Class AwsAuth
Manages mapping between IAM users and roles to Kubernetes RBAC configuration.
Inheritance
Namespace: Amazon.CDK.AWS.EKS
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class AwsAuth : Construct
Syntax (vb)
Public Class AwsAuth
Inherits Construct
Remarks
See: https://docs.aws.amazon.com/en_us/eks/latest/userguide/add-user-role.html
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.EKS;
Cluster cluster;
var awsAuth = new AwsAuth(this, "MyAwsAuth", new AwsAuthProps {
Cluster = cluster
});
Synopsis
Constructors
AwsAuth(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
AwsAuth(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
AwsAuth(Construct, String, IAwsAuthProps) |
Methods
AddAccount(String) | Additional AWS account to add to the aws-auth configmap. |
AddMastersRole(IRole, String) | Adds the specified IAM role to the |
AddRoleMapping(IRole, IAwsAuthMapping) | Adds a mapping between an IAM role to a Kubernetes user and groups. |
AddUserMapping(IUser, IAwsAuthMapping) | Adds a mapping between an IAM user to a Kubernetes user and groups. |
Constructors
AwsAuth(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected AwsAuth(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
AwsAuth(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected AwsAuth(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
AwsAuth(Construct, String, IAwsAuthProps)
public AwsAuth(Construct scope, string id, IAwsAuthProps props)
Parameters
- scope Constructs.Construct
- id System.String
- props IAwsAuthProps
Methods
AddAccount(String)
Additional AWS account to add to the aws-auth configmap.
public virtual void AddAccount(string accountId)
Parameters
- accountId System.String
account number.
AddMastersRole(IRole, String)
Adds the specified IAM role to the system:masters
RBAC group, which means that anyone that can assume it will be able to administer this Kubernetes system.
public virtual void AddMastersRole(IRole role, string username = null)
Parameters
- role IRole
The IAM role to add.
- username System.String
Optional user (defaults to the role ARN).
AddRoleMapping(IRole, IAwsAuthMapping)
Adds a mapping between an IAM role to a Kubernetes user and groups.
public virtual void AddRoleMapping(IRole role, IAwsAuthMapping mapping)
Parameters
- role IRole
The IAM role to map.
- mapping IAwsAuthMapping
Mapping to k8s user name and groups.
AddUserMapping(IUser, IAwsAuthMapping)
Adds a mapping between an IAM user to a Kubernetes user and groups.
public virtual void AddUserMapping(IUser user, IAwsAuthMapping mapping)
Parameters
- user IUser
The IAM user to map.
- mapping IAwsAuthMapping
Mapping to k8s user name and groups.