Class AwsAuth

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.core.Construct
software.amazon.awscdk.services.eks.AwsAuth
All Implemented Interfaces:
IConstruct, IDependable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct

@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:30:46.485Z") @Stability(Stable) public class AwsAuth extends Construct
Manages mapping between IAM users and roles to Kubernetes RBAC configuration.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.eks.*;
 Cluster cluster;
 AwsAuth awsAuth = AwsAuth.Builder.create(this, "MyAwsAuth")
         .cluster(cluster)
         .build();
 

See Also:
  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    static final class 
    A fluent builder for AwsAuth.

    Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

    software.amazon.jsii.JsiiObject.InitializationMode

    Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct

    IConstruct.Jsii$Default, IConstruct.Jsii$Proxy

    Nested classes/interfaces inherited from interface software.constructs.IConstruct

    software.constructs.IConstruct.Jsii$Default, software.constructs.IConstruct.Jsii$Proxy
  • Constructor Summary

    Constructors
    Modifier
    Constructor
    Description
    protected
    AwsAuth(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
     
    protected
    AwsAuth(software.amazon.jsii.JsiiObjectRef objRef)
     
     
    AwsAuth(software.constructs.Construct scope, String id, AwsAuthProps props)
     
  • Method Summary

    Modifier and Type
    Method
    Description
    void
    addAccount(String accountId)
    Additional AWS account to add to the aws-auth configmap.
    void
    Adds the specified IAM role to the system:masters RBAC group, which means that anyone that can assume it will be able to administer this Kubernetes system.
    void
    addMastersRole(IRole role, String username)
    Adds the specified IAM role to the system:masters RBAC group, which means that anyone that can assume it will be able to administer this Kubernetes system.
    void
    Adds a mapping between an IAM role to a Kubernetes user and groups.
    void
    Adds a mapping between an IAM user to a Kubernetes user and groups.

    Methods inherited from class software.amazon.awscdk.core.Construct

    getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate

    Methods inherited from class software.constructs.Construct

    toString

    Methods inherited from class software.amazon.jsii.JsiiObject

    jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    Methods inherited from interface software.amazon.jsii.JsiiSerializable

    $jsii$toJson
  • Constructor Details

    • AwsAuth

      protected AwsAuth(software.amazon.jsii.JsiiObjectRef objRef)
    • AwsAuth

      protected AwsAuth(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
    • AwsAuth

      @Stability(Stable) public AwsAuth(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull AwsAuthProps props)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      props - This parameter is required.
  • Method Details

    • addAccount

      @Stability(Stable) public void addAccount(@NotNull String accountId)
      Additional AWS account to add to the aws-auth configmap.

      Parameters:
      accountId - account number. This parameter is required.
    • addMastersRole

      @Stability(Stable) public void addMastersRole(@NotNull IRole role, @Nullable String username)
      Adds the specified IAM role to the system:masters RBAC group, which means that anyone that can assume it will be able to administer this Kubernetes system.

      Parameters:
      role - The IAM role to add. This parameter is required.
      username - Optional user (defaults to the role ARN).
    • addMastersRole

      @Stability(Stable) public void addMastersRole(@NotNull IRole role)
      Adds the specified IAM role to the system:masters RBAC group, which means that anyone that can assume it will be able to administer this Kubernetes system.

      Parameters:
      role - The IAM role to add. This parameter is required.
    • addRoleMapping

      @Stability(Stable) public void addRoleMapping(@NotNull IRole role, @NotNull AwsAuthMapping mapping)
      Adds a mapping between an IAM role to a Kubernetes user and groups.

      Parameters:
      role - The IAM role to map. This parameter is required.
      mapping - Mapping to k8s user name and groups. This parameter is required.
    • addUserMapping

      @Stability(Stable) public void addUserMapping(@NotNull IUser user, @NotNull AwsAuthMapping mapping)
      Adds a mapping between an IAM user to a Kubernetes user and groups.

      Parameters:
      user - The IAM user to map. This parameter is required.
      mapping - Mapping to k8s user name and groups. This parameter is required.