Class: Aws::EKS::Types::UpdateAccessEntryRequest

Inherits:

Struct

• Object
• Struct
• Aws::EKS::Types::UpdateAccessEntryRequest

Includes:

Structure

Defined in:

lib/aws-sdk-eks/types.rb

Overview

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #client_request_token ⇒ String

  A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

• #cluster_name ⇒ String

  The name of your cluster.

• #kubernetes_groups ⇒ Array<String>

  The value for name that you’ve specified for ‘kind: Group` as a subject in a Kubernetes RoleBinding or ClusterRoleBinding object.

• #principal_arn ⇒ String

  The ARN of the IAM principal for the AccessEntry.

• #username ⇒ String

  The username to authenticate to Kubernetes with.

Instance Attribute Details

#client_request_token ⇒ String

A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

**A suitable default value is auto-generated.** You should normally not need to pass this option.

Returns:

• (String)

# File 'lib/aws-sdk-eks/types.rb', line 7648

class UpdateAccessEntryRequest < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :client_request_token,
  :username)
  SENSITIVE = []
  include Aws::Structure
end

#cluster_name ⇒ String

The name of your cluster.

Returns:

• (String)

# File 'lib/aws-sdk-eks/types.rb', line 7648

class UpdateAccessEntryRequest < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :client_request_token,
  :username)
  SENSITIVE = []
  include Aws::Structure
end

#kubernetes_groups ⇒ Array<String>

The value for name that you’ve specified for ‘kind: Group` as a subject in a Kubernetes RoleBinding or ClusterRoleBinding object. Amazon EKS doesn’t confirm that the value for name exists in any bindings on your cluster. You can specify one or more names.

Kubernetes authorizes the principalArn of the access entry to access any cluster objects that you’ve specified in a Kubernetes Role or ClusterRole object that is also specified in a binding’s roleRef. For more information about creating Kubernetes RoleBinding, ClusterRoleBinding, Role, or ClusterRole objects, see [Using RBAC Authorization in the Kubernetes documentation].

If you want Amazon EKS to authorize the principalArn (instead of, or in addition to Kubernetes authorizing the principalArn), you can associate one or more access policies to the access entry using AssociateAccessPolicy. If you associate any access policies, the principalARN has all permissions assigned in the associated access policies and all permissions in any Kubernetes Role or ClusterRole objects that the group names are bound to.

[1]: kubernetes.io/docs/reference/access-authn-authz/rbac/

Returns:

• (Array<String>)

# File 'lib/aws-sdk-eks/types.rb', line 7648

class UpdateAccessEntryRequest < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :client_request_token,
  :username)
  SENSITIVE = []
  include Aws::Structure
end

#principal_arn ⇒ String

The ARN of the IAM principal for the AccessEntry.

Returns:

• (String)

# File 'lib/aws-sdk-eks/types.rb', line 7648

class UpdateAccessEntryRequest < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :client_request_token,
  :username)
  SENSITIVE = []
  include Aws::Structure
end

#username ⇒ String

The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before specifying your own username, see [Creating access entries] in the *Amazon EKS User Guide*.

[1]: docs.aws.amazon.com/eks/latest/userguide/access-entries.html#creating-access-entries

Returns:

• (String)

# File 'lib/aws-sdk-eks/types.rb', line 7648

class UpdateAccessEntryRequest < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :client_request_token,
  :username)
  SENSITIVE = []
  include Aws::Structure
end