@aws-sdk/client-eks
Version:
AWS SDK for JavaScript Eks Client for Node.js, Browser and React Native
131 lines (130 loc) • 6.01 kB
TypeScript
import { Command as $Command } from "@smithy/smithy-client";
import { MetadataBearer as __MetadataBearer } from "@smithy/types";
import { EKSClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EKSClient";
import { CreateAccessEntryRequest, CreateAccessEntryResponse } from "../models/models_0";
/**
* @public
*/
export type { __MetadataBearer };
export { $Command };
/**
* @public
*
* The input for {@link CreateAccessEntryCommand}.
*/
export interface CreateAccessEntryCommandInput extends CreateAccessEntryRequest {
}
/**
* @public
*
* The output of {@link CreateAccessEntryCommand}.
*/
export interface CreateAccessEntryCommandOutput extends CreateAccessEntryResponse, __MetadataBearer {
}
declare const CreateAccessEntryCommand_base: {
new (input: CreateAccessEntryCommandInput): import("@smithy/smithy-client").CommandImpl<CreateAccessEntryCommandInput, CreateAccessEntryCommandOutput, EKSClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
new (__0_0: CreateAccessEntryCommandInput): import("@smithy/smithy-client").CommandImpl<CreateAccessEntryCommandInput, CreateAccessEntryCommandOutput, EKSClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
};
/**
* <p>Creates an access entry.</p>
* <p>An access entry allows an IAM principal to access your cluster. Access
* entries can replace the need to maintain entries in the <code>aws-auth</code>
* <code>ConfigMap</code> for authentication. You have the following options for
* authorizing an IAM principal to access Kubernetes objects on your cluster: Kubernetes
* role-based access control (RBAC), Amazon EKS, or both. Kubernetes RBAC authorization requires you
* to create and manage Kubernetes <code>Role</code>, <code>ClusterRole</code>,
* <code>RoleBinding</code>, and <code>ClusterRoleBinding</code> objects, in addition
* to managing access entries. If you use Amazon EKS authorization exclusively, you don't need
* to create and manage Kubernetes <code>Role</code>, <code>ClusterRole</code>,
* <code>RoleBinding</code>, and <code>ClusterRoleBinding</code> objects.</p>
* <p>For more information about access entries, see <a href="https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html">Access entries</a> in the
* <i>Amazon EKS User Guide</i>.</p>
* @example
* Use a bare-bones client and the command you need to make an API call.
* ```javascript
* import { EKSClient, CreateAccessEntryCommand } from "@aws-sdk/client-eks"; // ES Modules import
* // const { EKSClient, CreateAccessEntryCommand } = require("@aws-sdk/client-eks"); // CommonJS import
* const client = new EKSClient(config);
* const input = { // CreateAccessEntryRequest
* clusterName: "STRING_VALUE", // required
* principalArn: "STRING_VALUE", // required
* kubernetesGroups: [ // StringList
* "STRING_VALUE",
* ],
* tags: { // TagMap
* "<keys>": "STRING_VALUE",
* },
* clientRequestToken: "STRING_VALUE",
* username: "STRING_VALUE",
* type: "STRING_VALUE",
* };
* const command = new CreateAccessEntryCommand(input);
* const response = await client.send(command);
* // { // CreateAccessEntryResponse
* // accessEntry: { // AccessEntry
* // clusterName: "STRING_VALUE",
* // principalArn: "STRING_VALUE",
* // kubernetesGroups: [ // StringList
* // "STRING_VALUE",
* // ],
* // accessEntryArn: "STRING_VALUE",
* // createdAt: new Date("TIMESTAMP"),
* // modifiedAt: new Date("TIMESTAMP"),
* // tags: { // TagMap
* // "<keys>": "STRING_VALUE",
* // },
* // username: "STRING_VALUE",
* // type: "STRING_VALUE",
* // },
* // };
*
* ```
*
* @param CreateAccessEntryCommandInput - {@link CreateAccessEntryCommandInput}
* @returns {@link CreateAccessEntryCommandOutput}
* @see {@link CreateAccessEntryCommandInput} for command's `input` shape.
* @see {@link CreateAccessEntryCommandOutput} for command's `response` shape.
* @see {@link EKSClientResolvedConfig | config} for EKSClient's `config` shape.
*
* @throws {@link InvalidParameterException} (client fault)
* <p>The specified parameter is invalid. Review the available parameters for the API
* request.</p>
*
* @throws {@link InvalidRequestException} (client fault)
* <p>The request is invalid given the state of the cluster. Check the state of the cluster
* and the associated operations.</p>
*
* @throws {@link ResourceInUseException} (client fault)
* <p>The specified resource is in use.</p>
*
* @throws {@link ResourceLimitExceededException} (client fault)
* <p>You have encountered a service limit on the specified resource.</p>
*
* @throws {@link ResourceNotFoundException} (client fault)
* <p>The specified resource could not be found. You can view your available clusters with
* <code>ListClusters</code>. You can view your available managed node groups with
* <code>ListNodegroups</code>. Amazon EKS clusters and node groups are Amazon Web Services Region
* specific.</p>
*
* @throws {@link ServerException} (server fault)
* <p>These errors are usually caused by a server-side issue.</p>
*
* @throws {@link EKSServiceException}
* <p>Base exception class for all service exceptions from EKS service.</p>
*
* @public
*/
export declare class CreateAccessEntryCommand extends CreateAccessEntryCommand_base {
/** @internal type navigation helper, not in runtime. */
protected static __types: {
api: {
input: CreateAccessEntryRequest;
output: CreateAccessEntryResponse;
};
sdk: {
input: CreateAccessEntryCommandInput;
output: CreateAccessEntryCommandOutput;
};
};
}