ServiceAccountOptions

class aws_cdk.aws_eks.ServiceAccountOptions(*, annotations=None, identity_type=None, labels=None, name=None, namespace=None, overwrite_service_account=None)

Bases: object

Options for ServiceAccount.

Parameters:

  • annotations (Optional[Mapping[str, str]]) – Additional annotations of the service account. Default: - no additional annotations

  • identity_type (Optional[IdentityType]) – The identity type to use for the service account. Default: IdentityType.IRSA

  • labels (Optional[Mapping[str, str]]) – Additional labels of the service account. Default: - no additional labels

  • name (Optional[str]) – The name of the service account. The name of a ServiceAccount object must be a valid DNS subdomain name. https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ Default: - If no name is given, it will use the id of the resource.

  • namespace (Optional[str]) – The namespace of the service account. All namespace names must be valid RFC 1123 DNS labels. https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/#namespaces-and-dns Default: “default”

  • overwrite_service_account (Optional[bool]) – Overwrite existing service account. If this is set, we will use kubectl apply instead of kubectl create when the service account is created. Otherwise, if there is already a service account in the cluster with the same name, the operation will fail. Default: false

ExampleMetadata:

infused

Example:

# cluster: eks.Cluster

# add service account with annotations and labels
service_account = cluster.add_service_account("MyServiceAccount",
    annotations={
        "eks.amazonaws.com/sts-regional-endpoints": "false"
    },
    labels={
        "some-label": "with-some-value"
    }
)

Attributes

annotations

Additional annotations of the service account.

Default:

  • no additional annotations

identity_type

The identity type to use for the service account.

Default:

IdentityType.IRSA

labels

Additional labels of the service account.

Default:

  • no additional labels

name

The name of the service account.

The name of a ServiceAccount object must be a valid DNS subdomain name. https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

Default:

  • If no name is given, it will use the id of the resource.

namespace

The namespace of the service account.

All namespace names must be valid RFC 1123 DNS labels. https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/#namespaces-and-dns

Default:

“default”

overwrite_service_account

Overwrite existing service account.

If this is set, we will use kubectl apply instead of kubectl create when the service account is created. Otherwise, if there is already a service account in the cluster with the same name, the operation will fail.

Default:

false