AwsAuth

class aws_cdk.aws_eks_legacy.AwsAuth(scope, id, *, cluster)

Bases: Construct

(deprecated) Manages mapping between IAM users and roles to Kubernetes RBAC configuration.

See:

https://docs.aws.amazon.com/en_us/eks/latest/userguide/add-user-role.html

Stability:

deprecated

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_eks_legacy as eks_legacy

# cluster: eks_legacy.Cluster

aws_auth = eks_legacy.AwsAuth(self, "MyAwsAuth",
    cluster=cluster
)
Parameters:

  • scope (Construct) –

  • id (str) –

  • cluster (Cluster) – (deprecated) The EKS cluster to apply this configuration to. [disable-awslint:ref-via-interface]

Stability:

deprecated

Methods

add_account(account_id)

(deprecated) Additional AWS account to add to the aws-auth configmap.

Parameters:

account_id (str) – account number.

Stability:

deprecated

Return type:

None

add_masters_role(role, username=None)

(deprecated) Adds the specified IAM role to the system:masters RBAC group, which means that anyone that can assume it will be able to administer this Kubernetes system.

Parameters:

  • role (IRole) – The IAM role to add.

  • username (Optional[str]) – Optional user (defaults to the role ARN).

Stability:

deprecated

Return type:

None

add_role_mapping(role, *, groups, username=None)

(deprecated) Adds a mapping between an IAM role to a Kubernetes user and groups.

Parameters:

  • role (IRole) – The IAM role to map.

  • groups (Sequence[str]) – (deprecated) A list of groups within Kubernetes to which the role is mapped.

  • username (Optional[str]) – (deprecated) The user name within Kubernetes to map to the IAM role. Default: - By default, the user name is the ARN of the IAM role.

Stability:

deprecated

Return type:

None

add_user_mapping(user, *, groups, username=None)

(deprecated) Adds a mapping between an IAM user to a Kubernetes user and groups.

Parameters:

  • user (IUser) – The IAM user to map.

  • groups (Sequence[str]) – (deprecated) A list of groups within Kubernetes to which the role is mapped.

  • username (Optional[str]) – (deprecated) The user name within Kubernetes to map to the IAM role. Default: - By default, the user name is the ARN of the IAM role.

Stability:

deprecated

Return type:

None

to_string()

Returns a string representation of this construct.

Return type:

str

Attributes

node

The construct tree node associated with this construct.

Static Methods

classmethod is_construct(x)

Return whether the given object is a Construct.

Parameters:

x (Any) –

Return type:

bool