cluster.
      controlPlane:
        "$ref": "/aws/v6.38.1/schema.json#/resources/aws:eks%2Fcluster:Cluster"
        "description": The Cluster control plane
      oidcProvider:
        "$ref": "/aws/v6.38.1/schema.json#/resources/aws:iam%2FopenIdConnectProvider:OpenIdConnectProvider"
        "description": The OIDC provider for this cluster.
      systemNodes:
        "$ref": "/aws/v6.38.1/schema.json#/resources/aws:eks%2FnodeGroup:NodeGroup"
        "description": The system node group.
      karpenterNodeRole:
        "$ref": "/aws/v6.38.1/schema.json#/resources/aws:iam%2Frole:Role"
        "description": The role created for karpenter nodes.
      # clusterIssuer:
      #   "$ref": "/kubernetes/v3.29.1/schema.json#/resources/kubernetes:apiextensions.k8s.io:CustomResource"
    required:
      - clusterName
      - controlPlane
      - oidcProvider
      - kubeconfig
      - systemNodes
  lbrlabs-eks:index:AttachedNodeGroup:
    isComponent: true
    inputProperties:
      clusterName:
        type: string
        description: The cluster name to attach the nodegroup tp.
      subnetIds:
        type: array
        items:
          type: string
      instanceTypes:
        type: array
        items:
          type: string
      diskSize:
        type: integer
        description: The size of the disk to attach to the nodes.
        default: 20
      capacityType:
        type: string
        description: The capacity type of the nodegroup.
        default: "ON_DEMAND"
      releaseVersion:
        type: string
        description: The release version for the nodegroup.
      amiType:
        type: string
        description: The AMI Type for the nodegroup.
      tags:
        type: object
        additionalProperties:
          type: string
        description: Key-value map of tags to apply to the nodegroup.
      scalingConfig:
        "$ref": "/aws/v6.38.1/schema.json#/types/aws:eks%2FNodeGroupScalingConfig:NodeGroupScalingConfig"
      taints:
        type: "array"
        items:
          "$ref": "/aws/v6.38.1/schema.json#/types/aws:eks%2FNodeGroupTaint:NodeGroupTaint"
      labels:
        type: object
        additionalProperties:
          type: string
        description: "Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed."
    requiredInputs:
      - clusterName
      - subnetIds
    properties:
      nodeGroup:
        "$ref": "/aws/v6.38.1/schema.json#/resources/aws:eks%2FnodeGroup:NodeGroup"
      nodeRole:
        "$ref": "/aws/v6.38.1/schema.json#/resources/aws:iam%2Frole:Role"
    required:
      - nodeGroup
      - nodeRole
  lbrlabs-eks:index:IamServiceAccountRole:
    isComponent: true
    inputProperties:
      oidcProviderArn:
        type: string
        description: The arn of the OIDC provider attached to your EKS cluster.
      oidcProviderUrl:
        type: string
        description: The URL of the OIDC provider attached to your EKS cluster.
      namespaceName:
        type: string
        description: The namespace to create the service account in.
      serviceAccountName:
        type: string
        description: The name of the service account to bind to the role
      tags:
        type: object
        additionalProperties:
          type: string
        description: Key-value map of tags to apply to the service account.
    requiredInputs:
      - oidcProviderArn
      - oidcProviderUrl
      - namespaceName
      - serviceAccountName
    properties:
      role:
        "$ref": "/aws/v6.38.1/schema.json#/resources/aws:iam%2Frole:Role"
    required:
      - role
  lbrlabs-eks:index:IamRoleMapping:
    isComponent: true
    inputProperties:
      roleArn:
        type: string
        description: The arn of the role to map to a Kubernetes group.
      username:
        type: string
        description: The username to assign to the rolemapping.
      groups:
        type: array
        items:
          type: string
        description: An array of groups to map the IAM role to.
    requiredInputs:
      - roleArn
      - username
      - groups
    properties:
    required:
  lbrlabs-eks:index:AttachedFargateProfile:
    isComponent: true
    inputProperties:
      clusterName:
        type: string
        description: The name of the cluster to assign the fargate profile to.
      subnetIds:
        type: array
        items:
          type: string
        description: The subnet IDs to use for the fargate profile.
      tags:
        type: object
        additionalProperties:
          type: string
        description: Key-value map for tags to apply to Fargate Profile.
      selectors:
        type: array
        items:
          "$ref": "/aws/v6.38.1/schema.json#/types/aws:eks%2FFargateProfileSelector:FargateProfileSelector"
    requiredInputs:
      - clusterName
      - subnetIds
      - selectors
    properties:
      role:
        "$ref": "/aws/v6.38.1/schema.json#/resources/aws:iam%2Frole:Role"
      profile:
        "$ref": "/aws/v6.38.1/schema.json#/resources/aws:eks%2FfargateProfile:FargateProfile"
    required:
      - role
      - profile
  lbrlabs-eks:index:AutoscaledNodeGroup:
    isComponent: true
    inputProperties:
      annotations:
        type: object
        additionalProperties:
          type: string
        description: "Annotations to apply to the node group."
      amiFamily:
        type: string
        description: "AMI family for the node group."
      amiId:
        type: string
        description: "AMI ID for the node group."
      nodeRole:
        type: string
        description: "Node role for the node group."
      diskSize:
        type: string
        description: "Disk size for the node group."
        default: "20Gi"
      subnetIds:
        type: array
        items:
          type: string
        description: "List of subnet selector terms for the node group."
      securityGroupIds:
        type: array
        items:
          type: string
        description: "List of security group selector terms for the node group."
      requirements:
        type: array
        items:
          "$ref": "#/types/lbrlabs-eks:index:Requirement"
        description: "List of requirements for the node group."
      taints:
        type: array
        items:
          "$ref": "/kubernetes/v4.13.1/schema.json#/types/kubernetes:core%2Fv1:Taint"
        description: "Optional node taints."
      labels:
        type: object
        additionalProperties:
          type: string
        description: "Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed."
      disruption:
        "$ref": "#/types/lbrlabs-eks:index:DisruptionConfig"
    requiredInputs:
      - nodeRole
      - diskSize
      - subnetIds
      - securityGroupIds
      - requirements
language:
  csharp:
    packageReferences:
      Pulumi: 3.*
      Pulumi.Aws: "[6.38.1,7.0)"
      Pulumi.Kubernetes: 4.*
    rootNamespace: Lbrlabs.PulumiPackage
    respectSchemaVersion: true
    liftSingleValueMethodReturns: true
    namespaces:
      lbrlabs-eks: "Eks"
  go:
    importBasePath: github.com/lbrlabs/pulumi-lbrlabs-eks/sdk/go/eks
    liftSingleValueMethodReturns: true
    respectSchemaVersion: true
    generateResourceContainerTypes: true
  nodejs:
    respectSchemaVersion: true
    dependencies:
      "@pulumi/aws": "^6.38.1"
      "@pulumi/kubernetes": "^4.0.0"
      "mime": "^2.0.0"
      "minimatch": "^5.1.2"
    devDependencies:
      "@types/mime": "^2.0.0"
      "@types/node": "^18"
      "typescript": "^4.6.2"
    packageName: "@lbrlabs/pulumi-eks"
  python:
    liftSingleValueMethodReturns: true
    packageName: "lbrlabs_pulumi_eks"
    respectSchemaVersion: true
    usesIOClasses: true
    requires:
      pulumi: ">=3.0.0,<4.0.0"
      pulumi-aws: ">=6.38.1,<7.0.0"
      pulumi-kubernetes: ">=4.0.0,<5.0.0"