interface ServiceAccountProps
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.EKS.ServiceAccountProps |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awseks#ServiceAccountProps |
 Java | software.amazon.awscdk.services.eks.ServiceAccountProps |
 Python | aws_cdk.aws_eks.ServiceAccountProps |
 TypeScript (source) | aws-cdk-lib » aws_eks » ServiceAccountProps |
Implements
Service
Properties for defining service accounts.
Example
declare const cluster: eks.Cluster;
new eks.ServiceAccount(this, 'ServiceAccount', {
cluster,
name: 'test-sa',
namespace: 'default',
identityType: eks.IdentityType.POD_IDENTITY,
});
Properties
| Name | Type | Description |
|---|---|---|
| cluster | ICluster | The cluster to apply the patch to. |
| annotations? | { [string]: string } | Additional annotations of the service account. |
| identity | Identity | The identity type to use for the service account. |
| labels? | { [string]: string } | Additional labels of the service account. |
| name? | string | The name of the service account. |
| namespace? | string | The namespace of the service account. |
| overwrite | boolean | Overwrite existing service account. |
| removal | Removal | The removal policy applied to the service account resources. |
cluster
Type:
ICluster
The cluster to apply the patch to.
annotations?
Type:
{ [string]: string }
(optional, default: no additional annotations)
Additional annotations of the service account.
identityType?
Type:
Identity
(optional, default: IdentityType.IRSA)
The identity type to use for the service account.
labels?
Type:
{ [string]: string }
(optional, default: no additional labels)
Additional labels of the service account.
name?
Type:
string
(optional, default: If no name is given, it will use the id of the resource.)
The name of the service account.
The name of a ServiceAccount object must be a valid DNS subdomain name. https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
namespace?
Type:
string
(optional, default: "default")
The namespace of the service account.
All namespace names must be valid RFC 1123 DNS labels. https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/#namespaces-and-dns
overwriteServiceAccount?
Type:
boolean
(optional, default: false)
Overwrite existing service account.
If this is set, we will use kubectl apply instead of kubectl create
when the service account is created. Otherwise, if there is already a service account
in the cluster with the same name, the operation will fail.
removalPolicy?
Type:
Removal
(optional, default: RemovalPolicy.DESTROY)
The removal policy applied to the service account resources.
The removal policy controls what happens to the resources if they stop being managed by CloudFormation. This can happen in one of three situations:
- The resource is removed from the template, so CloudFormation stops managing it
- A change to the resource is made that requires it to be replaced, so CloudFormation stops managing it
- The stack is deleted, so CloudFormation stops managing all resources in it