ASSOCIATEACCESSPOLICY()`¶

About AssociateAccessPolicy¶

Associates an access policy and its scope to an access entry. For more information about associating access policies, see Associating and disassociating access policies to and from access entries in the Amazon EKS User Guide.

Method Signature¶

METHODS /AWS1/IF_EKS~ASSOCIATEACCESSPOLICY
  IMPORTING
    !IV_CLUSTERNAME TYPE /AWS1/EKSSTRING OPTIONAL
    !IV_PRINCIPALARN TYPE /AWS1/EKSSTRING OPTIONAL
    !IV_POLICYARN TYPE /AWS1/EKSSTRING OPTIONAL
    !IO_ACCESSSCOPE TYPE REF TO /AWS1/CL_EKSACCESSSCOPE OPTIONAL
  RETURNING
    VALUE(OO_OUTPUT) TYPE REF TO /aws1/cl_eksassocaccpolicyrsp
  RAISING
    /AWS1/CX_EKSINVALIDPARAMETEREX
    /AWS1/CX_EKSINVALIDREQUESTEX
    /AWS1/CX_EKSRESOURCENOTFOUNDEX
    /AWS1/CX_EKSSERVEREXCEPTION
    /AWS1/CX_EKSCLIENTEXC
    /AWS1/CX_EKSSERVEREXC
    /AWS1/CX_RT_TECHNICAL_GENERIC
    /AWS1/CX_RT_SERVICE_GENERIC.

IMPORTING¶

Required arguments:¶

`iv_clustername` `TYPE /AWS1/EKSSTRING` `/AWS1/EKSSTRING`¶

The name of your cluster.

`iv_principalarn` `TYPE /AWS1/EKSSTRING` `/AWS1/EKSSTRING`¶

The Amazon Resource Name (ARN) of the IAM user or role for the AccessEntry that you're associating the access policy to.

`iv_policyarn` `TYPE /AWS1/EKSSTRING` `/AWS1/EKSSTRING`¶

The ARN of the AccessPolicy that you're associating. For a list of ARNs, use ListAccessPolicies.

`io_accessscope` `TYPE REF TO /AWS1/CL_EKSACCESSSCOPE` `/AWS1/CL_EKSACCESSSCOPE`¶

The scope for the AccessPolicy. You can scope access policies to an entire cluster or to specific Kubernetes namespaces.

RETURNING¶

`oo_output` `TYPE REF TO /aws1/cl_eksassocaccpolicyrsp` `/AWS1/CL_EKSASSOCACCPOLICYRSP`¶

Domain /AWS1/RT_ACCOUNT_ID

Primitive Type NUMC

Examples¶

Syntax Example¶

This is an example of the syntax for calling the method. It includes every possible argument and initializes every possible value. The data provided is not necessarily semantically accurate (for example the value "string" may be provided for something that is intended to be an instance ID, or in some cases two arguments may be mutually exclusive). The syntax shows the ABAP syntax for creating the various data structures.

DATA(lo_result) = lo_client->associateaccesspolicy(
  io_accessscope = new /aws1/cl_eksaccessscope(
    it_namespaces = VALUE /aws1/cl_eksstringlist_w=>tt_stringlist(
      ( new /aws1/cl_eksstringlist_w( |string| ) )
    )
    iv_type = |string|
  )
  iv_clustername = |string|
  iv_policyarn = |string|
  iv_principalarn = |string|
).

This is an example of reading all possible response values

lo_result = lo_result.
IF lo_result IS NOT INITIAL.
  lv_string = lo_result->get_clustername( ).
  lv_string = lo_result->get_principalarn( ).
  lo_associatedaccesspolicy = lo_result->get_associatedaccesspolicy( ).
  IF lo_associatedaccesspolicy IS NOT INITIAL.
    lv_string = lo_associatedaccesspolicy->get_policyarn( ).
    lo_accessscope = lo_associatedaccesspolicy->get_accessscope( ).
    IF lo_accessscope IS NOT INITIAL.
      lv_accessscopetype = lo_accessscope->get_type( ).
      LOOP AT lo_accessscope->get_namespaces( ) into lo_row.
        lo_row_1 = lo_row.
        IF lo_row_1 IS NOT INITIAL.
          lv_string = lo_row_1->get_value( ).
        ENDIF.
      ENDLOOP.
    ENDIF.
    lv_timestamp = lo_associatedaccesspolicy->get_associatedat( ).
    lv_timestamp = lo_associatedaccesspolicy->get_modifiedat( ).
  ENDIF.
ENDIF.

/AWS1/IF_EKS=>ASSOCIATEACCESSPOLICY()¶