CfnCapabilityPropsMixin

class aws_cdk.mixins_preview.aws_eks.mixins.CfnCapabilityPropsMixin(props, *, strategy=None)

Bases: Mixin

Resource Type definition for EKS Capability.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-capability.html
CloudformationResource:: AWS::EKS::Capability
Mixin:: true
ExampleMetadata:: fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview import mixins
from aws_cdk.mixins_preview.aws_eks import mixins as eks_mixins

cfn_capability_props_mixin = eks_mixins.CfnCapabilityPropsMixin(eks_mixins.CfnCapabilityMixinProps(
    capability_name="capabilityName",
    cluster_name="clusterName",
    configuration=eks_mixins.CfnCapabilityPropsMixin.CapabilityConfigurationProperty(
        argo_cd=eks_mixins.CfnCapabilityPropsMixin.ArgoCdProperty(
            aws_idc=eks_mixins.CfnCapabilityPropsMixin.AwsIdcProperty(
                idc_instance_arn="idcInstanceArn",
                idc_managed_application_arn="idcManagedApplicationArn",
                idc_region="idcRegion"
            ),
            namespace="namespace",
            network_access=eks_mixins.CfnCapabilityPropsMixin.NetworkAccessProperty(
                vpce_ids=["vpceIds"]
            ),
            rbac_role_mappings=[eks_mixins.CfnCapabilityPropsMixin.ArgoCdRoleMappingProperty(
                identities=[eks_mixins.CfnCapabilityPropsMixin.SsoIdentityProperty(
                    id="id",
                    type="type"
                )],
                role="role"
            )],
            server_url="serverUrl"
        )
    ),
    delete_propagation_policy="deletePropagationPolicy",
    role_arn="roleArn",
    tags=[CfnTag(
        key="key",
        value="value"
    )],
    type="type"
),
    strategy=mixins.PropertyMergeStrategy.OVERRIDE
)

Create a mixin to apply properties to AWS::EKS::Capability.

Parameters:

props (Union[CfnCapabilityMixinProps, Dict[str, Any]]) – L1 properties to apply.
strategy (Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE

Methods

apply_to(construct)

Apply the mixin properties to the construct.

Parameters:: construct (IConstruct)
Return type:: IConstruct

supports(construct)

Check if this mixin supports the given construct.

Parameters:: construct (IConstruct)
Return type:: bool

Attributes

CFN_PROPERTY_KEYS = ['capabilityName', 'clusterName', 'configuration', 'deletePropagationPolicy', 'roleArn', 'tags', 'type']

Static Methods

classmethod is_mixin(x)

(experimental) Checks if x is a Mixin.

Parameters:: x (Any) – Any object.
Return type:: bool
Returns:: true if x is an object created from a class which extends Mixin.
Stability:: experimental

ArgoCdProperty

class CfnCapabilityPropsMixin.ArgoCdProperty(*, aws_idc=None, namespace=None, network_access=None, rbac_role_mappings=None, server_url=None)

Bases: object

Configuration settings for an Argo CD capability.

This includes the Kubernetes namespace, IAM Identity Center integration, RBAC role mappings, and network access configuration.

Parameters:

aws_idc (Union[IResolvable, AwsIdcProperty, Dict[str, Any], None]) – Configuration for integrating Argo CD with IAM Identity Center. This allows you to use your organization’s identity provider for authentication to Argo CD.
namespace (Optional[str]) – The Kubernetes namespace where Argo CD resources will be created. If not specified, the default namespace is used.
network_access (Union[IResolvable, NetworkAccessProperty, Dict[str, Any], None]) – Configuration for network access to the Argo CD capability’s managed API server endpoint. By default, the Argo CD server is accessible via a public endpoint. You can optionally specify one or more VPC endpoint IDs to enable private connectivity from your VPCs.
rbac_role_mappings (Union[IResolvable, Sequence[Union[IResolvable, ArgoCdRoleMappingProperty, Dict[str, Any]]], None]) – A list of role mappings that define which IAM Identity Center users or groups have which Argo CD roles. Each mapping associates an Argo CD role (ADMIN, EDITOR, or VIEWER) with one or more IAM Identity Center identities.
server_url (Optional[str]) – The URL of the Argo CD server. Use this URL to access the Argo CD web interface and API.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-argocd.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_eks import mixins as eks_mixins

argo_cd_property = eks_mixins.CfnCapabilityPropsMixin.ArgoCdProperty(
    aws_idc=eks_mixins.CfnCapabilityPropsMixin.AwsIdcProperty(
        idc_instance_arn="idcInstanceArn",
        idc_managed_application_arn="idcManagedApplicationArn",
        idc_region="idcRegion"
    ),
    namespace="namespace",
    network_access=eks_mixins.CfnCapabilityPropsMixin.NetworkAccessProperty(
        vpce_ids=["vpceIds"]
    ),
    rbac_role_mappings=[eks_mixins.CfnCapabilityPropsMixin.ArgoCdRoleMappingProperty(
        identities=[eks_mixins.CfnCapabilityPropsMixin.SsoIdentityProperty(
            id="id",
            type="type"
        )],
        role="role"
    )],
    server_url="serverUrl"
)

Attributes

aws_idc

Configuration for integrating Argo CD with IAM Identity Center.

This allows you to use your organization’s identity provider for authentication to Argo CD.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-argocd.html#cfn-eks-capability-argocd-awsidc

namespace

The Kubernetes namespace where Argo CD resources will be created.

If not specified, the default namespace is used.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-argocd.html#cfn-eks-capability-argocd-namespace

network_access

Configuration for network access to the Argo CD capability’s managed API server endpoint.

By default, the Argo CD server is accessible via a public endpoint. You can optionally specify one or more VPC endpoint IDs to enable private connectivity from your VPCs.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-argocd.html#cfn-eks-capability-argocd-networkaccess

rbac_role_mappings

A list of role mappings that define which IAM Identity Center users or groups have which Argo CD roles.

Each mapping associates an Argo CD role (ADMIN, EDITOR, or VIEWER) with one or more IAM Identity Center identities.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-argocd.html#cfn-eks-capability-argocd-rbacrolemappings

server_url

The URL of the Argo CD server.

Use this URL to access the Argo CD web interface and API.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-argocd.html#cfn-eks-capability-argocd-serverurl

ArgoCdRoleMappingProperty

class CfnCapabilityPropsMixin.ArgoCdRoleMappingProperty(*, identities=None, role=None)

Bases: object

A mapping between an Argo CD role and IAM Identity Center identities.

This defines which users or groups have specific permissions in Argo CD.

Parameters:

identities (Union[IResolvable, Sequence[Union[IResolvable, SsoIdentityProperty, Dict[str, Any]]], None]) – A list of IAM Identity Center identities (users or groups) that should be assigned this Argo CD role.
role (Optional[str]) – The Argo CD role to assign. Valid values are: ADMIN (full administrative access to Argo CD), EDITOR (edit access to Argo CD resources), or VIEWER (read-only access to Argo CD resources).

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-argocdrolemapping.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_eks import mixins as eks_mixins

argo_cd_role_mapping_property = eks_mixins.CfnCapabilityPropsMixin.ArgoCdRoleMappingProperty(
    identities=[eks_mixins.CfnCapabilityPropsMixin.SsoIdentityProperty(
        id="id",
        type="type"
    )],
    role="role"
)

Attributes

identities

A list of IAM Identity Center identities (users or groups) that should be assigned this Argo CD role.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-argocdrolemapping.html#cfn-eks-capability-argocdrolemapping-identities

role

The Argo CD role to assign.

Valid values are: ADMIN (full administrative access to Argo CD), EDITOR (edit access to Argo CD resources), or VIEWER (read-only access to Argo CD resources).

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-argocdrolemapping.html#cfn-eks-capability-argocdrolemapping-role

AwsIdcProperty

class CfnCapabilityPropsMixin.AwsIdcProperty(*, idc_instance_arn=None, idc_managed_application_arn=None, idc_region=None)

Bases: object

Configuration for integrating Argo CD with IAM Identity Center.

This allows you to use your organization’s identity provider for authentication to Argo CD.

Parameters:

idc_instance_arn (Optional[str]) – The ARN of the IAM Identity Center instance to use for authentication.
idc_managed_application_arn (Optional[str]) – The ARN of the managed application created in IAM Identity Center for this Argo CD capability. This application is automatically created and managed by EKS.
idc_region (Optional[str]) – The Region where your IAM Identity Center instance is located.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-awsidc.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_eks import mixins as eks_mixins

aws_idc_property = eks_mixins.CfnCapabilityPropsMixin.AwsIdcProperty(
    idc_instance_arn="idcInstanceArn",
    idc_managed_application_arn="idcManagedApplicationArn",
    idc_region="idcRegion"
)

Attributes

idc_instance_arn

The ARN of the IAM Identity Center instance to use for authentication.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-awsidc.html#cfn-eks-capability-awsidc-idcinstancearn

idc_managed_application_arn

The ARN of the managed application created in IAM Identity Center for this Argo CD capability.

This application is automatically created and managed by EKS.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-awsidc.html#cfn-eks-capability-awsidc-idcmanagedapplicationarn

idc_region

The Region where your IAM Identity Center instance is located.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-awsidc.html#cfn-eks-capability-awsidc-idcregion

CapabilityConfigurationProperty

class CfnCapabilityPropsMixin.CapabilityConfigurationProperty(*, argo_cd=None)

Bases: object

Configuration settings for a capability.

The structure of this object varies depending on the capability type.

Parameters:: argo_cd (Union[IResolvable, ArgoCdProperty, Dict[str, Any], None]) – Configuration settings for an Argo CD capability. This includes the Kubernetes namespace, IAM Identity Center integration, RBAC role mappings, and network access configuration.
See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-capabilityconfiguration.html
ExampleMetadata:: fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_eks import mixins as eks_mixins

capability_configuration_property = eks_mixins.CfnCapabilityPropsMixin.CapabilityConfigurationProperty(
    argo_cd=eks_mixins.CfnCapabilityPropsMixin.ArgoCdProperty(
        aws_idc=eks_mixins.CfnCapabilityPropsMixin.AwsIdcProperty(
            idc_instance_arn="idcInstanceArn",
            idc_managed_application_arn="idcManagedApplicationArn",
            idc_region="idcRegion"
        ),
        namespace="namespace",
        network_access=eks_mixins.CfnCapabilityPropsMixin.NetworkAccessProperty(
            vpce_ids=["vpceIds"]
        ),
        rbac_role_mappings=[eks_mixins.CfnCapabilityPropsMixin.ArgoCdRoleMappingProperty(
            identities=[eks_mixins.CfnCapabilityPropsMixin.SsoIdentityProperty(
                id="id",
                type="type"
            )],
            role="role"
        )],
        server_url="serverUrl"
    )
)

Attributes

argo_cd

Configuration settings for an Argo CD capability.

This includes the Kubernetes namespace, IAM Identity Center integration, RBAC role mappings, and network access configuration.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-capabilityconfiguration.html#cfn-eks-capability-capabilityconfiguration-argocd

NetworkAccessProperty

class CfnCapabilityPropsMixin.NetworkAccessProperty(*, vpce_ids=None)

Bases: object

Configuration for network access to the Argo CD capability’s managed API server endpoint.

By default, the Argo CD server is accessible via a public endpoint. You can optionally specify one or more VPC endpoint IDs to enable private connectivity from your VPCs.

Parameters:: vpce_ids (Optional[Sequence[str]]) – A list of VPC endpoint IDs to associate with the managed Argo CD API server endpoint. Each VPC endpoint provides private connectivity from a specific VPC to the Argo CD server. You can specify multiple VPC endpoint IDs to enable access from multiple VPCs.
See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-networkaccess.html
ExampleMetadata:: fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_eks import mixins as eks_mixins

network_access_property = eks_mixins.CfnCapabilityPropsMixin.NetworkAccessProperty(
    vpce_ids=["vpceIds"]
)

Attributes

vpce_ids

A list of VPC endpoint IDs to associate with the managed Argo CD API server endpoint.

Each VPC endpoint provides private connectivity from a specific VPC to the Argo CD server. You can specify multiple VPC endpoint IDs to enable access from multiple VPCs.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-networkaccess.html#cfn-eks-capability-networkaccess-vpceids

SsoIdentityProperty

class CfnCapabilityPropsMixin.SsoIdentityProperty(*, id=None, type=None)

Bases: object

An IAM Identity Center identity (user or group) that can be assigned permissions in a capability.

Parameters:

id (Optional[str]) – The unique identifier of the IAM Identity Center user or group.
type (Optional[str]) – The type of identity. Valid values are SSO_USER or SSO_GROUP.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-ssoidentity.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_eks import mixins as eks_mixins

sso_identity_property = eks_mixins.CfnCapabilityPropsMixin.SsoIdentityProperty(
    id="id",
    type="type"
)

Attributes

id

The unique identifier of the IAM Identity Center user or group.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-ssoidentity.html#cfn-eks-capability-ssoidentity-id

type

The type of identity.

Valid values are SSO_USER or SSO_GROUP.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-capability-ssoidentity.html#cfn-eks-capability-ssoidentity-type