nodejs: support all EC2 LaunchConfiguration params for EKS cluster no…

…de root volumes

CHANGELOG.md

@@ -1,4 +1,6 @@
 ## Unreleased
+- Add support for all EC2 LaunchConfiguration EBS parameters related to cluster root node volumes
+  [#597](https://github.com/pulumi/pulumi-eks/issues/597)
 - Add support for setting `WARM_PREFIX_TARGET` and `ENABLE_PREFIX_DELEGATION`
   [#618](https://github.com/pulumi/pulumi-eks/pull/618)
 - NodeGroups accept strings as InstanceTypes

nodejs/eks/nodegroup.ts

@@ -99,6 +99,9 @@ export interface NodeGroupBaseOptions {
 
     /**
      * Encrypt the root block device of the nodes in the node group.
+     * 
+     * @deprecated This option has been deprecated for parameter naming coherence.
+     * Use the nodeRootVolumeEncrypted option instead.
      */
     encryptRootBlockDevice?: pulumi.Input<boolean>;
 
@@ -119,6 +122,33 @@ export interface NodeGroupBaseOptions {
      */
     nodeRootVolumeSize?: pulumi.Input<number>;
 
+    /**
+     * Whether to delete a cluster node's root volume on termination. Defaults to true.
+     */
+    nodeRootVolumeDeleteOnTermination?: pulumi.Input<boolean>;
+
+    /**
+     * Whether to encrypt a cluster node's root volume. Defaults to false.
+     */
+    nodeRootVolumeEncrypted?: pulumi.Input<boolean>;
+
+    /**
+     * Provisioned IOPS for a cluster node's root volume.
+     * Only valid for io1 volumes.
+     */
+    nodeRootVolumeIops?: pulumi.Input<number> | undefined;
+
+    /**
+     * Provisioned throughput performance in integer MiB/s for a cluster node's root volume.
+     * Only valid for gp3 volumes.
+     */
+    nodeRootVolumeThroughput?: pulumi.Input<number> | undefined;
+
+    /**
+     * Configured EBS type for a cluster node's root volume. Default is gp2.
+     */
+    nodeRootVolumeType?: "standard" | "gp2" | "gp3" | "st1" | "sc1" | "io1"
+
     /**
      * Extra code to run on node startup. This code will run after the AWS EKS bootstrapping code and before the node
      * signals its readiness to the managing CloudFormation stack. This code must be a typical user data script:
@@ -485,6 +515,28 @@ ${customUserData}
         nodeAssociatePublicIpAddress = args.nodeAssociatePublicIpAddress;
     }
 
+    const numeric = new RegExp('^\d+$')
+
+    if (args.nodeRootVolumeIops && args.nodeRootVolumeType != 'io1') {
+        throw new Error('Cannot create a cluster node root volume of non-io1 type with provisioned IOPS (nodeRootVolumeIops).')
+    }
+
+    if (args.nodeRootVolumeType == 'io1' && args.nodeRootVolumeIops) {
+        if (!numeric.test(args.nodeRootVolumeIops?.toString())) {
+            throw new Error('Cannot create a cluster node root volume of io1 type without provisioned IOPS (nodeRootVolumeIops) as integer value.')
+        }
+    }
+
+    if (args.nodeRootVolumeThroughput && args.nodeRootVolumeType != 'gp3') {
+        throw new Error('Cannot create a cluster node root volume of non-gp3 type with provisioned throughput (nodeRootVolumeThroughput).')
+    }
+
+    if (args.nodeRootVolumeType == 'gp3' && args.nodeRootVolumeThroughput) {
+        if (!numeric.test(args.nodeRootVolumeThroughput?.toString())) {
+            throw new Error('Cannot create a cluster node root volume of gp3 type without provisioned throughput (nodeRootVolumeThroughput) as integer value.')
+        }
+    }
+
     const nodeLaunchConfiguration = new aws.ec2.LaunchConfiguration(`${name}-nodeLaunchConfiguration`, {
         associatePublicIpAddress: nodeAssociatePublicIpAddress,
         imageId: amiId,
@@ -494,10 +546,12 @@ ${customUserData}
         securityGroups: [nodeSecurityGroupId, ...extraNodeSecurityGroupIds],
         spotPrice: args.spotPrice,
         rootBlockDevice: {
-            encrypted: args.encryptRootBlockDevice || args.encryptRootBockDevice,
-            volumeSize: args.nodeRootVolumeSize || 20, // GiB
-            volumeType: "gp2", // default is "standard"
-            deleteOnTermination: true,
+            encrypted: (args.encryptRootBlockDevice ?? args.nodeRootVolumeEncrypted) ?? false,
+            volumeSize: args.nodeRootVolumeSize ?? 20, // GiB
+            volumeType: args.nodeRootVolumeType ?? "gp2",
+            iops: args.nodeRootVolumeIops ?? undefined,
+            throughput: args.nodeRootVolumeThroughput ?? undefined,
+            deleteOnTermination: args.nodeRootVolumeDeleteOnTermination ?? true,
         },
         userData: args.nodeUserDataOverride || userdata,
     }, { parent, provider });

provider/cmd/pulumi-gen-eks/main.go

@@ -397,6 +397,26 @@ func generateSchema() schema.PackageSpec {
 						TypeSpec:    schema.TypeSpec{Type: "integer"},
 						Description: "The size in GiB of a cluster node's root volume. Defaults to 20.",
 					},
+					"nodeRootVolumeDeleteOnTermination": {
+						TypeSpec:    schema.TypeSpec{Type: "boolean"},
+						Description: "Whether to delete a cluster node's root volume on termination. Defaults to true.",
+					},
+					"nodeRootVolumeEncrypted": {
+						TypeSpec:    schema.TypeSpec{Type: "boolean"},
+						Description: "Whether to encrypt a cluster node's root volume. Defaults to false.",
+					},
+					"nodeRootVolumeIops": {
+						TypeSpec:    schema.TypeSpec{Type: "integer"},
+						Description: "Provisioned IOPS for a cluster node's root volume. Only valid for io1 volumes.",
+					},
+					"nodeRootVolumeThroughput": {
+						TypeSpec:    schema.TypeSpec{Type: "integer"},
+						Description: "Provisioned throughput performance in integer MiB/s for a cluster node's root volume. Only valid for gp3 volumes.",
+					},
+					"nodeRootVolumeType": {
+						TypeSpec:    schema.TypeSpec{Type: "string"},
+						Description: "Configured EBS type for a cluster node's root volume. Default is gp2.",
+					},
 					"nodeUserData": {
 						TypeSpec: schema.TypeSpec{Type: "string"},
 						Description: "Extra code to run on node startup. This code will run after the AWS EKS " +

provider/cmd/pulumi-resource-eks/schema.json

@@ -102,6 +102,26 @@
                     "type": "integer",
                     "description": "The size in GiB of a cluster node's root volume. Defaults to 20."
                 },
+                "nodeRootVolumeDeleteOnTermination": {
+                    "type": "boolean",
+                    "description": "Whether to delete a cluster node's root volume on termination. Defaults to true."
+                },
+                "nodeRootVolumeEncrypted": {
+                    "type": "boolean",
+                    "description": "Whether to encrypt a cluster node's root volume. Defaults to false."
+                },
+                "nodeRootVolumeIops": {
+                    "type": "integer",
+                    "description": "Provisioned IOPS for a cluster node's root volume. Only valid for io1 volumes."
+                },
+                "nodeRootVolumeThroughput": {
+                    "type": "integer",
+                    "description": "Provisioned throughput performance in integer MiB/s for a cluster node's root volume. Only valid for gp3 volumes."
+                },
+                "nodeRootVolumeType": {
+                    "type": "string",
+                    "description": "Configured EBS type for a cluster node's root volume. Default is gp2."
+                },
                 "nodeSecurityGroup": {
                     "$ref": "/aws/v4.15.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",
                     "description": "The security group for the worker node group to communicate with the cluster.\n\nThis security group requires specific inbound and outbound rules.\n\nSee for more details:\nhttps://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html\n\nNote: The `nodeSecurityGroup` option and the cluster option`nodeSecurityGroupTags` are mutually exclusive."