ServiceAccountOptions

class aws_cdk.aws_eks.ServiceAccountOptions(*, annotations=None, identity_type=None, labels=None, name=None, namespace=None, overwrite_service_account=None, removal_policy=None)

Bases: object

Options for ServiceAccount.

Parameters:

  • annotations (Optional[Mapping[str, str]]) – Additional annotations of the service account. Default: - no additional annotations

  • identity_type (Optional[IdentityType]) – The identity type to use for the service account. Default: IdentityType.IRSA

  • labels (Optional[Mapping[str, str]]) – Additional labels of the service account. Default: - no additional labels

  • name (Optional[str]) – The name of the service account. The name of a ServiceAccount object must be a valid DNS subdomain name. https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ Default: - If no name is given, it will use the id of the resource.

  • namespace (Optional[str]) – The namespace of the service account. All namespace names must be valid RFC 1123 DNS labels. https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/#namespaces-and-dns Default: “default”

  • overwrite_service_account (Optional[bool]) – Overwrite existing service account. If this is set, we will use kubectl apply instead of kubectl create when the service account is created. Otherwise, if there is already a service account in the cluster with the same name, the operation will fail. Default: false

  • removal_policy (Optional[RemovalPolicy]) – The removal policy applied to the service account resources. The removal policy controls what happens to the resources if they stop being managed by CloudFormation. This can happen in one of three situations: - The resource is removed from the template, so CloudFormation stops managing it - A change to the resource is made that requires it to be replaced, so CloudFormation stops managing it - The stack is deleted, so CloudFormation stops managing all resources in it Default: RemovalPolicy.DESTROY

ExampleMetadata:

infused

Example:

# cluster: eks.Cluster

# add service account with annotations and labels
service_account = cluster.add_service_account("MyServiceAccount",
    annotations={
        "eks.amazonaws.com/sts-regional-endpoints": "false"
    },
    labels={
        "some-label": "with-some-value"
    }
)

Attributes

annotations

Additional annotations of the service account.

Default:

  • no additional annotations

identity_type

The identity type to use for the service account.

Default:

IdentityType.IRSA

labels

Additional labels of the service account.

Default:

  • no additional labels

name

The name of the service account.

The name of a ServiceAccount object must be a valid DNS subdomain name. https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

Default:

  • If no name is given, it will use the id of the resource.

namespace

The namespace of the service account.

All namespace names must be valid RFC 1123 DNS labels. https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/#namespaces-and-dns

Default:

“default”

overwrite_service_account

Overwrite existing service account.

If this is set, we will use kubectl apply instead of kubectl create when the service account is created. Otherwise, if there is already a service account in the cluster with the same name, the operation will fail.

Default:

false

removal_policy

The removal policy applied to the service account resources.

The removal policy controls what happens to the resources if they stop being managed by CloudFormation. This can happen in one of three situations:

  • The resource is removed from the template, so CloudFormation stops managing it

  • A change to the resource is made that requires it to be replaced, so CloudFormation stops managing it

  • The stack is deleted, so CloudFormation stops managing all resources in it

Default:

RemovalPolicy.DESTROY