Class: Aws::EKS::Types::AccessEntry

Inherits:

Struct

• Object
• Struct
• Aws::EKS::Types::AccessEntry

Includes:

Structure

Defined in:

lib/aws-sdk-eks/types.rb

Overview

An access entry allows an IAM principal (user or role) to access your cluster. Access entries can replace the need to maintain the ‘aws-auth` `ConfigMap` for authentication. For more information about access entries, see [Access entries] in the *Amazon EKS User Guide*.

[1]: docs.aws.amazon.com/eks/latest/userguide/access-entries.html

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #access_entry_arn ⇒ String

  The ARN of the access entry.

• #cluster_name ⇒ String

  The name of your cluster.

• #created_at ⇒ Time

  The Unix epoch timestamp at object creation.

• #kubernetes_groups ⇒ Array<String>

  A ‘name` that you’ve specified in a Kubernetes ‘RoleBinding` or `ClusterRoleBinding` object so that Kubernetes authorizes the `principalARN` access to cluster objects.

• #modified_at ⇒ Time

  The Unix epoch timestamp for the last modification to the object.

• #principal_arn ⇒ String

  The ARN of the IAM principal for the access entry.

• #tags ⇒ Hash<String,String>

  Metadata that assists with categorization and organization.

• #type ⇒ String

  The type of the access entry.

• #username ⇒ String

  The ‘name` of a user that can authenticate to your cluster.

Instance Attribute Details

#access_entry_arn ⇒ String

The ARN of the access entry.

Returns:

• (String)

# File 'lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#cluster_name ⇒ String

The name of your cluster.

Returns:

• (String)

# File 'lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#created_at ⇒ Time

The Unix epoch timestamp at object creation.

Returns:

• (Time)

# File 'lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#kubernetes_groups ⇒ Array<String>

A ‘name` that you’ve specified in a Kubernetes ‘RoleBinding` or `ClusterRoleBinding` object so that Kubernetes authorizes the `principalARN` access to cluster objects.

Returns:

• (Array<String>)

# File 'lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#modified_at ⇒ Time

The Unix epoch timestamp for the last modification to the object.

Returns:

• (Time)

# File 'lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#principal_arn ⇒ String

The ARN of the IAM principal for the access entry. If you ever delete the IAM principal with this ARN, the access entry isn’t automatically deleted. We recommend that you delete the access entry with an ARN for an IAM principal that you delete. If you don’t delete the access entry and ever recreate the IAM principal, even if it has the same ARN, the access entry won’t work. This is because even though the ARN is the same for the recreated IAM principal, the ‘roleID` or `userID` (you can see this with the Security Token Service `GetCallerIdentity` API) is different for the recreated IAM principal than it was for the original IAM principal. Even though you don’t see the IAM principal’s ‘roleID` or `userID` for an access entry, Amazon EKS stores it with the access entry.

Returns:

• (String)

# File 'lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#tags ⇒ Hash<String,String>

Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don’t propagate to any other cluster or Amazon Web Services resources.

Returns:

• (Hash<String,String>)

# File 'lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#type ⇒ String

The type of the access entry.

Returns:

• (String)

# File 'lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#username ⇒ String

The ‘name` of a user that can authenticate to your cluster.

Returns:

• (String)

# File 'lib/aws-sdk-eks/types.rb', line 119

class AccessEntry < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :access_entry_arn,
  :created_at,
  :modified_at,
  :tags,
  :username,
  :type)
  SENSITIVE = []
  include Aws::Structure
end