Skip to main content
POST
/
v1beta1
/
cks
/
clusters
Create cluster
curl --request POST \
  --url https://api.coreweave.com/v1beta1/cks/clusters \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "zone": "<string>",
  "vpcId": "<string>",
  "version": "<string>",
  "network": {
    "podCidrName": "<string>",
    "serviceCidrName": "<string>",
    "internalLbCidrNames": [
      "<string>"
    ]
  },
  "public": true,
  "auditPolicy": "<string>",
  "sharedStorageClusterId": "<string>",
  "disableOidcInfoPublication": true,
  "kubelet": {},
  "additionalServerSans": [
    "<string>"
  ],
  "tailscale": {
    "clientId": "<string>"
  }
}
'
{
  "cluster": {
    "name": "<string>",
    "zone": "<string>",
    "vpcId": "<string>",
    "version": "<string>",
    "network": {
      "podCidrName": "<string>",
      "serviceCidrName": "<string>",
      "internalLbCidrNames": [
        "<string>"
      ],
      "serviceNodePortRange": {
        "start": 123,
        "end": 123
      }
    },
    "id": "<string>",
    "public": true,
    "oidc": {
      "issuerUrl": "<string>",
      "clientId": "<string>",
      "usernameClaim": "<string>",
      "usernamePrefix": "<string>",
      "groupsClaim": "<string>",
      "groupsPrefix": "<string>",
      "ca": "<string>",
      "requiredClaim": "<string>",
      "adminGroupBinding": "<string>",
      "signingAlgorithms": [
        "<string>"
      ]
    },
    "authzWebhook": {
      "server": "<string>",
      "ca": "<string>"
    },
    "authnWebhook": {
      "server": "<string>",
      "ca": "<string>"
    },
    "auditPolicy": "<string>",
    "apiServerEndpoint": "<string>",
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z",
    "isUpgradeable": true,
    "disableOidcInfoPublication": true,
    "kubelet": {},
    "additionalServerSans": [
      "<string>"
    ],
    "tailscale": {
      "clientId": "<string>",
      "tailnetDomain": "<string>"
    },
    "status": "<string>"
  }
}
Supply the cluster configuration as a JSON object in the request body. Create the VPC first and supply its ID in vpcId. The cluster id is assigned by the server and returned in the response — do not set it on the request. The following fields are required:
  • name
  • zone
  • vpcId
  • version
  • network.podCidrName
  • network.serviceCidrName
  • network.internalLbCidrNames
Example request
curl -X POST https://api.coreweave.com/v1beta1/cks/clusters \
       -H "Content-Type: application/json" \
       -H "Authorization: Bearer {API_ACCESS_TOKEN}" \
       -d @data.json

Optional advanced configuration

  • oidc: configure an OpenID Connect provider for authentication to the api-server.
  • authzWebhook / authnWebhook: configure authorization and authentication webhook servers for the api-server.
  • auditPolicy: a base64-encoded JSON or YAML audit policy.
  • kubelet: a JSON object of selective overrides applied to every cluster Node’s kubelet configuration. A Node reboot is required for changes to take effect. Unknown options are stored but ignored. See the Kubernetes kubelet configuration reference for supported options.
  • additionalServerSans: up to 10 additional Subject Alternative Names to include on the Kubernetes API server certificate.
  • tailscale: Tailscale configuration for the cluster.
  • sharedStorageClusterId: the cluster ID (not name) of an existing CKS cluster whose shared storage this cluster should join.
  • disableOidcInfoPublication: when true, suppresses publication of /.well-known/openid-configuration and /openid/v1/jwks to oidc.cks.coreweave.com/id/[CLUSTER-ID], so the cluster cannot be used as a public OIDC provider.

Authorizations

Authorization
string
header
default:Bearer {API_ACCESS_TOKEN}
required

CoreWeave API access token sent as a bearer token.

Body

application/json
name
string
required

The name of the cluster. Must be 1–30 characters and match the regex ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ (lowercase alphanumeric and hyphens; cannot start or end with a hyphen).

zone
string
required

The Availability Zone in which the cluster is located.

vpcId
string
required

The ID of the VPC in which the cluster is located. The VPC must be in the same Availability Zone as the cluster.

version
string
required

The version of Kubernetes to run on the cluster, in minor version format (for example, v1.32). Patch versions are applied automatically by CKS as they are released.

network
object
required

The Kubernetes overlay network configuration for the cluster.

public
boolean

Whether the cluster's api-server is publicly accessible from the Internet.

oidc
object

OpenID Connect (OIDC) configuration for authentication to the api-server.

authzWebhook
object

Authorization webhook configuration for the cluster.

authnWebhook
object

Authentication webhook configuration for the cluster.

auditPolicy
string

Audit policy for the cluster. Must be provided as a base64-encoded JSON or YAML string.

sharedStorageClusterId
string

The cluster ID (not name) of an existing CKS cluster whose shared storage this cluster should join. Set at create time only; this field is not present on UpdateClusterRequest, so it cannot be changed after the cluster is created.

disableOidcInfoPublication
boolean

When true, suppresses publication of the /.well-known/openid-configuration and /openid/v1/jwks endpoints to oidc.cks.coreweave.com/id/[CLUSTER-ID], so the cluster cannot be used as a public OIDC provider. Publishing these endpoints exposes the cluster's OIDC configuration and JWKS to the public Internet.

kubelet
object

A JSON object of selective overrides applied to every cluster Node's kubelet configuration. A Node reboot is required for changes to take effect. Unknown options are stored but ignored. See the Kubernetes kubelet configuration reference for supported options.

additionalServerSans
string[]

Up to 10 additional Subject Alternative Names to include on the Kubernetes API server certificate. Each entry must be unique.

tailscale
object

Tailscale configuration for the cluster.

Response

OK

cluster
object

The cluster.

Last modified on June 15, 2026