Class: AWSCDK::EKSv2::EndpointAccess

Inherits:
Jsii::Object
  • Object
show all
Defined in:
ek_sv2/endpoint_access.rb

Overview

Endpoint access characteristics.

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(*args) ⇒ EndpointAccess

Returns a new instance of EndpointAccess.

Raises:

  • (NoMethodError)


8
9
10
# File 'ek_sv2/endpoint_access.rb', line 8

def initialize(*args)
  raise NoMethodError, "aws-cdk-lib.aws_eks_v2.EndpointAccess does not have a visible constructor; use the provided factory methods"
end

Class Method Details

.jsii_overridable_methodsObject



12
13
14
15
16
# File 'ek_sv2/endpoint_access.rb', line 12

def self.jsii_overridable_methods
  {
    :only_from => { kind: :method, name: "onlyFrom", is_optional: false },
  }
end

.PRIVATEAWSCDK::EKSv2::EndpointAccess

The cluster endpoint is only accessible through your VPC.

Worker node traffic to the endpoint will stay within your VPC.

Returns:

  • (AWSCDK::EKSv2::EndpointAccess)


23
24
25
# File 'ek_sv2/endpoint_access.rb', line 23

def self.PRIVATE()
  Jsii::Kernel.instance.get_static("aws-cdk-lib.aws_eks_v2.EndpointAccess", "PRIVATE")
end

.PUBLICAWSCDK::EKSv2::EndpointAccess

The cluster endpoint is accessible from outside of your VPC.

Worker node traffic will leave your VPC to connect to the endpoint.

By default, the endpoint is exposed to all addresses. You can optionally limit the CIDR blocks that can access the public endpoint using the PUBLIC.onlyFrom method. If you limit access to specific CIDR blocks, you must ensure that the CIDR blocks that you specify include the addresses that worker nodes and Fargate pods (if you use them) access the public endpoint from.

Returns:

  • (AWSCDK::EKSv2::EndpointAccess)


37
38
39
# File 'ek_sv2/endpoint_access.rb', line 37

def self.PUBLIC()
  Jsii::Kernel.instance.get_static("aws-cdk-lib.aws_eks_v2.EndpointAccess", "PUBLIC")
end

.PUBLIC_AND_PRIVATEAWSCDK::EKSv2::EndpointAccess

The cluster endpoint is accessible from outside of your VPC.

Worker node traffic to the endpoint will stay within your VPC.

By default, the endpoint is exposed to all addresses. You can optionally limit the CIDR blocks that can access the public endpoint using the PUBLIC_AND_PRIVATE.onlyFrom method. If you limit access to specific CIDR blocks, you must ensure that the CIDR blocks that you specify include the addresses that worker nodes and Fargate pods (if you use them) access the public endpoint from.

Returns:

  • (AWSCDK::EKSv2::EndpointAccess)


51
52
53
# File 'ek_sv2/endpoint_access.rb', line 51

def self.PUBLIC_AND_PRIVATE()
  Jsii::Kernel.instance.get_static("aws-cdk-lib.aws_eks_v2.EndpointAccess", "PUBLIC_AND_PRIVATE")
end

Instance Method Details

#only_from(*cidr) ⇒ AWSCDK::EKSv2::EndpointAccess

Restrict public access to specific CIDR blocks.

If public access is disabled, this method will result in an error.

Parameters:

  • cidr (Array<String>)

    CIDR blocks.

Returns:

  • (AWSCDK::EKSv2::EndpointAccess)


61
62
63
64
65
66
# File 'ek_sv2/endpoint_access.rb', line 61

def only_from(*cidr)
  cidr.each_with_index do |item, index|
    Jsii::Type.check_type(item, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "cidr[#{index}]")
  end
  jsii_call_method("onlyFrom", [*cidr])
end