This template creates an Amazon EKS managed node group for a specified cluster. The node group is named 'standard' and is created in the 'prod' cluster. The node group is associated with the IAM role 'eksInstanceRole'. It has a scaling configuration with a minimum size of 3, desired size of 5, and maximum size of 7. The node group has labels 'Key1: Value1' and 'Key2: Value2'. It is deployed in the subnets 'subnet-6782e71e' and 'subnet-e7e761ac'.

This template creates an identity provider configuration and associates it with a cluster. The template includes the necessary properties such as the cluster name, type of identity provider (OIDC), and the OIDC specific properties like client ID and issuer URL.

This template creates an AWS Fargate profile for an Amazon EKS cluster. The Fargate profile is created with a specified name, associated with a cluster, and configured with a pod execution role, subnets, and selectors. The Fargate profile allows pods to be deployed to a specific namespace with a label key-value pair assigned to them.

This template creates an Amazon EKS cluster with the specified properties. The cluster is named 'Prod' and has a version of '1.20'. It uses the specified IAM role for the control plane and is configured with the provided VPC resources. The cluster has logging enabled for API and audit events. It also includes a tag with key 'key' and value 'val'.

A config rule that checks whether Amazon Elastic Kubernetes Service (Amazon EKS) endpoint is not publicly accessible. The rule is NON_COMPLIANT if the endpoint is publicly accessible.

A config rule that checks whether Amazon Elastic Kubernetes Service clusters are configured to have Kubernetes secrets encrypted using AWS Key Management Service (KMS) keys.

A Config rule that checks if an Amazon Elastic Kubernetes Service (EKS) cluster is running the oldest supported version. The rule is NON_COMPLIANT if an EKS cluster is running oldest supported version (equal to the parameter oldestVersionSupported).

A Config rule that checks if an Amazon Elastic Kubernetes Service (EKS) cluster is running a supported Kubernetes version. This rule is NON_COMPLIANT if an EKS cluster is running an unsupported version (less than the parameter oldestVersionSupported).

Checks if an Amazon Elastic Kubernetes Service (Amazon EKS) cluster is configured with logging enabled. The rule is NON_COMPLIANT if logging for Amazon EKS clusters is not enabled for all log types.