sdm admin clusters add
Last modified on August 26, 2025
NAME:
sdm admin clusters add - add one or more clusters
USAGE:
sdm admin clusters add command [command options] [arguments...]
COMMANDS:
aks create AKS cluster
aks-service, aksservice create AKS (Service Account) cluster
amazon-eks, amazoneks, eks create Elastic Kubernetes Service cluster
amazon-eks-instance-profile, amazoneksinstanceprofile, eks-instance-profile create Elastic Kubernetes Service (instance profile) cluster
gke create Google Kubernetes Engine cluster
k8s, kubernetes create Kubernetes cluster
k8s-podidentity, k8spodidentity create Kubernetes (Pod Identity) cluster
k8s-service, k8sservice create Kubernetes (Service Account) cluster
OPTIONS:
--file value, -f value load from a JSON file
--stdin, -i load from stdin
--timeout value set time limit for command
--help, -h show help
aks
NAME:
sdm admin clusters add aks - create AKS cluster
USAGE:
sdm admin clusters add aks [command options] <name>
OPTIONS:
--bind-interface value bind interface (default: "127.0.0.1")
--certificate-authority value (secret)
--client-certificate value (secret)
--client-key value (secret)
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default.
--hostname value (required)
--identity-alias-healthcheck-username value (conditional)
--identity-set-id value
--identity-set-name value set the identity set by name
--port value (required) (default: 443)
--port-override value port profile override (default: -1)
--proxy-cluster-id value proxy cluster id
--secret-store-id value secret store id
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command
aks-service
NAME:
sdm admin clusters add aks-service - create AKS (Service Account) cluster
USAGE:
sdm admin clusters add aks-service [command options] <name>
OPTIONS:
--api-token value (required, secret)
--bind-interface value bind interface (default: "127.0.0.1")
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default.
--hostname value (required)
--identity-alias-healthcheck-username value (conditional)
--identity-set-id value
--identity-set-name value set the identity set by name
--port value (required) (default: 443)
--port-override value port profile override (default: -1)
--proxy-cluster-id value proxy cluster id
--secret-store-id value secret store id
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command
amazon-eks
NAME:
sdm admin clusters add amazon-eks - create Elastic Kubernetes Service cluster
USAGE:
sdm admin clusters add amazon-eks [command options] <name>
OPTIONS:
--access-key-id value (required, secret)
--bind-interface value bind interface (default: "127.0.0.1")
--certificate-authority value (secret)
--cluster-name value (required)
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--endpoint value (required)
--healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default.
--identity-alias-healthcheck-username value (conditional)
--identity-set-id value
--identity-set-name value set the identity set by name
--port-override value port profile override (default: -1)
--proxy-cluster-id value proxy cluster id
--region value (required)
--role-arn value (secret)
--role-external-id value (secret)
--secret-access-key value (required, secret)
--secret-store-id value secret store id
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command
amazon-eks-instance-profile
NAME:
sdm admin clusters add amazon-eks-instance-profile - create Elastic Kubernetes Service (instance profile) cluster
USAGE:
sdm admin clusters add amazon-eks-instance-profile [command options] <name>
OPTIONS:
--bind-interface value bind interface (default: "127.0.0.1")
--certificate-authority value (secret)
--cluster-name value (required)
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--endpoint value (required)
--healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default.
--identity-alias-healthcheck-username value (conditional)
--identity-set-id value
--identity-set-name value set the identity set by name
--port-override value port profile override (default: -1)
--proxy-cluster-id value proxy cluster id
--region value (required)
--role-arn value (secret)
--role-external-id value (secret)
--secret-store-id value secret store id
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command
gke
NAME:
sdm admin clusters add gke - create Google Kubernetes Engine cluster
USAGE:
sdm admin clusters add gke [command options] <name>
OPTIONS:
--bind-interface value bind interface (default: "127.0.0.1")
--certificate-authority value (secret)
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--endpoint value (required)
--healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default.
--identity-alias-healthcheck-username value (conditional)
--identity-set-id value
--identity-set-name value set the identity set by name
--port-override value port profile override (default: -1)
--proxy-cluster-id value proxy cluster id
--secret-store-id value secret store id
--service-account-key value (required, secret)
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command
kubernetes
NAME:
sdm admin clusters add k8s - create Kubernetes cluster
USAGE:
sdm admin clusters add k8s [command options] <name>
OPTIONS:
--bind-interface value bind interface (default: "127.0.0.1")
--certificate-authority value (secret)
--client-certificate value (secret)
--client-key value (secret)
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default.
--hostname value (required)
--identity-alias-healthcheck-username value (conditional)
--identity-set-id value
--identity-set-name value set the identity set by name
--port value (required) (default: 443)
--port-override value port profile override (default: -1)
--proxy-cluster-id value proxy cluster id
--secret-store-id value secret store id
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command
k8s-podidentity
NAME:
sdm admin clusters add k8s-podidentity - create Kubernetes (Pod Identity) cluster
USAGE:
sdm admin clusters add k8s-podidentity [command options] <name>
OPTIONS:
--allow-resource-role-bypass (For legacy orgs) allows users to fallback to the existing authentication mode (Leased Credential or Identity Set) when a resource role is not provided.
--bind-interface value IP address on which to listen for connections to this resource on clients. Specify "default", "loopback", or "vnm" to automatically allocate an available address from the corresponding IP range configured in the organization. (default: "default")
--certificate-authority value (required, secret)
--discovery-enabled Enable discovery for the cluster.
--discovery-username value The user to impersonate in the cluster when running discovery. Required if the cluster is configured for identity aliases. (conditional)
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default.
--identity-alias-healthcheck-username value (conditional)
--identity-set-id value
--identity-set-name value set the identity set by name
--port-override value Port on which to listen for connections to this resource on clients. Specify "-1" to automatically allocate an available port. (default: -1)
--proxy-cluster-id value proxy cluster id
--secret-store-id value secret store id
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command
k8s-service
NAME:
sdm admin clusters add k8s-service - create Kubernetes (Service Account) cluster
USAGE:
sdm admin clusters add k8s-service [command options] <name>
OPTIONS:
--api-token value (required, secret)
--bind-interface value bind interface (default: "127.0.0.1")
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--healthcheck-namespace default This path will be used to check the health of your connection. Defaults to default.
--hostname value (required)
--identity-alias-healthcheck-username value (conditional)
--identity-set-id value
--identity-set-name value set the identity set by name
--port value (required) (default: 443)
--port-override value port profile override (default: -1)
--proxy-cluster-id value proxy cluster id
--secret-store-id value secret store id
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command