class AwsAuth (construct)
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.EKS.AwsAuth |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awseks#AwsAuth |
 Java | software.amazon.awscdk.services.eks.AwsAuth |
 Python | aws_cdk.aws_eks.AwsAuth |
 TypeScript (source) | aws-cdk-lib » aws_eks » AwsAuth |
Implements
IConstruct, IDependable
Manages mapping between IAM users and roles to Kubernetes RBAC configuration.
See also: https://docs.aws.amazon.com/en_us/eks/latest/userguide/add-user-role.html
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_eks as eks } from 'aws-cdk-lib';
declare const cluster: eks.Cluster;
const awsAuth = new eks.AwsAuth(this, 'MyAwsAuth', {
cluster: cluster,
});
Initializer
new AwsAuth(scope: Construct, id: string, props: AwsAuthProps)
Parameters
- scope
Construct - id
string - props
AwsAuth Props
Construct Props
| Name | Type | Description |
|---|---|---|
| cluster | Cluster | The EKS cluster to apply this configuration to. |
cluster
Type:
Cluster
The EKS cluster to apply this configuration to.
[disable-awslint:ref-via-interface]
Properties
| Name | Type | Description |
|---|---|---|
| node | Node | The tree node. |
node
Type:
Node
The tree node.
Methods
| Name | Description |
|---|---|
| add | Additional AWS account to add to the aws-auth configmap. |
| add | Adds the specified IAM role to the system:masters RBAC group, which means that anyone that can assume it will be able to administer this Kubernetes system. |
| add | Adds a mapping between an IAM role to a Kubernetes user and groups. |
| add | Adds a mapping between an IAM user to a Kubernetes user and groups. |
| to | Returns a string representation of this construct. |
| with(...mixins) | Applies one or more mixins to this construct. |
addAccount(accountId)
public addAccount(accountId: string): void
Parameters
- accountId
string— account number.
Additional AWS account to add to the aws-auth configmap.
addMastersRole(role, username?)
public addMastersRole(role: IRole, username?: string): void
Parameters
- role
IRole— The IAM role to add. - username
string— Optional user (defaults to the role ARN).
Adds the specified IAM role to the system:masters RBAC group, which means that anyone that can assume it will be able to administer this Kubernetes system.
addRoleMapping(role, mapping)
public addRoleMapping(role: IRole, mapping: AwsAuthMapping): void
Parameters
- role
IRole— The IAM role to map. - mapping
Aws— Mapping to k8s user name and groups.Auth Mapping
Adds a mapping between an IAM role to a Kubernetes user and groups.
addUserMapping(user, mapping)
public addUserMapping(user: IUser, mapping: AwsAuthMapping): void
Parameters
- user
IUser— The IAM user to map. - mapping
Aws— Mapping to k8s user name and groups.Auth Mapping
Adds a mapping between an IAM user to a Kubernetes user and groups.
toString()
public toString(): string
Returns
string
Returns a string representation of this construct.
with(...mixins)
public with(...mixins: IMixin[]): IConstruct
Parameters
- mixins
IMixin— The mixins to apply.
Returns
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.