aws_sdk_eks/client/

update_access_entry.rs

// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
impl super::Client {
    /// Constructs a fluent builder for the [`UpdateAccessEntry`](crate::operation::update_access_entry::builders::UpdateAccessEntryFluentBuilder) operation.
    ///
    /// - The fluent builder is configurable:
    ///   - [`cluster_name(impl Into<String>)`](crate::operation::update_access_entry::builders::UpdateAccessEntryFluentBuilder::cluster_name) / [`set_cluster_name(Option<String>)`](crate::operation::update_access_entry::builders::UpdateAccessEntryFluentBuilder::set_cluster_name):<br>required: **true**<br><p>The name of your cluster.</p><br>
    ///   - [`principal_arn(impl Into<String>)`](crate::operation::update_access_entry::builders::UpdateAccessEntryFluentBuilder::principal_arn) / [`set_principal_arn(Option<String>)`](crate::operation::update_access_entry::builders::UpdateAccessEntryFluentBuilder::set_principal_arn):<br>required: **true**<br><p>The ARN of the IAM principal for the <code>AccessEntry</code>.</p><br>
    ///   - [`kubernetes_groups(impl Into<String>)`](crate::operation::update_access_entry::builders::UpdateAccessEntryFluentBuilder::kubernetes_groups) / [`set_kubernetes_groups(Option<Vec::<String>>)`](crate::operation::update_access_entry::builders::UpdateAccessEntryFluentBuilder::set_kubernetes_groups):<br>required: **false**<br><p>The value for <code>name</code> that you've specified for <code>kind: Group</code> as a <code>subject</code> in a Kubernetes <code>RoleBinding</code> or <code>ClusterRoleBinding</code> object. Amazon EKS doesn't confirm that the value for <code>name</code> exists in any bindings on your cluster. You can specify one or more names.</p> <p>Kubernetes authorizes the <code>principalArn</code> of the access entry to access any cluster objects that you've specified in a Kubernetes <code>Role</code> or <code>ClusterRole</code> object that is also specified in a binding's <code>roleRef</code>. For more information about creating Kubernetes <code>RoleBinding</code>, <code>ClusterRoleBinding</code>, <code>Role</code>, or <code>ClusterRole</code> objects, see <a href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/">Using RBAC Authorization in the Kubernetes documentation</a>.</p> <p>If you want Amazon EKS to authorize the <code>principalArn</code> (instead of, or in addition to Kubernetes authorizing the <code>principalArn</code>), you can associate one or more access policies to the access entry using <code>AssociateAccessPolicy</code>. If you associate any access policies, the <code>principalARN</code> has all permissions assigned in the associated access policies and all permissions in any Kubernetes <code>Role</code> or <code>ClusterRole</code> objects that the group names are bound to.</p><br>
    ///   - [`client_request_token(impl Into<String>)`](crate::operation::update_access_entry::builders::UpdateAccessEntryFluentBuilder::client_request_token) / [`set_client_request_token(Option<String>)`](crate::operation::update_access_entry::builders::UpdateAccessEntryFluentBuilder::set_client_request_token):<br>required: **false**<br><p>A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.</p><br>
    ///   - [`username(impl Into<String>)`](crate::operation::update_access_entry::builders::UpdateAccessEntryFluentBuilder::username) / [`set_username(Option<String>)`](crate::operation::update_access_entry::builders::UpdateAccessEntryFluentBuilder::set_username):<br>required: **false**<br><p>The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before specifying your own username, see <a href="https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html#creating-access-entries">Creating access entries</a> in the <i>Amazon EKS User Guide</i>.</p><br>
    /// - On success, responds with [`UpdateAccessEntryOutput`](crate::operation::update_access_entry::UpdateAccessEntryOutput) with field(s):
    ///   - [`access_entry(Option<AccessEntry>)`](crate::operation::update_access_entry::UpdateAccessEntryOutput::access_entry): <p>The ARN of the IAM principal for the <code>AccessEntry</code>.</p>
    /// - On failure, responds with [`SdkError<UpdateAccessEntryError>`](crate::operation::update_access_entry::UpdateAccessEntryError)
    pub fn update_access_entry(&self) -> crate::operation::update_access_entry::builders::UpdateAccessEntryFluentBuilder {
        crate::operation::update_access_entry::builders::UpdateAccessEntryFluentBuilder::new(self.handle.clone())
    }
}