aws-cdk-lib/aws-eks/lib/fargate-profile.js

Version 2 of the AWS Cloud Development Kit library

"use strict";var _a;Object.defineProperty(exports,"__esModule",{value:!0}),exports.FargateProfile=void 0;const jsiiDeprecationWarnings=require("../../.warnings.jsii.js"),JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti"),ec2=require("../../aws-ec2"),iam=require("../../aws-iam"),core_1=require("../../core"),constructs_1=require("constructs"),consts_1=require("./cluster-resource-handler/consts"),cluster_resource_provider_1=require("./cluster-resource-provider");class FargateProfile extends constructs_1.Construct{constructor(scope,id,props){super(scope,id);try{jsiiDeprecationWarnings.aws_cdk_lib_aws_eks_FargateProfileProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,FargateProfile),error}const provider=cluster_resource_provider_1.ClusterResourceProvider.getOrCreate(this,{adminRole:props.cluster.adminRole,onEventLayer:props.cluster.onEventLayer});this.podExecutionRole=props.podExecutionRole??new iam.Role(this,"PodExecutionRole",{assumedBy:new iam.ServicePrincipal("eks-fargate-pods.amazonaws.com"),managedPolicies:[iam.ManagedPolicy.fromAwsManagedPolicyName("AmazonEKSFargatePodExecutionRolePolicy")]}),this.podExecutionRole.grantPassRole(props.cluster.adminRole),props.subnetSelection&&!props.vpc&&core_1.Annotations.of(this).addWarning("Vpc must be defined to use a custom subnet selection. All private subnets belonging to the EKS cluster will be used by default");let subnets;if(props.vpc){const selection=props.subnetSelection??{subnetType:ec2.SubnetType.PRIVATE_WITH_EGRESS};subnets=props.vpc.selectSubnets(selection).subnetIds}if(props.selectors.length<1)throw new Error("Fargate profile requires at least one selector");if(props.selectors.length>5)throw new Error("Fargate profile supports up to five selectors");this.tags=new core_1.TagManager(core_1.TagType.MAP,"AWS::EKS::FargateProfile");const resource=new core_1.CustomResource(this,"Resource",{serviceToken:provider.serviceToken,resourceType:consts_1.FARGATE_PROFILE_RESOURCE_TYPE,properties:{AssumeRoleArn:props.cluster.adminRole.roleArn,Config:{clusterName:props.cluster.clusterName,fargateProfileName:props.fargateProfileName,podExecutionRoleArn:this.podExecutionRole.roleArn,selectors:props.selectors,subnets,tags:core_1.Lazy.any({produce:()=>this.tags.renderTags()})}}});this.fargateProfileArn=resource.getAttString("fargateProfileArn"),this.fargateProfileName=resource.ref;const clusterFargateProfiles=props.cluster._attachFargateProfile(this);if(clusterFargateProfiles.length>1){const previousProfile=clusterFargateProfiles[clusterFargateProfiles.length-2];resource.node.addDependency(previousProfile)}props.cluster.awsAuth.addRoleMapping(this.podExecutionRole,{username:"system:node:{{SessionName}}",groups:["system:bootstrappers","system:nodes","system:node-proxier"]})}}exports.FargateProfile=FargateProfile,_a=JSII_RTTI_SYMBOL_1,FargateProfile[_a]={fqn:"aws-cdk-lib.aws_eks.FargateProfile",version:"2.70.0"};