ServiceAccount¶
-
class
aws_cdk.aws_eks.ServiceAccount(scope, id, *, cluster, name=None, namespace=None)¶ Bases:
aws_cdk.core.ConstructService Account.
Example:
# cluster is of type Cluster # add service account service_account = cluster.add_service_account("MyServiceAccount") bucket = s3.Bucket(self, "Bucket") bucket.grant_read_write(service_account) mypod = cluster.add_manifest("mypod", { "api_version": "v1", "kind": "Pod", "metadata": {"name": "mypod"}, "spec": { "service_account_name": service_account.service_account_name, "containers": [{ "name": "hello", "image": "paulbouwer/hello-kubernetes:1.5", "ports": [{"container_port": 8080}] } ] } }) # create the resource after the service account. mypod.node.add_dependency(service_account) # print the IAM role arn for this service account CfnOutput(self, "ServiceAccountIamRole", value=service_account.role.role_arn)
- Parameters
Methods
-
add_to_policy(statement)¶ (deprecated) (deprecated) Add to the policy of this principal.
- Parameters
statement (
PolicyStatement) –- Deprecated
use
addToPrincipalPolicy()- Stability
deprecated
- Return type
bool
-
add_to_principal_policy(statement)¶ Add to the policy of this principal.
- Parameters
statement (
PolicyStatement) –- Return type
-
to_string()¶ Returns a string representation of this construct.
- Return type
str
Attributes
-
assume_role_action¶ When this Principal is used in an AssumeRole policy, the action to use.
- Return type
str
-
grant_principal¶ The principal to grant permissions to.
- Return type
-
node¶ The construct tree node associated with this construct.
- Return type
-
policy_fragment¶ Return the policy fragment that identifies this principal in a Policy.
- Return type
-
service_account_name¶ The name of the service account.
- Return type
str
-
service_account_namespace¶ The namespace where the service account is located in.
- Return type
str
Static Methods
-
classmethod
is_construct(x)¶ Return whether the given object is a Construct.
- Parameters
x (
Any) –- Return type
bool