Class: Aws::EKS::Types::UpdateAccessEntryRequest

Inherits:
Struct
  • Object
show all
Includes:
Structure
Defined in:
lib/aws-sdk-eks/types.rb

Overview

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#client_request_tokenString

A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

**A suitable default value is auto-generated.** You should normally not need to pass this option.

Returns:

  • (String)


5810
5811
5812
5813
5814
5815
5816
5817
5818
# File 'lib/aws-sdk-eks/types.rb', line 5810

class UpdateAccessEntryRequest < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :client_request_token,
  :username)
  SENSITIVE = []
  include Aws::Structure
end

#cluster_nameString

The name of your cluster.

Returns:

  • (String)


5810
5811
5812
5813
5814
5815
5816
5817
5818
# File 'lib/aws-sdk-eks/types.rb', line 5810

class UpdateAccessEntryRequest < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :client_request_token,
  :username)
  SENSITIVE = []
  include Aws::Structure
end

#kubernetes_groupsArray<String>

The value for ‘name` that you’ve specified for ‘kind: Group` as a `subject` in a Kubernetes `RoleBinding` or `ClusterRoleBinding` object. Amazon EKS doesn’t confirm that the value for ‘name` exists in any bindings on your cluster. You can specify one or more names.

Kubernetes authorizes the ‘principalArn` of the access entry to access any cluster objects that you’ve specified in a Kubernetes ‘Role` or `ClusterRole` object that is also specified in a binding’s ‘roleRef`. For more information about creating Kubernetes `RoleBinding`, `ClusterRoleBinding`, `Role`, or `ClusterRole` objects, see [Using RBAC Authorization in the Kubernetes documentation].

If you want Amazon EKS to authorize the ‘principalArn` (instead of, or in addition to Kubernetes authorizing the `principalArn`), you can associate one or more access policies to the access entry using `AssociateAccessPolicy`. If you associate any access policies, the `principalARN` has all permissions assigned in the associated access policies and all permissions in any Kubernetes `Role` or `ClusterRole` objects that the group names are bound to.

[1]: kubernetes.io/docs/reference/access-authn-authz/rbac/

Returns:

  • (Array<String>)


5810
5811
5812
5813
5814
5815
5816
5817
5818
# File 'lib/aws-sdk-eks/types.rb', line 5810

class UpdateAccessEntryRequest < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :client_request_token,
  :username)
  SENSITIVE = []
  include Aws::Structure
end

#principal_arnString

The ARN of the IAM principal for the ‘AccessEntry`.

Returns:

  • (String)


5810
5811
5812
5813
5814
5815
5816
5817
5818
# File 'lib/aws-sdk-eks/types.rb', line 5810

class UpdateAccessEntryRequest < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :client_request_token,
  :username)
  SENSITIVE = []
  include Aws::Structure
end

#usernameString

The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before specifying your own username, see [Creating access entries] in the *Amazon EKS User Guide*.

[1]: docs.aws.amazon.com/eks/latest/userguide/access-entries.html#creating-access-entries

Returns:

  • (String)


5810
5811
5812
5813
5814
5815
5816
5817
5818
# File 'lib/aws-sdk-eks/types.rb', line 5810

class UpdateAccessEntryRequest < Struct.new(
  :cluster_name,
  :principal_arn,
  :kubernetes_groups,
  :client_request_token,
  :username)
  SENSITIVE = []
  include Aws::Structure
end