As of this notice, using CHANGELOG.md is DEPRECATED. We will be using GitHub Releases for this repository
- Remove input properties on Cluster that are not implemented #821
- Add support for non-default AWS partitions #788
- Add support for launchTemplateTagSpecifications within NodeGroupV2 #810
- Use pkg for packaging provider binary #776
- Remove default for NodeRootVolumeSize that conflicted with NodeGroupOptions #813
- Add support for passing Cluster to NodeGroup/NodeGroupV2/ManagedNodeGroup in all languages #815
- Add kubeconfigJson output property to Cluster #815
- Adopt plain types in the schema to match the implementation #819
- Remove unusable
provideroutput fromClusterCreationRoleProvider#823
- Fix internal registration of NodeGroupV2 resource. #790
- Updates to Java SDK. #782
- BREAKING CHANGE: Due to pulumi/pulumi#7012 including the provider in the generated SDK never really worked. This is removed now. Note - existing uses in Nodejs should not be affected. #746
- Fix issue with duplicated AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER env var on aws-node daemonset. #737
- Fix an issue where VpcCni options for externalSnat and cniExternalSnat were overwriting each other. #752
- Add a new version of Node Group, NodeGroupV2. NodeGroupV2 uses Launch Templates in place of Launch Configurations, and Auto Scaling Groups in place of Cloud Formation Stacks. This is expected to become the default in a future release.
- #766
- Allow removal of default Kubernetes addons #732
- Export the Cluster IAM Role so that external IAM policies can be attached #730
- Add checks to validate versions of kubectl and aws-cli installed #722
- Add enableIpv6 option to clusters #695 This change upgrades amazon-vpc-cni-k8s to v1.11.
- Switch kubeconfig to use client.authentication.k8s.io/v1beta1 #701
- Add support for Pulumi AWS 5.x #675
- Use apiextensions.k8s.io/v1 for eniconfigs.crd.k8s.amazonaws.com #693
- Ensure Schema is part of the Provider for the GetSchema option #660
- Fix
ENABLE_PREFIX_DELEGATIONnot working #646 - Fix node group's
minSizeanddesiredSizecannot be 0 #645
- Add support for all EC2 LaunchConfiguration EBS parameters related to cluster root node volumes #597
- Add support for setting
WARM_PREFIX_TARGETandENABLE_PREFIX_DELEGATION#618 - NodeGroups accept strings as InstanceTypes #639
- Add support for setting the init container image #631
- Add support for setting
DISABLE_TCP_EARLY_DEMUX#631
- Make getKubeconfig method available to multi-lang #628
- Add
capacityTypeandtaintstoManagedNodeGroup#614
-
Model storageclasses as a map in schema #596
-
Add resource registration for VpcCni (fixes use of NodeGroup) #590
- Upgrade Pulumi dependencies #589
- Do not require providerCredentialOpts Cluster parameter when using AWS_PROFILE #561
-
Upgrade Pulumi dependencies to 3.0 releases #564
-
Update wording for providerCredentialOpt errors #559
-
Go codegen fixes for external references #531
-
Documentation addend for build dependencies #527
-
Expose some more properties to Python, .NET, and Go #536
-
Fix .NET plugin version #542
-
Upgrade version of AWS VPC CNI to v1.7.5 #496
-
Upgrade to Go 1.16 #548
-
Add support for arm64 plugin binaries #554
-
Initial support for Go #519
-
Initial support for Python and .NET #448
-
Add support for
kubernetesServiceIpAddressRangetoeks.Cluster#509
- fix(nodejs): Do not fallback on cluster name when creating node group This is a breaking change as it will recreate the node group on the first deploy #492
- fix: correct spelling for encryptRootBlockDevice #450
- The Node.js SDK now requires an
eksresource plugin, which will be installed automatically during previews/updates (if not already installed). #458 - Add a flag to allow disabling creation of VPC CNI #493
- Upgrade to
pulumi-awsv3.0.0 Note: The move to v3.0.0 of the AWS provider can cause breaking changes if AWS IAM InstanceProfiles are used that make use of the plural.rolesfield. See #422 for more details.
- feat(nodegroup): add nodeUserDataOverride arg to specify userdata script #429
- fix(fargate): ensure fargate profile name is valid #430
- fix(cluster): add https req timeout & show time left waiting for healthz #427
- fix(kubeconfig): treat auth & env as Output in kubeconfig generation #421
- examples: Add VPC & subnet tag example for subnets managed with Pulumi #420
- Support for the ENI_CONFIG_LABEL_DEF environment variable #411
- feat(nodegroup): Support encryption of the root block device for nodes #407
- fix(ex/default-sg): rm Output tag values per string type reqs #404
- nodegroup(asgName): fix asgName definition #401
- Cutting new release to include missing generated API docs from v0.19.1
- feat(nodegroup): add opt to attach extra security groups #390
- feat(cluster): add encryptionConfigKeyArn opt to encrypt k8s Secrets #389
For a more detailed list of the changes introduced in this release, please visit #381.
- fix(dashboard): disable dashboard from deploying if not set #378
- fix(cluster): use scoped kubeconfig with non-default AWS credentials #367
- Update node & go pulumi deps to 2.0 #375
- fix(aws): rm sync invokes for AWS data source calls #373
- refactor(aws-auth): replace aws-iam-authenticator with aws eks get-token
#362
- Note: for existing clusters, this change will recompute the kubeconfig
used, as its auth arguments and settings get updated to work with
aws eks get-token. It should not affect cluster access or cause replacements of existing k8s resources.
- Note: for existing clusters, this change will recompute the kubeconfig
used, as its auth arguments and settings get updated to work with
- feat(nodegroup): use the latest recommended AMIs from the SSM store #366
- feat(cluster): support HTTP(S) proxy for cluster readiness & OIDC config #365
- deps(pulumi): bump node and go pulumi/pulumi to v1.13.1 #361
- feat(cluster): add getKubeconfig method to generate scoped kubeconfigs #356
- fix(oidc): Fix issue in OIDC getThumbprint helper function #346
- fix(oidc): use thumbprint of the intermediate root CA #342
- update(cni): update from v1.5.3 -> v1.6.0 #325
- fix(storageClasses): fix userStorageClass initialization #336
- feat(cluster): allow optional configuration of cluster name #322
- feat(identity): add support to setup OIDC provider #320
- Refactor managed nodegroup API and require its role be provided to the cluster #302
- Update pulumi/pulumi and re-enable withUpdate tests #327
- Fix js-yaml dependency changes in pulumi/k8s #324
- Unblock CI by disabling debug logging, rm unnecessary tests, and fixing broken tests #309
- feat(cluster): Support public access controls #295
- feat(cluster): Add cluster tagging #262
- refactor(vpcCni): set node anti-affinity to not deploy to fargate #291
- build: Upgrade to go1.13.4 #290
- feat(nodes): add support for Fargate #283
- feat(nodes): add createManagedNodeGroup #280
- fix(vpc-cni): allow logLevel & logFile to be set, or defaulted if not #274
- Update pulumi to 1.4.0 #270
- refactor(cluster): allow ClusterOptions to accept NodeGroupOptions #259
- Add new publicSubnetIds and privateSubnetIds cluster options. Also, update tests to use new awsx.ec2.Vpc API and new subnet options #238
- fix(iam): improve YAML error handling & reporting in IAM ops #231
- feat(iam): create eks cluster & resources with iam role provider #205
- fix(cni): read CNI YAML outside of the dynamic provider and update to v1.5.3 #223
- Revert "fix(cni): modify CNI filepath to store the relative path" #220
- Fix and improve migrate-nodegroup test (bump CNI from
v1.5.0->v1.5.2) #214 - fix(asgName): check 'NodeGroup' CFStack output key exists #213
- chore(cluster): add deprecation for kube-dashboard, customInstanceRolePolicy #202
- feat(storage-classes): export all user created storage classes #172
- update(eks): add example of migrating node groups with zero downtime #195
- refactor(secgroup): export createNodeGroupSecurityGroup & consolidate rules #183
- wait for EKS cluster endpoint to be available #193
- fix(cluster): support configuring private and public endpoint access #154
- fix(cluster): support passing additional arguments to /etc/eks/bootstrap.sh and --kubelet-extra-args #181
-
Default to a node AMI that matches the cluster version #175
-
fix(tags): rm ASG tag dupes, and consider tag inheritance for all tags #162
-
fix(nodegroup): make VPN-only subnets private #163
-
feature(cluster): Allow service role and instance profile to be injected during cluster creation #159
- ci(aws-iam-authenticator): use official S3 bucket to install bin #166
- fix(tags): change map types used in all tags to pulumi.Inputs of the map #157
- fix(cluster): expose instanceRoles #155
- tests(cluster): enable test to replace cluster by adding more subnets #150
- update(aws-k8s-cni): move from 1.4.1 -> 1.5.0 #148
- fix(cluster): rm dupe default storage class #136
- Expand nodejs SDK tests coverage, and add Kubernetes Smoke Tests for examples & tests #130
- update(aws-k8s-cni): move from 1.3.0 -> 1.4.1 #134
- fix(cluster): export missing instanceRoles in the cluster's CoreData #133
- fix(nodeSecurityGroupTags): only expose option through Cluster class #126
- fix(secgroups): do not null out ingress & egress
#128
- Note: This PR reverses the default null values used for the
ingress and egress in-line rules of the secgroups, introduced in
v0.18.3. The null default was required to move to standalone secgroup rules, but it has introduced issues, and thus is being removed in this PR. - Upgrade Path - This is a breaking change unless you do the following steps:
- If using >=
v0.18.3: update using the typical package update path. - If using <=
v0.18.2:- First, update your cluster from using your current version to
v0.18.4. - Next, update your cluster from
v0.18.4tov0.18.5(or higher) using the typical package update path.
- First, update your cluster from using your current version to
- If using >=
- Note: This PR reverses the default null values used for the
ingress and egress in-line rules of the secgroups, introduced in
- feat(tags): Set default tags & add opts: tags, and other resource tags #122
- feat(control plane logging): Enable control plane logging to cloudwatch. #100.
- fix(ami): only apply AMI smart-default selection on creation #114
- fix(secgroups): use standalone secgroup rules instead of in-line rules #109. Note, because we are replacing existing in-line secgroup rules with standalone rules, there may be a brief period of outage where the security group rules are removed before they get added back. This update happens in a matter of seconds (~5 sec), so any interruptions are short-lived.
- fix(nodegroup): filter on x86_64 arch for node AMI #112
- feat(nodePools): support per-nodegroup IAM instance roles #98
- Moves to the new 0.18.0 version of
@pulumi/aws. Version 0.18.0 ofpulumi-awsis now based on v2.2.0 of the AWS Terraform Provider, which has a variety of breaking changes from the previous version. See documentation in@pulumi/awsrepo for more details.
- Fix a bug where the regex used to retrieve Worker Node AMIs was not returning correct AMIs when either: specifying the master / control plane version, or relying on smart defaults of the lastest available image. #92
- feat(workers): add 'nodeAssociatePublicIpAddress' to toggle public IPs #81
- fix(getAmi): allow setting master version & explicitly filter Linux AMIs
#85
- Fix a bug where the wrong AMI was being returned due to a loosely defined regex.
- Add support for setting the master / control plane version of the cluster.
- Re-cut 0.17.1 as 0.17.2, due to a broken master branch caused by a pushed tag publishing the NPM package before master was able to.
- Support for
taintsonNodeGroups. #63
- Depend on latest version of
@pulumi/pulumito get more precise delete before create semantics #46
- Expose the AutoScalingGroup on NodeGroups. #53
- Fix a bug where
desiredCapacitywas not being handled correctly. #55
- Support for multiple Worker
NodeGroups connected to a single EKS cluster. #39 - Support for Spot instances in
NodeGroups. #49 - Support for adding cutom policies to node
InstanceRole. #49 - Support for adding labels to each instance in a
NodeGroup. #49
- Allow configuring the subnets that worker nodes use.
- Improve detection of public vs. private subnets.