software.amazon.awscdk.services.eks

Class ServiceAccount

java.lang.Object

software.constructs.Construct

software.amazon.awscdk.core.Construct

software.amazon.awscdk.services.eks.ServiceAccount

All Implemented Interfaces:

IConstruct, IDependable, IGrantable, IPrincipal

@Generated(value="jsii-pacmak/1.63.2 (build a8a8833)",
           date="2022-08-09T19:16:43.405Z")
public class ServiceAccount
extends Construct
implements IPrincipal

Service Account.

Example:

 // or create a new one using an existing issuer url
 String issuerUrl;
 // you can import an existing provider
 IOpenIdConnectProvider provider = OpenIdConnectProvider.fromOpenIdConnectProviderArn(this, "Provider", "arn:aws:iam::123456:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/AB123456ABC");
 OpenIdConnectProvider provider2 = OpenIdConnectProvider.Builder.create(this, "Provider")
         .url(issuerUrl)
         .build();
 ICluster cluster = Cluster.fromClusterAttributes(this, "MyCluster", ClusterAttributes.builder()
         .clusterName("Cluster")
         .openIdConnectProvider(provider)
         .kubectlRoleArn("arn:aws:iam::123456:role/service-role/k8sservicerole")
         .build());
 ServiceAccount serviceAccount = cluster.addServiceAccount("MyServiceAccount");
 Bucket bucket = new Bucket(this, "Bucket");
 bucket.grantReadWrite(serviceAccount);
 

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	ServiceAccount.Builder A fluent builder for ServiceAccount.

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IPrincipal

IPrincipal.Jsii$Default, IPrincipal.Jsii$Proxy

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct

IConstruct.Jsii$Default, IConstruct.Jsii$Proxy

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	ServiceAccount(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	ServiceAccount(software.amazon.jsii.JsiiObjectRef objRef)
	ServiceAccount(software.constructs.Construct scope, java.lang.String id, ServiceAccountProps props)

Method Summary

Modifier and Type	Method and Description
java.lang.Boolean	addToPolicy(PolicyStatement statement) Deprecated. use `addToPrincipalPolicy()`
AddToPrincipalPolicyResult	addToPrincipalPolicy(PolicyStatement statement) Add to the policy of this principal.
java.lang.String	getAssumeRoleAction() When this Principal is used in an AssumeRole policy, the action to use.
IPrincipal	getGrantPrincipal() The principal to grant permissions to.
PrincipalPolicyFragment	getPolicyFragment() Return the policy fragment that identifies this principal in a Policy.
IRole	getRole() The role which is linked to the service account.
java.lang.String	getServiceAccountName() The name of the service account.
java.lang.String	getServiceAccountNamespace() The namespace where the service account is located in.

Methods inherited from class software.amazon.awscdk.core.Construct

getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface software.amazon.awscdk.services.iam.IPrincipal

getPrincipalAccount

Constructor Detail

ServiceAccount

protected ServiceAccount(software.amazon.jsii.JsiiObjectRef objRef)

ServiceAccount

protected ServiceAccount(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

ServiceAccount

public ServiceAccount(software.constructs.Construct scope,
                      java.lang.String id,
                      ServiceAccountProps props)

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

Method Detail

addToPolicy

@Deprecated
public java.lang.Boolean addToPolicy(PolicyStatement statement)

Deprecated. use `addToPrincipalPolicy()`

(deprecated) Add to the policy of this principal.

Specified by:

addToPolicy in interface IPrincipal

Parameters:

statement - This parameter is required.

Returns:

true if the statement was added, false if the principal in question does not have a policy document to add the statement to.

addToPrincipalPolicy

public AddToPrincipalPolicyResult addToPrincipalPolicy(PolicyStatement statement)

Add to the policy of this principal.

Specified by:

addToPrincipalPolicy in interface IPrincipal

Parameters:

statement - This parameter is required.

getAssumeRoleAction

public java.lang.String getAssumeRoleAction()

When this Principal is used in an AssumeRole policy, the action to use.

Specified by:

getAssumeRoleAction in interface IPrincipal

getGrantPrincipal

public IPrincipal getGrantPrincipal()

The principal to grant permissions to.

Specified by:

getGrantPrincipal in interface IGrantable

getPolicyFragment

public PrincipalPolicyFragment getPolicyFragment()

Return the policy fragment that identifies this principal in a Policy.

Specified by:

getPolicyFragment in interface IPrincipal

getRole

public IRole getRole()

The role which is linked to the service account.

getServiceAccountName

public java.lang.String getServiceAccountName()

The name of the service account.

getServiceAccountNamespace

public java.lang.String getServiceAccountNamespace()

The namespace where the service account is located in.