# sdm admin clusters add ```shell NAME: sdm admin clusters add - add one or more clusters USAGE: sdm admin clusters add command [command options] [arguments...] COMMANDS: aks create AKS cluster aks-service, aksservice create AKS (Service Account) cluster amazon-eks, amazoneks, eks create Elastic Kubernetes Service cluster amazon-eks-instance-profile, amazoneksinstanceprofile, eks-instance-profile create Elastic Kubernetes Service (instance profile) cluster gke create Google Kubernetes Engine cluster k8s, kubernetes create Kubernetes cluster k8s-podidentity, k8spodidentity create Kubernetes (Pod Identity) cluster k8s-service, k8sservice create Kubernetes (Service Account) cluster OPTIONS: --file value, -f value load from a JSON file --stdin, -i load from stdin --timeout value set time limit for command --help, -h show help ``` #### aks ```shell NAME: sdm admin clusters add aks - create AKS cluster USAGE: sdm admin clusters add aks [command options] OPTIONS: --bind-interface value bind interface (default: "127.0.0.1") --certificate-authority value (secret) --client-certificate value (secret) --client-key value (secret) --egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...' --healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default. --hostname value (required) --identity-alias-healthcheck-username value (conditional) --identity-set-id value --identity-set-name value set the identity set by name --port value (required) (default: 443) --port-override value port profile override (default: -1) --proxy-cluster-id value proxy cluster id --secret-store-id value secret store id --subdomain value, --bind-subdomain value DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.."). Only applicable to HTTP-based resources or resources using virtual networking mode. --tags value tags e.g. 'key=value,...' --template, -t display a JSON template --timeout value set time limit for command ``` #### aks-service ```shell NAME: sdm admin clusters add aks-service - create AKS (Service Account) cluster USAGE: sdm admin clusters add aks-service [command options] OPTIONS: --api-token value (required, secret) --bind-interface value bind interface (default: "127.0.0.1") --egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...' --healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default. --hostname value (required) --identity-alias-healthcheck-username value (conditional) --identity-set-id value --identity-set-name value set the identity set by name --port value (required) (default: 443) --port-override value port profile override (default: -1) --proxy-cluster-id value proxy cluster id --secret-store-id value secret store id --subdomain value, --bind-subdomain value DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.."). Only applicable to HTTP-based resources or resources using virtual networking mode. --tags value tags e.g. 'key=value,...' --template, -t display a JSON template --timeout value set time limit for command ``` #### amazon-eks ```shell NAME: sdm admin clusters add amazon-eks - create Elastic Kubernetes Service cluster USAGE: sdm admin clusters add amazon-eks [command options] OPTIONS: --access-key-id value (required, secret) --bind-interface value bind interface (default: "127.0.0.1") --certificate-authority value (secret) --cluster-name value (required) --egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...' --endpoint value (required) --healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default. --identity-alias-healthcheck-username value (conditional) --identity-set-id value --identity-set-name value set the identity set by name --port-override value port profile override (default: -1) --proxy-cluster-id value proxy cluster id --region value (required) --role-arn value (secret) --role-external-id value (secret) --secret-access-key value (required, secret) --secret-store-id value secret store id --subdomain value, --bind-subdomain value DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.."). Only applicable to HTTP-based resources or resources using virtual networking mode. --tags value tags e.g. 'key=value,...' --template, -t display a JSON template --timeout value set time limit for command ``` #### amazon-eks-instance-profile ```shell NAME: sdm admin clusters add amazon-eks-instance-profile - create Elastic Kubernetes Service (instance profile) cluster USAGE: sdm admin clusters add amazon-eks-instance-profile [command options] OPTIONS: --bind-interface value bind interface (default: "127.0.0.1") --certificate-authority value (secret) --cluster-name value (required) --egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...' --endpoint value (required) --healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default. --identity-alias-healthcheck-username value (conditional) --identity-set-id value --identity-set-name value set the identity set by name --port-override value port profile override (default: -1) --proxy-cluster-id value proxy cluster id --region value (required) --role-arn value (secret) --role-external-id value (secret) --secret-store-id value secret store id --subdomain value, --bind-subdomain value DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.."). Only applicable to HTTP-based resources or resources using virtual networking mode. --tags value tags e.g. 'key=value,...' --template, -t display a JSON template --timeout value set time limit for command ``` #### gke ```shell NAME: sdm admin clusters add gke - create Google Kubernetes Engine cluster USAGE: sdm admin clusters add gke [command options] OPTIONS: --bind-interface value bind interface (default: "127.0.0.1") --certificate-authority value (secret) --egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...' --endpoint value (required) --healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default. --identity-alias-healthcheck-username value (conditional) --identity-set-id value --identity-set-name value set the identity set by name --port-override value port profile override (default: -1) --proxy-cluster-id value proxy cluster id --secret-store-id value secret store id --service-account-key value (required, secret) --subdomain value, --bind-subdomain value DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.."). Only applicable to HTTP-based resources or resources using virtual networking mode. --tags value tags e.g. 'key=value,...' --template, -t display a JSON template --timeout value set time limit for command ``` #### kubernetes ```shell NAME: sdm admin clusters add k8s - create Kubernetes cluster USAGE: sdm admin clusters add k8s [command options] OPTIONS: --bind-interface value bind interface (default: "127.0.0.1") --certificate-authority value (secret) --client-certificate value (secret) --client-key value (secret) --egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...' --healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default. --hostname value (required) --identity-alias-healthcheck-username value (conditional) --identity-set-id value --identity-set-name value set the identity set by name --port value (required) (default: 443) --port-override value port profile override (default: -1) --proxy-cluster-id value proxy cluster id --secret-store-id value secret store id --subdomain value, --bind-subdomain value DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.."). Only applicable to HTTP-based resources or resources using virtual networking mode. --tags value tags e.g. 'key=value,...' --template, -t display a JSON template --timeout value set time limit for command ``` #### k8s-podidentity ```shell NAME: sdm admin clusters add k8s-podidentity - create Kubernetes (Pod Identity) cluster USAGE: sdm admin clusters add k8s-podidentity [command options] OPTIONS: --allow-resource-role-bypass (For legacy orgs) allows users to fallback to the existing authentication mode (Leased Credential or Identity Set) when a resource role is not provided. --bind-interface value IP address on which to listen for connections to this resource on clients. Specify "default", "loopback", or "vnm" to automatically allocate an available address from the corresponding IP range configured in the organization. (default: "default") --certificate-authority value (required, secret) --discovery-enabled Enable discovery for the cluster. --discovery-username value The user to impersonate in the cluster when running discovery. Required if the cluster is configured for identity aliases. (conditional) --egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...' --healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default. --identity-alias-healthcheck-username value (conditional) --identity-set-id value --identity-set-name value set the identity set by name --port-override value Port on which to listen for connections to this resource on clients. Specify "-1" to automatically allocate an available port. (default: -1) --proxy-cluster-id value proxy cluster id --secret-store-id value secret store id --subdomain value, --bind-subdomain value DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.."). Only applicable to HTTP-based resources or resources using virtual networking mode. --tags value tags e.g. 'key=value,...' --template, -t display a JSON template --timeout value set time limit for command ``` #### k8s-service ```shell NAME: sdm admin clusters add k8s-service - create Kubernetes (Service Account) cluster USAGE: sdm admin clusters add k8s-service [command options] OPTIONS: --api-token value (required, secret) --bind-interface value bind interface (default: "127.0.0.1") --egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...' --healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default. --hostname value (required) --identity-alias-healthcheck-username value (conditional) --identity-set-id value --identity-set-name value set the identity set by name --port value (required) (default: 443) --port-override value port profile override (default: -1) --proxy-cluster-id value proxy cluster id --secret-store-id value secret store id --subdomain value, --bind-subdomain value DNS subdomain through which this resource may be accessed on clients (e.g. "app-prod" allows the resource to be accessed as "app-prod.."). Only applicable to HTTP-based resources or resources using virtual networking mode. --tags value tags e.g. 'key=value,...' --template, -t display a JSON template --timeout value set time limit for command ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.strongdm.com/references/cli/admin/clusters/add.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.