CfnAccessEntryPropsMixin
- class aws_cdk.mixins_preview.aws_eks.mixins.CfnAccessEntryPropsMixin(props, *, strategy=None)
Bases:
MixinCreates an access entry.
An access entry allows an IAM principal to access your cluster. Access entries can replace the need to maintain entries in the
aws-authConfigMapfor authentication. You have the following options for authorizing an IAM principal to access Kubernetes objects on your cluster: Kubernetes role-based access control (RBAC), Amazon EKS, or both. Kubernetes RBAC authorization requires you to create and manage KubernetesRole,ClusterRole,RoleBinding, andClusterRoleBindingobjects, in addition to managing access entries. If you use Amazon EKS authorization exclusively, you don’t need to create and manage KubernetesRole,ClusterRole,RoleBinding, andClusterRoleBindingobjects.For more information about access entries, see Access entries in the Amazon EKS User Guide .
- See:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-accessentry.html
- CloudformationResource:
AWS::EKS::AccessEntry
- Mixin:
true
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview import mixins from aws_cdk.mixins_preview.aws_eks import mixins as eks_mixins cfn_access_entry_props_mixin = eks_mixins.CfnAccessEntryPropsMixin(eks_mixins.CfnAccessEntryMixinProps( access_policies=[eks_mixins.CfnAccessEntryPropsMixin.AccessPolicyProperty( access_scope=eks_mixins.CfnAccessEntryPropsMixin.AccessScopeProperty( namespaces=["namespaces"], type="type" ), policy_arn="policyArn" )], cluster_name="clusterName", kubernetes_groups=["kubernetesGroups"], principal_arn="principalArn", tags=[CfnTag( key="key", value="value" )], type="type", username="username" ), strategy=mixins.PropertyMergeStrategy.OVERRIDE )
Create a mixin to apply properties to
AWS::EKS::AccessEntry.- Parameters:
props (
Union[CfnAccessEntryMixinProps,Dict[str,Any]]) – L1 properties to apply.strategy (
Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE
Methods
- apply_to(construct)
Apply the mixin properties to the construct.
- Parameters:
construct (
IConstruct)- Return type:
- supports(construct)
Check if this mixin supports the given construct.
- Parameters:
construct (
IConstruct)- Return type:
bool
Attributes
- CFN_PROPERTY_KEYS = ['accessPolicies', 'clusterName', 'kubernetesGroups', 'principalArn', 'tags', 'type', 'username']
Static Methods
- classmethod is_mixin(x)
(experimental) Checks if
xis a Mixin.- Parameters:
x (
Any) – Any object.- Return type:
bool- Returns:
true if
xis an object created from a class which extendsMixin.- Stability:
experimental
AccessPolicyProperty
- class CfnAccessEntryPropsMixin.AccessPolicyProperty(*, access_scope=None, policy_arn=None)
Bases:
objectAn access policy includes permissions that allow Amazon EKS to authorize an IAM principal to work with Kubernetes objects on your cluster.
The policies are managed by Amazon EKS, but they’re not IAM policies. You can’t view the permissions in the policies using the API. The permissions for many of the policies are similar to the Kubernetes
cluster-admin,admin,edit, andviewcluster roles. For more information about these cluster roles, see User-facing roles in the Kubernetes documentation. To view the contents of the policies, see Access policy permissions in the Amazon EKS User Guide .- Parameters:
access_scope (
Union[IResolvable,AccessScopeProperty,Dict[str,Any],None]) – The scope of anAccessPolicythat’s associated to anAccessEntry.policy_arn (
Optional[str]) – The ARN of the access policy.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_eks import mixins as eks_mixins access_policy_property = eks_mixins.CfnAccessEntryPropsMixin.AccessPolicyProperty( access_scope=eks_mixins.CfnAccessEntryPropsMixin.AccessScopeProperty( namespaces=["namespaces"], type="type" ), policy_arn="policyArn" )
Attributes
- access_scope
The scope of an
AccessPolicythat’s associated to anAccessEntry.
- policy_arn
The ARN of the access policy.
AccessScopeProperty
- class CfnAccessEntryPropsMixin.AccessScopeProperty(*, namespaces=None, type=None)
Bases:
objectThe scope of an
AccessPolicythat’s associated to anAccessEntry.- Parameters:
namespaces (
Optional[Sequence[str]]) – A Kubernetesnamespacethat an access policy is scoped to. A value is required if you specifiednamespaceforType.type (
Optional[str]) – The scope type of an access policy.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_eks import mixins as eks_mixins access_scope_property = eks_mixins.CfnAccessEntryPropsMixin.AccessScopeProperty( namespaces=["namespaces"], type="type" )
Attributes
- namespaces
A Kubernetes
namespacethat an access policy is scoped to.A value is required if you specified
namespaceforType.
- type
The scope type of an access policy.