cdk8s-plus-32 2.0.0

package/lib/secret.js

@@ -0,0 +1,185 @@
+"use strict";
+var _a, _b, _c, _d, _e, _f;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DockerConfigSecret = exports.TlsSecret = exports.ServiceAccountTokenSecret = exports.SshAuthSecret = exports.BasicAuthSecret = exports.Secret = void 0;
+const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
+const constructs_1 = require("constructs");
+const base = require("./base");
+const container_1 = require("./container");
+const k8s = require("./imports/k8s");
+class ImportedSecret extends constructs_1.Construct {
+    constructor(scope, id, name) {
+        super(scope, id);
+        this.resourceType = 'secrets';
+        this._name = name;
+    }
+    get name() {
+        return this._name;
+    }
+    get apiVersion() {
+        return k8s.KubeSecret.GVK.apiVersion;
+    }
+    get apiGroup() {
+        return '';
+    }
+    get kind() {
+        return k8s.KubeSecret.GVK.kind;
+    }
+    get resourceName() {
+        return this.name;
+    }
+    envValue(key, options) {
+        return container_1.EnvValue.fromSecretValue({ secret: this, key }, options);
+    }
+}
+/**
+ * Kubernetes Secrets let you store and manage sensitive information, such as
+ * passwords, OAuth tokens, and ssh keys. Storing confidential information in a
+ * Secret is safer and more flexible than putting it verbatim in a Pod
+ * definition or in a container image.
+ *
+ * @see https://kubernetes.io/docs/concepts/configuration/secret
+ */
+class Secret extends base.Resource {
+    /**
+     * Imports a secret from the cluster as a reference.
+     */
+    static fromSecretName(scope, id, name) {
+        return new ImportedSecret(scope, id, name);
+    }
+    constructor(scope, id, props = {}) {
+        super(scope, id);
+        this.resourceType = 'secrets';
+        this.stringData = props.stringData ?? {};
+        this.immutable = props.immutable ?? false;
+        this.apiObject = new k8s.KubeSecret(this, 'Resource', {
+            metadata: props.metadata,
+            type: props.type,
+            stringData: this.stringData,
+            immutable: this.immutable,
+        });
+    }
+    /**
+     * Adds a string data field to the secret.
+     * @param key Key
+     * @param value Value
+     */
+    addStringData(key, value) {
+        this.stringData[key] = value;
+    }
+    /**
+     * Gets a string data by key or undefined
+     * @param key Key
+     */
+    getStringData(key) {
+        return this.stringData[key];
+    }
+    envValue(key, options) {
+        return container_1.EnvValue.fromSecretValue({ secret: this, key }, options);
+    }
+}
+exports.Secret = Secret;
+_a = JSII_RTTI_SYMBOL_1;
+Secret[_a] = { fqn: "cdk8s-plus-32.Secret", version: "2.0.0" };
+/**
+ * Create a secret for basic authentication.
+ *
+ * @see https://kubernetes.io/docs/concepts/configuration/secret/#basic-authentication-secret
+ */
+class BasicAuthSecret extends Secret {
+    constructor(scope, id, props) {
+        super(scope, id, {
+            type: 'kubernetes.io/basic-auth',
+            stringData: {
+                username: props.username,
+                password: props.password,
+            },
+            immutable: props.immutable,
+            metadata: props.metadata,
+        });
+    }
+}
+exports.BasicAuthSecret = BasicAuthSecret;
+_b = JSII_RTTI_SYMBOL_1;
+BasicAuthSecret[_b] = { fqn: "cdk8s-plus-32.BasicAuthSecret", version: "2.0.0" };
+/**
+ * Create a secret for ssh authentication.
+ *
+ * @see https://kubernetes.io/docs/concepts/configuration/secret/#ssh-authentication-secrets
+ */
+class SshAuthSecret extends Secret {
+    constructor(scope, id, props) {
+        super(scope, id, {
+            type: 'kubernetes.io/ssh-auth',
+            stringData: {
+                'ssh-privatekey': props.sshPrivateKey,
+            },
+            immutable: props.immutable,
+            metadata: props.metadata,
+        });
+    }
+}
+exports.SshAuthSecret = SshAuthSecret;
+_c = JSII_RTTI_SYMBOL_1;
+SshAuthSecret[_c] = { fqn: "cdk8s-plus-32.SshAuthSecret", version: "2.0.0" };
+/**
+ * Create a secret for a service account token.
+ *
+ * @see https://kubernetes.io/docs/concepts/configuration/secret/#service-account-token-secrets
+ */
+class ServiceAccountTokenSecret extends Secret {
+    constructor(scope, id, props) {
+        super(scope, id, {
+            type: 'kubernetes.io/service-account-token',
+            metadata: props.metadata,
+            immutable: props.immutable,
+        });
+        this.metadata.addAnnotation('kubernetes.io/service-account.name', props.serviceAccount.name);
+    }
+}
+exports.ServiceAccountTokenSecret = ServiceAccountTokenSecret;
+_d = JSII_RTTI_SYMBOL_1;
+ServiceAccountTokenSecret[_d] = { fqn: "cdk8s-plus-32.ServiceAccountTokenSecret", version: "2.0.0" };
+/**
+ * Create a secret for storing a TLS certificate and its associated key.
+ *
+ * @see https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets
+ */
+class TlsSecret extends Secret {
+    constructor(scope, id, props) {
+        super(scope, id, {
+            type: 'kubernetes.io/tls',
+            stringData: {
+                'tls.crt': props.tlsCert,
+                'tls.key': props.tlsKey,
+            },
+            immutable: props.immutable,
+            metadata: props.metadata,
+        });
+    }
+}
+exports.TlsSecret = TlsSecret;
+_e = JSII_RTTI_SYMBOL_1;
+TlsSecret[_e] = { fqn: "cdk8s-plus-32.TlsSecret", version: "2.0.0" };
+/**
+ * Create a secret for storing credentials for accessing a container image
+ * registry.
+ *
+ * @see https://kubernetes.io/docs/concepts/configuration/secret/#docker-config-secrets
+ */
+class DockerConfigSecret extends Secret {
+    constructor(scope, id, props) {
+        super(scope, id, {
+            type: 'kubernetes.io/dockerconfigjson',
+            stringData: {
+                '.dockerconfigjson': JSON.stringify(props.data),
+            },
+            immutable: props.immutable,
+            metadata: props.metadata,
+        });
+    }
+}
+exports.DockerConfigSecret = DockerConfigSecret;
+_f = JSII_RTTI_SYMBOL_1;
+DockerConfigSecret[_f] = { fqn: "cdk8s-plus-32.DockerConfigSecret", version: "2.0.0" };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjcmV0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL3NlY3JldC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUNBLDJDQUF1QztBQUN2QywrQkFBK0I7QUFDL0IsMkNBQWtFO0FBQ2xFLHFDQUFxQztBQWdFckMsTUFBTSxjQUFlLFNBQVEsc0JBQVM7SUFNcEMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxJQUFZO1FBQ3BELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFISCxpQkFBWSxHQUFHLFNBQVMsQ0FBQztRQUl2QyxJQUFJLENBQUMsS0FBSyxHQUFHLElBQUksQ0FBQztJQUNwQixDQUFDO0lBRUQsSUFBVyxJQUFJO1FBQ2IsT0FBTyxJQUFJLENBQUMsS0FBSyxDQUFDO0lBQ3BCLENBQUM7SUFFRCxJQUFXLFVBQVU7UUFDbkIsT0FBTyxHQUFHLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxVQUFVLENBQUM7SUFDdkMsQ0FBQztJQUVELElBQVcsUUFBUTtRQUNqQixPQUFPLEVBQUUsQ0FBQztJQUNaLENBQUM7SUFFRCxJQUFXLElBQUk7UUFDYixPQUFPLEdBQUcsQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQztJQUNqQyxDQUFDO0lBRUQsSUFBVyxZQUFZO1FBQ3JCLE9BQU8sSUFBSSxDQUFDLElBQUksQ0FBQztJQUNuQixDQUFDO0lBRU0sUUFBUSxDQUFDLEdBQVcsRUFBRSxPQUFtQztRQUM5RCxPQUFPLG9CQUFRLENBQUMsZUFBZSxDQUFDLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxHQUFHLEVBQUUsRUFBRSxPQUFPLENBQUMsQ0FBQztJQUNsRSxDQUFDO0NBRUY7QUFFRDs7Ozs7OztHQU9HO0FBQ0gsTUFBYSxNQUFPLFNBQVEsSUFBSSxDQUFDLFFBQVE7SUFFdkM7O09BRUc7SUFDSSxNQUFNLENBQUMsY0FBYyxDQUFDLEtBQWdCLEVBQUUsRUFBVSxFQUFFLElBQVk7UUFDckUsT0FBTyxJQUFJLGNBQWMsQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFLElBQUksQ0FBQyxDQUFDO0lBQzdDLENBQUM7SUFnQkQsWUFBbUIsS0FBZ0IsRUFBRSxFQUFVLEVBQUUsUUFBcUIsRUFBRztRQUN2RSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBVkgsaUJBQVksR0FBRyxTQUFTLENBQUM7UUFZdkMsSUFBSSxDQUFDLFVBQVUsR0FBRyxLQUFLLENBQUMsVUFBVSxJQUFJLEVBQUUsQ0FBQztRQUV6QyxJQUFJLENBQUMsU0FBUyxHQUFHLEtBQUssQ0FBQyxTQUFTLElBQUksS0FBSyxDQUFDO1FBQzFDLElBQUksQ0FBQyxTQUFTLEdBQUcsSUFBSSxHQUFHLENBQUMsVUFBVSxDQUFDLElBQUksRUFBRSxVQUFVLEVBQUU7WUFDcEQsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO1lBQ3hCLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtZQUNoQixVQUFVLEVBQUUsSUFBSSxDQUFDLFVBQVU7WUFDM0IsU0FBUyxFQUFFLElBQUksQ0FBQyxTQUFTO1NBQzFCLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7OztPQUlHO0lBQ0ksYUFBYSxDQUFDLEdBQVcsRUFBRSxLQUFhO1FBQzdDLElBQUksQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLEdBQUcsS0FBSyxDQUFDO0lBQy9CLENBQUM7SUFFRDs7O09BR0c7SUFDSSxhQUFhLENBQUMsR0FBVztRQUM5QixPQUFPLElBQUksQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLENBQUM7SUFDOUIsQ0FBQztJQUVNLFFBQVEsQ0FBQyxHQUFXLEVBQUUsT0FBbUM7UUFDOUQsT0FBTyxvQkFBUSxDQUFDLGVBQWUsQ0FBQyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsR0FBRyxFQUFFLEVBQUUsT0FBTyxDQUFDLENBQUM7SUFDbEUsQ0FBQzs7QUF4REgsd0JBeURDOzs7QUFpQkQ7Ozs7R0FJRztBQUNILE1BQWEsZUFBZ0IsU0FBUSxNQUFNO0lBQ3pDLFlBQW1CLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQTJCO1FBQzFFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFO1lBQ2YsSUFBSSxFQUFFLDBCQUEwQjtZQUNoQyxVQUFVLEVBQUU7Z0JBQ1YsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO2dCQUN4QixRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7YUFDekI7WUFDRCxTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7WUFDMUIsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO1NBQ3pCLENBQUMsQ0FBQztJQUNMLENBQUM7O0FBWEgsMENBWUM7OztBQVlEOzs7O0dBSUc7QUFDSCxNQUFhLGFBQWMsU0FBUSxNQUFNO0lBQ3ZDLFlBQW1CLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQXlCO1FBQ3hFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFO1lBQ2YsSUFBSSxFQUFFLHdCQUF3QjtZQUM5QixVQUFVLEVBQUU7Z0JBQ1YsZ0JBQWdCLEVBQUUsS0FBSyxDQUFDLGFBQWE7YUFDdEM7WUFDRCxTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7WUFDMUIsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO1NBQ3pCLENBQUMsQ0FBQztJQUNMLENBQUM7O0FBVkgsc0NBV0M7OztBQVlEOzs7O0dBSUc7QUFDSCxNQUFhLHlCQUEwQixTQUFRLE1BQU07SUFDbkQsWUFBbUIsS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBcUM7UUFDcEYsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUU7WUFDZixJQUFJLEVBQUUscUNBQXFDO1lBQzNDLFFBQVEsRUFBRSxLQUFLLENBQUMsUUFBUTtZQUN4QixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7U0FDM0IsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUMsb0NBQW9DLEVBQUUsS0FBSyxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUMvRixDQUFDOztBQVRILDhEQVVDOzs7QUFpQkQ7Ozs7R0FJRztBQUNILE1BQWEsU0FBVSxTQUFRLE1BQU07SUFDbkMsWUFBbUIsS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBcUI7UUFDcEUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUU7WUFDZixJQUFJLEVBQUUsbUJBQW1CO1lBQ3pCLFVBQVUsRUFBRTtnQkFDVixTQUFTLEVBQUUsS0FBSyxDQUFDLE9BQU87Z0JBQ3hCLFNBQVMsRUFBRSxLQUFLLENBQUMsTUFBTTthQUN4QjtZQUNELFNBQVMsRUFBRSxLQUFLLENBQUMsU0FBUztZQUMxQixRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7U0FDekIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQzs7QUFYSCw4QkFZQzs7O0FBZUQ7Ozs7O0dBS0c7QUFDSCxNQUFhLGtCQUFtQixTQUFRLE1BQU07SUFDNUMsWUFBbUIsS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBOEI7UUFDN0UsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUU7WUFDZixJQUFJLEVBQUUsZ0NBQWdDO1lBQ3RDLFVBQVUsRUFBRTtnQkFDVixtQkFBbUIsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUM7YUFDaEQ7WUFDRCxTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7WUFDMUIsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO1NBQ3pCLENBQUMsQ0FBQztJQUNMLENBQUM7O0FBVkgsZ0RBV0MiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBBcGlPYmplY3QgfSBmcm9tICdjZGs4cyc7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcbmltcG9ydCAqIGFzIGJhc2UgZnJvbSAnLi9iYXNlJztcbmltcG9ydCB7IEVudlZhbHVlLCBFbnZWYWx1ZUZyb21TZWNyZXRPcHRpb25zIH0gZnJvbSAnLi9jb250YWluZXInO1xuaW1wb3J0ICogYXMgazhzIGZyb20gJy4vaW1wb3J0cy9rOHMnO1xuaW1wb3J0ICogYXMgc2VydmljZWFjY291bnQgZnJvbSAnLi9zZXJ2aWNlLWFjY291bnQnO1xuXG4vKipcbiAqIENvbW1vbiBwcm9wZXJ0aWVzIGZvciBgU2VjcmV0YC5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBDb21tb25TZWNyZXRQcm9wcyBleHRlbmRzIGJhc2UuUmVzb3VyY2VQcm9wcyB7XG5cbiAgLyoqXG4gICAqIElmIHNldCB0byB0cnVlLCBlbnN1cmVzIHRoYXQgZGF0YSBzdG9yZWQgaW4gdGhlIFNlY3JldCBjYW5ub3QgYmUgdXBkYXRlZCAob25seSBvYmplY3QgbWV0YWRhdGEgY2FuIGJlIG1vZGlmaWVkKS5cbiAgICogSWYgbm90IHNldCB0byB0cnVlLCB0aGUgZmllbGQgY2FuIGJlIG1vZGlmaWVkIGF0IGFueSB0aW1lLlxuICAgKlxuICAgKiBAZGVmYXVsdCBmYWxzZVxuICAgKi9cbiAgcmVhZG9ubHkgaW1tdXRhYmxlPzogYm9vbGVhbjtcblxufVxuXG4vKipcbiAqIE9wdGlvbnMgZm9yIGBTZWNyZXRgLlxuICovXG5leHBvcnQgaW50ZXJmYWNlIFNlY3JldFByb3BzIGV4dGVuZHMgQ29tbW9uU2VjcmV0UHJvcHMge1xuICAvKipcbiAgICogc3RyaW5nRGF0YSBhbGxvd3Mgc3BlY2lmeWluZyBub24tYmluYXJ5IHNlY3JldCBkYXRhIGluIHN0cmluZyBmb3JtLiBJdCBpc1xuICAgKiBwcm92aWRlZCBhcyBhIHdyaXRlLW9ubHkgY29udmVuaWVuY2UgbWV0aG9kLiBBbGwga2V5cyBhbmQgdmFsdWVzIGFyZSBtZXJnZWRcbiAgICogaW50byB0aGUgZGF0YSBmaWVsZCBvbiB3cml0ZSwgb3ZlcndyaXRpbmcgYW55IGV4aXN0aW5nIHZhbHVlcy4gSXQgaXMgbmV2ZXJcbiAgICogb3V0cHV0IHdoZW4gcmVhZGluZyBmcm9tIHRoZSBBUEkuXG4gICAqL1xuICByZWFkb25seSBzdHJpbmdEYXRhPzogeyBba2V5OiBzdHJpbmddOiBzdHJpbmcgfTtcblxuICAvKipcbiAgICogT3B0aW9uYWwgdHlwZSBhc3NvY2lhdGVkIHdpdGggdGhlIHNlY3JldC4gIFVzZWQgdG8gZmFjaWxpdGF0ZSBwcm9ncmFtbWF0aWNcbiAgICogaGFuZGxpbmcgb2Ygc2VjcmV0IGRhdGEgYnkgdmFyaW91cyBjb250cm9sbGVycy5cbiAgICpcbiAgICogQGRlZmF1bHQgdW5kZWZpbmVkIC0gRG9uJ3Qgc2V0IGEgdHlwZS5cbiAgICovXG4gIHJlYWRvbmx5IHR5cGU/OiBzdHJpbmc7XG5cbn1cblxuZXhwb3J0IGludGVyZmFjZSBJU2VjcmV0IGV4dGVuZHMgYmFzZS5JUmVzb3VyY2Uge1xuICAvKipcbiAgICogUmV0dXJucyBFbnZWYWx1ZSBvYmplY3QgZnJvbSBhIHNlY3JldCdzIGtleS5cbiAgICogQHBhcmFtIGtleSBTZWNyZXQncyBrZXlcbiAgICogQHBhcmFtIG9wdGlvbnMgQWRkaXRpb25hbCBFbnZWYWx1ZSBvcHRpb25zXG4gICAqL1xuICBlbnZWYWx1ZShrZXk6IHN0cmluZywgb3B0aW9ucz86IEVudlZhbHVlRnJvbVNlY3JldE9wdGlvbnMpOiBFbnZWYWx1ZTtcbn1cblxuLyoqXG4gKiBSZXByZXNlbnRzIGEgc3BlY2lmaWMgdmFsdWUgaW4gSlNPTiBzZWNyZXQuXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgU2VjcmV0VmFsdWUge1xuICAvKipcbiAgICogVGhlIHNlY3JldFxuICAgKi9cbiAgcmVhZG9ubHkgc2VjcmV0OiBJU2VjcmV0O1xuXG4gIC8qKlxuICAgKiBUaGUgSlNPTiBrZXlcbiAgICovXG4gIHJlYWRvbmx5IGtleTogc3RyaW5nO1xufVxuXG5jbGFzcyBJbXBvcnRlZFNlY3JldCBleHRlbmRzIENvbnN0cnVjdCBpbXBsZW1lbnRzIElTZWNyZXQge1xuXG4gIHByaXZhdGUgcmVhZG9ubHkgX25hbWU6IHN0cmluZztcblxuICBwdWJsaWMgcmVhZG9ubHkgcmVzb3VyY2VUeXBlID0gJ3NlY3JldHMnO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIG5hbWU6IHN0cmluZykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG4gICAgdGhpcy5fbmFtZSA9IG5hbWU7XG4gIH1cblxuICBwdWJsaWMgZ2V0IG5hbWUoKTogc3RyaW5nIHtcbiAgICByZXR1cm4gdGhpcy5fbmFtZTtcbiAgfVxuXG4gIHB1YmxpYyBnZXQgYXBpVmVyc2lvbigpOiBzdHJpbmcge1xuICAgIHJldHVybiBrOHMuS3ViZVNlY3JldC5HVksuYXBpVmVyc2lvbjtcbiAgfVxuXG4gIHB1YmxpYyBnZXQgYXBpR3JvdXAoKTogc3RyaW5nIHtcbiAgICByZXR1cm4gJyc7XG4gIH1cblxuICBwdWJsaWMgZ2V0IGtpbmQoKTogc3RyaW5nIHtcbiAgICByZXR1cm4gazhzLkt1YmVTZWNyZXQuR1ZLLmtpbmQ7XG4gIH1cblxuICBwdWJsaWMgZ2V0IHJlc291cmNlTmFtZSgpOiBzdHJpbmcge1xuICAgIHJldHVybiB0aGlzLm5hbWU7XG4gIH1cblxuICBwdWJsaWMgZW52VmFsdWUoa2V5OiBzdHJpbmcsIG9wdGlvbnM/OiBFbnZWYWx1ZUZyb21TZWNyZXRPcHRpb25zKTogRW52VmFsdWUge1xuICAgIHJldHVybiBFbnZWYWx1ZS5mcm9tU2VjcmV0VmFsdWUoeyBzZWNyZXQ6IHRoaXMsIGtleSB9LCBvcHRpb25zKTtcbiAgfVxuXG59XG5cbi8qKlxuICogS3ViZXJuZXRlcyBTZWNyZXRzIGxldCB5b3Ugc3RvcmUgYW5kIG1hbmFnZSBzZW5zaXRpdmUgaW5mb3JtYXRpb24sIHN1Y2ggYXNcbiAqIHBhc3N3b3JkcywgT0F1dGggdG9rZW5zLCBhbmQgc3NoIGtleXMuIFN0b3JpbmcgY29uZmlkZW50aWFsIGluZm9ybWF0aW9uIGluIGFcbiAqIFNlY3JldCBpcyBzYWZlciBhbmQgbW9yZSBmbGV4aWJsZSB0aGFuIHB1dHRpbmcgaXQgdmVyYmF0aW0gaW4gYSBQb2RcbiAqIGRlZmluaXRpb24gb3IgaW4gYSBjb250YWluZXIgaW1hZ2UuXG4gKlxuICogQHNlZSBodHRwczovL2t1YmVybmV0ZXMuaW8vZG9jcy9jb25jZXB0cy9jb25maWd1cmF0aW9uL3NlY3JldFxuICovXG5leHBvcnQgY2xhc3MgU2VjcmV0IGV4dGVuZHMgYmFzZS5SZXNvdXJjZSBpbXBsZW1lbnRzIElTZWNyZXQge1xuXG4gIC8qKlxuICAgKiBJbXBvcnRzIGEgc2VjcmV0IGZyb20gdGhlIGNsdXN0ZXIgYXMgYSByZWZlcmVuY2UuXG4gICAqL1xuICBwdWJsaWMgc3RhdGljIGZyb21TZWNyZXROYW1lKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIG5hbWU6IHN0cmluZyk6IElTZWNyZXQge1xuICAgIHJldHVybiBuZXcgSW1wb3J0ZWRTZWNyZXQoc2NvcGUsIGlkLCBuYW1lKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBAc2VlIGJhc2UuUmVzb3VyY2UuYXBpT2JqZWN0XG4gICAqL1xuICBwcm90ZWN0ZWQgcmVhZG9ubHkgYXBpT2JqZWN0OiBBcGlPYmplY3Q7XG5cbiAgcHVibGljIHJlYWRvbmx5IHJlc291cmNlVHlwZSA9ICdzZWNyZXRzJztcblxuICAvKipcbiAgICogV2hldGhlciBvciBub3QgdGhlIHNlY3JldCBpcyBpbW11dGFibGUuXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgaW1tdXRhYmxlOiBib29sZWFuO1xuXG4gIHByaXZhdGUgcmVhZG9ubHkgc3RyaW5nRGF0YTogeyBba2V5OiBzdHJpbmddOiBzdHJpbmcgfTtcblxuICBwdWJsaWMgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IFNlY3JldFByb3BzID0geyB9KSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIHRoaXMuc3RyaW5nRGF0YSA9IHByb3BzLnN0cmluZ0RhdGEgPz8ge307XG5cbiAgICB0aGlzLmltbXV0YWJsZSA9IHByb3BzLmltbXV0YWJsZSA/PyBmYWxzZTtcbiAgICB0aGlzLmFwaU9iamVjdCA9IG5ldyBrOHMuS3ViZVNlY3JldCh0aGlzLCAnUmVzb3VyY2UnLCB7XG4gICAgICBtZXRhZGF0YTogcHJvcHMubWV0YWRhdGEsXG4gICAgICB0eXBlOiBwcm9wcy50eXBlLFxuICAgICAgc3RyaW5nRGF0YTogdGhpcy5zdHJpbmdEYXRhLFxuICAgICAgaW1tdXRhYmxlOiB0aGlzLmltbXV0YWJsZSxcbiAgICB9KTtcbiAgfVxuXG4gIC8qKlxuICAgKiBBZGRzIGEgc3RyaW5nIGRhdGEgZmllbGQgdG8gdGhlIHNlY3JldC5cbiAgICogQHBhcmFtIGtleSBLZXlcbiAgICogQHBhcmFtIHZhbHVlIFZhbHVlXG4gICAqL1xuICBwdWJsaWMgYWRkU3RyaW5nRGF0YShrZXk6IHN0cmluZywgdmFsdWU6IHN0cmluZykge1xuICAgIHRoaXMuc3RyaW5nRGF0YVtrZXldID0gdmFsdWU7XG4gIH1cblxuICAvKipcbiAgICogR2V0cyBhIHN0cmluZyBkYXRhIGJ5IGtleSBvciB1bmRlZmluZWRcbiAgICogQHBhcmFtIGtleSBLZXlcbiAgICovXG4gIHB1YmxpYyBnZXRTdHJpbmdEYXRhKGtleTogc3RyaW5nKTogc3RyaW5nIHwgdW5kZWZpbmVkIHtcbiAgICByZXR1cm4gdGhpcy5zdHJpbmdEYXRhW2tleV07XG4gIH1cblxuICBwdWJsaWMgZW52VmFsdWUoa2V5OiBzdHJpbmcsIG9wdGlvbnM/OiBFbnZWYWx1ZUZyb21TZWNyZXRPcHRpb25zKTogRW52VmFsdWUge1xuICAgIHJldHVybiBFbnZWYWx1ZS5mcm9tU2VjcmV0VmFsdWUoeyBzZWNyZXQ6IHRoaXMsIGtleSB9LCBvcHRpb25zKTtcbiAgfVxufVxuXG4vKipcbiAqIE9wdGlvbnMgZm9yIGBCYXNpY0F1dGhTZWNyZXRgLlxuICovXG5leHBvcnQgaW50ZXJmYWNlIEJhc2ljQXV0aFNlY3JldFByb3BzIGV4dGVuZHMgQ29tbW9uU2VjcmV0UHJvcHMge1xuICAvKipcbiAgICogVGhlIHVzZXIgbmFtZSBmb3IgYXV0aGVudGljYXRpb25cbiAgICovXG4gIHJlYWRvbmx5IHVzZXJuYW1lOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIFRoZSBwYXNzd29yZCBvciB0b2tlbiBmb3IgYXV0aGVudGljYXRpb25cbiAgICovXG4gIHJlYWRvbmx5IHBhc3N3b3JkOiBzdHJpbmc7XG59XG5cbi8qKlxuICogQ3JlYXRlIGEgc2VjcmV0IGZvciBiYXNpYyBhdXRoZW50aWNhdGlvbi5cbiAqXG4gKiBAc2VlIGh0dHBzOi8va3ViZXJuZXRlcy5pby9kb2NzL2NvbmNlcHRzL2NvbmZpZ3VyYXRpb24vc2VjcmV0LyNiYXNpYy1hdXRoZW50aWNhdGlvbi1zZWNyZXRcbiAqL1xuZXhwb3J0IGNsYXNzIEJhc2ljQXV0aFNlY3JldCBleHRlbmRzIFNlY3JldCB7XG4gIHB1YmxpYyBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogQmFzaWNBdXRoU2VjcmV0UHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQsIHtcbiAgICAgIHR5cGU6ICdrdWJlcm5ldGVzLmlvL2Jhc2ljLWF1dGgnLFxuICAgICAgc3RyaW5nRGF0YToge1xuICAgICAgICB1c2VybmFtZTogcHJvcHMudXNlcm5hbWUsXG4gICAgICAgIHBhc3N3b3JkOiBwcm9wcy5wYXNzd29yZCxcbiAgICAgIH0sXG4gICAgICBpbW11dGFibGU6IHByb3BzLmltbXV0YWJsZSxcbiAgICAgIG1ldGFkYXRhOiBwcm9wcy5tZXRhZGF0YSxcbiAgICB9KTtcbiAgfVxufVxuXG4vKipcbiAqIE9wdGlvbnMgZm9yIGBTc2hBdXRoU2VjcmV0YC5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBTc2hBdXRoU2VjcmV0UHJvcHMgZXh0ZW5kcyBDb21tb25TZWNyZXRQcm9wcyB7XG4gIC8qKlxuICAgKiBUaGUgU1NIIHByaXZhdGUga2V5IHRvIHVzZVxuICAgKi9cbiAgcmVhZG9ubHkgc3NoUHJpdmF0ZUtleTogc3RyaW5nO1xufVxuXG4vKipcbiAqIENyZWF0ZSBhIHNlY3JldCBmb3Igc3NoIGF1dGhlbnRpY2F0aW9uLlxuICpcbiAqIEBzZWUgaHR0cHM6Ly9rdWJlcm5ldGVzLmlvL2RvY3MvY29uY2VwdHMvY29uZmlndXJhdGlvbi9zZWNyZXQvI3NzaC1hdXRoZW50aWNhdGlvbi1zZWNyZXRzXG4gKi9cbmV4cG9ydCBjbGFzcyBTc2hBdXRoU2VjcmV0IGV4dGVuZHMgU2VjcmV0IHtcbiAgcHVibGljIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBTc2hBdXRoU2VjcmV0UHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQsIHtcbiAgICAgIHR5cGU6ICdrdWJlcm5ldGVzLmlvL3NzaC1hdXRoJyxcbiAgICAgIHN0cmluZ0RhdGE6IHtcbiAgICAgICAgJ3NzaC1wcml2YXRla2V5JzogcHJvcHMuc3NoUHJpdmF0ZUtleSxcbiAgICAgIH0sXG4gICAgICBpbW11dGFibGU6IHByb3BzLmltbXV0YWJsZSxcbiAgICAgIG1ldGFkYXRhOiBwcm9wcy5tZXRhZGF0YSxcbiAgICB9KTtcbiAgfVxufVxuXG4vKipcbiAqIE9wdGlvbnMgZm9yIGBTZXJ2aWNlQWNjb3VudFRva2VuU2VjcmV0YC5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBTZXJ2aWNlQWNjb3VudFRva2VuU2VjcmV0UHJvcHMgZXh0ZW5kcyBDb21tb25TZWNyZXRQcm9wcyB7XG4gIC8qKlxuICAgKiBUaGUgc2VydmljZSBhY2NvdW50IHRvIHN0b3JlIGEgc2VjcmV0IGZvclxuICAgKi9cbiAgcmVhZG9ubHkgc2VydmljZUFjY291bnQ6IHNlcnZpY2VhY2NvdW50LklTZXJ2aWNlQWNjb3VudDtcbn1cblxuLyoqXG4gKiBDcmVhdGUgYSBzZWNyZXQgZm9yIGEgc2VydmljZSBhY2NvdW50IHRva2VuLlxuICpcbiAqIEBzZWUgaHR0cHM6Ly9rdWJlcm5ldGVzLmlvL2RvY3MvY29uY2VwdHMvY29uZmlndXJhdGlvbi9zZWNyZXQvI3NlcnZpY2UtYWNjb3VudC10b2tlbi1zZWNyZXRzXG4gKi9cbmV4cG9ydCBjbGFzcyBTZXJ2aWNlQWNjb3VudFRva2VuU2VjcmV0IGV4dGVuZHMgU2VjcmV0IHtcbiAgcHVibGljIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBTZXJ2aWNlQWNjb3VudFRva2VuU2VjcmV0UHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQsIHtcbiAgICAgIHR5cGU6ICdrdWJlcm5ldGVzLmlvL3NlcnZpY2UtYWNjb3VudC10b2tlbicsXG4gICAgICBtZXRhZGF0YTogcHJvcHMubWV0YWRhdGEsXG4gICAgICBpbW11dGFibGU6IHByb3BzLmltbXV0YWJsZSxcbiAgICB9KTtcblxuICAgIHRoaXMubWV0YWRhdGEuYWRkQW5ub3RhdGlvbigna3ViZXJuZXRlcy5pby9zZXJ2aWNlLWFjY291bnQubmFtZScsIHByb3BzLnNlcnZpY2VBY2NvdW50Lm5hbWUpO1xuICB9XG59XG5cbi8qKlxuICogT3B0aW9ucyBmb3IgYFRsc1NlY3JldGAuXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgVGxzU2VjcmV0UHJvcHMgZXh0ZW5kcyBDb21tb25TZWNyZXRQcm9wcyB7XG4gIC8qKlxuICAgKiBUaGUgVExTIGNlcnRcbiAgICovXG4gIHJlYWRvbmx5IHRsc0NlcnQ6IHN0cmluZztcblxuICAvKipcbiAgICogVGhlIFRMUyBrZXlcbiAgICovXG4gIHJlYWRvbmx5IHRsc0tleTogc3RyaW5nO1xufVxuXG4vKipcbiAqIENyZWF0ZSBhIHNlY3JldCBmb3Igc3RvcmluZyBhIFRMUyBjZXJ0aWZpY2F0ZSBhbmQgaXRzIGFzc29jaWF0ZWQga2V5LlxuICpcbiAqIEBzZWUgaHR0cHM6Ly9rdWJlcm5ldGVzLmlvL2RvY3MvY29uY2VwdHMvY29uZmlndXJhdGlvbi9zZWNyZXQvI3Rscy1zZWNyZXRzXG4gKi9cbmV4cG9ydCBjbGFzcyBUbHNTZWNyZXQgZXh0ZW5kcyBTZWNyZXQge1xuICBwdWJsaWMgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IFRsc1NlY3JldFByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkLCB7XG4gICAgICB0eXBlOiAna3ViZXJuZXRlcy5pby90bHMnLFxuICAgICAgc3RyaW5nRGF0YToge1xuICAgICAgICAndGxzLmNydCc6IHByb3BzLnRsc0NlcnQsXG4gICAgICAgICd0bHMua2V5JzogcHJvcHMudGxzS2V5LFxuICAgICAgfSxcbiAgICAgIGltbXV0YWJsZTogcHJvcHMuaW1tdXRhYmxlLFxuICAgICAgbWV0YWRhdGE6IHByb3BzLm1ldGFkYXRhLFxuICAgIH0pO1xuICB9XG59XG5cbi8qKlxuICogT3B0aW9ucyBmb3IgYERvY2tlckNvbmZpZ1NlY3JldGAuXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgRG9ja2VyQ29uZmlnU2VjcmV0UHJvcHMgZXh0ZW5kcyBDb21tb25TZWNyZXRQcm9wcyB7XG4gIC8qKlxuICAgKiBKU09OIGNvbnRlbnQgdG8gcHJvdmlkZSBmb3IgdGhlIGB+Ly5kb2NrZXIvY29uZmlnLmpzb25gIGZpbGUuIFRoaXMgd2lsbFxuICAgKiBiZSBzdHJpbmdpZmllZCBhbmQgaW5zZXJ0ZWQgYXMgc3RyaW5nRGF0YS5cbiAgICpcbiAgICogQHNlZSBodHRwczovL2RvY3MuZG9ja2VyLmNvbS9lbmdpbmUvcmVmZXJlbmNlL2NvbW1hbmRsaW5lL2NsaS8jc2FtcGxlLWNvbmZpZ3VyYXRpb24tZmlsZVxuICAgKi9cbiAgcmVhZG9ubHkgZGF0YTogeyBba2V5OiBzdHJpbmddOiBhbnkgfTtcbn1cblxuLyoqXG4gKiBDcmVhdGUgYSBzZWNyZXQgZm9yIHN0b3JpbmcgY3JlZGVudGlhbHMgZm9yIGFjY2Vzc2luZyBhIGNvbnRhaW5lciBpbWFnZVxuICogcmVnaXN0cnkuXG4gKlxuICogQHNlZSBodHRwczovL2t1YmVybmV0ZXMuaW8vZG9jcy9jb25jZXB0cy9jb25maWd1cmF0aW9uL3NlY3JldC8jZG9ja2VyLWNvbmZpZy1zZWNyZXRzXG4gKi9cbmV4cG9ydCBjbGFzcyBEb2NrZXJDb25maWdTZWNyZXQgZXh0ZW5kcyBTZWNyZXQge1xuICBwdWJsaWMgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IERvY2tlckNvbmZpZ1NlY3JldFByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkLCB7XG4gICAgICB0eXBlOiAna3ViZXJuZXRlcy5pby9kb2NrZXJjb25maWdqc29uJyxcbiAgICAgIHN0cmluZ0RhdGE6IHtcbiAgICAgICAgJy5kb2NrZXJjb25maWdqc29uJzogSlNPTi5zdHJpbmdpZnkocHJvcHMuZGF0YSksXG4gICAgICB9LFxuICAgICAgaW1tdXRhYmxlOiBwcm9wcy5pbW11dGFibGUsXG4gICAgICBtZXRhZGF0YTogcHJvcHMubWV0YWRhdGEsXG4gICAgfSk7XG4gIH1cbn1cbiJdfQ==

package/lib/service-account.d.ts

@@ -0,0 +1,83 @@
+import { ApiObject } from 'cdk8s';
+import { Construct } from 'constructs';
+import * as base from './base';
+import * as rb from './role-binding';
+import * as secret from './secret';
+export interface IServiceAccount extends base.IResource, rb.ISubject {
+}
+/**
+ * Properties for initialization of `ServiceAccount`.
+ */
+export interface ServiceAccountProps extends base.ResourceProps {
+    /**
+     * List of secrets allowed to be used by pods running using this
+     * ServiceAccount.
+     *
+     * @see https://kubernetes.io/docs/concepts/configuration/secret
+     */
+    readonly secrets?: secret.ISecret[];
+    /**
+     * Indicates whether pods running as this service account
+     * should have an API token automatically mounted. Can be overridden at the pod level.
+     *
+     * @default false
+     * @see https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+     */
+    readonly automountToken?: boolean;
+}
+export interface FromServiceAccountNameOptions {
+    /**
+     * The name of the namespace the service account belongs to.
+     *
+     * @default "default"
+     */
+    readonly namespaceName?: string;
+}
+/**
+ * A service account provides an identity for processes that run in a Pod.
+ *
+ * When you (a human) access the cluster (for example, using kubectl), you are
+ * authenticated by the apiserver as a particular User Account (currently this
+ * is usually admin, unless your cluster administrator has customized your
+ * cluster). Processes in containers inside pods can also contact the apiserver.
+ * When they do, they are authenticated as a particular Service Account (for
+ * example, default).
+ *
+ * @see https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account
+ */
+export declare class ServiceAccount extends base.Resource implements IServiceAccount, rb.ISubject {
+    /**
+     * Imports a service account from the cluster as a reference.
+     * @param name The name of the service account resource.
+     * @param options additional options.
+     */
+    static fromServiceAccountName(scope: Construct, id: string, name: string, options?: FromServiceAccountNameOptions): IServiceAccount;
+    /**
+     * @see base.Resource.apiObject
+     */
+    protected readonly apiObject: ApiObject;
+    readonly resourceType = "serviceaccounts";
+    private readonly _secrets;
+    /**
+     * Whether or not a token is automatically mounted for this
+     * service account.
+     */
+    readonly automountToken: boolean;
+    constructor(scope: Construct, id: string, props?: ServiceAccountProps);
+    /**
+     * Allow a secret to be accessed by pods using this service account.
+     * @param secr The secret
+     */
+    addSecret(secr: secret.ISecret): void;
+    /**
+     * List of secrets allowed to be used by pods running using this service
+     * account.
+     *
+     * Returns a copy. To add a secret, use `addSecret()`.
+     */
+    get secrets(): secret.ISecret[];
+    /**
+     * @see ISubect.toSubjectConfiguration()
+     */
+    toSubjectConfiguration(): rb.SubjectConfiguration;
+}

package/lib/service-account.js

@@ -0,0 +1,105 @@
+"use strict";
+var _a;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ServiceAccount = void 0;
+const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
+const cdk8s_1 = require("cdk8s");
+const constructs_1 = require("constructs");
+const base = require("./base");
+const k8s = require("./imports/k8s");
+const utils_1 = require("./utils");
+class ImportedServiceAccount extends constructs_1.Construct {
+    constructor(scope, id, name, options = {}) {
+        super(scope, id);
+        this.resourceType = 'serviceaccounts';
+        this._name = name;
+        this._namespaceName = options.namespaceName ?? 'default';
+    }
+    toSubjectConfiguration() {
+        return {
+            kind: this.kind,
+            name: this.name,
+            apiGroup: this.apiGroup,
+            namespace: this._namespaceName,
+        };
+    }
+    get name() {
+        return this._name;
+    }
+    get apiVersion() {
+        return k8s.KubeServiceAccount.GVK.apiVersion;
+    }
+    get apiGroup() {
+        return '';
+    }
+    get kind() {
+        return k8s.KubeServiceAccount.GVK.kind;
+    }
+    get resourceName() {
+        return this.name;
+    }
+}
+/**
+ * A service account provides an identity for processes that run in a Pod.
+ *
+ * When you (a human) access the cluster (for example, using kubectl), you are
+ * authenticated by the apiserver as a particular User Account (currently this
+ * is usually admin, unless your cluster administrator has customized your
+ * cluster). Processes in containers inside pods can also contact the apiserver.
+ * When they do, they are authenticated as a particular Service Account (for
+ * example, default).
+ *
+ * @see https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account
+ */
+class ServiceAccount extends base.Resource {
+    /**
+     * Imports a service account from the cluster as a reference.
+     * @param name The name of the service account resource.
+     * @param options additional options.
+     */
+    static fromServiceAccountName(scope, id, name, options = {}) {
+        return new ImportedServiceAccount(scope, id, name, options);
+    }
+    constructor(scope, id, props = {}) {
+        super(scope, id);
+        this.resourceType = 'serviceaccounts';
+        this._secrets = props.secrets ?? [];
+        this.automountToken = props.automountToken ?? false;
+        this.apiObject = new k8s.KubeServiceAccount(this, 'Resource', {
+            metadata: props.metadata,
+            secrets: cdk8s_1.Lazy.any({ produce: () => (0, utils_1.undefinedIfEmpty)(this._secrets.map(s => ({ name: s.name }))) }),
+            automountServiceAccountToken: this.automountToken,
+        });
+    }
+    /**
+     * Allow a secret to be accessed by pods using this service account.
+     * @param secr The secret
+     */
+    addSecret(secr) {
+        this._secrets.push(secr);
+    }
+    /**
+     * List of secrets allowed to be used by pods running using this service
+     * account.
+     *
+     * Returns a copy. To add a secret, use `addSecret()`.
+     */
+    get secrets() {
+        return [...this._secrets];
+    }
+    /**
+     * @see ISubect.toSubjectConfiguration()
+     */
+    toSubjectConfiguration() {
+        return {
+            kind: this.kind,
+            name: this.name,
+            apiGroup: this.apiGroup,
+            namespace: this.metadata.namespace,
+        };
+    }
+}
+exports.ServiceAccount = ServiceAccount;
+_a = JSII_RTTI_SYMBOL_1;
+ServiceAccount[_a] = { fqn: "cdk8s-plus-32.ServiceAccount", version: "2.0.0" };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VydmljZS1hY2NvdW50LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL3NlcnZpY2UtYWNjb3VudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLGlDQUF3QztBQUN4QywyQ0FBdUM7QUFDdkMsK0JBQStCO0FBQy9CLHFDQUFxQztBQUdyQyxtQ0FBMkM7QUF1QzNDLE1BQU0sc0JBQXVCLFNBQVEsc0JBQVM7SUFPNUMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxJQUFZLEVBQUUsVUFBeUMsRUFBRTtRQUNqRyxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBSEgsaUJBQVksR0FBRyxpQkFBaUIsQ0FBQztRQUkvQyxJQUFJLENBQUMsS0FBSyxHQUFHLElBQUksQ0FBQztRQUNsQixJQUFJLENBQUMsY0FBYyxHQUFHLE9BQU8sQ0FBQyxhQUFhLElBQUksU0FBUyxDQUFDO0lBQzNELENBQUM7SUFFTSxzQkFBc0I7UUFDM0IsT0FBTztZQUNMLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSTtZQUNmLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSTtZQUNmLFFBQVEsRUFBRSxJQUFJLENBQUMsUUFBUTtZQUN2QixTQUFTLEVBQUUsSUFBSSxDQUFDLGNBQWM7U0FDL0IsQ0FBQztJQUNKLENBQUM7SUFFRCxJQUFXLElBQUk7UUFDYixPQUFPLElBQUksQ0FBQyxLQUFLLENBQUM7SUFDcEIsQ0FBQztJQUVELElBQVcsVUFBVTtRQUNuQixPQUFPLEdBQUcsQ0FBQyxrQkFBa0IsQ0FBQyxHQUFHLENBQUMsVUFBVSxDQUFDO0lBQy9DLENBQUM7SUFFRCxJQUFXLFFBQVE7UUFDakIsT0FBTyxFQUFFLENBQUM7SUFDWixDQUFDO0lBRUQsSUFBVyxJQUFJO1FBQ2IsT0FBTyxHQUFHLENBQUMsa0JBQWtCLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQztJQUN6QyxDQUFDO0lBRUQsSUFBVyxZQUFZO1FBQ3JCLE9BQU8sSUFBSSxDQUFDLElBQUksQ0FBQztJQUNuQixDQUFDO0NBRUY7QUFFRDs7Ozs7Ozs7Ozs7R0FXRztBQUNILE1BQWEsY0FBZSxTQUFRLElBQUksQ0FBQyxRQUFRO0lBRS9DOzs7O09BSUc7SUFDSSxNQUFNLENBQUMsc0JBQXNCLENBQUMsS0FBZ0IsRUFBRSxFQUFVLEVBQUUsSUFBWSxFQUFFLFVBQXlDLEVBQUU7UUFDMUgsT0FBTyxJQUFJLHNCQUFzQixDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUUsSUFBSSxFQUFFLE9BQU8sQ0FBQyxDQUFDO0lBQzlELENBQUM7SUFpQkQsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxRQUE2QixFQUFHO1FBQ3hFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFYSCxpQkFBWSxHQUFHLGlCQUFpQixDQUFDO1FBYS9DLElBQUksQ0FBQyxRQUFRLEdBQUcsS0FBSyxDQUFDLE9BQU8sSUFBSSxFQUFFLENBQUM7UUFDcEMsSUFBSSxDQUFDLGNBQWMsR0FBRyxLQUFLLENBQUMsY0FBYyxJQUFJLEtBQUssQ0FBQztRQUVwRCxJQUFJLENBQUMsU0FBUyxHQUFHLElBQUksR0FBRyxDQUFDLGtCQUFrQixDQUFDLElBQUksRUFBRSxVQUFVLEVBQUU7WUFDNUQsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO1lBQ3hCLE9BQU8sRUFBRSxZQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsT0FBTyxFQUFFLEdBQUcsRUFBRSxDQUFDLElBQUEsd0JBQWdCLEVBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLEVBQUUsSUFBSSxFQUFFLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO1lBQ2xHLDRCQUE0QixFQUFFLElBQUksQ0FBQyxjQUFjO1NBQ2xELENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7O09BR0c7SUFDSSxTQUFTLENBQUMsSUFBb0I7UUFDbkMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDM0IsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0gsSUFBVyxPQUFPO1FBQ2hCLE9BQU8sQ0FBQyxHQUFHLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQztJQUM1QixDQUFDO0lBRUQ7O09BRUc7SUFDSSxzQkFBc0I7UUFDM0IsT0FBTztZQUNMLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSTtZQUNmLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSTtZQUNmLFFBQVEsRUFBRSxJQUFJLENBQUMsUUFBUTtZQUN2QixTQUFTLEVBQUUsSUFBSSxDQUFDLFFBQVEsQ0FBQyxTQUFTO1NBQ25DLENBQUM7SUFDSixDQUFDOztBQW5FSCx3Q0FxRUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBBcGlPYmplY3QsIExhenkgfSBmcm9tICdjZGs4cyc7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcbmltcG9ydCAqIGFzIGJhc2UgZnJvbSAnLi9iYXNlJztcbmltcG9ydCAqIGFzIGs4cyBmcm9tICcuL2ltcG9ydHMvazhzJztcbmltcG9ydCAqIGFzIHJiIGZyb20gJy4vcm9sZS1iaW5kaW5nJztcbmltcG9ydCAqIGFzIHNlY3JldCBmcm9tICcuL3NlY3JldCc7XG5pbXBvcnQgeyB1bmRlZmluZWRJZkVtcHR5IH0gZnJvbSAnLi91dGlscyc7XG5cblxuZXhwb3J0IGludGVyZmFjZSBJU2VydmljZUFjY291bnQgZXh0ZW5kcyBiYXNlLklSZXNvdXJjZSwgcmIuSVN1YmplY3Qge1xuXG59XG5cbi8qKlxuICogUHJvcGVydGllcyBmb3IgaW5pdGlhbGl6YXRpb24gb2YgYFNlcnZpY2VBY2NvdW50YC5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBTZXJ2aWNlQWNjb3VudFByb3BzIGV4dGVuZHMgYmFzZS5SZXNvdXJjZVByb3BzIHtcbiAgLyoqXG4gICAqIExpc3Qgb2Ygc2VjcmV0cyBhbGxvd2VkIHRvIGJlIHVzZWQgYnkgcG9kcyBydW5uaW5nIHVzaW5nIHRoaXNcbiAgICogU2VydmljZUFjY291bnQuXG4gICAqXG4gICAqIEBzZWUgaHR0cHM6Ly9rdWJlcm5ldGVzLmlvL2RvY3MvY29uY2VwdHMvY29uZmlndXJhdGlvbi9zZWNyZXRcbiAgICovXG4gIHJlYWRvbmx5IHNlY3JldHM/OiBzZWNyZXQuSVNlY3JldFtdO1xuXG4gIC8qKlxuICAgKiBJbmRpY2F0ZXMgd2hldGhlciBwb2RzIHJ1bm5pbmcgYXMgdGhpcyBzZXJ2aWNlIGFjY291bnRcbiAgICogc2hvdWxkIGhhdmUgYW4gQVBJIHRva2VuIGF1dG9tYXRpY2FsbHkgbW91bnRlZC4gQ2FuIGJlIG92ZXJyaWRkZW4gYXQgdGhlIHBvZCBsZXZlbC5cbiAgICpcbiAgICogQGRlZmF1bHQgZmFsc2VcbiAgICogQHNlZSBodHRwczovL2t1YmVybmV0ZXMuaW8vZG9jcy90YXNrcy9jb25maWd1cmUtcG9kLWNvbnRhaW5lci9jb25maWd1cmUtc2VydmljZS1hY2NvdW50LyN1c2UtdGhlLWRlZmF1bHQtc2VydmljZS1hY2NvdW50LXRvLWFjY2Vzcy10aGUtYXBpLXNlcnZlclxuICAgKi9cbiAgcmVhZG9ubHkgYXV0b21vdW50VG9rZW4/OiBib29sZWFuO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIEZyb21TZXJ2aWNlQWNjb3VudE5hbWVPcHRpb25zIHtcblxuICAvKipcbiAgICogVGhlIG5hbWUgb2YgdGhlIG5hbWVzcGFjZSB0aGUgc2VydmljZSBhY2NvdW50IGJlbG9uZ3MgdG8uXG4gICAqXG4gICAqIEBkZWZhdWx0IFwiZGVmYXVsdFwiXG4gICAqL1xuICByZWFkb25seSBuYW1lc3BhY2VOYW1lPzogc3RyaW5nO1xufVxuXG5jbGFzcyBJbXBvcnRlZFNlcnZpY2VBY2NvdW50IGV4dGVuZHMgQ29uc3RydWN0IGltcGxlbWVudHMgSVNlcnZpY2VBY2NvdW50IHtcblxuICBwcml2YXRlIHJlYWRvbmx5IF9uYW1lOiBzdHJpbmc7XG4gIHByaXZhdGUgcmVhZG9ubHkgX25hbWVzcGFjZU5hbWU6IHN0cmluZztcblxuICBwdWJsaWMgcmVhZG9ubHkgcmVzb3VyY2VUeXBlID0gJ3NlcnZpY2VhY2NvdW50cyc7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgbmFtZTogc3RyaW5nLCBvcHRpb25zOiBGcm9tU2VydmljZUFjY291bnROYW1lT3B0aW9ucyA9IHt9KSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcbiAgICB0aGlzLl9uYW1lID0gbmFtZTtcbiAgICB0aGlzLl9uYW1lc3BhY2VOYW1lID0gb3B0aW9ucy5uYW1lc3BhY2VOYW1lID8/ICdkZWZhdWx0JztcbiAgfVxuXG4gIHB1YmxpYyB0b1N1YmplY3RDb25maWd1cmF0aW9uKCk6IHJiLlN1YmplY3RDb25maWd1cmF0aW9uIHtcbiAgICByZXR1cm4ge1xuICAgICAga2luZDogdGhpcy5raW5kLFxuICAgICAgbmFtZTogdGhpcy5uYW1lLFxuICAgICAgYXBpR3JvdXA6IHRoaXMuYXBpR3JvdXAsXG4gICAgICBuYW1lc3BhY2U6IHRoaXMuX25hbWVzcGFjZU5hbWUsXG4gICAgfTtcbiAgfVxuXG4gIHB1YmxpYyBnZXQgbmFtZSgpOiBzdHJpbmcge1xuICAgIHJldHVybiB0aGlzLl9uYW1lO1xuICB9XG5cbiAgcHVibGljIGdldCBhcGlWZXJzaW9uKCk6IHN0cmluZyB7XG4gICAgcmV0dXJuIGs4cy5LdWJlU2VydmljZUFjY291bnQuR1ZLLmFwaVZlcnNpb247XG4gIH1cblxuICBwdWJsaWMgZ2V0IGFwaUdyb3VwKCk6IHN0cmluZyB7XG4gICAgcmV0dXJuICcnO1xuICB9XG5cbiAgcHVibGljIGdldCBraW5kKCk6IHN0cmluZyB7XG4gICAgcmV0dXJuIGs4cy5LdWJlU2VydmljZUFjY291bnQuR1ZLLmtpbmQ7XG4gIH1cblxuICBwdWJsaWMgZ2V0IHJlc291cmNlTmFtZSgpOiBzdHJpbmcge1xuICAgIHJldHVybiB0aGlzLm5hbWU7XG4gIH1cblxufVxuXG4vKipcbiAqIEEgc2VydmljZSBhY2NvdW50IHByb3ZpZGVzIGFuIGlkZW50aXR5IGZvciBwcm9jZXNzZXMgdGhhdCBydW4gaW4gYSBQb2QuXG4gKlxuICogV2hlbiB5b3UgKGEgaHVtYW4pIGFjY2VzcyB0aGUgY2x1c3RlciAoZm9yIGV4YW1wbGUsIHVzaW5nIGt1YmVjdGwpLCB5b3UgYXJlXG4gKiBhdXRoZW50aWNhdGVkIGJ5IHRoZSBhcGlzZXJ2ZXIgYXMgYSBwYXJ0aWN1bGFyIFVzZXIgQWNjb3VudCAoY3VycmVudGx5IHRoaXNcbiAqIGlzIHVzdWFsbHkgYWRtaW4sIHVubGVzcyB5b3VyIGNsdXN0ZXIgYWRtaW5pc3RyYXRvciBoYXMgY3VzdG9taXplZCB5b3VyXG4gKiBjbHVzdGVyKS4gUHJvY2Vzc2VzIGluIGNvbnRhaW5lcnMgaW5zaWRlIHBvZHMgY2FuIGFsc28gY29udGFjdCB0aGUgYXBpc2VydmVyLlxuICogV2hlbiB0aGV5IGRvLCB0aGV5IGFyZSBhdXRoZW50aWNhdGVkIGFzIGEgcGFydGljdWxhciBTZXJ2aWNlIEFjY291bnQgKGZvclxuICogZXhhbXBsZSwgZGVmYXVsdCkuXG4gKlxuICogQHNlZSBodHRwczovL2t1YmVybmV0ZXMuaW8vZG9jcy90YXNrcy9jb25maWd1cmUtcG9kLWNvbnRhaW5lci9jb25maWd1cmUtc2VydmljZS1hY2NvdW50XG4gKi9cbmV4cG9ydCBjbGFzcyBTZXJ2aWNlQWNjb3VudCBleHRlbmRzIGJhc2UuUmVzb3VyY2UgaW1wbGVtZW50cyBJU2VydmljZUFjY291bnQsIHJiLklTdWJqZWN0IHtcblxuICAvKipcbiAgICogSW1wb3J0cyBhIHNlcnZpY2UgYWNjb3VudCBmcm9tIHRoZSBjbHVzdGVyIGFzIGEgcmVmZXJlbmNlLlxuICAgKiBAcGFyYW0gbmFtZSBUaGUgbmFtZSBvZiB0aGUgc2VydmljZSBhY2NvdW50IHJlc291cmNlLlxuICAgKiBAcGFyYW0gb3B0aW9ucyBhZGRpdGlvbmFsIG9wdGlvbnMuXG4gICAqL1xuICBwdWJsaWMgc3RhdGljIGZyb21TZXJ2aWNlQWNjb3VudE5hbWUoc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgbmFtZTogc3RyaW5nLCBvcHRpb25zOiBGcm9tU2VydmljZUFjY291bnROYW1lT3B0aW9ucyA9IHt9KTogSVNlcnZpY2VBY2NvdW50IHtcbiAgICByZXR1cm4gbmV3IEltcG9ydGVkU2VydmljZUFjY291bnQoc2NvcGUsIGlkLCBuYW1lLCBvcHRpb25zKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBAc2VlIGJhc2UuUmVzb3VyY2UuYXBpT2JqZWN0XG4gICAqL1xuICBwcm90ZWN0ZWQgcmVhZG9ubHkgYXBpT2JqZWN0OiBBcGlPYmplY3Q7XG5cbiAgcHVibGljIHJlYWRvbmx5IHJlc291cmNlVHlwZSA9ICdzZXJ2aWNlYWNjb3VudHMnO1xuXG4gIHByaXZhdGUgcmVhZG9ubHkgX3NlY3JldHM6IHNlY3JldC5JU2VjcmV0W107XG5cbiAgLyoqXG4gICAqIFdoZXRoZXIgb3Igbm90IGEgdG9rZW4gaXMgYXV0b21hdGljYWxseSBtb3VudGVkIGZvciB0aGlzXG4gICAqIHNlcnZpY2UgYWNjb3VudC5cbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBhdXRvbW91bnRUb2tlbjogYm9vbGVhbjtcblxuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogU2VydmljZUFjY291bnRQcm9wcyA9IHsgfSkge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICB0aGlzLl9zZWNyZXRzID0gcHJvcHMuc2VjcmV0cyA/PyBbXTtcbiAgICB0aGlzLmF1dG9tb3VudFRva2VuID0gcHJvcHMuYXV0b21vdW50VG9rZW4gPz8gZmFsc2U7XG5cbiAgICB0aGlzLmFwaU9iamVjdCA9IG5ldyBrOHMuS3ViZVNlcnZpY2VBY2NvdW50KHRoaXMsICdSZXNvdXJjZScsIHtcbiAgICAgIG1ldGFkYXRhOiBwcm9wcy5tZXRhZGF0YSxcbiAgICAgIHNlY3JldHM6IExhenkuYW55KHsgcHJvZHVjZTogKCkgPT4gdW5kZWZpbmVkSWZFbXB0eSh0aGlzLl9zZWNyZXRzLm1hcChzID0+ICh7IG5hbWU6IHMubmFtZSB9KSkpIH0pLFxuICAgICAgYXV0b21vdW50U2VydmljZUFjY291bnRUb2tlbjogdGhpcy5hdXRvbW91bnRUb2tlbixcbiAgICB9KTtcbiAgfVxuXG4gIC8qKlxuICAgKiBBbGxvdyBhIHNlY3JldCB0byBiZSBhY2Nlc3NlZCBieSBwb2RzIHVzaW5nIHRoaXMgc2VydmljZSBhY2NvdW50LlxuICAgKiBAcGFyYW0gc2VjciBUaGUgc2VjcmV0XG4gICAqL1xuICBwdWJsaWMgYWRkU2VjcmV0KHNlY3I6IHNlY3JldC5JU2VjcmV0KSB7XG4gICAgdGhpcy5fc2VjcmV0cy5wdXNoKHNlY3IpO1xuICB9XG5cbiAgLyoqXG4gICAqIExpc3Qgb2Ygc2VjcmV0cyBhbGxvd2VkIHRvIGJlIHVzZWQgYnkgcG9kcyBydW5uaW5nIHVzaW5nIHRoaXMgc2VydmljZVxuICAgKiBhY2NvdW50LlxuICAgKlxuICAgKiBSZXR1cm5zIGEgY29weS4gVG8gYWRkIGEgc2VjcmV0LCB1c2UgYGFkZFNlY3JldCgpYC5cbiAgICovXG4gIHB1YmxpYyBnZXQgc2VjcmV0cygpIHtcbiAgICByZXR1cm4gWy4uLnRoaXMuX3NlY3JldHNdO1xuICB9XG5cbiAgLyoqXG4gICAqIEBzZWUgSVN1YmVjdC50b1N1YmplY3RDb25maWd1cmF0aW9uKClcbiAgICovXG4gIHB1YmxpYyB0b1N1YmplY3RDb25maWd1cmF0aW9uKCk6IHJiLlN1YmplY3RDb25maWd1cmF0aW9uIHtcbiAgICByZXR1cm4ge1xuICAgICAga2luZDogdGhpcy5raW5kLFxuICAgICAgbmFtZTogdGhpcy5uYW1lLFxuICAgICAgYXBpR3JvdXA6IHRoaXMuYXBpR3JvdXAsXG4gICAgICBuYW1lc3BhY2U6IHRoaXMubWV0YWRhdGEubmFtZXNwYWNlLFxuICAgIH07XG4gIH1cblxufSJdfQ==