com.amazonaws.services.eks.model.CreateAccessEntryRequest Maven / Gradle / Ivy
/*
* Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.eks.model;
import java.io.Serializable;
import javax.annotation.Generated;
import com.amazonaws.AmazonWebServiceRequest;
/**
*
* @see AWS API
* Documentation
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class CreateAccessEntryRequest extends com.amazonaws.AmazonWebServiceRequest implements Serializable, Cloneable {
/**
*
* The name of your cluster.
*
*/
private String clusterName;
/**
*
* The ARN of the IAM principal for the AccessEntry. You can specify one ARN for each access entry. You
* can't specify the same ARN in more than one access entry. This value can't be changed after access entry
* creation.
*
*
* The valid principals differ depending on the type of the access entry in the type field. The only
* valid ARN is IAM roles for the types of access entries for nodes:
* STANDARD access entries. You can't use the
* STS session principal type with access entries because this is a temporary principal for each session and not a
* permanent identity that can be assigned permissions.
*
*
* IAM best
* practices recommend using IAM roles with temporary credentials, rather than IAM users with long-term
* credentials.
*
*/
private String principalArn;
/**
*
* The value for name that you've specified for kind: Group as a subject in a
* Kubernetes RoleBinding or ClusterRoleBinding object. Amazon EKS doesn't confirm that
* the value for name exists in any bindings on your cluster. You can specify one or more names.
*
*
* Kubernetes authorizes the principalArn of the access entry to access any cluster objects that you've
* specified in a Kubernetes Role or ClusterRole object that is also specified in a
* binding's roleRef. For more information about creating Kubernetes RoleBinding,
* ClusterRoleBinding, Role, or ClusterRole objects, see Using RBAC Authorization in the Kubernetes
* documentation.
*
*
* If you want Amazon EKS to authorize the principalArn (instead of, or in addition to Kubernetes
* authorizing the principalArn), you can associate one or more access policies to the access entry
* using AssociateAccessPolicy. If you associate any access policies, the principalARN has
* all permissions assigned in the associated access policies and all permissions in any Kubernetes
* Role or ClusterRole objects that the group names are bound to.
*
*/
private java.util.List kubernetesGroups;
/**
*
* Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You
* define both. Tags don't propagate to any other cluster or Amazon Web Services resources.
*
*/
private java.util.Map tags;
/**
*
* A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
*
*/
private String clientRequestToken;
/**
*
* The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS
* specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before
* specifying your own username, see Creating
* access entries in the Amazon EKS User Guide.
*
*/
private String username;
/**
*
* The type of the new access entry. Valid values are Standard, FARGATE_LINUX,
* EC2_LINUX, and EC2_WINDOWS.
*
*
* If the principalArn is for an IAM role that's used for self-managed Amazon EC2 nodes, specify
* EC2_LINUX or EC2_WINDOWS. Amazon EKS grants the necessary permissions to the node for
* you. If the principalArn is for any other purpose, specify STANDARD. If you don't
* specify a value, Amazon EKS sets the value to STANDARD. It's unnecessary to create access entries
* for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the
* aws-auth ConfigMap for the roles. You can't change this value once you've created the
* access entry.
*
*
* If you set the value to EC2_LINUX or EC2_WINDOWS, you can't specify values for
* kubernetesGroups, or associate an AccessPolicy to the access entry.
*
*/
private String type;
/**
*
* The name of your cluster.
*
*
* @param clusterName
* The name of your cluster.
*/
public void setClusterName(String clusterName) {
this.clusterName = clusterName;
}
/**
*
* The name of your cluster.
*
*
* @return The name of your cluster.
*/
public String getClusterName() {
return this.clusterName;
}
/**
*
* The name of your cluster.
*
*
* @param clusterName
* The name of your cluster.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateAccessEntryRequest withClusterName(String clusterName) {
setClusterName(clusterName);
return this;
}
/**
*
* The ARN of the IAM principal for the AccessEntry. You can specify one ARN for each access entry. You
* can't specify the same ARN in more than one access entry. This value can't be changed after access entry
* creation.
*
*
* The valid principals differ depending on the type of the access entry in the type field. The only
* valid ARN is IAM roles for the types of access entries for nodes:
* STANDARD access entries. You can't use the
* STS session principal type with access entries because this is a temporary principal for each session and not a
* permanent identity that can be assigned permissions.
*
*
* IAM best
* practices recommend using IAM roles with temporary credentials, rather than IAM users with long-term
* credentials.
*
*
* @param principalArn
* The ARN of the IAM principal for the AccessEntry. You can specify one ARN for each access
* entry. You can't specify the same ARN in more than one access entry. This value can't be changed after
* access entry creation.
*
* The valid principals differ depending on the type of the access entry in the type field. The
* only valid ARN is IAM roles for the types of access entries for nodes:
* STANDARD access entries. You can't
* use the STS session principal type with access entries because this is a temporary principal for each
* session and not a permanent identity that can be assigned permissions.
*
*
* IAM
* best practices recommend using IAM roles with temporary credentials, rather than IAM users with
* long-term credentials.
*/
public void setPrincipalArn(String principalArn) {
this.principalArn = principalArn;
}
/**
*
* The ARN of the IAM principal for the AccessEntry. You can specify one ARN for each access entry. You
* can't specify the same ARN in more than one access entry. This value can't be changed after access entry
* creation.
*
*
* The valid principals differ depending on the type of the access entry in the type field. The only
* valid ARN is IAM roles for the types of access entries for nodes:
* STANDARD access entries. You can't use the
* STS session principal type with access entries because this is a temporary principal for each session and not a
* permanent identity that can be assigned permissions.
*
*
* IAM best
* practices recommend using IAM roles with temporary credentials, rather than IAM users with long-term
* credentials.
*
*
* @return The ARN of the IAM principal for the AccessEntry. You can specify one ARN for each access
* entry. You can't specify the same ARN in more than one access entry. This value can't be changed after
* access entry creation.
*
* The valid principals differ depending on the type of the access entry in the type field. The
* only valid ARN is IAM roles for the types of access entries for nodes:
* STANDARD access entries. You can't
* use the STS session principal type with access entries because this is a temporary principal for each
* session and not a permanent identity that can be assigned permissions.
*
*
* IAM
* best practices recommend using IAM roles with temporary credentials, rather than IAM users with
* long-term credentials.
*/
public String getPrincipalArn() {
return this.principalArn;
}
/**
*
* The ARN of the IAM principal for the AccessEntry. You can specify one ARN for each access entry. You
* can't specify the same ARN in more than one access entry. This value can't be changed after access entry
* creation.
*
*
* The valid principals differ depending on the type of the access entry in the type field. The only
* valid ARN is IAM roles for the types of access entries for nodes:
* STANDARD access entries. You can't use the
* STS session principal type with access entries because this is a temporary principal for each session and not a
* permanent identity that can be assigned permissions.
*
*
* IAM best
* practices recommend using IAM roles with temporary credentials, rather than IAM users with long-term
* credentials.
*
*
* @param principalArn
* The ARN of the IAM principal for the AccessEntry. You can specify one ARN for each access
* entry. You can't specify the same ARN in more than one access entry. This value can't be changed after
* access entry creation.
*
* The valid principals differ depending on the type of the access entry in the type field. The
* only valid ARN is IAM roles for the types of access entries for nodes:
* STANDARD access entries. You can't
* use the STS session principal type with access entries because this is a temporary principal for each
* session and not a permanent identity that can be assigned permissions.
*
*
* IAM
* best practices recommend using IAM roles with temporary credentials, rather than IAM users with
* long-term credentials.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateAccessEntryRequest withPrincipalArn(String principalArn) {
setPrincipalArn(principalArn);
return this;
}
/**
*
* The value for name that you've specified for kind: Group as a subject in a
* Kubernetes RoleBinding or ClusterRoleBinding object. Amazon EKS doesn't confirm that
* the value for name exists in any bindings on your cluster. You can specify one or more names.
*
*
* Kubernetes authorizes the principalArn of the access entry to access any cluster objects that you've
* specified in a Kubernetes Role or ClusterRole object that is also specified in a
* binding's roleRef. For more information about creating Kubernetes RoleBinding,
* ClusterRoleBinding, Role, or ClusterRole objects, see Using RBAC Authorization in the Kubernetes
* documentation.
*
*
* If you want Amazon EKS to authorize the principalArn (instead of, or in addition to Kubernetes
* authorizing the principalArn), you can associate one or more access policies to the access entry
* using AssociateAccessPolicy. If you associate any access policies, the principalARN has
* all permissions assigned in the associated access policies and all permissions in any Kubernetes
* Role or ClusterRole objects that the group names are bound to.
*
*
* @return The value for name that you've specified for kind: Group as a
* subject in a Kubernetes RoleBinding or ClusterRoleBinding object.
* Amazon EKS doesn't confirm that the value for name exists in any bindings on your cluster.
* You can specify one or more names.
*
* Kubernetes authorizes the principalArn of the access entry to access any cluster objects
* that you've specified in a Kubernetes Role or ClusterRole object that is also
* specified in a binding's roleRef. For more information about creating Kubernetes
* RoleBinding, ClusterRoleBinding, Role, or ClusterRole
* objects, see Using RBAC
* Authorization in the Kubernetes documentation.
*
*
* If you want Amazon EKS to authorize the principalArn (instead of, or in addition to
* Kubernetes authorizing the principalArn), you can associate one or more access policies to
* the access entry using AssociateAccessPolicy. If you associate any access policies, the
* principalARN has all permissions assigned in the associated access policies and all
* permissions in any Kubernetes Role or ClusterRole objects that the group names
* are bound to.
*/
public java.util.List getKubernetesGroups() {
return kubernetesGroups;
}
/**
*
* The value for name that you've specified for kind: Group as a subject in a
* Kubernetes RoleBinding or ClusterRoleBinding object. Amazon EKS doesn't confirm that
* the value for name exists in any bindings on your cluster. You can specify one or more names.
*
*
* Kubernetes authorizes the principalArn of the access entry to access any cluster objects that you've
* specified in a Kubernetes Role or ClusterRole object that is also specified in a
* binding's roleRef. For more information about creating Kubernetes RoleBinding,
* ClusterRoleBinding, Role, or ClusterRole objects, see Using RBAC Authorization in the Kubernetes
* documentation.
*
*
* If you want Amazon EKS to authorize the principalArn (instead of, or in addition to Kubernetes
* authorizing the principalArn), you can associate one or more access policies to the access entry
* using AssociateAccessPolicy. If you associate any access policies, the principalARN has
* all permissions assigned in the associated access policies and all permissions in any Kubernetes
* Role or ClusterRole objects that the group names are bound to.
*
*
* @param kubernetesGroups
* The value for name that you've specified for kind: Group as a
* subject in a Kubernetes RoleBinding or ClusterRoleBinding object.
* Amazon EKS doesn't confirm that the value for name exists in any bindings on your cluster.
* You can specify one or more names.
*
* Kubernetes authorizes the principalArn of the access entry to access any cluster objects that
* you've specified in a Kubernetes Role or ClusterRole object that is also
* specified in a binding's roleRef. For more information about creating Kubernetes
* RoleBinding, ClusterRoleBinding, Role, or ClusterRole
* objects, see Using RBAC
* Authorization in the Kubernetes documentation.
*
*
* If you want Amazon EKS to authorize the principalArn (instead of, or in addition to
* Kubernetes authorizing the principalArn), you can associate one or more access policies to
* the access entry using AssociateAccessPolicy. If you associate any access policies, the
* principalARN has all permissions assigned in the associated access policies and all
* permissions in any Kubernetes Role or ClusterRole objects that the group names
* are bound to.
*/
public void setKubernetesGroups(java.util.Collection kubernetesGroups) {
if (kubernetesGroups == null) {
this.kubernetesGroups = null;
return;
}
this.kubernetesGroups = new java.util.ArrayList(kubernetesGroups);
}
/**
*
* The value for name that you've specified for kind: Group as a subject in a
* Kubernetes RoleBinding or ClusterRoleBinding object. Amazon EKS doesn't confirm that
* the value for name exists in any bindings on your cluster. You can specify one or more names.
*
*
* Kubernetes authorizes the principalArn of the access entry to access any cluster objects that you've
* specified in a Kubernetes Role or ClusterRole object that is also specified in a
* binding's roleRef. For more information about creating Kubernetes RoleBinding,
* ClusterRoleBinding, Role, or ClusterRole objects, see Using RBAC Authorization in the Kubernetes
* documentation.
*
*
* If you want Amazon EKS to authorize the principalArn (instead of, or in addition to Kubernetes
* authorizing the principalArn), you can associate one or more access policies to the access entry
* using AssociateAccessPolicy. If you associate any access policies, the principalARN has
* all permissions assigned in the associated access policies and all permissions in any Kubernetes
* Role or ClusterRole objects that the group names are bound to.
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setKubernetesGroups(java.util.Collection)} or {@link #withKubernetesGroups(java.util.Collection)} if you
* want to override the existing values.
*
*
* @param kubernetesGroups
* The value for name that you've specified for kind: Group as a
* subject in a Kubernetes RoleBinding or ClusterRoleBinding object.
* Amazon EKS doesn't confirm that the value for name exists in any bindings on your cluster.
* You can specify one or more names.
*
* Kubernetes authorizes the principalArn of the access entry to access any cluster objects that
* you've specified in a Kubernetes Role or ClusterRole object that is also
* specified in a binding's roleRef. For more information about creating Kubernetes
* RoleBinding, ClusterRoleBinding, Role, or ClusterRole
* objects, see Using RBAC
* Authorization in the Kubernetes documentation.
*
*
* If you want Amazon EKS to authorize the principalArn (instead of, or in addition to
* Kubernetes authorizing the principalArn), you can associate one or more access policies to
* the access entry using AssociateAccessPolicy. If you associate any access policies, the
* principalARN has all permissions assigned in the associated access policies and all
* permissions in any Kubernetes Role or ClusterRole objects that the group names
* are bound to.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateAccessEntryRequest withKubernetesGroups(String... kubernetesGroups) {
if (this.kubernetesGroups == null) {
setKubernetesGroups(new java.util.ArrayList(kubernetesGroups.length));
}
for (String ele : kubernetesGroups) {
this.kubernetesGroups.add(ele);
}
return this;
}
/**
*
* The value for name that you've specified for kind: Group as a subject in a
* Kubernetes RoleBinding or ClusterRoleBinding object. Amazon EKS doesn't confirm that
* the value for name exists in any bindings on your cluster. You can specify one or more names.
*
*
* Kubernetes authorizes the principalArn of the access entry to access any cluster objects that you've
* specified in a Kubernetes Role or ClusterRole object that is also specified in a
* binding's roleRef. For more information about creating Kubernetes RoleBinding,
* ClusterRoleBinding, Role, or ClusterRole objects, see Using RBAC Authorization in the Kubernetes
* documentation.
*
*
* If you want Amazon EKS to authorize the principalArn (instead of, or in addition to Kubernetes
* authorizing the principalArn), you can associate one or more access policies to the access entry
* using AssociateAccessPolicy. If you associate any access policies, the principalARN has
* all permissions assigned in the associated access policies and all permissions in any Kubernetes
* Role or ClusterRole objects that the group names are bound to.
*
*
* @param kubernetesGroups
* The value for name that you've specified for kind: Group as a
* subject in a Kubernetes RoleBinding or ClusterRoleBinding object.
* Amazon EKS doesn't confirm that the value for name exists in any bindings on your cluster.
* You can specify one or more names.
*
* Kubernetes authorizes the principalArn of the access entry to access any cluster objects that
* you've specified in a Kubernetes Role or ClusterRole object that is also
* specified in a binding's roleRef. For more information about creating Kubernetes
* RoleBinding, ClusterRoleBinding, Role, or ClusterRole
* objects, see Using RBAC
* Authorization in the Kubernetes documentation.
*
*
* If you want Amazon EKS to authorize the principalArn (instead of, or in addition to
* Kubernetes authorizing the principalArn), you can associate one or more access policies to
* the access entry using AssociateAccessPolicy. If you associate any access policies, the
* principalARN has all permissions assigned in the associated access policies and all
* permissions in any Kubernetes Role or ClusterRole objects that the group names
* are bound to.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateAccessEntryRequest withKubernetesGroups(java.util.Collection kubernetesGroups) {
setKubernetesGroups(kubernetesGroups);
return this;
}
/**
*
* Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You
* define both. Tags don't propagate to any other cluster or Amazon Web Services resources.
*
*
* @return Metadata that assists with categorization and organization. Each tag consists of a key and an optional
* value. You define both. Tags don't propagate to any other cluster or Amazon Web Services resources.
*/
public java.util.Map getTags() {
return tags;
}
/**
*
* Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You
* define both. Tags don't propagate to any other cluster or Amazon Web Services resources.
*
*
* @param tags
* Metadata that assists with categorization and organization. Each tag consists of a key and an optional
* value. You define both. Tags don't propagate to any other cluster or Amazon Web Services resources.
*/
public void setTags(java.util.Map tags) {
this.tags = tags;
}
/**
*
* Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You
* define both. Tags don't propagate to any other cluster or Amazon Web Services resources.
*
*
* @param tags
* Metadata that assists with categorization and organization. Each tag consists of a key and an optional
* value. You define both. Tags don't propagate to any other cluster or Amazon Web Services resources.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateAccessEntryRequest withTags(java.util.Map tags) {
setTags(tags);
return this;
}
/**
* Add a single Tags entry
*
* @see CreateAccessEntryRequest#withTags
* @returns a reference to this object so that method calls can be chained together.
*/
public CreateAccessEntryRequest addTagsEntry(String key, String value) {
if (null == this.tags) {
this.tags = new java.util.HashMap();
}
if (this.tags.containsKey(key))
throw new IllegalArgumentException("Duplicated keys (" + key.toString() + ") are provided.");
this.tags.put(key, value);
return this;
}
/**
* Removes all the entries added into Tags.
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateAccessEntryRequest clearTagsEntries() {
this.tags = null;
return this;
}
/**
*
* A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
*
*
* @param clientRequestToken
* A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
*/
public void setClientRequestToken(String clientRequestToken) {
this.clientRequestToken = clientRequestToken;
}
/**
*
* A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
*
*
* @return A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
*/
public String getClientRequestToken() {
return this.clientRequestToken;
}
/**
*
* A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
*
*
* @param clientRequestToken
* A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateAccessEntryRequest withClientRequestToken(String clientRequestToken) {
setClientRequestToken(clientRequestToken);
return this;
}
/**
*
* The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS
* specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before
* specifying your own username, see Creating
* access entries in the Amazon EKS User Guide.
*
*
* @param username
* The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon
* EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints
* before specifying your own username, see Creating access entries in the Amazon EKS User Guide.
*/
public void setUsername(String username) {
this.username = username;
}
/**
*
* The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS
* specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before
* specifying your own username, see Creating
* access entries in the Amazon EKS User Guide.
*
*
* @return The username to authenticate to Kubernetes with. We recommend not specifying a username and letting
* Amazon EKS specify it for you. For more information about the value Amazon EKS specifies for you, or
* constraints before specifying your own username, see Creating access entries in the Amazon EKS User Guide.
*/
public String getUsername() {
return this.username;
}
/**
*
* The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS
* specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before
* specifying your own username, see Creating
* access entries in the Amazon EKS User Guide.
*
*
* @param username
* The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon
* EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints
* before specifying your own username, see Creating access entries in the Amazon EKS User Guide.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateAccessEntryRequest withUsername(String username) {
setUsername(username);
return this;
}
/**
*
* The type of the new access entry. Valid values are Standard, FARGATE_LINUX,
* EC2_LINUX, and EC2_WINDOWS.
*
*
* If the principalArn is for an IAM role that's used for self-managed Amazon EC2 nodes, specify
* EC2_LINUX or EC2_WINDOWS. Amazon EKS grants the necessary permissions to the node for
* you. If the principalArn is for any other purpose, specify STANDARD. If you don't
* specify a value, Amazon EKS sets the value to STANDARD. It's unnecessary to create access entries
* for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the
* aws-auth ConfigMap for the roles. You can't change this value once you've created the
* access entry.
*
*
* If you set the value to EC2_LINUX or EC2_WINDOWS, you can't specify values for
* kubernetesGroups, or associate an AccessPolicy to the access entry.
*
*
* @param type
* The type of the new access entry. Valid values are Standard, FARGATE_LINUX,
* EC2_LINUX, and EC2_WINDOWS.
*
* If the principalArn is for an IAM role that's used for self-managed Amazon EC2 nodes, specify
* EC2_LINUX or EC2_WINDOWS. Amazon EKS grants the necessary permissions to the
* node for you. If the principalArn is for any other purpose, specify STANDARD. If
* you don't specify a value, Amazon EKS sets the value to STANDARD. It's unnecessary to create
* access entries for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS
* creates entries in the aws-auth ConfigMap for the roles. You can't change this
* value once you've created the access entry.
*
*
* If you set the value to EC2_LINUX or EC2_WINDOWS, you can't specify values for
* kubernetesGroups, or associate an AccessPolicy to the access entry.
*/
public void setType(String type) {
this.type = type;
}
/**
*
* The type of the new access entry. Valid values are Standard, FARGATE_LINUX,
* EC2_LINUX, and EC2_WINDOWS.
*
*
* If the principalArn is for an IAM role that's used for self-managed Amazon EC2 nodes, specify
* EC2_LINUX or EC2_WINDOWS. Amazon EKS grants the necessary permissions to the node for
* you. If the principalArn is for any other purpose, specify STANDARD. If you don't
* specify a value, Amazon EKS sets the value to STANDARD. It's unnecessary to create access entries
* for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the
* aws-auth ConfigMap for the roles. You can't change this value once you've created the
* access entry.
*
*
* If you set the value to EC2_LINUX or EC2_WINDOWS, you can't specify values for
* kubernetesGroups, or associate an AccessPolicy to the access entry.
*
*
* @return The type of the new access entry. Valid values are Standard, FARGATE_LINUX,
* EC2_LINUX, and EC2_WINDOWS.
*
* If the principalArn is for an IAM role that's used for self-managed Amazon EC2 nodes,
* specify EC2_LINUX or EC2_WINDOWS. Amazon EKS grants the necessary permissions
* to the node for you. If the principalArn is for any other purpose, specify
* STANDARD. If you don't specify a value, Amazon EKS sets the value to STANDARD.
* It's unnecessary to create access entries for IAM roles used with Fargate profiles or managed Amazon EC2
* nodes, because Amazon EKS creates entries in the aws-auth ConfigMap for the
* roles. You can't change this value once you've created the access entry.
*
*
* If you set the value to EC2_LINUX or EC2_WINDOWS, you can't specify values for
* kubernetesGroups, or associate an AccessPolicy to the access entry.
*/
public String getType() {
return this.type;
}
/**
*
* The type of the new access entry. Valid values are Standard, FARGATE_LINUX,
* EC2_LINUX, and EC2_WINDOWS.
*
*
* If the principalArn is for an IAM role that's used for self-managed Amazon EC2 nodes, specify
* EC2_LINUX or EC2_WINDOWS. Amazon EKS grants the necessary permissions to the node for
* you. If the principalArn is for any other purpose, specify STANDARD. If you don't
* specify a value, Amazon EKS sets the value to STANDARD. It's unnecessary to create access entries
* for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the
* aws-auth ConfigMap for the roles. You can't change this value once you've created the
* access entry.
*
*
* If you set the value to EC2_LINUX or EC2_WINDOWS, you can't specify values for
* kubernetesGroups, or associate an AccessPolicy to the access entry.
*
*
* @param type
* The type of the new access entry. Valid values are Standard, FARGATE_LINUX,
* EC2_LINUX, and EC2_WINDOWS.
*
* If the principalArn is for an IAM role that's used for self-managed Amazon EC2 nodes, specify
* EC2_LINUX or EC2_WINDOWS. Amazon EKS grants the necessary permissions to the
* node for you. If the principalArn is for any other purpose, specify STANDARD. If
* you don't specify a value, Amazon EKS sets the value to STANDARD. It's unnecessary to create
* access entries for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS
* creates entries in the aws-auth ConfigMap for the roles. You can't change this
* value once you've created the access entry.
*
*
* If you set the value to EC2_LINUX or EC2_WINDOWS, you can't specify values for
* kubernetesGroups, or associate an AccessPolicy to the access entry.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateAccessEntryRequest withType(String type) {
setType(type);
return this;
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getClusterName() != null)
sb.append("ClusterName: ").append(getClusterName()).append(",");
if (getPrincipalArn() != null)
sb.append("PrincipalArn: ").append(getPrincipalArn()).append(",");
if (getKubernetesGroups() != null)
sb.append("KubernetesGroups: ").append(getKubernetesGroups()).append(",");
if (getTags() != null)
sb.append("Tags: ").append(getTags()).append(",");
if (getClientRequestToken() != null)
sb.append("ClientRequestToken: ").append(getClientRequestToken()).append(",");
if (getUsername() != null)
sb.append("Username: ").append(getUsername()).append(",");
if (getType() != null)
sb.append("Type: ").append(getType());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof CreateAccessEntryRequest == false)
return false;
CreateAccessEntryRequest other = (CreateAccessEntryRequest) obj;
if (other.getClusterName() == null ^ this.getClusterName() == null)
return false;
if (other.getClusterName() != null && other.getClusterName().equals(this.getClusterName()) == false)
return false;
if (other.getPrincipalArn() == null ^ this.getPrincipalArn() == null)
return false;
if (other.getPrincipalArn() != null && other.getPrincipalArn().equals(this.getPrincipalArn()) == false)
return false;
if (other.getKubernetesGroups() == null ^ this.getKubernetesGroups() == null)
return false;
if (other.getKubernetesGroups() != null && other.getKubernetesGroups().equals(this.getKubernetesGroups()) == false)
return false;
if (other.getTags() == null ^ this.getTags() == null)
return false;
if (other.getTags() != null && other.getTags().equals(this.getTags()) == false)
return false;
if (other.getClientRequestToken() == null ^ this.getClientRequestToken() == null)
return false;
if (other.getClientRequestToken() != null && other.getClientRequestToken().equals(this.getClientRequestToken()) == false)
return false;
if (other.getUsername() == null ^ this.getUsername() == null)
return false;
if (other.getUsername() != null && other.getUsername().equals(this.getUsername()) == false)
return false;
if (other.getType() == null ^ this.getType() == null)
return false;
if (other.getType() != null && other.getType().equals(this.getType()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getClusterName() == null) ? 0 : getClusterName().hashCode());
hashCode = prime * hashCode + ((getPrincipalArn() == null) ? 0 : getPrincipalArn().hashCode());
hashCode = prime * hashCode + ((getKubernetesGroups() == null) ? 0 : getKubernetesGroups().hashCode());
hashCode = prime * hashCode + ((getTags() == null) ? 0 : getTags().hashCode());
hashCode = prime * hashCode + ((getClientRequestToken() == null) ? 0 : getClientRequestToken().hashCode());
hashCode = prime * hashCode + ((getUsername() == null) ? 0 : getUsername().hashCode());
hashCode = prime * hashCode + ((getType() == null) ? 0 : getType().hashCode());
return hashCode;
}
@Override
public CreateAccessEntryRequest clone() {
return (CreateAccessEntryRequest) super.clone();
}
}