class AwsAuth (construct)
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.EKS.AwsAuth |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awseks#AwsAuth |
 Java | software.amazon.awscdk.services.eks.AwsAuth |
 Python | aws_cdk.aws_eks.AwsAuth |
 TypeScript (source) | aws-cdk-lib » aws_eks » AwsAuth |
Implements
IConstruct, IDependable
Manages mapping between IAM users and roles to Kubernetes RBAC configuration.
See also: https://docs.aws.amazon.com/en_us/eks/latest/userguide/add-user-role.html
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_eks as eks } from 'aws-cdk-lib';
declare const cluster: eks.Cluster;
const awsAuth = new eks.AwsAuth(this, 'MyAwsAuth', {
cluster: cluster,
});
Initializer
new AwsAuth(scope: Construct, id: string, props: AwsAuthProps)
Parameters
- scope
Construct - id
string - props
AwsAuth Props
Construct Props
| Name | Type | Description |
|---|---|---|
| cluster | Cluster | The EKS cluster to apply this configuration to. |
cluster
Type:
Cluster
The EKS cluster to apply this configuration to.
[disable-awslint:ref-via-interface]
Properties
| Name | Type | Description |
|---|---|---|
| node | Node | The tree node. |
node
Type:
Node
The tree node.
Methods
| Name | Description |
|---|---|
| add | Additional AWS account to add to the aws-auth configmap. |
| add | Adds the specified IAM role to the system:masters RBAC group, which means that anyone that can assume it will be able to administer this Kubernetes system. |
| add | Adds a mapping between an IAM role to a Kubernetes user and groups. |
| add | Adds a mapping between an IAM user to a Kubernetes user and groups. |
| to | Returns a string representation of this construct. |
addAccount(accountId)
public addAccount(accountId: string): void
Parameters
- accountId
string— account number.
Additional AWS account to add to the aws-auth configmap.
addMastersRole(role, username?)
public addMastersRole(role: IRole, username?: string): void
Parameters
- role
IRole— The IAM role to add. - username
string— Optional user (defaults to the role ARN).
Adds the specified IAM role to the system:masters RBAC group, which means that anyone that can assume it will be able to administer this Kubernetes system.
addRoleMapping(role, mapping)
public addRoleMapping(role: IRole, mapping: AwsAuthMapping): void
Parameters
- role
IRole— The IAM role to map. - mapping
Aws— Mapping to k8s user name and groups.Auth Mapping
Adds a mapping between an IAM role to a Kubernetes user and groups.
addUserMapping(user, mapping)
public addUserMapping(user: IUser, mapping: AwsAuthMapping): void
Parameters
- user
IUser— The IAM user to map. - mapping
Aws— Mapping to k8s user name and groups.Auth Mapping
Adds a mapping between an IAM user to a Kubernetes user and groups.
toString()
public toString(): string
Returns
string
Returns a string representation of this construct.