Package software.amazon.awssdk.services.eks.model

Class AccessEntry

java.lang.Object

software.amazon.awssdk.services.eks.model.AccessEntry

All Implemented Interfaces:

Serializable, SdkPojo, ToCopyableBuilder<AccessEntry.Builder,AccessEntry>

@Generated("software.amazon.awssdk:codegen")
public final class AccessEntry
extends Object
implements SdkPojo, Serializable, ToCopyableBuilder<AccessEntry.Builder,AccessEntry>

An access entry allows an IAM principal (user or role) to access your cluster. Access entries can replace the need to maintain the aws-auth ConfigMap for authentication. For more information about access entries, see Access entries in the Amazon EKS User Guide.

See Also:

• Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static interface	AccessEntry.Builder

Method Summary

Modifier and Type	Method	Description
final String	accessEntryArn()	The ARN of the access entry.
static AccessEntry.Builder	builder()
final String	clusterName()	The name of your cluster.
final Instant	createdAt()	The Unix epoch timestamp at object creation.
final boolean	equals(Object obj)
final boolean	equalsBySdkFields(Object obj)	Indicates whether some other object is "equal to" this one by SDK fields.
final <T> Optional<T>	getValueForField(String fieldName, Class<T> clazz)
final int	hashCode()
final boolean	hasKubernetesGroups()	For responses, this returns true if the service returned a value for the KubernetesGroups property.
final boolean	hasTags()	For responses, this returns true if the service returned a value for the Tags property.
final List<String>	kubernetesGroups()	A name that you've specified in a Kubernetes RoleBinding or ClusterRoleBinding object so that Kubernetes authorizes the principalARN access to cluster objects.
final Instant	modifiedAt()	The Unix epoch timestamp for the last modification to the object.
final String	principalArn()	The ARN of the IAM principal for the access entry.
final List<SdkField<?>>	sdkFields()
static Class<? extends AccessEntry.Builder>	serializableBuilderClass()
final Map<String,String>	tags()	Metadata that assists with categorization and organization.
AccessEntry.Builder	toBuilder()	Take this object and create a builder that contains all of the current property values of this object.
final String	toString()	Returns a string representation of this object.
final String	type()	The type of the access entry.
final String	username()	The name of a user that can authenticate to your cluster.

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder

copy

Method Details

clusterName

public final String clusterName()

The name of your cluster.

Returns:

The name of your cluster.

principalArn

public final String principalArn()

The ARN of the IAM principal for the access entry. If you ever delete the IAM principal with this ARN, the access entry isn't automatically deleted. We recommend that you delete the access entry with an ARN for an IAM principal that you delete. If you don't delete the access entry and ever recreate the IAM principal, even if it has the same ARN, the access entry won't work. This is because even though the ARN is the same for the recreated IAM principal, the roleID or userID (you can see this with the Security Token Service GetCallerIdentity API) is different for the recreated IAM principal than it was for the original IAM principal. Even though you don't see the IAM principal's roleID or userID for an access entry, Amazon EKS stores it with the access entry.

Returns:

The ARN of the IAM principal for the access entry. If you ever delete the IAM principal with this ARN, the access entry isn't automatically deleted. We recommend that you delete the access entry with an ARN for an IAM principal that you delete. If you don't delete the access entry and ever recreate the IAM principal, even if it has the same ARN, the access entry won't work. This is because even though the ARN is the same for the recreated IAM principal, the roleID or userID (you can see this with the Security Token Service GetCallerIdentity API) is different for the recreated IAM principal than it was for the original IAM principal. Even though you don't see the IAM principal's roleID or userID for an access entry, Amazon EKS stores it with the access entry.

hasKubernetesGroups

public final boolean hasKubernetesGroups()

For responses, this returns true if the service returned a value for the KubernetesGroups property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

kubernetesGroups

public final List<String> kubernetesGroups()

A name that you've specified in a Kubernetes RoleBinding or ClusterRoleBinding object so that Kubernetes authorizes the principalARN access to cluster objects.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasKubernetesGroups() method.

Returns:

A name that you've specified in a Kubernetes RoleBinding or ClusterRoleBinding object so that Kubernetes authorizes the principalARN access to cluster objects.

accessEntryArn

public final String accessEntryArn()

The ARN of the access entry.

Returns:

The ARN of the access entry.

createdAt

public final Instant createdAt()

The Unix epoch timestamp at object creation.

Returns:

The Unix epoch timestamp at object creation.

modifiedAt

public final Instant modifiedAt()

The Unix epoch timestamp for the last modification to the object.

Returns:

The Unix epoch timestamp for the last modification to the object.

hasTags

public final boolean hasTags()

For responses, this returns true if the service returned a value for the Tags property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

tags

public final Map<String,String> tags()

Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or Amazon Web Services resources.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasTags() method.

Returns:

Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or Amazon Web Services resources.

username

public final String username()

The name of a user that can authenticate to your cluster.

Returns:

The name of a user that can authenticate to your cluster.

type

public final String type()

The type of the access entry.

Returns:

The type of the access entry.

toBuilder

public AccessEntry.Builder toBuilder()

Description copied from interface: ToCopyableBuilder

Take this object and create a builder that contains all of the current property values of this object.

Specified by:

toBuilder in interface ToCopyableBuilder<AccessEntry.Builder,AccessEntry>

Returns:

a builder for type T

builder

public static AccessEntry.Builder builder()

serializableBuilderClass

public static Class<? extends AccessEntry.Builder> serializableBuilderClass()

hashCode

public final int hashCode()

Overrides:

hashCode in class Object

equals

public final boolean equals(Object obj)

Overrides:

equals in class Object

equalsBySdkFields

public final boolean equalsBySdkFields(Object obj)

Description copied from interface: SdkPojo

Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in an SdkPojo class, and is generated based on a service model.

If an SdkPojo class does not have any inherited fields, equalsBySdkFields and equals are essentially the same.

Specified by:

equalsBySdkFields in interface SdkPojo

Parameters:

obj - the object to be compared with

Returns:

true if the other object equals to this object by sdk fields, false otherwise.

toString

public final String toString()

Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.

Overrides:

toString in class Object

getValueForField

public final <T> Optional<T> getValueForField(String fieldName,
 Class<T> clazz)

sdkFields

public final List<SdkField<?>> sdkFields()

Specified by:

sdkFields in interface SdkPojo

Returns:

List of SdkField in this POJO. May be empty list but should never be null.