✨ Add ability to control "EKS Auto Mode" for EKS clusters

Signed-off-by: Siarhei Rasiukevich <[email protected]>

Author: CharlieR-o-o-t

config/crd/bases/controlplane.cluster.x-k8s.io_awsmanagedcontrolplanes.yaml

@@ -2343,6 +2343,15 @@ spec:
                 - host
                 - port
                 type: object
+              eksAutoMode:
+                default: true
+                description: |-
+                  EKSAutoMode indicates the EKS Auto Mode state for control-plane.
+                  If you set this value to false, the following params will be disabled for EKS:
+                  AWS::EKS::Cluster KubernetesNetworkConfig ElasticLoadBalancing Enabled -> false.
+                  AWS::EKS::Cluster StorageConfig blockStorage Enabled -> false.
+                  AWS::EKS::Cluster ComputeConfig Enabled -> false.
+                type: boolean
               eksClusterName:
                 description: |-
                   EKSClusterName allows you to specify the name of the EKS cluster in
@@ -3329,6 +3338,8 @@ spec:
                       type: object
                     type: array
                 type: object
+            required:
+            - eksAutoMode
             type: object
           status:
             description: AWSManagedControlPlaneStatus defines the observed state of

config/crd/bases/controlplane.cluster.x-k8s.io_awsmanagedcontrolplanetemplates.yaml

@@ -160,6 +160,15 @@ spec:
                         - host
                         - port
                         type: object
+                      eksAutoMode:
+                        default: true
+                        description: |-
+                          EKSAutoMode indicates the EKS Auto Mode state for control-plane.
+                          If you set this value to false, the following params will be disabled for EKS:
+                          AWS::EKS::Cluster KubernetesNetworkConfig ElasticLoadBalancing Enabled -> false.
+                          AWS::EKS::Cluster StorageConfig blockStorage Enabled -> false.
+                          AWS::EKS::Cluster ComputeConfig Enabled -> false.
+                        type: boolean
                       eksClusterName:
                         description: |-
                           EKSClusterName allows you to specify the name of the EKS cluster in
@@ -1161,6 +1170,8 @@ spec:
                               type: object
                             type: array
                         type: object
+                    required:
+                    - eksAutoMode
                     type: object
                 required:
                 - spec

controlplane/eks/api/v1beta1/conversion.go

@@ -121,6 +121,7 @@ func (r *AWSManagedControlPlane) ConvertTo(dstRaw conversion.Hub) error {
 	dst.Spec.RolePermissionsBoundary = restored.Spec.RolePermissionsBoundary
 	dst.Status.Version = restored.Status.Version
 	dst.Spec.BootstrapSelfManagedAddons = restored.Spec.BootstrapSelfManagedAddons
+	dst.Spec.EKSAutoMode = restored.Spec.EKSAutoMode
 	return nil
 }
 

controlplane/eks/api/v1beta1/zz_generated.conversion.go

@@ -200,7 +200,15 @@ type AWSManagedControlPlaneSpec struct { //nolint: maligned
 	// bare EKS cluster without EKS default networking addons
 	// If you set this value to false when creating a cluster, the default networking add-ons will not be installed
 	// +kubebuilder:default=true
-	BootstrapSelfManagedAddons bool `json:"bootstrapSelfManagedAddons,omitempty"`
+	BootstrapSelfManagedAddons *bool `json:"bootstrapSelfManagedAddons,omitempty"`
+
+	// EKSAutoMode indicates the EKS Auto Mode state for control-plane.
+	// If you set this value to false, the following params will be disabled for EKS:
+	// AWS::EKS::Cluster KubernetesNetworkConfig ElasticLoadBalancing Enabled -> false.
+	// AWS::EKS::Cluster StorageConfig blockStorage Enabled -> false.
+	// AWS::EKS::Cluster ComputeConfig Enabled -> false.
+	// +kubebuilder:default=true
+	EKSAutoMode *bool `json:"eksAutoMode"`
 
 	// RestrictPrivateSubnets indicates that the EKS control plane should only use private subnets.
 	// +kubebuilder:default=false

controlplane/eks/api/v1beta2/awsmanagedcontrolplane_types.go

@@ -19,6 +19,7 @@ package v1beta2
 import (
 	"context"
 	"fmt"
+	"github.com/aws/aws-sdk-go-v2/aws"
 	"net"
 
 	"github.com/apparentlymart/go-cidr/cidr"
@@ -572,6 +573,13 @@ func (*awsManagedControlPlaneWebhook) Default(_ context.Context, obj runtime.Obj
 	infrav1.SetDefaults_NetworkSpec(&r.Spec.NetworkSpec)
 
 	// Set default value for BootstrapSelfManagedAddons
-	r.Spec.BootstrapSelfManagedAddons = true
+	if r.Spec.BootstrapSelfManagedAddons == nil {
+		r.Spec.BootstrapSelfManagedAddons = aws.Bool(true)
+	}
+
+	// Set default value for EKSAutoMode
+	if r.Spec.EKSAutoMode == nil {
+		r.Spec.EKSAutoMode = aws.Bool(true)
+	}
 	return nil
 }

controlplane/eks/api/v1beta2/awsmanagedcontrolplane_webhook.go

@@ -91,7 +91,8 @@ func TestDefaultingWebhook(t *testing.T) {
 				Bastion:                    defaultTestBastion,
 				NetworkSpec:                defaultNetworkSpec,
 				TokenMethod:                &EKSTokenMethodIAMAuthenticator,
-				BootstrapSelfManagedAddons: true,
+				BootstrapSelfManagedAddons: aws.Bool(true),
+				EKSAutoMode:                aws.Bool(true),
 			},
 		},
 		{
@@ -105,7 +106,8 @@ func TestDefaultingWebhook(t *testing.T) {
 				Bastion:                    defaultTestBastion,
 				NetworkSpec:                defaultNetworkSpec,
 				TokenMethod:                &EKSTokenMethodIAMAuthenticator,
-				BootstrapSelfManagedAddons: true,
+				BootstrapSelfManagedAddons: aws.Bool(true),
+				EKSAutoMode:                aws.Bool(true),
 			},
 		},
 		{
@@ -119,7 +121,8 @@ func TestDefaultingWebhook(t *testing.T) {
 				Bastion:                    defaultTestBastion,
 				NetworkSpec:                defaultNetworkSpec,
 				TokenMethod:                &EKSTokenMethodIAMAuthenticator,
-				BootstrapSelfManagedAddons: true,
+				BootstrapSelfManagedAddons: aws.Bool(true),
+				EKSAutoMode:                aws.Bool(true),
 			},
 		},
 		{
@@ -137,7 +140,8 @@ func TestDefaultingWebhook(t *testing.T) {
 				Bastion:                    defaultTestBastion,
 				NetworkSpec:                defaultNetworkSpec,
 				TokenMethod:                &EKSTokenMethodIAMAuthenticator,
-				BootstrapSelfManagedAddons: true,
+				BootstrapSelfManagedAddons: aws.Bool(true),
+				EKSAutoMode:                aws.Bool(true),
 			},
 		},
 		{
@@ -158,7 +162,8 @@ func TestDefaultingWebhook(t *testing.T) {
 				},
 				NetworkSpec:                defaultNetworkSpec,
 				TokenMethod:                &EKSTokenMethodIAMAuthenticator,
-				BootstrapSelfManagedAddons: true,
+				BootstrapSelfManagedAddons: aws.Bool(true),
+				EKSAutoMode:                aws.Bool(true),
 			},
 		},
 		{
@@ -180,7 +185,8 @@ func TestDefaultingWebhook(t *testing.T) {
 					VPC: defaultVPCSpec,
 				},
 				TokenMethod:                &EKSTokenMethodIAMAuthenticator,
-				BootstrapSelfManagedAddons: true,
+				BootstrapSelfManagedAddons: aws.Bool(true),
+				EKSAutoMode:                aws.Bool(true),
 			},
 		},
 		{
@@ -195,7 +201,8 @@ func TestDefaultingWebhook(t *testing.T) {
 				NetworkSpec:                defaultNetworkSpec,
 				SecondaryCidrBlock:         nil,
 				TokenMethod:                &EKSTokenMethodIAMAuthenticator,
-				BootstrapSelfManagedAddons: true,
+				BootstrapSelfManagedAddons: aws.Bool(true),
+				EKSAutoMode:                aws.Bool(true),
 			},
 		},
 	}