npm - @aws-sdk/client-eks - Versions diffs - 3.986.0 → 3.987.0 - Mend

@aws-sdk/client-eks 3.986.0 → 3.987.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist-cjs/index.js CHANGED Viewed

@@ -921,6 +921,7 @@ const _pU = "productUrl";
 const _pV = "platformVersion";
 const _pVl = "platformVersions";
 const _pa = "params";
+const _po = "policy";
 const _pr = "provider";
 const _pre = "preserve";
 const _pu = "publishers";
@@ -1348,8 +1349,8 @@ var CreateNodegroupResponse$ = [3, n0, _CNRr,
 ];
 var CreatePodIdentityAssociationRequest$ = [3, n0, _CPIAR,
     0,
-    [_cN, _nam, _sA, _rA, _cRT, _t, _dST, _tRA],
-    [[0, 1], 0, 0, 0, [0, 4], 128 | 0, 2, 0], 4
+    [_cN, _nam, _sA, _rA, _cRT, _t, _dST, _tRA, _po],
+    [[0, 1], 0, 0, 0, [0, 4], 128 | 0, 2, 0, 0], 4
 ];
 var CreatePodIdentityAssociationResponse$ = [3, n0, _CPIARr,
     0,
@@ -1977,8 +1978,8 @@ var OutpostConfigResponse$ = [3, n0, _OCRu,
 ];
 var PodIdentityAssociation$ = [3, n0, _PIA,
     0,
-    [_cN, _nam, _sA, _rA, _aAss, _aIs, _t, _cA, _mA, _oAw, _dST, _tRA, _eI],
-    [0, 0, 0, 0, 0, 0, 128 | 0, 4, 4, 0, 2, 0, 0]
+    [_cN, _nam, _sA, _rA, _aAss, _aIs, _t, _cA, _mA, _oAw, _dST, _tRA, _eI, _po],
+    [0, 0, 0, 0, 0, 0, 128 | 0, 4, 4, 0, 2, 0, 0, 0]
 ];
 var PodIdentityAssociationSummary$ = [3, n0, _PIAS,
     0,
@@ -2235,8 +2236,8 @@ var UpdateParam$ = [3, n0, _UP,
 ];
 var UpdatePodIdentityAssociationRequest$ = [3, n0, _UPIAR,
     0,
-    [_cN, _aIs, _rA, _cRT, _dST, _tRA],
-    [[0, 1], [0, 1], 0, [0, 4], 2, 0], 2
+    [_cN, _aIs, _rA, _cRT, _dST, _tRA, _po],
+    [[0, 1], [0, 1], 0, [0, 4], 2, 0, 0], 2
 ];
 var UpdatePodIdentityAssociationResponse$ = [3, n0, _UPIARp,
     0,

package/dist-es/schemas/schemas_0.js CHANGED Viewed

@@ -554,6 +554,7 @@ const _pU = "productUrl";
 const _pV = "platformVersion";
 const _pVl = "platformVersions";
 const _pa = "params";
+const _po = "policy";
 const _pr = "provider";
 const _pre = "preserve";
 const _pu = "publishers";
@@ -984,8 +985,8 @@ export var CreateNodegroupResponse$ = [3, n0, _CNRr,
 ];
 export var CreatePodIdentityAssociationRequest$ = [3, n0, _CPIAR,
     0,
-    [_cN, _nam, _sA, _rA, _cRT, _t, _dST, _tRA],
-    [[0, 1], 0, 0, 0, [0, 4], 128 | 0, 2, 0], 4
+    [_cN, _nam, _sA, _rA, _cRT, _t, _dST, _tRA, _po],
+    [[0, 1], 0, 0, 0, [0, 4], 128 | 0, 2, 0, 0], 4
 ];
 export var CreatePodIdentityAssociationResponse$ = [3, n0, _CPIARr,
     0,
@@ -1613,8 +1614,8 @@ export var OutpostConfigResponse$ = [3, n0, _OCRu,
 ];
 export var PodIdentityAssociation$ = [3, n0, _PIA,
     0,
-    [_cN, _nam, _sA, _rA, _aAss, _aIs, _t, _cA, _mA, _oAw, _dST, _tRA, _eI],
-    [0, 0, 0, 0, 0, 0, 128 | 0, 4, 4, 0, 2, 0, 0]
+    [_cN, _nam, _sA, _rA, _aAss, _aIs, _t, _cA, _mA, _oAw, _dST, _tRA, _eI, _po],
+    [0, 0, 0, 0, 0, 0, 128 | 0, 4, 4, 0, 2, 0, 0, 0]
 ];
 export var PodIdentityAssociationSummary$ = [3, n0, _PIAS,
     0,
@@ -1871,8 +1872,8 @@ export var UpdateParam$ = [3, n0, _UP,
 ];
 export var UpdatePodIdentityAssociationRequest$ = [3, n0, _UPIAR,
     0,
-    [_cN, _aIs, _rA, _cRT, _dST, _tRA],
-    [[0, 1], [0, 1], 0, [0, 4], 2, 0], 2
+    [_cN, _aIs, _rA, _cRT, _dST, _tRA, _po],
+    [[0, 1], [0, 1], 0, [0, 4], 2, 0, 0], 2
 ];
 export var UpdatePodIdentityAssociationResponse$ = [3, n0, _UPIARp,
     0,

package/dist-types/commands/CreatePodIdentityAssociationCommand.d.ts CHANGED Viewed

@@ -69,6 +69,7 @@ declare const CreatePodIdentityAssociationCommand_base: {
  *   },
  *   disableSessionTags: true || false,
  *   targetRoleArn: "STRING_VALUE",
+ *   policy: "STRING_VALUE",
  * };
  * const command = new CreatePodIdentityAssociationCommand(input);
  * const response = await client.send(command);
@@ -89,6 +90,7 @@ declare const CreatePodIdentityAssociationCommand_base: {
  * //     disableSessionTags: true || false,
  * //     targetRoleArn: "STRING_VALUE",
  * //     externalId: "STRING_VALUE",
+ * //     policy: "STRING_VALUE",
  * //   },
  * // };
  *

package/dist-types/commands/DeletePodIdentityAssociationCommand.d.ts CHANGED Viewed

@@ -60,6 +60,7 @@ declare const DeletePodIdentityAssociationCommand_base: {
  * //     disableSessionTags: true || false,
  * //     targetRoleArn: "STRING_VALUE",
  * //     externalId: "STRING_VALUE",
+ * //     policy: "STRING_VALUE",
  * //   },
  * // };
  *

package/dist-types/commands/DescribePodIdentityAssociationCommand.d.ts CHANGED Viewed

@@ -63,6 +63,7 @@ declare const DescribePodIdentityAssociationCommand_base: {
  * //     disableSessionTags: true || false,
  * //     targetRoleArn: "STRING_VALUE",
  * //     externalId: "STRING_VALUE",
+ * //     policy: "STRING_VALUE",
  * //   },
  * // };
  *

package/dist-types/commands/UpdatePodIdentityAssociationCommand.d.ts CHANGED Viewed

@@ -59,6 +59,7 @@ declare const UpdatePodIdentityAssociationCommand_base: {
  *   clientRequestToken: "STRING_VALUE",
  *   disableSessionTags: true || false,
  *   targetRoleArn: "STRING_VALUE",
+ *   policy: "STRING_VALUE",
  * };
  * const command = new UpdatePodIdentityAssociationCommand(input);
  * const response = await client.send(command);
@@ -79,6 +80,7 @@ declare const UpdatePodIdentityAssociationCommand_base: {
  * //     disableSessionTags: true || false,
  * //     targetRoleArn: "STRING_VALUE",
  * //     externalId: "STRING_VALUE",
+ * //     policy: "STRING_VALUE",
  * //   },
  * // };
  *

package/dist-types/models/models_0.d.ts CHANGED Viewed

@@ -3908,6 +3908,33 @@ export interface CreatePodIdentityAssociationRequest {
      * @public
      */
     targetRoleArn?: string | undefined;
+    /**
+     * <p>An optional IAM policy in JSON format (as an escaped string) that applies additional
+     *             restrictions to this pod identity association beyond the IAM policies attached to the
+     *             IAM role. This policy is applied as the intersection of the role's policies and this
+     *             policy, allowing you to reduce the permissions that applications in the pods can use.
+     *             Use this policy to enforce least privilege access while still leveraging a shared IAM
+     *             role across multiple applications.</p>
+     *          <p>
+     *             <b>Important considerations</b>
+     *          </p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <b>Session tags:</b> When using this policy,
+     *                     <code>disableSessionTags</code> must be set to <code>true</code>.</p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <b>Target role permissions:</b> If you specify both
+     *                     a <code>TargetRoleArn</code> and a policy, the policy restrictions apply only to
+     *                     the target role's permissions, not to the initial role used for assuming the
+     *                     target role.</p>
+     *             </li>
+     *          </ul>
+     * @public
+     */
+    policy?: string | undefined;
 }
 /**
  * <p>Amazon EKS Pod Identity associations provide the ability to manage credentials for your applications, similar to the way that Amazon EC2 instance profiles provide credentials to Amazon EC2 instances.</p>
@@ -4034,6 +4061,16 @@ export interface PodIdentityAssociation {
      * @public
      */
     externalId?: string | undefined;
+    /**
+     * <p>An optional IAM policy in JSON format (as an escaped string) that applies additional
+     *             restrictions to this pod identity association beyond the IAM policies attached to the
+     *             IAM role. This policy is applied as the intersection of the role's policies and this
+     *             policy, allowing you to reduce the permissions that applications in the pods can use.
+     *             Use this policy to enforce least privilege access while still leveraging a shared IAM
+     *             role across multiple applications.</p>
+     * @public
+     */
+    policy?: string | undefined;
 }
 /**
  * @public
@@ -6916,6 +6953,33 @@ export interface UpdatePodIdentityAssociationRequest {
      * @public
      */
     targetRoleArn?: string | undefined;
+    /**
+     * <p>An optional IAM policy in JSON format (as an escaped string) that applies additional
+     *             restrictions to this pod identity association beyond the IAM policies attached to the
+     *             IAM role. This policy is applied as the intersection of the role's policies and this
+     *             policy, allowing you to reduce the permissions that applications in the pods can use.
+     *             Use this policy to enforce least privilege access while still leveraging a shared IAM
+     *             role across multiple applications.</p>
+     *          <p>
+     *             <b>Important considerations</b>
+     *          </p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <b>Session tags:</b> When using this policy,
+     *                     <code>disableSessionTags</code> must be set to <code>true</code>.</p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <b>Target role permissions:</b> If you specify both
+     *                     a <code>TargetRoleArn</code> and a policy, the policy restrictions apply only to
+     *                     the target role's permissions, not to the initial role used for assuming the
+     *                     target role.</p>
+     *             </li>
+     *          </ul>
+     * @public
+     */
+    policy?: string | undefined;
 }
 /**
  * @public

package/dist-types/ts3.4/models/models_0.d.ts CHANGED Viewed

@@ -672,6 +672,7 @@ export interface CreatePodIdentityAssociationRequest {
   tags?: Record<string, string> | undefined;
   disableSessionTags?: boolean | undefined;
   targetRoleArn?: string | undefined;
+  policy?: string | undefined;
 }
 export interface PodIdentityAssociation {
   clusterName?: string | undefined;
@@ -687,6 +688,7 @@ export interface PodIdentityAssociation {
   disableSessionTags?: boolean | undefined;
   targetRoleArn?: string | undefined;
   externalId?: string | undefined;
+  policy?: string | undefined;
 }
 export interface CreatePodIdentityAssociationResponse {
   association?: PodIdentityAssociation | undefined;
@@ -1277,6 +1279,7 @@ export interface UpdatePodIdentityAssociationRequest {
   clientRequestToken?: string | undefined;
   disableSessionTags?: boolean | undefined;
   targetRoleArn?: string | undefined;
+  policy?: string | undefined;
 }
 export interface UpdatePodIdentityAssociationResponse {
   association?: PodIdentityAssociation | undefined;

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-eks",
   "description": "AWS SDK for JavaScript Eks Client for Node.js, Browser and React Native",
-  "version": "3.986.0",
+  "version": "3.987.0",
   "scripts": {
     "build": "concurrently 'yarn:build:types' 'yarn:build:es' && yarn build:cjs",
     "build:cjs": "node ../../scripts/compilation/inline client-eks",
@@ -29,7 +29,7 @@
     "@aws-sdk/middleware-user-agent": "^3.972.7",
     "@aws-sdk/region-config-resolver": "^3.972.3",
     "@aws-sdk/types": "^3.973.1",
-    "@aws-sdk/util-endpoints": "3.986.0",
+    "@aws-sdk/util-endpoints": "3.987.0",
     "@aws-sdk/util-user-agent-browser": "^3.972.3",
     "@aws-sdk/util-user-agent-node": "^3.972.5",
     "@smithy/config-resolver": "^4.4.6",