Package software.amazon.awscdk.services.eks

Enum IdentityType

java.lang.Object

java.lang.Enum<IdentityType>

software.amazon.awscdk.services.eks.IdentityType

All Implemented Interfaces:

Serializable, Comparable<IdentityType>, java.lang.constant.Constable

@Generated(value="jsii-pacmak/1.102.0 (build e354887)",
           date="2024-09-10T01:10:09.198Z")
@Stability(Stable)
public enum IdentityType
extends Enum<IdentityType>

Enum representing the different identity types that can be used for a Kubernetes service account.

Example:

 Cluster cluster;
 ServiceAccount.Builder.create(this, "ServiceAccount")
         .cluster(cluster)
         .name("test-sa")
         .namespace("default")
         .identityType(IdentityType.POD_IDENTITY)
         .build();
 

Nested Class Summary

Nested classes/interfaces inherited from class java.lang.Enum

Enum.EnumDesc<E extends Enum<E>>

Enum Constant Summary

Enum Constants

Enum Constant	Description
IRSA	Use the IAM Roles for Service Accounts (IRSA) identity type.
POD_IDENTITY	Use the EKS Pod Identities identity type.

Method Summary

Modifier and Type	Method	Description
static IdentityType	valueOf(String name)	Returns the enum constant of this type with the specified name.
static IdentityType[]	values()	Returns an array containing the constants of this enum type, in the order they are declared.

Methods inherited from class java.lang.Enum

clone, compareTo, describeConstable, equals, finalize, getDeclaringClass, hashCode, name, ordinal, toString, valueOf

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Enum Constant Details

IRSA

@Stability(Stable)
public static final IdentityType IRSA

Use the IAM Roles for Service Accounts (IRSA) identity type.

IRSA allows you to associate an IAM role with a Kubernetes service account. This provides a way to grant permissions to Kubernetes pods by associating an IAM role with a Kubernetes service account. The IAM role can then be used to provide AWS credentials to the pods, allowing them to access other AWS resources.

When enabled, the openIdConnectProvider of the cluster would be created when you create the ServiceAccount.

See Also:

• https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html

POD_IDENTITY

@Stability(Stable)
public static final IdentityType POD_IDENTITY

Use the EKS Pod Identities identity type.

EKS Pod Identities provide the ability to manage credentials for your applications, similar to the way that Amazon EC2 instance profiles provide credentials to Amazon EC2 instances. Instead of creating and distributing your AWS credentials to the containers or using the Amazon EC2 instance's role, you associate an IAM role with a Kubernetes service account and configure your Pods to use the service account.

When enabled, the Pod Identity Agent AddOn of the cluster would be created when you create the ServiceAccount.

See Also:

• https://docs.aws.amazon.com/eks/latest/userguide/pod-identities.html

Method Details

values

public static IdentityType[] values()

Returns an array containing the constants of this enum type, in the order they are declared.

Returns:

an array containing the constants of this enum type, in the order they are declared

valueOf

public static IdentityType valueOf(String name)

Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)

Parameters:

name - the name of the enum constant to be returned.

Returns:

the enum constant with the specified name

Throws:

IllegalArgumentException - if this enum type has no constant with the specified name

NullPointerException - if the argument is null