Package org.cdk8s.plus23

Class ClusterRole

java.lang.Object

software.amazon.jsii.JsiiObject

software.constructs.Construct

org.cdk8s.plus23.Resource

org.cdk8s.plus23.ClusterRole

All Implemented Interfaces:

IApiEndpoint, IApiResource, IClusterRole, IResource, IRole, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable

@Generated(value="jsii-pacmak/1.69.0 (build f656c31)",
           date="2022-10-15T03:08:34.982Z")
@Stability(Stable)
public class ClusterRole
extends Resource
implements IClusterRole, IRole

ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	ClusterRole.Builder	A fluent builder for ClusterRole.

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface org.cdk8s.plus23.IApiEndpoint

IApiEndpoint.Jsii$Default

Nested classes/interfaces inherited from interface org.cdk8s.plus23.IApiResource

IApiResource.Jsii$Default

Nested classes/interfaces inherited from interface org.cdk8s.plus23.IClusterRole

IClusterRole.Jsii$Default, IClusterRole.Jsii$Proxy

Nested classes/interfaces inherited from interface software.constructs.IConstruct

software.constructs.IConstruct.Jsii$Default

Nested classes/interfaces inherited from interface org.cdk8s.plus23.IResource

IResource.Jsii$Default

Nested classes/interfaces inherited from interface org.cdk8s.plus23.IRole

IRole.Jsii$Default, IRole.Jsii$Proxy

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	ClusterRole(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	ClusterRole(software.amazon.jsii.JsiiObjectRef objRef)
	ClusterRole(software.constructs.Construct scope, String id)
	ClusterRole(software.constructs.Construct scope, String id, ClusterRoleProps props)

Method Summary

Modifier and Type	Method	Description
void	aggregate(String key, String value)	Aggregate rules from roles matching this label selector.
void	allow(List<String> verbs, @NotNull IApiEndpoint... endpoints)	Add permission to perform a list of HTTP verbs on a collection of resources.
void	allowCreate(@NotNull IApiEndpoint... endpoints)	Add "create" permission for the resources.
void	allowDelete(@NotNull IApiEndpoint... endpoints)	Add "delete" permission for the resources.
void	allowDeleteCollection(@NotNull IApiEndpoint... endpoints)	Add "deletecollection" permission for the resources.
void	allowGet(@NotNull IApiEndpoint... endpoints)	Add "get" permission for the resources.
void	allowList(@NotNull IApiEndpoint... endpoints)	Add "list" permission for the resources.
void	allowPatch(@NotNull IApiEndpoint... endpoints)	Add "patch" permission for the resources.
void	allowRead(@NotNull IApiEndpoint... endpoints)	Add "get", "list", and "watch" permissions for the resources.
void	allowReadWrite(@NotNull IApiEndpoint... endpoints)	Add "get", "list", "watch", "create", "update", "patch", "delete", and "deletecollection" permissions for the resources.
void	allowUpdate(@NotNull IApiEndpoint... endpoints)	Add "update" permission for the resources.
void	allowWatch(@NotNull IApiEndpoint... endpoints)	Add "watch" permission for the resources.
ClusterRoleBinding	bind(@NotNull ISubject... subjects)	Create a ClusterRoleBinding that binds the permissions in this ClusterRole to a list of subjects, without namespace restrictions.
RoleBinding	bindInNamespace(String namespace, @NotNull ISubject... subjects)	Create a RoleBinding that binds the permissions in this ClusterRole to a list of subjects, that will only apply to the given namespace.
void	combine(ClusterRole rol)	Combines the rules of the argument ClusterRole into this ClusterRole using aggregation labels.
static IClusterRole	fromClusterRoleName(software.constructs.Construct scope, String id, String name)	Imports a role from the cluster as a reference.
protected org.cdk8s.ApiObject	getApiObject()	The underlying cdk8s API object.
String	getResourceType()	The name of a resource type as it appears in the relevant API endpoint.
List<ClusterRolePolicyRule>	getRules()	Rules associaated with this Role.

Methods inherited from class org.cdk8s.plus23.Resource

asApiResource, asNonApiResource, getApiGroup, getApiVersion, getKind, getMetadata, getName, getPermissions, getResourceName

Methods inherited from class software.constructs.Construct

getNode, isConstruct, toString

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.constructs.IConstruct

getNode

Methods inherited from interface org.cdk8s.plus23.IResource

getApiGroup, getApiVersion, getKind, getName

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Constructor Detail

ClusterRole

protected ClusterRole(software.amazon.jsii.JsiiObjectRef objRef)

ClusterRole

protected ClusterRole(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

ClusterRole

@Stability(Stable)
public ClusterRole(@NotNull
                   software.constructs.Construct scope,
                   @NotNull
                   String id,
                   @Nullable
                   ClusterRoleProps props)

Parameters:

scope - This parameter is required.

id - This parameter is required.

props -

ClusterRole

@Stability(Stable)
public ClusterRole(@NotNull
                   software.constructs.Construct scope,
                   @NotNull
                   String id)

Parameters:

scope - This parameter is required.

id - This parameter is required.

Method Detail

fromClusterRoleName

@Stability(Stable)
@NotNull
public static IClusterRole fromClusterRoleName(@NotNull
                                               software.constructs.Construct scope,
                                               @NotNull
                                               String id,
                                               @NotNull
                                               String name)

Imports a role from the cluster as a reference.

Parameters:

scope - This parameter is required.

id - This parameter is required.

name - This parameter is required.

aggregate

@Stability(Stable)
public void aggregate(@NotNull
                      String key,
                      @NotNull
                      String value)

Aggregate rules from roles matching this label selector.

Parameters:

key - This parameter is required.

value - This parameter is required.

allow

@Stability(Stable)
public void allow(@NotNull
                  List<String> verbs,
                  @NotNull
                  @NotNull IApiEndpoint... endpoints)

Add permission to perform a list of HTTP verbs on a collection of resources.

Parameters:

verbs - This parameter is required.

endpoints - The endpoints(s) to apply to. This parameter is required.

See Also:

https://kubernetes.io/docs/reference/access-authn-authz/authorization/#determine-the-request-verb

allowCreate

@Stability(Stable)
public void allowCreate(@NotNull
                        @NotNull IApiEndpoint... endpoints)

Add "create" permission for the resources.

Parameters:

endpoints - The resource(s) to apply to. This parameter is required.

allowDelete

@Stability(Stable)
public void allowDelete(@NotNull
                        @NotNull IApiEndpoint... endpoints)

Add "delete" permission for the resources.

Parameters:

endpoints - The resource(s) to apply to. This parameter is required.

allowDeleteCollection

@Stability(Stable)
public void allowDeleteCollection(@NotNull
                                  @NotNull IApiEndpoint... endpoints)

Add "deletecollection" permission for the resources.

Parameters:

endpoints - The resource(s) to apply to. This parameter is required.

allowGet

@Stability(Stable)
public void allowGet(@NotNull
                     @NotNull IApiEndpoint... endpoints)

Add "get" permission for the resources.

Parameters:

endpoints - The resource(s) to apply to. This parameter is required.

allowList

@Stability(Stable)
public void allowList(@NotNull
                      @NotNull IApiEndpoint... endpoints)

Add "list" permission for the resources.

Parameters:

endpoints - The resource(s) to apply to. This parameter is required.

allowPatch

@Stability(Stable)
public void allowPatch(@NotNull
                       @NotNull IApiEndpoint... endpoints)

Add "patch" permission for the resources.

Parameters:

endpoints - The resource(s) to apply to. This parameter is required.

allowRead

@Stability(Stable)
public void allowRead(@NotNull
                      @NotNull IApiEndpoint... endpoints)

Add "get", "list", and "watch" permissions for the resources.

Parameters:

endpoints - The resource(s) to apply to. This parameter is required.

allowReadWrite

@Stability(Stable)
public void allowReadWrite(@NotNull
                           @NotNull IApiEndpoint... endpoints)

Add "get", "list", "watch", "create", "update", "patch", "delete", and "deletecollection" permissions for the resources.

Parameters:

endpoints - The resource(s) to apply to. This parameter is required.

allowUpdate

@Stability(Stable)
public void allowUpdate(@NotNull
                        @NotNull IApiEndpoint... endpoints)

Add "update" permission for the resources.

Parameters:

endpoints - The resource(s) to apply to. This parameter is required.

allowWatch

@Stability(Stable)
public void allowWatch(@NotNull
                       @NotNull IApiEndpoint... endpoints)

Add "watch" permission for the resources.

Parameters:

endpoints - The resource(s) to apply to. This parameter is required.

bind

@Stability(Stable)
@NotNull
public ClusterRoleBinding bind(@NotNull
                               @NotNull ISubject... subjects)

Create a ClusterRoleBinding that binds the permissions in this ClusterRole to a list of subjects, without namespace restrictions.

Parameters:

subjects - a list of subjects to bind to. This parameter is required.

bindInNamespace

@Stability(Stable)
@NotNull
public RoleBinding bindInNamespace(@NotNull
                                   String namespace,
                                   @NotNull
                                   @NotNull ISubject... subjects)

Create a RoleBinding that binds the permissions in this ClusterRole to a list of subjects, that will only apply to the given namespace.

Parameters:

namespace - the namespace to limit permissions to. This parameter is required.

subjects - a list of subjects to bind to. This parameter is required.

combine

@Stability(Stable)
public void combine(@NotNull
                    ClusterRole rol)

Combines the rules of the argument ClusterRole into this ClusterRole using aggregation labels.

Parameters:

rol - This parameter is required.

getApiObject

@Stability(Stable)
@NotNull
protected org.cdk8s.ApiObject getApiObject()

The underlying cdk8s API object.

Specified by:

getApiObject in class Resource

See Also:

base.Resource.apiObject

getResourceType

@Stability(Stable)
@NotNull
public String getResourceType()

The name of a resource type as it appears in the relevant API endpoint.

Specified by:

getResourceType in interface IApiResource

Specified by:

getResourceType in class Resource

See Also:

https://kubernetes.io/docs/reference/access-authn-authz/rbac/#referring-to-resources

getRules

@Stability(Stable)
@NotNull
public List<ClusterRolePolicyRule> getRules()

Rules associaated with this Role.

Returns a copy, use allow to add rules.