Class: Aws::EKS::Types::AccessEntry

Inherits:

Struct

• Object
• Struct
• Aws::EKS::Types::AccessEntry

Defined in:

gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb

Overview

An access entry allows an IAM principal (user or role) to access your cluster. Access entries can replace the need to maintain the aws-auth ConfigMap for authentication. For more information about access entries, see Access entries in the Amazon EKS User Guide.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #access_entry_arn ⇒ String

  The ARN of the access entry.

• #cluster_name ⇒ String

  The name of your cluster.

• #created_at ⇒ Time

  The Unix epoch timestamp at object creation.

• #kubernetes_groups ⇒ Array<String>

  A name that you've specified in a Kubernetes RoleBinding or ClusterRoleBinding object so that Kubernetes authorizes the principalARN access to cluster objects.

• #modified_at ⇒ Time

  The Unix epoch timestamp for the last modification to the object.

• #principal_arn ⇒ String

  The ARN of the IAM principal for the access entry.

• #tags ⇒ Hash<String,String>

  Metadata that assists with categorization and organization.

• #type ⇒ String

  The type of the access entry.

• #username ⇒ String

  The name of a user that can authenticate to your cluster.

Instance Attribute Details

#access_entry_arn ⇒ String

The ARN of the access entry.

Returns:

• (String)

# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#cluster_name ⇒ String

The name of your cluster.

Returns:

• (String)

# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#created_at ⇒ Time

The Unix epoch timestamp at object creation.

Returns:

• (Time)

# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#kubernetes_groups ⇒ Array<String>

A name that you've specified in a Kubernetes RoleBinding or ClusterRoleBinding object so that Kubernetes authorizes the principalARN access to cluster objects.

Returns:

• (Array<String>)

# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#modified_at ⇒ Time

The Unix epoch timestamp for the last modification to the object.

Returns:

• (Time)

# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#principal_arn ⇒ String

The ARN of the IAM principal for the access entry. If you ever delete the IAM principal with this ARN, the access entry isn't automatically deleted. We recommend that you delete the access entry with an ARN for an IAM principal that you delete. If you don't delete the access entry and ever recreate the IAM principal, even if it has the same ARN, the access entry won't work. This is because even though the ARN is the same for the recreated IAM principal, the roleID or userID (you can see this with the Security Token Service GetCallerIdentity API) is different for the recreated IAM principal than it was for the original IAM principal. Even though you don't see the IAM principal's roleID or userID for an access entry, Amazon EKS stores it with the access entry.

Returns:

• (String)

# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#tags ⇒ Hash<String,String>

Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or Amazon Web Services resources.

Returns:

• (Hash<String,String>)

# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#type ⇒ String

The type of the access entry.

Returns:

• (String)

# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#username ⇒ String

The name of a user that can authenticate to your cluster.

Returns:

• (String)

# File 'gems/aws-sdk-eks/lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end