aws-cdk-lib/aws-eks/lib/aws-auth.js

Version 2 of the AWS Cloud Development Kit library

"use strict";var _a;Object.defineProperty(exports,"__esModule",{value:!0}),exports.AwsAuth=void 0;const jsiiDeprecationWarnings=require("../../.warnings.jsii.js"),JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti"),core_1=require("../../core"),constructs_1=require("constructs"),k8s_manifest_1=require("./k8s-manifest");class AwsAuth extends constructs_1.Construct{constructor(scope,id,props){super(scope,id),this.roleMappings=new Array,this.userMappings=new Array,this.accounts=new Array;try{jsiiDeprecationWarnings.aws_cdk_lib_aws_eks_AwsAuthProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,AwsAuth),error}this.stack=core_1.Stack.of(this),new k8s_manifest_1.KubernetesManifest(this,"manifest",{cluster:props.cluster,overwrite:!0,manifest:[{apiVersion:"v1",kind:"ConfigMap",metadata:{name:"aws-auth",namespace:"kube-system"},data:{mapRoles:this.synthesizeMapRoles(),mapUsers:this.synthesizeMapUsers(),mapAccounts:this.synthesizeMapAccounts()}}]})}addMastersRole(role,username){try{jsiiDeprecationWarnings.aws_cdk_lib_aws_iam_IRole(role)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.addMastersRole),error}this.addRoleMapping(role,{username,groups:["system:masters"]})}addRoleMapping(role,mapping){try{jsiiDeprecationWarnings.aws_cdk_lib_aws_iam_IRole(role),jsiiDeprecationWarnings.aws_cdk_lib_aws_eks_AwsAuthMapping(mapping)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.addRoleMapping),error}this.assertSameStack(role),this.roleMappings.push({role,mapping})}addUserMapping(user,mapping){try{jsiiDeprecationWarnings.aws_cdk_lib_aws_iam_IUser(user),jsiiDeprecationWarnings.aws_cdk_lib_aws_eks_AwsAuthMapping(mapping)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.addUserMapping),error}this.assertSameStack(user),this.userMappings.push({user,mapping})}addAccount(accountId){this.accounts.push(accountId)}assertSameStack(construct){const thisStack=core_1.Stack.of(this);if(core_1.Stack.of(construct)!==thisStack)throw new Error(`${construct.node.path} should be defined in the scope of the ${thisStack.stackName} stack to prevent circular dependencies`)}synthesizeMapRoles(){return core_1.Lazy.any({produce:()=>this.stack.toJsonString(this.roleMappings.map(m=>({rolearn:m.role.roleArn,username:m.mapping.username??m.role.roleArn,groups:m.mapping.groups})))})}synthesizeMapUsers(){return core_1.Lazy.any({produce:()=>this.stack.toJsonString(this.userMappings.map(m=>({userarn:m.user.userArn,username:m.mapping.username??m.user.userArn,groups:m.mapping.groups})))})}synthesizeMapAccounts(){return core_1.Lazy.any({produce:()=>this.stack.toJsonString(this.accounts)})}}exports.AwsAuth=AwsAuth,_a=JSII_RTTI_SYMBOL_1,AwsAuth[_a]={fqn:"aws-cdk-lib.aws_eks.AwsAuth",version:"2.70.0"};