diff --git a/java/eks/fargate-cluster/cdk.json b/java/eks/fargate-cluster/cdk.json
index 441b988fc6..d78c89aaaf 100644
--- a/java/eks/fargate-cluster/cdk.json
+++ b/java/eks/fargate-cluster/cdk.json
@@ -30,7 +30,6 @@
"@aws-cdk/aws-apigateway:disableCloudWatchRole": true,
"@aws-cdk/core:enablePartitionLiterals": true,
"@aws-cdk/aws-events:eventsTargetQueueSameAccount": true,
- "@aws-cdk/aws-iam:standardizedServicePrincipals": true,
"@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": true,
"@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": true,
"@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true,
@@ -55,6 +54,27 @@
"@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": true,
"@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": true,
"@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": true,
- "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": true
+ "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": true,
+ "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": true,
+ "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": true,
+ "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": true,
+ "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": true,
+ "@aws-cdk/aws-eks:nodegroupNameAttribute": true,
+ "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": true,
+ "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": true,
+ "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": false,
+ "@aws-cdk/aws-s3:keepNotificationInImportedBucket": false,
+ "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": false,
+ "@aws-cdk/aws-ecs:disableEcsImdsBlocking": true,
+ "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": true,
+ "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": true,
+ "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": true,
+ "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": true,
+ "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": true,
+ "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": true,
+ "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": true,
+ "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": true,
+ "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": true,
+ "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": true
}
}
diff --git a/java/eks/fargate-cluster/pom.xml b/java/eks/fargate-cluster/pom.xml
index 38a4c306b2..a04cc078bd 100644
--- a/java/eks/fargate-cluster/pom.xml
+++ b/java/eks/fargate-cluster/pom.xml
@@ -9,7 +9,8 @@
UTF-8
- 2.115.0
+ 2.175.1
+ 2.0.0
[10.0.0,11.0.0)
5.7.1
@@ -22,6 +23,12 @@
${cdk.version}
+
+ software.amazon.awscdk
+ cdk-lambda-layer-kubectl-v31
+ ${kubectl.version}
+
+
software.constructs
constructs
diff --git a/java/eks/fargate-cluster/src/main/java/com/amazonaws/cdk/EksFargateStack.java b/java/eks/fargate-cluster/src/main/java/com/amazonaws/cdk/EksFargateStack.java
index 4fc38bc9ab..a1f237e36c 100644
--- a/java/eks/fargate-cluster/src/main/java/com/amazonaws/cdk/EksFargateStack.java
+++ b/java/eks/fargate-cluster/src/main/java/com/amazonaws/cdk/EksFargateStack.java
@@ -2,7 +2,7 @@
import software.amazon.awscdk.CfnOutput;
import software.amazon.awscdk.Stack;
-import software.amazon.awscdk.lambdalayer.kubectl.KubectlLayer;
+import software.amazon.awscdk.cdk.lambdalayer.kubectl.v31.KubectlV31Layer;
import software.amazon.awscdk.services.ec2.SubnetSelection;
import software.amazon.awscdk.services.ec2.SubnetType;
import software.amazon.awscdk.services.eks.*;
@@ -43,9 +43,9 @@ public EksFargateStack(final Construct scope, final String id, final EksFargateP
.mastersRole(clusterAdminRole)
.role(clusterAdminRole)
.endpointAccess(EndpointAccess.PUBLIC)
- .version(KubernetesVersion.V1_28)
+ .version(KubernetesVersion.V1_31)
.vpc(props.getVpc())
- .kubectlLayer(new KubectlLayer(this, "KubectlLayer"))
+ .kubectlLayer(new KubectlV31Layer(this, "KubectlLayer"))
.vpcSubnets(List.of(SubnetSelection.builder()
.subnetType(SubnetType.PRIVATE_WITH_EGRESS)
.build()))
@@ -65,15 +65,14 @@ public EksFargateStack(final Construct scope, final String id, final EksFargateP
new CfnAddon(this, "eks-vpc-cni-addon", CfnAddonProps.builder()
.clusterName(eksCluster.getClusterName())
.addonName("vpc-cni")
- .addonVersion("v1.16.0-eksbuild.1")
+ .addonVersion("v1.19.2-eksbuild.1")
.resolveConflicts("OVERWRITE")
-
.build());
new CfnAddon(this, "eks-kube-proxy-addon", CfnAddonProps.builder()
.clusterName(eksCluster.getClusterName())
.addonName("kube-proxy")
- .addonVersion("v1.28.4-eksbuild.1")
+ .addonVersion("v1.31.3-eksbuild.2")
.resolveConflicts("OVERWRITE")
.build());
diff --git a/java/eks/fargate-cluster/src/test/java/com/amazonaws/cdk/EksFargateStackTest.java b/java/eks/fargate-cluster/src/test/java/com/amazonaws/cdk/EksFargateStackTest.java
index 016c3bc069..6b5c86c240 100644
--- a/java/eks/fargate-cluster/src/test/java/com/amazonaws/cdk/EksFargateStackTest.java
+++ b/java/eks/fargate-cluster/src/test/java/com/amazonaws/cdk/EksFargateStackTest.java
@@ -56,7 +56,7 @@ void testEksCluster() {
Map.of(
"Config", Map.of(
"name", "SampleCluster",
- "version", "1.28"
+ "version", "1.31"
)
)
), 1);
diff --git a/java/eks/fargate-cluster/src/test/resources/com/amazonaws/cdk/EksFargateStackExpected.json b/java/eks/fargate-cluster/src/test/resources/com/amazonaws/cdk/EksFargateStackExpected.json
index 6beb76fdcd..0d63e518fe 100644
--- a/java/eks/fargate-cluster/src/test/resources/com/amazonaws/cdk/EksFargateStackExpected.json
+++ b/java/eks/fargate-cluster/src/test/resources/com/amazonaws/cdk/EksFargateStackExpected.json
@@ -384,7 +384,7 @@
},
"Config": {
"name": "SampleCluster",
- "version": "1.28",
+ "version": "1.31",
"roleArn": {
"Fn::GetAtt": [
"EksClusterAdminRoleD3CAEBD0",
@@ -751,7 +751,7 @@
"Type": "AWS::EKS::Addon",
"Properties": {
"AddonName": "vpc-cni",
- "AddonVersion": "v1.16.0-eksbuild.1",
+ "AddonVersion": "v1.19.2-eksbuild.1",
"ClusterName": {
"Ref": "EksFargateCluster07FC3D2B"
},
@@ -765,7 +765,7 @@
"Type": "AWS::EKS::Addon",
"Properties": {
"AddonName": "kube-proxy",
- "AddonVersion": "v1.28.4-eksbuild.1",
+ "AddonVersion": "v1.31.3-eksbuild.2",
"ClusterName": {
"Ref": "EksFargateCluster07FC3D2B"
},
diff --git a/java/eks/private-cluster/README.md b/java/eks/private-cluster/README.md
index df0ddc8050..e4a63d382c 100644
--- a/java/eks/private-cluster/README.md
+++ b/java/eks/private-cluster/README.md
@@ -95,12 +95,10 @@ For other packages or tools like `kubectl`, create an S3 bucket accessible from
Sample cloudshell session:
```
-[cloudshell-user@ip-10-2-84-204 ~]$ curl -O https://s3.us-west-2.amazonaws.com/amazon-eks/1.28.5/2024-01-04/bin/linux/amd64/kubectl
-% Total % Received % Xferd Average Speed Time Time Time Current
- Dload Upload Total Spent Left Speed
-100 47.5M 100 47.5M 0 0 7975k 0 0:00:06 0:00:06 --:--:-- 10.4M
-[cloudshell-user@ip-10-2-84-204 ~]$ aws s3 cp kubectl s3://my-bucket/kubectl-1.28.5
-upload: ./kubectl to s3://my-bucket/kubectl-1.28.5
+[cloudshell-user@ip-10-2-84-204 ~]$ curl -O https://s3.us-west-2.amazonaws.com/amazon-eks/1.31.4/2025-01-10/bin/darwin/amd64/kubectl
+
+[cloudshell-user@ip-10-2-84-204 ~]$ aws s3 cp kubectl s3://my-bucket/kubectl-1.31.4
+upload: ./kubectl to s3://my-bucket/kubectl-1.31.4
```
## Accessing the EKS cluster with kubectl
@@ -118,7 +116,7 @@ Test the access to the EKS cluster. Get pods and nodes
```
[ssm-user@ip-10-0-0-240 ~]$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
-ip-10-0-0-60.ap-southeast-1.compute.internal Ready 19h v1.28.5-eks-5e0fdde
+ip-10-0-0-60.ap-southeast-1.compute.internal Ready 19h v1.31.0-eks-a737599
[ssm-user@ip-10-0-0-240 ~]$ kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
@@ -131,4 +129,4 @@ kube-system kube-proxy-m9ms4 1/1 Running 1 (4h39m ago) 19h
## Cleanup
```
cdk destroy
-```
\ No newline at end of file
+```
diff --git a/java/eks/private-cluster/cdk.json b/java/eks/private-cluster/cdk.json
index 441b988fc6..d78c89aaaf 100644
--- a/java/eks/private-cluster/cdk.json
+++ b/java/eks/private-cluster/cdk.json
@@ -30,7 +30,6 @@
"@aws-cdk/aws-apigateway:disableCloudWatchRole": true,
"@aws-cdk/core:enablePartitionLiterals": true,
"@aws-cdk/aws-events:eventsTargetQueueSameAccount": true,
- "@aws-cdk/aws-iam:standardizedServicePrincipals": true,
"@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": true,
"@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": true,
"@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true,
@@ -55,6 +54,27 @@
"@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": true,
"@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": true,
"@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": true,
- "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": true
+ "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": true,
+ "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": true,
+ "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": true,
+ "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": true,
+ "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": true,
+ "@aws-cdk/aws-eks:nodegroupNameAttribute": true,
+ "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": true,
+ "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": true,
+ "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": false,
+ "@aws-cdk/aws-s3:keepNotificationInImportedBucket": false,
+ "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": false,
+ "@aws-cdk/aws-ecs:disableEcsImdsBlocking": true,
+ "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": true,
+ "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": true,
+ "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": true,
+ "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": true,
+ "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": true,
+ "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": true,
+ "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": true,
+ "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": true,
+ "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": true,
+ "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": true
}
}
diff --git a/java/eks/private-cluster/pom.xml b/java/eks/private-cluster/pom.xml
index 85258b621d..1b47d6e9fe 100644
--- a/java/eks/private-cluster/pom.xml
+++ b/java/eks/private-cluster/pom.xml
@@ -9,7 +9,8 @@
UTF-8
- 2.122.0
+ 2.175.1
+ 2.0.0
[10.0.0,11.0.0)
5.7.1
@@ -44,6 +45,12 @@
${cdk.version}
+
+ software.amazon.awscdk
+ cdk-lambda-layer-kubectl-v31
+ ${kubectl.version}
+
+
software.constructs
constructs
diff --git a/java/eks/private-cluster/src/main/java/com/amazonaws/cdk/examples/EksPrivateClusterStack.java b/java/eks/private-cluster/src/main/java/com/amazonaws/cdk/examples/EksPrivateClusterStack.java
index 79dd667d68..7b6dfa4e26 100644
--- a/java/eks/private-cluster/src/main/java/com/amazonaws/cdk/examples/EksPrivateClusterStack.java
+++ b/java/eks/private-cluster/src/main/java/com/amazonaws/cdk/examples/EksPrivateClusterStack.java
@@ -4,7 +4,7 @@
import java.util.Map;
import software.amazon.awscdk.Stack;
import software.amazon.awscdk.StackProps;
-import software.amazon.awscdk.lambdalayer.kubectl.KubectlLayer;
+import software.amazon.awscdk.cdk.lambdalayer.kubectl.v31.KubectlV31Layer;
import software.amazon.awscdk.services.autoscaling.AutoScalingGroup;
import software.amazon.awscdk.services.ec2.BastionHostLinux;
import software.amazon.awscdk.services.ec2.BlockDevice;
@@ -89,12 +89,12 @@ private void createEksCluster(Role clusterAdmin) {
this.cluster =
Cluster.Builder.create(this, "eks")
.vpc(vpc)
- .version(KubernetesVersion.V1_28)
+ .version(KubernetesVersion.V1_31)
.vpcSubnets(
List.of(SubnetSelection.builder().subnetType(SubnetType.PRIVATE_ISOLATED).build()))
.endpointAccess(EndpointAccess.PRIVATE)
.clusterName("eks-private")
- .kubectlLayer(new KubectlLayer(this, "kubectl-layer"))
+ .kubectlLayer(new KubectlV31Layer(this, "KubectlLayer"))
.defaultCapacity(0)
.mastersRole(clusterAdmin)
.placeClusterHandlerInVpc(true)
diff --git a/java/eks/private-cluster/src/test/java/com/amazonaws/cdk/examples/EksPrivateClusterStackTest.java b/java/eks/private-cluster/src/test/java/com/amazonaws/cdk/examples/EksPrivateClusterStackTest.java
index 1f05e4faca..9923f0d824 100644
--- a/java/eks/private-cluster/src/test/java/com/amazonaws/cdk/examples/EksPrivateClusterStackTest.java
+++ b/java/eks/private-cluster/src/test/java/com/amazonaws/cdk/examples/EksPrivateClusterStackTest.java
@@ -29,7 +29,7 @@ public void testEksClusterNameVersion() {
"Config",
Map.of(
"name", "eks-private",
- "version", "1.28"))),
+ "version", "1.31"))),
1);
}