Managed Services for Kubernetes API, gRPC: ClusterService.Create

Written by

Yandex Cloud

Improved by

Tania L.

Updated at December 1, 2025

gRPC request
CreateClusterRequest
MasterSpec
ZonalMasterSpec
InternalAddressSpec
ExternalAddressSpec
RegionalMasterSpec
MasterLocation
LocationSpec
MasterMaintenancePolicy
MaintenanceWindow
AnytimeMaintenanceWindow
DailyMaintenanceWindow
WeeklyMaintenanceWindow
DaysOfWeekMaintenanceWindow
MasterLogging
MasterScalePolicySpec
AutoScale
IPAllocationPolicy
NetworkPolicy
KMSProvider
Cilium
WorkloadIdentityFederationSpec
operation.Operation
CreateClusterMetadata
Cluster
Master
ZonalMaster
RegionalMaster
Location
MasterEndpoints
MasterAuth
VersionInfo
MasterMaintenancePolicy
MaintenanceWindow
AnytimeMaintenanceWindow
DailyMaintenanceWindow
WeeklyMaintenanceWindow
DaysOfWeekMaintenanceWindow
MasterLogging
MasterResources
MasterScalePolicy
FixedScale
AutoScale
IPAllocationPolicy
NetworkPolicy
KMSProvider
Cilium
ScheduledMaintenance
WorkloadIdentityFederation

Creates a Kubernetes cluster in the specified folder.

gRPC request

rpc Create (CreateClusterRequest) returns (operation.Operation)

CreateClusterRequest

{
  "folder_id": "string",
  "name": "string",
  "description": "string",
  "labels": "map<string, string>",
  "network_id": "string",
  "master_spec": {
    // Includes only one of the fields `zonal_master_spec`, `regional_master_spec`
    "zonal_master_spec": {
      "zone_id": "string",
      "internal_v4_address_spec": {
        "subnet_id": "string"
      },
      "external_v4_address_spec": {
        "address": "string"
      }
    },
    "regional_master_spec": {
      "region_id": "string",
      "locations": [
        {
          "zone_id": "string",
          "internal_v4_address_spec": {
            "subnet_id": "string"
          }
        }
      ],
      "external_v4_address_spec": {
        "address": "string"
      },
      "external_v6_address_spec": {
        "address": "string"
      }
    },
    // end of the list of possible fields
    "locations": [
      {
        "zone_id": "string",
        "subnet_id": "string"
      }
    ],
    "etcd_cluster_size": "int64",
    "external_v4_address_spec": {
      "address": "string"
    },
    "external_v6_address_spec": {
      "address": "string"
    },
    "version": "string",
    "maintenance_policy": {
      "auto_upgrade": "bool",
      "maintenance_window": {
        // Includes only one of the fields `anytime`, `daily_maintenance_window`, `weekly_maintenance_window`
        "anytime": "AnytimeMaintenanceWindow",
        "daily_maintenance_window": {
          "start_time": "google.type.TimeOfDay",
          "duration": "google.protobuf.Duration"
        },
        "weekly_maintenance_window": {
          "days_of_week": [
            {
              "days": [
                "DayOfWeek"
              ],
              "start_time": "google.type.TimeOfDay",
              "duration": "google.protobuf.Duration"
            }
          ]
        }
        // end of the list of possible fields
      }
    },
    "security_group_ids": [
      "string"
    ],
    "master_logging": {
      "enabled": "bool",
      // Includes only one of the fields `log_group_id`, `folder_id`
      "log_group_id": "string",
      "folder_id": "string",
      // end of the list of possible fields
      "audit_enabled": "bool",
      "cluster_autoscaler_enabled": "bool",
      "kube_apiserver_enabled": "bool",
      "events_enabled": "bool"
    },
    "scale_policy": {
      // Includes only one of the fields `auto_scale`
      "auto_scale": {
        "min_resource_preset_id": "string"
      }
      // end of the list of possible fields
    }
  },
  "ip_allocation_policy": {
    "cluster_ipv4_cidr_block": "string",
    "node_ipv4_cidr_mask_size": "int64",
    "service_ipv4_cidr_block": "string",
    "cluster_ipv6_cidr_block": "string",
    "service_ipv6_cidr_block": "string"
  },
  // Includes only one of the fields `gateway_ipv4_address`
  "gateway_ipv4_address": "string",
  // end of the list of possible fields
  "service_account_id": "string",
  "node_service_account_id": "string",
  "release_channel": "ReleaseChannel",
  "network_policy": {
    "provider": "Provider"
  },
  "kms_provider": {
    "key_id": "string"
  },
  // Includes only one of the fields `cilium`
  "cilium": {
    "routing_mode": "RoutingMode"
  },
  // end of the list of possible fields
  "workload_identity_federation": {
    "enabled": "bool"
  }
}

Field	Description
folder_id	string Required field. ID of the folder to create a Kubernetes cluster in. To get the folder ID use a yandex.cloud.resourcemanager.v1.FolderService.List request.
name	string Name of the Kubernetes cluster. The name must be unique within the folder. Value must match the regular expression `\\|[a-z]([-a-z0-9]{0,61}[a-z0-9])?`.
description	string Description of the Kubernetes cluster. The maximum string length in characters is 256.
labels	object (map<string, string>) Resource labels as `key:value` pairs. No more than 64 per resource. The maximum string length in characters for each value is 63. Each value must match the regular expression `[-_./\@0-9a-z]`. The string length in characters for each key must be 1-63. Each key must match the regular expression `[a-z][-_./\@0-9a-z]`.
network_id	string Required field. ID of the network.
master_spec	MasterSpec Required field. Master specification of the Kubernetes cluster.
ip_allocation_policy	IPAllocationPolicy IP allocation policy of the Kubernetes cluster.
gateway_ipv4_address	string Gateway IPv4 address. Includes only one of the fields `gateway_ipv4_address`.
service_account_id	string Required field. Service account to be used for provisioning Compute Cloud and VPC resources for Kubernetes cluster. Selected service account should have `edit` role on the folder where the Kubernetes cluster will be located and on the folder where selected network resides.
node_service_account_id	string Required field. Service account to be used by the worker nodes of the Kubernetes cluster to access Container Registry or to push node logs and metrics.
release_channel	enum ReleaseChannel Release channel for the master. `RAPID`: Minor updates with new functions and improvements are often added. You can't disable automatic updates in this channel, but you can specify a time period for automatic updates. `REGULAR`: New functions and improvements are added in chunks shortly after they appear on `RAPID`. `STABLE`: Only updates related to bug fixes or security improvements are added.
network_policy	NetworkPolicy
kms_provider	KMSProvider KMS provider configuration.
cilium	Cilium Includes only one of the fields `cilium`.
workload_identity_federation	WorkloadIdentityFederationSpec

MasterSpec

Field	Description
zonal_master_spec	ZonalMasterSpec Specification of the zonal master. Includes only one of the fields `zonal_master_spec`, `regional_master_spec`.
regional_master_spec	RegionalMasterSpec Specification of the regional master. Includes only one of the fields `zonal_master_spec`, `regional_master_spec`.
locations[]	LocationSpec Locations specification for Kubernetes control-plane (master) instances. Works in conjunction with `etcd_cluster_size`. See it's documentation for details. Possible combinations: 1 location and etcd_cluster_size = 1 - a single node cluster whose availability is limited by the availability of a single Compute Instance; downtime is expected during cluster updates. 1 location and etcd_cluster_size = 3 - a highly available cluster within a single availability zone; can survive the failure of a Compute Instance, a server, or an individual server rack. 3 location and etcd_cluster_size = 3 - a highly available cluster with each etcd instance located within separate availability zone; can survive the failure of a single availability zone.
etcd_cluster_size	int64 Number of etcd nodes in cluster. Works in conjunction with `locations`. See it's documentation for details. Optional. If not set, will be assumed equal to the number of locations.
external_v4_address_spec	ExternalAddressSpec Specification of parameters for external IPv4 networking.
external_v6_address_spec	ExternalAddressSpec Specification of parameters for external IPv6 networking.
version	string Version of Kubernetes components that runs on the master.
maintenance_policy	MasterMaintenancePolicy Maintenance policy of the master.
security_group_ids[]	string Master security groups.
master_logging	MasterLogging Cloud Logging for master components.
scale_policy	MasterScalePolicySpec Scale policy of the master.

ZonalMasterSpec

Field	Description
zone_id	string Required field. ID of the availability zone.
internal_v4_address_spec	InternalAddressSpec Specification of parameters for internal IPv4 networking.
external_v4_address_spec	ExternalAddressSpec Specification of parameters for external IPv4 networking.

InternalAddressSpec

Field

Description

subnet_id

string

ID of the subnet. If no ID is specified, and there only one subnet in specified zone, an address in this subnet will be allocated.

ExternalAddressSpec

Field

Description

address

string

IP address.

RegionalMasterSpec

Field	Description
region_id	string Required field. ID of the availability zone where the master resides.
locations[]	MasterLocation List of locations where the master will be allocated.
external_v4_address_spec	ExternalAddressSpec Specify to allocate a static public IP for the master.
external_v6_address_spec	ExternalAddressSpec Specification of parameters for external IPv6 networking.

MasterLocation

Field

Description

zone_id

string

Required field. ID of the availability zone.

internal_v4_address_spec

InternalAddressSpec

If not specified and there is a single subnet in specified zone, address
in this subnet will be allocated.

LocationSpec

Field

Description

zone_id

string

Required field. ID of the availability zone where the master resides.

subnet_id

string

ID of the VPC network's subnet where the master resides.
If not specified and there is a single subnet in specified zone, address in this subnet will be allocated.

MasterMaintenancePolicy

Field

Description

auto_upgrade

bool

If set to true, automatic updates are installed in the specified period of time with no interaction from the user.
If set to false, automatic upgrades are disabled.

maintenance_window

MaintenanceWindow

Maintenance window settings. Update will start at the specified time and last no more than the specified duration.
The time is set in UTC.

MaintenanceWindow

Field	Description
anytime	AnytimeMaintenanceWindow Updating the master at any time. Includes only one of the fields `anytime`, `daily_maintenance_window`, `weekly_maintenance_window`. Maintenance policy.
daily_maintenance_window	DailyMaintenanceWindow Updating the master on any day during the specified time window. Includes only one of the fields `anytime`, `daily_maintenance_window`, `weekly_maintenance_window`. Maintenance policy.
weekly_maintenance_window	WeeklyMaintenanceWindow Updating the master on selected days during the specified time window. Includes only one of the fields `anytime`, `daily_maintenance_window`, `weekly_maintenance_window`. Maintenance policy.

AnytimeMaintenanceWindow

Field	Description
Empty

DailyMaintenanceWindow

Field

Description

start_time

google.type.TimeOfDay

Required field. Window start time, in the UTC timezone.

duration

google.protobuf.Duration

Window duration.

WeeklyMaintenanceWindow

Field

Description

days_of_week[]

DaysOfWeekMaintenanceWindow

Days of the week and the maintenance window for these days when automatic updates are allowed.

The number of elements must be in the range 1-7.

DaysOfWeekMaintenanceWindow

Field	Description
days[]	enum DayOfWeek Days of the week when automatic updates are allowed. The number of elements must be in the range 1-7. `MONDAY`: The day-of-week of Monday. `TUESDAY`: The day-of-week of Tuesday. `WEDNESDAY`: The day-of-week of Wednesday. `THURSDAY`: The day-of-week of Thursday. `FRIDAY`: The day-of-week of Friday. `SATURDAY`: The day-of-week of Saturday. `SUNDAY`: The day-of-week of Sunday.
start_time	google.type.TimeOfDay Required field. Window start time, in the UTC timezone.
duration	google.protobuf.Duration Window duration.

MasterLogging

Field	Description
enabled	bool Identifies whether Cloud Logging is enabled for master components.
log_group_id	string ID of the log group where logs of master components should be stored. Value must match the regular expression `([a-zA-Z][-a-zA-Z0-9_.]{0,63})?`. Includes only one of the fields `log_group_id`, `folder_id`. The destination of master components' logs.
folder_id	string ID of the folder where logs should be stored (in default group). Value must match the regular expression `([a-zA-Z][-a-zA-Z0-9_.]{0,63})?`. Includes only one of the fields `log_group_id`, `folder_id`. The destination of master components' logs.
audit_enabled	bool Identifies whether Cloud Logging is enabled for audit logs.
cluster_autoscaler_enabled	bool Identifies whether Cloud Logging is enabled for cluster-autoscaler.
kube_apiserver_enabled	bool Identifies whether Cloud Logging is enabled for kube-apiserver.
events_enabled	bool Identifies whether Cloud Logging is enabled for events.

MasterScalePolicySpec

Field

Description

auto_scale

AutoScale

Includes only one of the fields auto_scale.

AutoScale

Scalable master instance resources.

Field

Description

min_resource_preset_id

string

Required field. Preset of computing resources to be used as lower boundary for scaling.

IPAllocationPolicy

Field	Description
cluster_ipv4_cidr_block	string CIDR block. IP range for allocating pod addresses. It should not overlap with any subnet in the network the Kubernetes cluster located in. Static routes will be set up for this CIDR blocks in node subnets.
node_ipv4_cidr_mask_size	int64 Size of the masks that are assigned for each node in the cluster. If not specified, 24 is used.
service_ipv4_cidr_block	string CIDR block. IP range Kubernetes service Kubernetes cluster IP addresses will be allocated from. It should not overlap with any subnet in the network the Kubernetes cluster located in.
cluster_ipv6_cidr_block	string IPv6 range for allocating pod IP addresses.
service_ipv6_cidr_block	string IPv6 range for allocating Kubernetes service IP addresses

NetworkPolicy

Field

Description

provider

enum Provider

CALICO

KMSProvider

Field

Description

key_id

string

KMS key ID for secrets encryption.
To obtain a KMS key ID use a yandex.cloud.kms.v1.SymmetricKeyService.List request.

Cilium

Field

Description

routing_mode

enum RoutingMode

TUNNEL

WorkloadIdentityFederationSpec

Field

Description

enabled

bool

Identifies whether Workload Identity Federation is enabled.

operation.Operation

{
  "id": "string",
  "description": "string",
  "created_at": "google.protobuf.Timestamp",
  "created_by": "string",
  "modified_at": "google.protobuf.Timestamp",
  "done": "bool",
  "metadata": {
    "cluster_id": "string"
  },
  // Includes only one of the fields `error`, `response`
  "error": "google.rpc.Status",
  "response": {
    "id": "string",
    "folder_id": "string",
    "created_at": "google.protobuf.Timestamp",
    "name": "string",
    "description": "string",
    "labels": "map<string, string>",
    "status": "Status",
    "health": "Health",
    "network_id": "string",
    "master": {
      // Includes only one of the fields `zonal_master`, `regional_master`
      "zonal_master": {
        "zone_id": "string",
        "internal_v4_address": "string",
        "external_v4_address": "string"
      },
      "regional_master": {
        "region_id": "string",
        "internal_v4_address": "string",
        "external_v4_address": "string",
        "external_v6_address": "string"
      },
      // end of the list of possible fields
      "locations": [
        {
          "zone_id": "string",
          "subnet_id": "string"
        }
      ],
      "etcd_cluster_size": "int64",
      "version": "string",
      "endpoints": {
        "internal_v4_endpoint": "string",
        "external_v4_endpoint": "string",
        "external_v6_endpoint": "string"
      },
      "master_auth": {
        "cluster_ca_certificate": "string"
      },
      "version_info": {
        "current_version": "string",
        "new_revision_available": "bool",
        "new_revision_summary": "string",
        "version_deprecated": "bool"
      },
      "maintenance_policy": {
        "auto_upgrade": "bool",
        "maintenance_window": {
          // Includes only one of the fields `anytime`, `daily_maintenance_window`, `weekly_maintenance_window`
          "anytime": "AnytimeMaintenanceWindow",
          "daily_maintenance_window": {
            "start_time": "google.type.TimeOfDay",
            "duration": "google.protobuf.Duration"
          },
          "weekly_maintenance_window": {
            "days_of_week": [
              {
                "days": [
                  "DayOfWeek"
                ],
                "start_time": "google.type.TimeOfDay",
                "duration": "google.protobuf.Duration"
              }
            ]
          }
          // end of the list of possible fields
        }
      },
      "security_group_ids": [
        "string"
      ],
      "master_logging": {
        "enabled": "bool",
        // Includes only one of the fields `log_group_id`, `folder_id`
        "log_group_id": "string",
        "folder_id": "string",
        // end of the list of possible fields
        "audit_enabled": "bool",
        "cluster_autoscaler_enabled": "bool",
        "kube_apiserver_enabled": "bool",
        "events_enabled": "bool"
      },
      "resources": {
        "cores": "int64",
        "core_fraction": "int64",
        "memory": "int64"
      },
      "scale_policy": {
        // Includes only one of the fields `fixed_scale`, `auto_scale`
        "fixed_scale": {
          "resource_preset_id": "string"
        },
        "auto_scale": {
          "min_resource_preset_id": "string"
        }
        // end of the list of possible fields
      }
    },
    "ip_allocation_policy": {
      "cluster_ipv4_cidr_block": "string",
      "node_ipv4_cidr_mask_size": "int64",
      "service_ipv4_cidr_block": "string",
      "cluster_ipv6_cidr_block": "string",
      "service_ipv6_cidr_block": "string"
    },
    // Includes only one of the fields `gateway_ipv4_address`
    "gateway_ipv4_address": "string",
    // end of the list of possible fields
    "service_account_id": "string",
    "node_service_account_id": "string",
    "release_channel": "ReleaseChannel",
    "network_policy": {
      "provider": "Provider"
    },
    "kms_provider": {
      "key_id": "string"
    },
    "log_group_id": "string",
    // Includes only one of the fields `cilium`
    "cilium": {
      "routing_mode": "RoutingMode"
    },
    // end of the list of possible fields
    "scheduled_maintenance": {
      "delayed_until": "google.protobuf.Timestamp",
      "available_from": "google.protobuf.Timestamp",
      "no_later_than": "google.protobuf.Timestamp",
      "description": "string"
    },
    "workload_identity_federation": {
      "enabled": "bool",
      "issuer": "string",
      "jwks_uri": "string"
    }
  }
  // end of the list of possible fields
}

An Operation resource. For more information, see Operation.

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
metadata	CreateClusterMetadata Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
error	google.rpc.Status The error result of the operation in case of failure or cancellation. Includes only one of the fields `error`, `response`. The operation result. If `done == false` and there was no failure detected, neither `error` nor `response` is set. If `done == false` and there was a failure detected, `error` is set. If `done == true`, exactly one of `error` or `response` is set.
response	Cluster The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is the standard Create/Update, the response should be the target resource of the operation. Any method that returns a long-running operation should document the response type, if any. Includes only one of the fields `error`, `response`. The operation result. If `done == false` and there was no failure detected, neither `error` nor `response` is set. If `done == false` and there was a failure detected, `error` is set. If `done == true`, exactly one of `error` or `response` is set.

CreateClusterMetadata

Field

Description

cluster_id

string

ID of the Kubernetes cluster that is being created.

Cluster

A Kubernetes cluster.

Field	Description
id	string ID of the Kubernetes cluster.
folder_id	string ID of the folder that the Kubernetes cluster belongs to.
created_at	google.protobuf.Timestamp Creation timestamp.
name	string Name of the Kubernetes cluster.
description	string Description of the Kubernetes cluster. 0-256 characters long.
labels	object (map<string, string>) Resource labels as `key:value` pairs. Maximum of 64 per resource.
status	enum Status Status of the Kubernetes cluster. `PROVISIONING`: Kubernetes cluster is waiting for resources to be allocated. `RUNNING`: Kubernetes cluster is running. `RECONCILING`: Kubernetes cluster is being reconciled. `STOPPING`: Kubernetes cluster is being stopped. `STOPPED`: Kubernetes cluster stopped. `DELETING`: Kubernetes cluster is being deleted. `STARTING`: Kubernetes cluster is being started.
health	enum Health Health of the Kubernetes cluster. `HEALTHY`: Kubernetes cluster is alive and well. `UNHEALTHY`: Kubernetes cluster is inoperable.
network_id	string ID of the network the Kubernetes cluster belongs to.
master	Master Properties of the master for the Kubernetes cluster.
ip_allocation_policy	IPAllocationPolicy Allocation policy for IP addresses of services and pods inside the Kubernetes cluster in different availability zones.
gateway_ipv4_address	string Gateway IPv4 address. The maximum string length in characters is 15. Includes only one of the fields `gateway_ipv4_address`.
service_account_id	string Service account to be used for provisioning Compute Cloud and VPC resources for Kubernetes cluster.
node_service_account_id	string Service account to be used by the worker nodes of the Kubernetes cluster to access Container Registry or to push node logs and metrics.
release_channel	enum ReleaseChannel When creating a Kubernetes cluster, you should specify one of three release channels. The release channel contains several Kubernetes versions. Channels differ in the set of available versions, the management of auto-updates, and the updates received. You can't change the channel once the Kubernetes cluster is created, you can only recreate the Kubernetes cluster and specify a new release channel. For more details see documentation. `RAPID`: Minor updates with new functions and improvements are often added. You can't disable automatic updates in this channel, but you can specify a time period for automatic updates. `REGULAR`: New functions and improvements are added in chunks shortly after they appear on `RAPID`. `STABLE`: Only updates related to bug fixes or security improvements are added.
network_policy	NetworkPolicy
kms_provider	KMSProvider KMS provider configuration.
log_group_id	string Log group where cluster stores cluster system logs, like audit, events, or controlplane logs.
cilium	Cilium Includes only one of the fields `cilium`.
scheduled_maintenance	ScheduledMaintenance
workload_identity_federation	WorkloadIdentityFederation

Master

Field	Description
zonal_master	ZonalMaster Parameters of the availability zone for the master. Includes only one of the fields `zonal_master`, `regional_master`.
regional_master	RegionalMaster Parameters of the region for the master. Includes only one of the fields `zonal_master`, `regional_master`.
locations[]	Location Locations specification for Kubernetes control-plane (master) instances.
etcd_cluster_size	int64 Number of etcd nodes in cluster.
version	string Version of Kubernetes components that runs on the master.
endpoints	MasterEndpoints Endpoints of the master. Endpoints constitute of scheme and port (i.e. `https://ip-address:port`) and can be used by the clients to communicate with the Kubernetes API of the Kubernetes cluster.
master_auth	MasterAuth Master authentication parameters are used to establish trust between the master and a client.
version_info	VersionInfo Detailed information about the Kubernetes version that is running on the master.
maintenance_policy	MasterMaintenancePolicy Maintenance policy of the master.
security_group_ids[]	string Master security groups.
master_logging	MasterLogging Cloud Logging for master components.
resources	MasterResources Computing resources of each master instance such as the amount of memory and number of cores.
scale_policy	MasterScalePolicy Scale policy of the master.

ZonalMaster

Field	Description
zone_id	string ID of the availability zone where the master resides.
internal_v4_address	string IPv4 internal network address that is assigned to the master.
external_v4_address	string IPv4 external network address that is assigned to the master.

RegionalMaster

Field	Description
region_id	string ID of the region where the master resides.
internal_v4_address	string IPv4 internal network address that is assigned to the master.
external_v4_address	string IPv4 external network address that is assigned to the master.
external_v6_address	string IPv6 external network address that is assigned to the master.

Location

Field

Description

zone_id

string

ID of the availability zone where the master resides.

subnet_id

string

ID of the VPC network's subnet where the master resides.

MasterEndpoints

Field	Description
internal_v4_endpoint	string Internal endpoint that can be used to connect to the master from cloud networks.
external_v4_endpoint	string External endpoint that can be used to access Kubernetes cluster API from the internet (outside of the cloud).
external_v6_endpoint	string External IPv6 endpoint that can be used to access Kubernetes cluster API from the internet (outside of the cloud).

MasterAuth

Field

Description

cluster_ca_certificate

string

PEM-encoded public certificate that is the root of trust for the Kubernetes cluster.

VersionInfo

Field	Description
current_version	string Current Kubernetes version, format: major.minor (e.g. 1.15).
new_revision_available	bool Newer revisions may include Kubernetes patches (e.g 1.15.1 -> 1.15.2) as well as some internal component updates - new features or bug fixes in platform specific components either on the master or nodes.
new_revision_summary	string Description of the changes to be applied when updating to the latest revision. Empty if new_revision_available is false.
version_deprecated	bool The current version is on the deprecation schedule, component (master or node group) should be upgraded.

MasterMaintenancePolicy

Field

Description

auto_upgrade

bool

If set to true, automatic updates are installed in the specified period of time with no interaction from the user.
If set to false, automatic upgrades are disabled.

maintenance_window

MaintenanceWindow

Maintenance window settings. Update will start at the specified time and last no more than the specified duration.
The time is set in UTC.

MaintenanceWindow

Field	Description
anytime	AnytimeMaintenanceWindow Updating the master at any time. Includes only one of the fields `anytime`, `daily_maintenance_window`, `weekly_maintenance_window`. Maintenance policy.
daily_maintenance_window	DailyMaintenanceWindow Updating the master on any day during the specified time window. Includes only one of the fields `anytime`, `daily_maintenance_window`, `weekly_maintenance_window`. Maintenance policy.
weekly_maintenance_window	WeeklyMaintenanceWindow Updating the master on selected days during the specified time window. Includes only one of the fields `anytime`, `daily_maintenance_window`, `weekly_maintenance_window`. Maintenance policy.

AnytimeMaintenanceWindow

Field	Description
Empty

DailyMaintenanceWindow

Field

Description

start_time

google.type.TimeOfDay

Required field. Window start time, in the UTC timezone.

duration

google.protobuf.Duration

Window duration.

WeeklyMaintenanceWindow

Field

Description

days_of_week[]

DaysOfWeekMaintenanceWindow

Days of the week and the maintenance window for these days when automatic updates are allowed.

The number of elements must be in the range 1-7.

DaysOfWeekMaintenanceWindow

Field	Description
days[]	enum DayOfWeek Days of the week when automatic updates are allowed. The number of elements must be in the range 1-7. `MONDAY`: The day-of-week of Monday. `TUESDAY`: The day-of-week of Tuesday. `WEDNESDAY`: The day-of-week of Wednesday. `THURSDAY`: The day-of-week of Thursday. `FRIDAY`: The day-of-week of Friday. `SATURDAY`: The day-of-week of Saturday. `SUNDAY`: The day-of-week of Sunday.
start_time	google.type.TimeOfDay Required field. Window start time, in the UTC timezone.
duration	google.protobuf.Duration Window duration.

MasterLogging

Field	Description
enabled	bool Identifies whether Cloud Logging is enabled for master components.
log_group_id	string ID of the log group where logs of master components should be stored. Value must match the regular expression `([a-zA-Z][-a-zA-Z0-9_.]{0,63})?`. Includes only one of the fields `log_group_id`, `folder_id`. The destination of master components' logs.
folder_id	string ID of the folder where logs should be stored (in default group). Value must match the regular expression `([a-zA-Z][-a-zA-Z0-9_.]{0,63})?`. Includes only one of the fields `log_group_id`, `folder_id`. The destination of master components' logs.
audit_enabled	bool Identifies whether Cloud Logging is enabled for audit logs.
cluster_autoscaler_enabled	bool Identifies whether Cloud Logging is enabled for cluster-autoscaler.
kube_apiserver_enabled	bool Identifies whether Cloud Logging is enabled for kube-apiserver.
events_enabled	bool Identifies whether Cloud Logging is enabled for events.

MasterResources

Field	Description
cores	int64 The number of cores available to each master instance.
core_fraction	int64 Baseline level of CPU performance with the ability to burst performance above that baseline level. This field sets baseline performance for each core.
memory	int64 The amount of memory available to each master instance, specified in bytes.

MasterScalePolicy

Field

Description

fixed_scale

FixedScale

Includes only one of the fields fixed_scale, auto_scale.

auto_scale

AutoScale

Includes only one of the fields fixed_scale, auto_scale.

FixedScale

Fixed master instance resources.

Field

Description

resource_preset_id

string

ID of computing resources preset to be used by master.

AutoScale

Autoscaled master instance resources.

Field

Description

min_resource_preset_id

string

ID of computing resources preset to be used as lower boundary for scaling.

IPAllocationPolicy

Field	Description
cluster_ipv4_cidr_block	string CIDR block. IP range for allocating pod addresses. It should not overlap with any subnet in the network the Kubernetes cluster located in. Static routes will be set up for this CIDR blocks in node subnets.
node_ipv4_cidr_mask_size	int64 Size of the masks that are assigned for each node in the cluster. If not specified, 24 is used.
service_ipv4_cidr_block	string CIDR block. IP range Kubernetes service Kubernetes cluster IP addresses will be allocated from. It should not overlap with any subnet in the network the Kubernetes cluster located in.
cluster_ipv6_cidr_block	string IPv6 range for allocating pod IP addresses.
service_ipv6_cidr_block	string IPv6 range for allocating Kubernetes service IP addresses

NetworkPolicy

Field

Description

provider

enum Provider

CALICO

KMSProvider

Field

Description

key_id

string

KMS key ID for secrets encryption.
To obtain a KMS key ID use a yandex.cloud.kms.v1.SymmetricKeyService.List request.

Cilium

Field

Description

routing_mode

enum RoutingMode

TUNNEL

ScheduledMaintenance

Field	Description
delayed_until	google.protobuf.Timestamp Time until which the update should be postponed.
available_from	google.protobuf.Timestamp Time when the update became available.
no_later_than	google.protobuf.Timestamp The latest possible date by which a mandatory update must be applied.
description	string Description of the planned operation, for example, "Infrastructure planned update".

WorkloadIdentityFederation

WorkloadIdentityFederation contains configuration for workload identity federation.

Field	Description
enabled	bool Identifies whether Workload Identity Federation is enabled.
issuer	string Issuer URI for Kubernetes service account tokens.
jwks_uri	string JSON Web Key Set URI used to verify token signatures.

Managed Services for Kubernetes API, gRPC: ClusterService.Create

gRPC requestgRPC request

CreateClusterRequestCreateClusterRequest

MasterSpecMasterSpec

ZonalMasterSpecZonalMasterSpec

InternalAddressSpecInternalAddressSpec

ExternalAddressSpecExternalAddressSpec

RegionalMasterSpecRegionalMasterSpec

MasterLocationMasterLocation

LocationSpecLocationSpec

MasterMaintenancePolicyMasterMaintenancePolicy

MaintenanceWindowMaintenanceWindow

AnytimeMaintenanceWindowAnytimeMaintenanceWindow

DailyMaintenanceWindowDailyMaintenanceWindow

WeeklyMaintenanceWindowWeeklyMaintenanceWindow

DaysOfWeekMaintenanceWindowDaysOfWeekMaintenanceWindow

MasterLoggingMasterLogging

MasterScalePolicySpecMasterScalePolicySpec

AutoScaleAutoScale

IPAllocationPolicyIPAllocationPolicy

NetworkPolicyNetworkPolicy

KMSProviderKMSProvider

CiliumCilium

WorkloadIdentityFederationSpecWorkloadIdentityFederationSpec

operation.Operationoperation.Operation

CreateClusterMetadataCreateClusterMetadata

ClusterCluster

MasterMaster

ZonalMasterZonalMaster

RegionalMasterRegionalMaster

LocationLocation

MasterEndpointsMasterEndpoints

MasterAuthMasterAuth

VersionInfoVersionInfo

MasterMaintenancePolicyMasterMaintenancePolicy

MaintenanceWindowMaintenanceWindow

AnytimeMaintenanceWindowAnytimeMaintenanceWindow

DailyMaintenanceWindowDailyMaintenanceWindow

WeeklyMaintenanceWindowWeeklyMaintenanceWindow

DaysOfWeekMaintenanceWindowDaysOfWeekMaintenanceWindow

MasterLoggingMasterLogging

MasterResourcesMasterResources

MasterScalePolicyMasterScalePolicy

FixedScaleFixedScale

AutoScaleAutoScale

IPAllocationPolicyIPAllocationPolicy

NetworkPolicyNetworkPolicy

KMSProviderKMSProvider

CiliumCilium

ScheduledMaintenanceScheduledMaintenance

WorkloadIdentityFederationWorkloadIdentityFederation

Was the article helpful?

gRPC request

CreateClusterRequest

MasterSpec

ZonalMasterSpec

InternalAddressSpec

ExternalAddressSpec

RegionalMasterSpec

MasterLocation

LocationSpec

MasterMaintenancePolicy

MaintenanceWindow

AnytimeMaintenanceWindow

DailyMaintenanceWindow

WeeklyMaintenanceWindow

DaysOfWeekMaintenanceWindow

MasterLogging

MasterScalePolicySpec

AutoScale

IPAllocationPolicy

NetworkPolicy

KMSProvider

Cilium

WorkloadIdentityFederationSpec

operation.Operation

CreateClusterMetadata

Cluster

Master

ZonalMaster

RegionalMaster

Location

MasterEndpoints

MasterAuth

VersionInfo

MasterMaintenancePolicy

MaintenanceWindow

AnytimeMaintenanceWindow

DailyMaintenanceWindow

WeeklyMaintenanceWindow

DaysOfWeekMaintenanceWindow

MasterLogging

MasterResources

MasterScalePolicy

FixedScale

AutoScale

IPAllocationPolicy

NetworkPolicy

KMSProvider

Cilium

ScheduledMaintenance

WorkloadIdentityFederation