Commit 17f0e8d
committed
feat(eks): allow providing an existing IAM role to ServiceAccount with POD_IDENTITY
Add an optional `role?: IRoleRef` property to `ServiceAccountOptions`.
When specified with `IdentityType.POD_IDENTITY`, the provided role is
used for `CfnPodIdentityAssociation` instead of auto-generating one.
Specifying `role` with IRSA throws a `ValidationError` at construction time.
The `role`, `assumeRoleAction`, `grantPrincipal`, and `policyFragment`
members are changed from `readonly` properties to getters so that
construction succeeds even when an L1 `CfnRole` is passed.1 parent d12754f commit 17f0e8d
File tree
32 files changed
+6940
-32
lines changed- packages
- @aws-cdk-testing/framework-integ/test/aws-eks/test
- integ.eks-pod-identities-external-role.js.snapshot
- asset.2df9ba7d0495d3da117f843b78c721a4c8f617216ef95159ccae755e22f5e09d
- asset.55549d0bfa9628b306c349544b7d95017221e259e17875f3d38f2a3d2da5043f
- asset.96be612fb7dbf9fc3a1342e000a091920b1f4103c0e97852f7b8a4b28d4e2d7a
- apply
- get
- helm
- patch
- asset.d14e70c8c1d5d6c32025ea07c4b9ed67be449820cf578659c9deb07160688c0e
- aws-cdk-lib/aws-eks
- lib
- test
32 files changed
+6940
-32
lines changedSome generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
0 commit comments