Class ServiceAccount
Service Account.
Inherited Members
Namespace: Amazon.CDK.AWS.EKS
Assembly: Amazon.CDK.AWS.EKS.dll
Syntax (csharp)
public class ServiceAccount : Construct, IConstruct, IDependable, IPrincipal, IGrantable
Syntax (vb)
Public Class ServiceAccount
Inherits Construct
Implements IConstruct, IDependable, IPrincipal, IGrantable
Remarks
ExampleMetadata: infused
Examples
// or create a new one using an existing issuer url
string issuerUrl;
// you can import an existing provider
var provider = OpenIdConnectProvider.FromOpenIdConnectProviderArn(this, "Provider", "arn:aws:iam::123456:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/AB123456ABC");
var provider2 = new OpenIdConnectProvider(this, "Provider", new OpenIdConnectProviderProps {
Url = issuerUrl
});
var cluster = Cluster.FromClusterAttributes(this, "MyCluster", new ClusterAttributes {
ClusterName = "Cluster",
OpenIdConnectProvider = provider,
KubectlRoleArn = "arn:aws:iam::123456:role/service-role/k8sservicerole"
});
var serviceAccount = cluster.AddServiceAccount("MyServiceAccount");
var bucket = new Bucket(this, "Bucket");
bucket.GrantReadWrite(serviceAccount);
Synopsis
Constructors
ServiceAccount(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
ServiceAccount(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
ServiceAccount(Construct, String, IServiceAccountProps) |
Properties
AssumeRoleAction | When this Principal is used in an AssumeRole policy, the action to use. |
GrantPrincipal | The principal to grant permissions to. |
PolicyFragment | Return the policy fragment that identifies this principal in a Policy. |
Role | The role which is linked to the service account. |
ServiceAccountName | The name of the service account. |
ServiceAccountNamespace | The namespace where the service account is located in. |
Methods
AddToPolicy(PolicyStatement) | (deprecated) Add to the policy of this principal. |
AddToPrincipalPolicy(PolicyStatement) | Add to the policy of this principal. |
Constructors
ServiceAccount(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected ServiceAccount(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
ServiceAccount(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected ServiceAccount(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
ServiceAccount(Construct, String, IServiceAccountProps)
public ServiceAccount(Construct scope, string id, IServiceAccountProps props)
Parameters
- scope Constructs.Construct
- id System.String
- props IServiceAccountProps
Properties
AssumeRoleAction
When this Principal is used in an AssumeRole policy, the action to use.
public virtual string AssumeRoleAction { get; }
Property Value
System.String
GrantPrincipal
The principal to grant permissions to.
public virtual IPrincipal GrantPrincipal { get; }
Property Value
PolicyFragment
Return the policy fragment that identifies this principal in a Policy.
public virtual PrincipalPolicyFragment PolicyFragment { get; }
Property Value
Role
The role which is linked to the service account.
public virtual IRole Role { get; }
Property Value
ServiceAccountName
The name of the service account.
public virtual string ServiceAccountName { get; }
Property Value
System.String
ServiceAccountNamespace
The namespace where the service account is located in.
public virtual string ServiceAccountNamespace { get; }
Property Value
System.String
Methods
AddToPolicy(PolicyStatement)
(deprecated) Add to the policy of this principal.
public virtual bool AddToPolicy(PolicyStatement statement)
Parameters
- statement PolicyStatement
Returns
System.Boolean
Remarks
Stability: Deprecated
AddToPrincipalPolicy(PolicyStatement)
Add to the policy of this principal.
public virtual IAddToPrincipalPolicyResult AddToPrincipalPolicy(PolicyStatement statement)
Parameters
- statement PolicyStatement
Returns