Amazon Nuances

Be aware of the following requirements when installing the CloudCenter Suite:

  • Maximum Supported Version: EKS Version 1.1513.10 7 and below.

  • Unavailable Resources: The following resources will not be available until the upgrade completes:

    • EKS cluster

    • Suite admin cluster

  • Resources: Amazon creates the following resources for the AWS account:

    • An EKS Cluster with user-provided specifications.

    • All resources remain in the same region as the cluster.

    • A new CloudFormation stack with the same number of instances, security groups, subnets, and roles that are used to connect to the cluster.

      • VPC Name: cluster_name-VPC

      • Role Name for VPC: cluster_name-Role

      • Role Name for Workers: cluster_name-NodeInstanceRole

      • New CFN stack Name: cluster_name-New-Workers-random_UUID32

      • Auto Scaling Group for worker nodes as part of cloud formation workers stack

  • The Delete API:


    You cannot trigger a Delete call by deleting the Amazon cluster from either the AWS console or the AWS CLI. Instead, use the Delete API.

Module Details

Additionally, refer to your module documentation for module-specific dependencies as specified in the following table.

Minimum Permissions Needed

The following IAM policies are required for the CloudCenter Suite to access the EKS and create a new cluster on AWS.

  • AmazonSSMFullAccess

  • AmazonEC2FullAccess

  • IAMFullAccess

  • AutoScalingFullAccess

  • AmazonEKSClusterPolicy

  • AmazonEKSWorkerNodePolicy

  • AmazonVPCFullAccess

  • AmazonEKSServicePolicy

  • AmazonEKS_CNI_Policy

  • AmazonRoute53FullAccess

  • Inline_Policy_EKS_Cluster = an inline policy allowing the following actions on the EKS service to an IAM user:

    Code Block
        "Version": "2012-10-17",
        "Statement": [
                "Sid": "VisualEditor0",
                "Effect": "Allow",
                "Action": [
                "Resource": "*"


