ServiceAccount
- class aws_cdk.aws_eks_v2_alpha.ServiceAccount(scope, id, *, cluster, annotations=None, identity_type=None, labels=None, name=None, namespace=None)
Bases:
Construct(experimental) Service Account.
- Stability:
experimental
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. import aws_cdk.aws_eks_v2_alpha as eks_v2_alpha # cluster: eks_v2_alpha.Cluster service_account = eks_v2_alpha.ServiceAccount(self, "MyServiceAccount", cluster=cluster, # the properties below are optional annotations={ "annotations_key": "annotations" }, identity_type=eks_v2_alpha.IdentityType.IRSA, labels={ "labels_key": "labels" }, name="name", namespace="namespace" )
- Parameters:
scope (
Construct)id (
str)cluster (
ICluster) – (experimental) The cluster to apply the patch to.annotations (
Optional[Mapping[str,str]]) – (experimental) Additional annotations of the service account. Default: - no additional annotationsidentity_type (
Optional[IdentityType]) – (experimental) The identity type to use for the service account. Default: IdentityType.IRSAlabels (
Optional[Mapping[str,str]]) – (experimental) Additional labels of the service account. Default: - no additional labelsname (
Optional[str]) – (experimental) The name of the service account. The name of a ServiceAccount object must be a valid DNS subdomain name. https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ Default: - If no name is given, it will use the id of the resource.namespace (
Optional[str]) – (experimental) The namespace of the service account. All namespace names must be valid RFC 1123 DNS labels. https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/#namespaces-and-dns Default: “default”
- Stability:
experimental
Methods
- add_to_policy(statement)
(deprecated) Add to the policy of this principal.
- Parameters:
statement (
PolicyStatement)- Deprecated:
use
addToPrincipalPolicy()- Stability:
deprecated
- Return type:
bool
- add_to_principal_policy(statement)
(experimental) Add to the policy of this principal.
- Parameters:
statement (
PolicyStatement)- Stability:
experimental
- Return type:
- to_string()
Returns a string representation of this construct.
- Return type:
str
Attributes
- assume_role_action
(experimental) When this Principal is used in an AssumeRole policy, the action to use.
- Stability:
experimental
- grant_principal
(experimental) The principal to grant permissions to.
- Stability:
experimental
- node
The tree node.
- policy_fragment
(experimental) Return the policy fragment that identifies this principal in a Policy.
- Stability:
experimental
- role
(experimental) The role which is linked to the service account.
- Stability:
experimental
- service_account_name
(experimental) The name of the service account.
- Stability:
experimental
- service_account_namespace
(experimental) The namespace where the service account is located in.
- Stability:
experimental
Static Methods
- classmethod is_construct(x)
Checks if
xis a construct.Use this method instead of
instanceofto properly detectConstructinstances, even when the construct library is symlinked.Explanation: in JavaScript, multiple copies of the
constructslibrary on disk are seen as independent, completely different libraries. As a consequence, the classConstructin each copy of theconstructslibrary is seen as a different class, and an instance of one class will not test asinstanceofthe other class.npm installwill not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of theconstructslibrary can be accidentally installed, andinstanceofwill behave unpredictably. It is safest to avoid usinginstanceof, and using this type-testing method instead.- Parameters:
x (
Any) – Any object.- Return type:
bool- Returns:
true if
xis an object created from a class which extendsConstruct.