Package software.amazon.awscdk.services.eks

Class ServiceAccount

java.lang.Object

software.amazon.jsii.JsiiObject

software.constructs.Construct

software.amazon.awscdk.services.eks.ServiceAccount

All Implemented Interfaces:

IGrantable, IPrincipal, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable

@Generated(value="jsii-pacmak/1.104.0 (build e79254c)",
           date="2024-11-22T02:24:01.501Z")
@Stability(Stable)
public class ServiceAccount
extends software.constructs.Construct
implements IPrincipal

Service Account.

Example:

 // or create a new one using an existing issuer url
 String issuerUrl;
 // you can import an existing provider
 IOpenIdConnectProvider provider = OpenIdConnectProvider.fromOpenIdConnectProviderArn(this, "Provider", "arn:aws:iam::123456:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/AB123456ABC");
 OpenIdConnectProvider provider2 = OpenIdConnectProvider.Builder.create(this, "Provider")
         .url(issuerUrl)
         .build();
 ICluster cluster = Cluster.fromClusterAttributes(this, "MyCluster", ClusterAttributes.builder()
         .clusterName("Cluster")
         .openIdConnectProvider(provider)
         .kubectlRoleArn("arn:aws:iam::123456:role/service-role/k8sservicerole")
         .build());
 ServiceAccount serviceAccount = cluster.addServiceAccount("MyServiceAccount");
 Bucket bucket = new Bucket(this, "Bucket");
 bucket.grantReadWrite(serviceAccount);
 

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final class	ServiceAccount.Builder	A fluent builder for ServiceAccount.

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.constructs.IConstruct

software.constructs.IConstruct.Jsii$Default, software.constructs.IConstruct.Jsii$Proxy

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IPrincipal

IPrincipal.Jsii$Default, IPrincipal.Jsii$Proxy

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	ServiceAccount(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	ServiceAccount(software.amazon.jsii.JsiiObjectRef objRef)
	ServiceAccount(software.constructs.Construct scope, String id, ServiceAccountProps props)

Method Summary

Modifier and Type	Method	Description
AddToPrincipalPolicyResult	addToPrincipalPolicy(PolicyStatement statement)	Add to the policy of this principal.
String	getAssumeRoleAction()	When this Principal is used in an AssumeRole policy, the action to use.
IPrincipal	getGrantPrincipal()	The principal to grant permissions to.
PrincipalPolicyFragment	getPolicyFragment()	Return the policy fragment that identifies this principal in a Policy.
IRole	getRole()	The role which is linked to the service account.
String	getServiceAccountName()	The name of the service account.
String	getServiceAccountNamespace()	The namespace where the service account is located in.

Methods inherited from class software.constructs.Construct

getNode, isConstruct, toString

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.awscdk.services.iam.IPrincipal

getPrincipalAccount

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Constructor Details

ServiceAccount

protected ServiceAccount(software.amazon.jsii.JsiiObjectRef objRef)

ServiceAccount

protected ServiceAccount(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

ServiceAccount

@Stability(Stable)
public ServiceAccount(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 ServiceAccountProps props)

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

Method Details

addToPrincipalPolicy

@Stability(Stable)
@NotNull
public AddToPrincipalPolicyResult addToPrincipalPolicy(@NotNull
 PolicyStatement statement)

Add to the policy of this principal.

Specified by:

addToPrincipalPolicy in interface IPrincipal

Parameters:

statement - This parameter is required.

getAssumeRoleAction

@Stability(Stable)
@NotNull
public String getAssumeRoleAction()

When this Principal is used in an AssumeRole policy, the action to use.

Specified by:

getAssumeRoleAction in interface IPrincipal

getGrantPrincipal

@Stability(Stable)
@NotNull
public IPrincipal getGrantPrincipal()

The principal to grant permissions to.

Specified by:

getGrantPrincipal in interface IGrantable

getPolicyFragment

@Stability(Stable)
@NotNull
public PrincipalPolicyFragment getPolicyFragment()

Return the policy fragment that identifies this principal in a Policy.

Specified by:

getPolicyFragment in interface IPrincipal

getRole

@Stability(Stable)
@NotNull
public IRole getRole()

The role which is linked to the service account.

getServiceAccountName

@Stability(Stable)
@NotNull
public String getServiceAccountName()

The name of the service account.

getServiceAccountNamespace

@Stability(Stable)
@NotNull
public String getServiceAccountNamespace()

The namespace where the service account is located in.