AWSTemplateFormatVersion: 2010-09-09 Description: >- Configure advanced options for the Amazon EKS Quick Start (qs-1r0q2rlel). Metadata: cfn-lint: { config: { ignore_checks: [E9101] } } QuickStartDocumentation: EntrypointName: Configure advanced options Order: Index d ConfigSetName: !Ref ConfigSetName SentenceCaseExclude: - If - This AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Quick Start configuration Parameters: - ConfigSetName - Label: default: EKS cluster configuration Parameters: - KubernetesVersion - EKSPublicAccessCIDRs - EKSPrivateAccessEndpoint - EKSClusterLoggingTypes - EKSEncryptSecrets - EKSEncryptSecretsKmsKeyArn - Label: default: Default EKS node group configuration Parameters: - NodeGroupName - NodeVolumeSize - CustomAmiId - AmiRootVolumeDeviceName - Labels - Taints - LaunchTemplateId - LaunchTemplateVersion - NodeSecurityGroupId - NodeInstanceType2 - NodeInstanceType3 - NodeInstanceType4 - OnDemandPercentage - WindowsNodeEdition - WindowsNodeVersion - EC2MetadataPutResponseHopLimit - EC2MetadataHttpTokens - MaxNodesUnavailable - MaxNodesUnavailablePercentage - Label: default: Bastion configuration Parameters: - BastionOS - BastionBootstrapScript - BastionInstanceType - BastionRootVolumeSize - BastionIAMRoleName - BastionEnableTCPForwarding - BastionEnableX11Forwarding - BastionVariables - OnDemandBastionPercentage - Label: default: EFS storage class configuration Parameters: - EfsPerformanceMode - EfsThroughputMode - EfsProvisionedThroughputInMibps ParameterLabels: ConfigSetName: default: Config set name KubernetesVersion: default: Kubernetes version EKSPublicAccessCIDRs: default: Kubernetes API public access CIDRs EKSPrivateAccessEndpoint: default: Private access endpoint EKSClusterLoggingTypes: default: Cluster logging types EKSEncryptSecrets: default: Encrypt secrets EKSEncryptSecretsKmsKeyArn: default: Encrypt secrets KMS key ARN NodeGroupName: default: Name NodeVolumeSize: default: Volume size CustomAmiId: default: Custom AMI ID AmiRootVolumeDeviceName: default: AMI root volume device name BastionOS: default: Operating system BastionBootstrapScript: default: Bootstrap script BastionInstanceType: default: Instance type BastionRootVolumeSize: default: Root volume size BastionIAMRoleName: default: IAM role name BastionEnableTCPForwarding: default: Enable TCP forwarding BastionEnableX11Forwarding: default: Enable X11 forwarding BastionVariables: default: Variables EfsPerformanceMode: default: Performance mode EfsThroughputMode: default: Throughput mode EfsProvisionedThroughputInMibps: default: Provisioned throughput in Mibps Labels: default: Labels Taints: default: Taints LaunchTemplateId: default: Launch template ID LaunchTemplateVersion: default: Launch template version NodeSecurityGroupId: default: Security group ID NodeInstanceType2: default: Instance type 2 NodeInstanceType3: default: Instance type 3 NodeInstanceType4: default: Instance type 4 OnDemandPercentage: default: On-demand percentage OnDemandBastionPercentage: default: On-demand percentage WindowsNodeEdition: default: Windows edition WindowsNodeVersion: default: Windows version EC2MetadataPutResponseHopLimit: default: Amazon EC2 metadata put response hop limit EC2MetadataHttpTokens: default: Amazon EC2 metadata HTTP tokens MaxNodesUnavailable: default: Max nodes unavailable MaxNodesUnavailablePercentage: default: Max nodes unavailable percentage Parameters: ConfigSetName: Type: String Description: >- Name used to map advanced parameters to an EKS cluster. In order to apply the defined parameters, the name must match the name used when launching the main EKS Quick Start. EKSPrivateAccessEndpoint: Type: String Description: >- Configure access to the Kubernetes API server endpoint from within your VPC. If this is set to "Disabled", "EKS public access endpoint" must be set to "Enabled". AllowedValues: [Enabled, Disabled] Default: Enabled EKSClusterLoggingTypes: Type: List Description: >- EKS cluster control plane logs to be exported to Amazon CloudWatch Logs. AllowedPattern: ^(api|audit|authenticator|controllerManager|scheduler|, )*$ ConstraintDescription: >- Valid logging types are api, audit, authenticator, controllerManager, scheduler. Default: api, audit, authenticator, controllerManager, scheduler EKSEncryptSecrets: Type: String Description: Envelope encryption of Kubernetes secrets using KMS. AllowedValues: [Enabled, Disabled] Default: Enabled EKSEncryptSecretsKmsKeyArn: Type: String Description: >- (Optional) KMS key to use for envelope encryption of Kubernetes secrets. If this parameter is omitted, a key is created for the cluster. The CMK must be symmetric, created in the same Region as the cluster, and if the CMK was created in a different account, the user must have access to the CMK. AllowedPattern: ^arn:(aws|aws-cn|aws-us-gov):kms:\S+:[0-9]{12}:key/\S+$|^$ Default: '' EKSPublicAccessCIDRs: Type: List Description: >- These values are used only if the EKSPublicAccessEndpoint parameter is set to "Enabled". These are the public CIDR IP ranges permitted to access the Kubernetes API. They cannot contain private IP ranges. AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/x. Default: 0.0.0.0/0 NodeGroupName: Type: String Description: Name of the EKS node group. Default: Default NodeVolumeSize: Type: Number Description: Size of the node's root EBS volumes. MinValue: 20 MaxValue: 16384 Default: 20 CustomAmiId: Type: String Description: >- (Optional) If an AMI ID is specified, it is used instead of the AMI from your OS/Region. AllowedPattern: ^ami-([0-9a-f]{8}|[0-9a-f]{17})$|^$ ConstraintDescription: Must be a valid AMI ID or empty. Default: '' AmiRootVolumeDeviceName: Type: String Description: >- Device name for the root volume https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html. AllowedValues: [/dev/xvda, /dev/sda1] Default: /dev/xvda KubernetesVersion: # https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html#kubernetes-release-calendar Type: String Description: Kubernetes control plane version. AllowedValues: [1.27, 1.26, 1.25, 1.24, 1.23] Default: 1.27 BastionOS: Type: String Description: Linux distribution of the bastion host. AllowedValues: - Amazon-Linux2-HVM - Amazon-Linux2-HVM-ARM - Amazon-Linux2022 - Amazon-Linux2022-ARM - CentOS-7-HVM - Ubuntu-Server-20.04-LTS-HVM - Ubuntu-Server-22.04-LTS-HVM - Ubuntu-Server-22.04-LTS-HVM-ARM - SUSE-SLES-15-HVM Default: Amazon-Linux2-HVM BastionBootstrapScript: Type: String Description: >- (Optional) HTTPS format Amazon S3 object URL for your custom initialization script to run during setup. The bastion host must have permission to download the file from the S3 bucket. If left blank, the default bootstrap script. The source code for the default script can be found here: https://github.com/aws-quickstart/quickstart-amazon-eks/blob/main/scripts/bastion_bootstrap.sh. AllowedPattern: ^https.*|^$ ConstraintDescription: >- Must be either a valid Amazon S3 object URL (example: https://bucket/key/file.txt) or empty. Default: '' BastionInstanceType: Type: String Description: Instance type for the bastion host. Default: t3.micro BastionRootVolumeSize: Type: Number Description: Size in GB for the root EBS volume. MinValue: 10 MaxValue: 16384 Default: 10 BastionIAMRoleName: Type: String Description: >- (Optional) An existing IAM role name to attach to the bastion host. If left blank, a new role is created. Default: '' BastionEnableTCPForwarding: Type: String Description: Choose 'true' to enable TCP forwarding. AllowedValues: ['true', 'false'] Default: 'false' BastionEnableX11Forwarding: Type: String Description: Choose 'true' to enable X11 forwarding. AllowedValues: ['true', 'false'] Default: 'false' BastionVariables: Type: String Description: >- (Optional) Comma-separated list of environment variables for bootstrapping. The variables must be in the format KEY=VALUE. VALUE cannot contain commas. AllowedPattern: ^(.+=.+,)*.+=.+$|^$ ConstraintDescription: >- Must be a comma-separated list in the format KEY=VALUE. VALUE cannot contain commas. Default: '' EfsPerformanceMode: Type: String AllowedValues: [generalPurpose, maxIO] Description: >- Only applies if the EfsStorageClass parameter is set to "Enabled". Choose "maxIO" mode to provide greater IOPS with an increased latency. Default: generalPurpose EfsThroughputMode: Type: String Description: >- Only applies if the EfsStorageClass parameter is set to "Enabled". For throughput that is not dependent on the amount of data stored in the file system, choose "provisioned". AllowedValues: [bursting, provisioned] Default: bursting EfsProvisionedThroughputInMibps: Type: Number Description: >- Only applies if the EfsStorageClass parameter is set to "Enabled". If "EFS throughput mode" is set, the "provisioned" value must be in the 0-1024 range. If it's set to "bursting", this must be set to 0. MinValue: 0 MaxValue: 1024 Default: 0 OnDemandPercentage: Type: Number Description: >- Only applies if the NodeGroupType parameter is set to "Unmanaged". Set the percentage of on-demand instances and spot instances. With a default of 100, the percentages are 100% for on-demand instances and 0% for spot instances. MinValue: 0 MaxValue: 100 Default: 100 OnDemandBastionPercentage: Type: Number Description: >- Set the percentage of on-demand instances and spot instances. With a default of 100, the percentages are 100% for on-demand instances and 0% for spot instances. MinValue: 0 MaxValue: 100 Default: 100 NodeInstanceType2: Type: String Description: >- (Optional) Only applies if the NodeGroupType parameter is set to "Unmanaged". This is the second type of EC2 instance for the nodes. Default: '' NodeInstanceType3: Type: String Description: >- (Optional) Only applies if the NodeGroupType parameter is set to "Unmanaged". This is the third type of EC2 instance for the nodes. Default: '' NodeInstanceType4: Type: String Description: >- (Optional) Only applies if the NodeGroupType parameter is set to "Unmanaged". This is the fourth type of EC2 instance for the nodes. Default: '' LaunchTemplateId: Type: String Description: >- (Optional) ID of an existing launch template to use when creating the node group. Default: '' LaunchTemplateVersion: Type: String Description: >- Must be specified if the LaunchTemplateId parameter is provided. It cannot be "$Latest" or "$Default". This value sets the launch template version for the node group. AllowedPattern: (?!^\$Latest$|^\$Default$) Default: '' Labels: Type: String Description: >- (Optional) Comma-separated list of key-value pairs that represent node labels to assign to the node group. Ignore this if "Custom launch template" is provided. AllowedPattern: ^(.+=.+,)*.+=.+$|^$ ConstraintDescription: >- Must be a comma-separated list in the format KEY=VALUE. VALUE cannot contain commas. Default: '' Taints: Type: String Description: >- (Optional) Comma-separated list of key-value pairs that represent node taints to assign to the node group. Ignore this if "Custom launch template" is provided. AllowedPattern: ^(.+=.+,)*.+=.+$|^$ ConstraintDescription: >- Must be a comma-separated list in the format KEY=VALUE. VALUE cannot contain commas. Default: '' NodeSecurityGroupId: Type: String Description: >- (Optional) Provide the ID of a security group to use for this node group. If this is not specified, one is created. AllowedPattern: ^sg-([0-9a-f]{8}|[0-9a-f]{17})$|^$ ConstraintDescription: Must be a valid security group ID or empty. Default: '' WindowsNodeEdition: Type: String Description: The edition of Windows AMI to use for Windows Nodegroups. AllowedValues: [Core, Full] Default: Core WindowsNodeVersion: Type: String Description: The version of windows to use for Windows Nodegroups. AllowedValues: [2022] Default: 2022 EC2MetadataPutResponseHopLimit: Type: Number Description: >- The desired HTTP PUT response hop limit for instance metadata requests from nodes. The larger the number, the further instance metadata requests can travel (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceMetadataOptions.html#API_ModifyInstanceMetadataOptions_RequestParameters). If using cluster-autoscaler, 2 is the minimum value supported (https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/aws/README.md#common-notes-and-gotchas). MinValue: 1 MaxValue: 64 Default: 2 EC2MetadataHttpTokens: Type: String Description: >- If set to "optional" pods will be able to use the node's IAM instance profile. If set to "required" amd "EC2MetadataPutResponseHopLimit" is set to 1, pods will not be able to access the nodes IAM role. If set to "required" amd "EC2MetadataPutResponseHopLimit" is set greater than 1 pods must send a signed token header with any instance metadata retrieval release. AllowedValues: [optional, required] Default: required MaxNodesUnavailable: Type: Number Description: >- The maximum number of nodes unavailable at once during a version update. Nodes will be updated in parallel. If the "max nodes unavailable percentage" parameter is set to a value greater than 0, this parameter is ignored. MinValue: 1 MaxValue: 100 Default: 1 MaxNodesUnavailablePercentage: Type: Number Description: >- The maximum percentage of nodes unavailable during a version update. This percentage of nodes will be updated in parallel. If set to 0, this parameter is ignored. MinValue: 0 MaxValue: 100 Default: 0 Mappings: KubernetesVersion: # https://docs.aws.amazon.com/eks/latest/userguide/install-kubectl.html # You must use a kubectl version that is within one minor version # difference of your Amazon EKS cluster control plane. For example, a 1.26 # kubectl client works with Kubernetes 1.25, 1.26, and 1.27 clusters. '1.23': KubectlVersion: 1.24.9/2023-01-11 '1.24': KubectlVersion: 1.24.13/2023-05-11 '1.25': KubectlVersion: 1.26.4/2023-05-11 '1.26': KubectlVersion: 1.26.4/2023-05-11 '1.27': KubectlVersion: 1.27.1/2023-04-19 Resources: EKSPrivateAccessEndpointParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/controlplane/EKSPrivateAccessEndpoint Value: !Sub '{ "Value": "${EKSPrivateAccessEndpoint}" }' EKSClusterLoggingTypesParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/controlplane/EKSClusterLoggingTypes Value: !Sub - '{ "Value": "${JoinedEKSClusterLoggingTypes}" }' - JoinedEKSClusterLoggingTypes: !Join [',', !Ref EKSClusterLoggingTypes] EKSEncryptSecretsParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/controlplane/EKSEncryptSecrets Value: !Sub '{ "Value": "${EKSEncryptSecrets}" }' EKSEncryptSecretsKmsKeyArnParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/controlplane/EKSEncryptSecretsKmsKeyArn Value: !Sub '{ "Value": "${EKSEncryptSecretsKmsKeyArn}" }' EKSPublicAccessCIDRsParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/controlplane/EKSPublicAccessCIDRs Value: !Sub - '{ "Value": "${JoinedEKSPublicAccessCIDRs}" }' - JoinedEKSPublicAccessCIDRs: !Join [',', !Ref EKSPublicAccessCIDRs] NodeGroupNameParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/NodeGroupName Value: !Sub '{ "Value": "${NodeGroupName}" }' NodeVolumeSizeParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/NodeVolumeSize Value: !Sub '{ "Value": "${NodeVolumeSize}" }' CustomAmiIdParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/CustomAmiId Value: !Sub '{ "Value": "${CustomAmiId}" }' AmiRootVolumeDeviceNameParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/AmiRootVolumeDeviceName Value: !Sub '{ "Value": "${AmiRootVolumeDeviceName}" }' NodeSecurityGroupIdParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/NodeSecurityGroupId Value: !Sub '{ "Value": "${NodeSecurityGroupId}" }' TaintsParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/Taints Value: !Sub '{ "Value": "${Taints}" }' LabelsParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/Labels Value: !Sub '{ "Value": "${Labels}" }' LaunchTemplateVersionParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/LaunchTemplateVersion Value: !Sub '{ "Value": "${LaunchTemplateVersion}" }' LaunchTemplateIdParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/LaunchTemplateId Value: !Sub '{ "Value": "${LaunchTemplateId}" }' NodeInstanceType2Parameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/NodeInstanceType2 Value: !Sub '{ "Value": "${NodeInstanceType2}" }' NodeInstanceType3Parameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/NodeInstanceType3 Value: !Sub '{ "Value": "${NodeInstanceType3}" }' NodeInstanceType4Parameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/NodeInstanceType4 Value: !Sub '{ "Value": "${NodeInstanceType4}" }' OnDemandPercentageParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/OnDemandPercentage Value: !Sub '{ "Value": "${OnDemandPercentage}" }' KubernetesVersionParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/controlplane/KubernetesVersion Value: !Sub '{ "Value": "${KubernetesVersion}" }' KubectlVersionParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/controlplane/KubectlVersion Value: !Sub - '{ "Value": "${KubectlVersion}" }' - KubectlVersion: !FindInMap [KubernetesVersion, !Ref KubernetesVersion, KubectlVersion] BastionOSParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/bastion/BastionOS Value: !Sub '{ "Value": "${BastionOS}" }' BastionBootstrapScriptParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/bastion/BastionBootstrapScript Value: !Sub '{ "Value": "${BastionBootstrapScript}" }' BastionInstanceTypeParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/bastion/BastionInstanceType Value: !Sub '{ "Value": "${BastionInstanceType}" }' BastionRootVolumeSizeParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/bastion/BastionRootVolumeSize Value: !Sub '{ "Value": "${BastionRootVolumeSize}" }' BastionIAMRoleNameParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/bastion/BastionIAMRoleName Value: !Sub '{ "Value": "${BastionIAMRoleName}" }' BastionEnableX11ForwardingParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/bastion/BastionEnableX11Forwarding Value: !Sub '{ "Value": "${BastionEnableX11Forwarding}" }' BastionEnableTCPForwardingParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/bastion/BastionEnableTCPForwarding Value: !Sub '{ "Value": "${BastionEnableTCPForwarding}" }' BastionVariablesParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/bastion/BastionVariables Value: !Sub '{ "Value": "${BastionVariables}" }' OnDemandBastionPercentageParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/bastion/OnDemandPercentage Value: !Sub '{ "Value": "${OnDemandBastionPercentage}" }' EfsPerformanceModeParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/efs/EfsPerformanceMode Value: !Sub '{ "Value": "${EfsPerformanceMode}" }' EfsThroughputModeParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/efs/EfsThroughputMode Value: !Sub '{ "Value": "${EfsThroughputMode}" }' EfsProvisionedThroughputInMibpsParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/efs/EfsProvisionedThroughputInMibps Value: !Sub '{ "Value": "${EfsProvisionedThroughputInMibps}" }' WindowsNodeEditionParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/windows-nodegroup/WindowsNodeEdition Value: !Sub '{ "Value": "${WindowsNodeEdition}" }' WindowsNodeVersionParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/windows-nodegroup/WindowsNodeVersion Value: !Sub '{ "Value": "${WindowsNodeVersion}" }' EC2MetadataPutResponseHopLimitParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/EC2MetadataPutResponseHopLimit Value: !Sub '{ "Value": "${EC2MetadataPutResponseHopLimit}" }' EC2MetadataHttpTokensParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/EC2MetadataHttpTokens Value: !Sub '{ "Value": "${EC2MetadataHttpTokens}" }' MaxNodesUnavailableParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/MaxNodesUnavailable Value: !Sub '{ "Value": "${MaxNodesUnavailable}" }' MaxNodesUnavailablePercentageParameter: Type: AWS::SSM::Parameter Properties: Type: String Name: !Sub /quickstart/amazon-eks/${ConfigSetName}/default-nodegroup/MaxNodesUnavailablePercentage Value: !Sub '{ "Value": "${MaxNodesUnavailablePercentage}" }' Outputs: ConfigSetName: Description: Config set name. Value: !Ref ConfigSetName