This document describes the default resources that are created with an GKE on AWS cluster.
You might want to know about the resources that are created with a cluster for the following reasons:
- Resources are associated with costs.
- AWS quotas might limit the number of resources you can create.
- Your organization might have policies that dictate the resources you are allowed to launch.
Compute resources
| Resource | Quantity |
|---|---|
| AWS Virtual Private Cloud (optional) | 1 |
| EC2 instance | At least 3 |
The default number of control plane EC2 instances in a cluster is three. At least one additional instance is created for each node pool.
Storage resources
| Resource | Quantity |
|---|---|
| Main volume | 1 |
| Root volume | 1 |
Network resources
| Resource | Type | Quantity |
|---|---|---|
|
NAT gateway
|
3 | |
|
Internet gateway
|
1 | |
|
Subnet
|
Public | 3 |
| |
Private | 3 |
|
Route table
|
Public | 3 |
| |
Private | 3 |
|
Route
|
Public internet gateway | 3 |
| |
Private NAT gateway | 3 |
|
Route table association
|
Public | 3 |
| |
Private | 3 |
|
Elastic IP address
|
NAT | 3 |
Security and IAM resources
| Resource | Quantity | Usage |
|---|---|---|
|
KMS key
|
6 | Database encryption Control plane configuration encryption Control plane main volume encryption Control plane root volume encryption Node pool configuration encryption Node pool root volume encryption |
|
KMS alias
|
6 | Database encryption Control plane configuration encryption Control plane main volume encryption Control plane root volume encryption Node pool configuration encryption Node pool root volume encryption |
|
IAM role
|
3 | Node pool Control plane API |
|
IAM policy
|
3 | Node pool Control plane API |
|
IAM instance profile
|
2 | Node pool Control plane |
|
IAM role policy attachment
|
3 | Node pool Control plane API |
If you are using a proxy, GKE on AWS needs the following resources:
| Resource | Quantity |
|---|---|
| Secret manager secret | 1 |
