@Generated(value="jsii-pacmak/1.67.0 (build 2c027f5)", date="2022-09-19T20:26:38.960Z") @Stability(value=Stable) public class ServiceAccount extends software.constructs.Construct implements IPrincipal
Example:
// or create a new one using an existing issuer url
String issuerUrl;
// you can import an existing provider
IOpenIdConnectProvider provider = OpenIdConnectProvider.fromOpenIdConnectProviderArn(this, "Provider", "arn:aws:iam::123456:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/AB123456ABC");
OpenIdConnectProvider provider2 = OpenIdConnectProvider.Builder.create(this, "Provider")
.url(issuerUrl)
.build();
ICluster cluster = Cluster.fromClusterAttributes(this, "MyCluster", ClusterAttributes.builder()
.clusterName("Cluster")
.openIdConnectProvider(provider)
.kubectlRoleArn("arn:aws:iam::123456:role/service-role/k8sservicerole")
.build());
ServiceAccount serviceAccount = cluster.addServiceAccount("MyServiceAccount");
Bucket bucket = new Bucket(this, "Bucket");
bucket.grantReadWrite(serviceAccount);
| Modifier and Type | Class and Description |
|---|---|
static class |
ServiceAccount.Builder
A fluent builder for
ServiceAccount. |
software.amazon.jsii.JsiiObject.InitializationModeIPrincipal.Jsii$Default, IPrincipal.Jsii$Proxy| Modifier | Constructor and Description |
|---|---|
|
ServiceAccount(software.constructs.Construct scope,
String id,
ServiceAccountProps props) |
protected |
ServiceAccount(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
ServiceAccount(software.amazon.jsii.JsiiObjectRef objRef) |
| Modifier and Type | Method and Description |
|---|---|
AddToPrincipalPolicyResult |
addToPrincipalPolicy(PolicyStatement statement)
Add to the policy of this principal.
|
String |
getAssumeRoleAction()
When this Principal is used in an AssumeRole policy, the action to use.
|
IPrincipal |
getGrantPrincipal()
The principal to grant permissions to.
|
PrincipalPolicyFragment |
getPolicyFragment()
Return the policy fragment that identifies this principal in a Policy.
|
IRole |
getRole()
The role which is linked to the service account.
|
String |
getServiceAccountName()
The name of the service account.
|
String |
getServiceAccountNamespace()
The namespace where the service account is located in.
|
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSetclone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitgetPrincipalAccountprotected ServiceAccount(software.amazon.jsii.JsiiObjectRef objRef)
protected ServiceAccount(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
@Stability(value=Stable)
public ServiceAccount(@NotNull
software.constructs.Construct scope,
@NotNull
String id,
@NotNull
ServiceAccountProps props)
scope - This parameter is required.id - This parameter is required.props - This parameter is required.@Stability(value=Stable) @NotNull public AddToPrincipalPolicyResult addToPrincipalPolicy(@NotNull PolicyStatement statement)
addToPrincipalPolicy in interface IPrincipalstatement - This parameter is required.@Stability(value=Stable) @NotNull public String getAssumeRoleAction()
getAssumeRoleAction in interface IPrincipal@Stability(value=Stable) @NotNull public IPrincipal getGrantPrincipal()
getGrantPrincipal in interface IGrantable@Stability(value=Stable) @NotNull public PrincipalPolicyFragment getPolicyFragment()
getPolicyFragment in interface IPrincipal@Stability(value=Stable) @NotNull public IRole getRole()
@Stability(value=Stable) @NotNull public String getServiceAccountName()
@Stability(value=Stable) @NotNull public String getServiceAccountNamespace()
Copyright © 2022. All rights reserved.