aws-cdk-lib 2.144.0__py3-none-any.whl → 2.145.0__py3-none-any.whl

aws_cdk/aws_eks/__init__.py

@@ -74,13 +74,13 @@ This example defines an Amazon EKS cluster with the following configuration:
 * A Kubernetes pod with a container based on the [paulbouwer/hello-kubernetes](https://github.com/paulbouwer/hello-kubernetes) image.
 
 ```python
-from aws_cdk.lambda_layer_kubectl_v29 import KubectlV29Layer
+from aws_cdk.lambda_layer_kubectl_v30 import KubectlV30Layer
 
 
 # provisioning a cluster
 cluster = eks.Cluster(self, "hello-eks",
-    version=eks.KubernetesVersion.V1_29,
-    kubectl_layer=KubectlV29Layer(self, "kubectl")
+    version=eks.KubernetesVersion.V1_30,
+    kubectl_layer=KubectlV30Layer(self, "kubectl")
 )
 
 # apply a kubernetes manifest to the cluster
@@ -145,7 +145,7 @@ Creating a new cluster is done using the `Cluster` or `FargateCluster` construct
 
 ```python
 eks.Cluster(self, "HelloEKS",
-    version=eks.KubernetesVersion.V1_29
+    version=eks.KubernetesVersion.V1_30
 )
 ```
 
@@ -153,7 +153,7 @@ You can also use `FargateCluster` to provision a cluster that uses only fargate
 
 ```python
 eks.FargateCluster(self, "HelloEKS",
-    version=eks.KubernetesVersion.V1_29
+    version=eks.KubernetesVersion.V1_30
 )
 ```
 
@@ -177,7 +177,7 @@ At cluster instantiation time, you can customize the number of instances and the
 
 ```python
 eks.Cluster(self, "HelloEKS",
-    version=eks.KubernetesVersion.V1_29,
+    version=eks.KubernetesVersion.V1_30,
     default_capacity=5,
     default_capacity_instance=ec2.InstanceType.of(ec2.InstanceClass.M5, ec2.InstanceSize.SMALL)
 )
@@ -189,7 +189,7 @@ Additional customizations are available post instantiation. To apply them, set t
 
 ```python
 cluster = eks.Cluster(self, "HelloEKS",
-    version=eks.KubernetesVersion.V1_29,
+    version=eks.KubernetesVersion.V1_30,
     default_capacity=0
 )
 
@@ -291,7 +291,7 @@ eks_cluster_node_group_role = iam.Role(self, "eksClusterNodeGroupRole",
 )
 
 cluster = eks.Cluster(self, "HelloEKS",
-    version=eks.KubernetesVersion.V1_29,
+    version=eks.KubernetesVersion.V1_30,
     default_capacity=0
 )
 
@@ -403,7 +403,7 @@ successful replacement. Consider this example if you are renaming the cluster fr
 ```python
 cluster = eks.Cluster(self, "cluster-to-rename",
     cluster_name="foo",  # rename this to 'bar'
-    version=eks.KubernetesVersion.V1_29
+    version=eks.KubernetesVersion.V1_30
 )
 
 # allow the cluster admin role to delete the cluster 'foo'
@@ -457,7 +457,7 @@ The following code defines an Amazon EKS cluster with a default Fargate Profile
 
 ```python
 cluster = eks.FargateCluster(self, "MyCluster",
-    version=eks.KubernetesVersion.V1_29
+    version=eks.KubernetesVersion.V1_30
 )
 ```
 
@@ -538,7 +538,7 @@ You can also configure the cluster to use an auto-scaling group as the default c
 
 ```python
 cluster = eks.Cluster(self, "HelloEKS",
-    version=eks.KubernetesVersion.V1_29,
+    version=eks.KubernetesVersion.V1_30,
     default_capacity_type=eks.DefaultCapacityType.EC2
 )
 ```
@@ -647,7 +647,7 @@ You can configure the [cluster endpoint access](https://docs.aws.amazon.com/eks/
 
 ```python
 cluster = eks.Cluster(self, "hello-eks",
-    version=eks.KubernetesVersion.V1_29,
+    version=eks.KubernetesVersion.V1_30,
     endpoint_access=eks.EndpointAccess.PRIVATE
 )
 ```
@@ -669,7 +669,7 @@ To deploy the controller on your EKS cluster, configure the `albController` prop
 
 ```python
 eks.Cluster(self, "HelloEKS",
-    version=eks.KubernetesVersion.V1_29,
+    version=eks.KubernetesVersion.V1_30,
     alb_controller=eks.AlbControllerOptions(
         version=eks.AlbControllerVersion.V2_6_2
     )
@@ -713,7 +713,7 @@ You can specify the VPC of the cluster using the `vpc` and `vpcSubnets` properti
 
 
 eks.Cluster(self, "HelloEKS",
-    version=eks.KubernetesVersion.V1_29,
+    version=eks.KubernetesVersion.V1_30,
     vpc=vpc,
     vpc_subnets=[ec2.SubnetSelection(subnet_type=ec2.SubnetType.PRIVATE_WITH_EGRESS)]
 )
@@ -762,7 +762,7 @@ You can configure the environment of the Cluster Handler functions by specifying
 # proxy_instance_security_group: ec2.SecurityGroup
 
 cluster = eks.Cluster(self, "hello-eks",
-    version=eks.KubernetesVersion.V1_29,
+    version=eks.KubernetesVersion.V1_30,
     cluster_handler_environment={
         "https_proxy": "http://proxy.myproxy.com"
     },
@@ -803,7 +803,7 @@ for subnet in subnets:
     subnetcount = subnetcount + 1
 
 cluster = eks.Cluster(self, "hello-eks",
-    version=eks.KubernetesVersion.V1_29,
+    version=eks.KubernetesVersion.V1_30,
     vpc=vpc,
     ip_family=eks.IpFamily.IP_V6,
     vpc_subnets=[ec2.SubnetSelection(subnets=vpc.public_subnets)]
@@ -838,7 +838,7 @@ You can configure the environment of this function by specifying it at cluster i
 
 ```python
 cluster = eks.Cluster(self, "hello-eks",
-    version=eks.KubernetesVersion.V1_29,
+    version=eks.KubernetesVersion.V1_30,
     kubectl_environment={
         "http_proxy": "http://proxy.myproxy.com"
     }
@@ -858,12 +858,12 @@ Depending on which version of kubernetes you're targeting, you will need to use
 the `@aws-cdk/lambda-layer-kubectl-vXY` packages.
 
 ```python
-from aws_cdk.lambda_layer_kubectl_v29 import KubectlV29Layer
+from aws_cdk.lambda_layer_kubectl_v30 import KubectlV30Layer
 
 
 cluster = eks.Cluster(self, "hello-eks",
-    version=eks.KubernetesVersion.V1_29,
-    kubectl_layer=KubectlV29Layer(self, "kubectl")
+    version=eks.KubernetesVersion.V1_30,
+    kubectl_layer=KubectlV30Layer(self, "kubectl")
 )
 ```
 
@@ -899,7 +899,7 @@ cluster1 = eks.Cluster(self, "MyCluster",
     kubectl_layer=layer,
     vpc=vpc,
     cluster_name="cluster-name",
-    version=eks.KubernetesVersion.V1_29
+    version=eks.KubernetesVersion.V1_30
 )
 
 # or
@@ -919,7 +919,7 @@ By default, the kubectl provider is configured with 1024MiB of memory. You can u
 # vpc: ec2.Vpc
 eks.Cluster(self, "MyCluster",
     kubectl_memory=Size.gibibytes(4),
-    version=eks.KubernetesVersion.V1_29
+    version=eks.KubernetesVersion.V1_30
 )
 eks.Cluster.from_cluster_attributes(self, "MyCluster",
     kubectl_memory=Size.gibibytes(4),
@@ -957,7 +957,7 @@ When you create a cluster, you can specify a `mastersRole`. The `Cluster` constr
 # role: iam.Role
 
 eks.Cluster(self, "HelloEKS",
-    version=eks.KubernetesVersion.V1_29,
+    version=eks.KubernetesVersion.V1_30,
     masters_role=role
 )
 ```
@@ -1007,7 +1007,7 @@ You can use the `secretsEncryptionKey` to configure which key the cluster will u
 secrets_key = kms.Key(self, "SecretsKey")
 cluster = eks.Cluster(self, "MyCluster",
     secrets_encryption_key=secrets_key,
-    version=eks.KubernetesVersion.V1_29
+    version=eks.KubernetesVersion.V1_30
 )
 ```
 
@@ -1017,7 +1017,7 @@ You can also use a similar configuration for running a cluster built using the F
 secrets_key = kms.Key(self, "SecretsKey")
 cluster = eks.FargateCluster(self, "MyFargateCluster",
     secrets_encryption_key=secrets_key,
-    version=eks.KubernetesVersion.V1_29
+    version=eks.KubernetesVersion.V1_30
 )
 ```
 
@@ -1064,7 +1064,7 @@ To access the Kubernetes resources from the console, make sure your viewing prin
 in the `aws-auth` ConfigMap. Some options to consider:
 
 ```python
-from aws_cdk.lambda_layer_kubectl_v29 import KubectlV29Layer
+from aws_cdk.lambda_layer_kubectl_v30 import KubectlV30Layer
 # cluster: eks.Cluster
 # your_current_role: iam.Role
 # vpc: ec2.Vpc
@@ -1082,7 +1082,7 @@ your_current_role.add_to_policy(iam.PolicyStatement(
 
 ```python
 # Option 2: create your custom mastersRole with scoped assumeBy arn as the Cluster prop. Switch to this role from the AWS console.
-from aws_cdk.lambda_layer_kubectl_v29 import KubectlV29Layer
+from aws_cdk.lambda_layer_kubectl_v30 import KubectlV30Layer
 # vpc: ec2.Vpc
 
 
@@ -1092,8 +1092,8 @@ masters_role = iam.Role(self, "MastersRole",
 
 cluster = eks.Cluster(self, "EksCluster",
     vpc=vpc,
-    version=eks.KubernetesVersion.V1_29,
-    kubectl_layer=KubectlV29Layer(self, "KubectlLayer"),
+    version=eks.KubernetesVersion.V1_30,
+    kubectl_layer=KubectlV30Layer(self, "KubectlLayer"),
     masters_role=masters_role
 )
 
@@ -1372,7 +1372,7 @@ when a cluster is defined:
 
 ```python
 eks.Cluster(self, "MyCluster",
-    version=eks.KubernetesVersion.V1_29,
+    version=eks.KubernetesVersion.V1_30,
     prune=False
 )
 ```
@@ -1754,7 +1754,7 @@ property. For example:
 ```python
 cluster = eks.Cluster(self, "Cluster",
     # ...
-    version=eks.KubernetesVersion.V1_29,
+    version=eks.KubernetesVersion.V1_30,
     cluster_logging=[eks.ClusterLoggingTypes.API, eks.ClusterLoggingTypes.AUTHENTICATOR, eks.ClusterLoggingTypes.SCHEDULER
     ]
 )
@@ -1958,7 +1958,7 @@ class AlbControllerOptions:
         Example::
 
             eks.Cluster(self, "HelloEKS",
-                version=eks.KubernetesVersion.V1_29,
+                version=eks.KubernetesVersion.V1_30,
                 alb_controller=eks.AlbControllerOptions(
                     version=eks.AlbControllerVersion.V2_6_2
                 )
@@ -2151,7 +2151,7 @@ class AlbControllerVersion(
     Example::
 
         eks.Cluster(self, "HelloEKS",
-            version=eks.KubernetesVersion.V1_29,
+            version=eks.KubernetesVersion.V1_30,
             alb_controller=eks.AlbControllerOptions(
                 version=eks.AlbControllerVersion.V2_6_2
             )
@@ -4207,6 +4207,10 @@ class CfnAddon(
             # the properties below are optional
             addon_version="addonVersion",
             configuration_values="configurationValues",
+            pod_identity_associations=[eks.CfnAddon.PodIdentityAssociationProperty(
+                role_arn="roleArn",
+                service_account="serviceAccount"
+            )],
             preserve_on_delete=False,
             resolve_conflicts="resolveConflicts",
             service_account_role_arn="serviceAccountRoleArn",
@@ -4226,6 +4230,7 @@ class CfnAddon(
         cluster_name: builtins.str,
         addon_version: typing.Optional[builtins.str] = None,
         configuration_values: typing.Optional[builtins.str] = None,
+        pod_identity_associations: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union["CfnAddon.PodIdentityAssociationProperty", typing.Dict[builtins.str, typing.Any]]]]]] = None,
         preserve_on_delete: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         resolve_conflicts: typing.Optional[builtins.str] = None,
         service_account_role_arn: typing.Optional[builtins.str] = None,
@@ -4238,6 +4243,7 @@ class CfnAddon(
         :param cluster_name: The name of your cluster.
         :param addon_version: The version of the add-on.
         :param configuration_values: The configuration values that you provided.
+        :param pod_identity_associations: An array of pod identities to apply to this add-on.
         :param preserve_on_delete: Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed.
         :param resolve_conflicts: How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose: - *None* – If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail. - *Overwrite* – If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value. - *Preserve* – This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see `UpdateAddon <https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html>`_ . If you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.
         :param service_account_role_arn: The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see `Amazon EKS node IAM role <https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html>`_ in the *Amazon EKS User Guide* . .. epigraph:: To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see `Enabling IAM roles for service accounts on your cluster <https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html>`_ in the *Amazon EKS User Guide* .
@@ -4252,6 +4258,7 @@ class CfnAddon(
             cluster_name=cluster_name,
             addon_version=addon_version,
             configuration_values=configuration_values,
+            pod_identity_associations=pod_identity_associations,
             preserve_on_delete=preserve_on_delete,
             resolve_conflicts=resolve_conflicts,
             service_account_role_arn=service_account_role_arn,
@@ -4362,6 +4369,24 @@ class CfnAddon(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "configurationValues", value)
 
+    @builtins.property
+    @jsii.member(jsii_name="podIdentityAssociations")
+    def pod_identity_associations(
+        self,
+    ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnAddon.PodIdentityAssociationProperty"]]]]:
+        '''An array of pod identities to apply to this add-on.'''
+        return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnAddon.PodIdentityAssociationProperty"]]]], jsii.get(self, "podIdentityAssociations"))
+
+    @pod_identity_associations.setter
+    def pod_identity_associations(
+        self,
+        value: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnAddon.PodIdentityAssociationProperty"]]]],
+    ) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__04a430658e28600fba10a8c3e5edab2978904829dda6f2c70e9cca8560f7e400)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "podIdentityAssociations", value)
+
     @builtins.property
     @jsii.member(jsii_name="preserveOnDelete")
     def preserve_on_delete(
@@ -4419,6 +4444,77 @@ class CfnAddon(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "tagsRaw", value)
 
+    @jsii.data_type(
+        jsii_type="aws-cdk-lib.aws_eks.CfnAddon.PodIdentityAssociationProperty",
+        jsii_struct_bases=[],
+        name_mapping={"role_arn": "roleArn", "service_account": "serviceAccount"},
+    )
+    class PodIdentityAssociationProperty:
+        def __init__(
+            self,
+            *,
+            role_arn: builtins.str,
+            service_account: builtins.str,
+        ) -> None:
+            '''A pod identity to associate with an add-on.
+
+            :param role_arn: The IAM role ARN that the pod identity association is created for.
+            :param service_account: The Kubernetes service account that the pod identity association is created for.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-addon-podidentityassociation.html
+            :exampleMetadata: fixture=_generated
+
+            Example::
+
+                # The code below shows an example of how to instantiate this type.
+                # The values are placeholders you should change.
+                from aws_cdk import aws_eks as eks
+                
+                pod_identity_association_property = eks.CfnAddon.PodIdentityAssociationProperty(
+                    role_arn="roleArn",
+                    service_account="serviceAccount"
+                )
+            '''
+            if __debug__:
+                type_hints = typing.get_type_hints(_typecheckingstub__3925c850dd0d0ad3b9faeea87aafbe69220a7bf33d95af5527715674625c9891)
+                check_type(argname="argument role_arn", value=role_arn, expected_type=type_hints["role_arn"])
+                check_type(argname="argument service_account", value=service_account, expected_type=type_hints["service_account"])
+            self._values: typing.Dict[builtins.str, typing.Any] = {
+                "role_arn": role_arn,
+                "service_account": service_account,
+            }
+
+        @builtins.property
+        def role_arn(self) -> builtins.str:
+            '''The IAM role ARN that the pod identity association is created for.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-addon-podidentityassociation.html#cfn-eks-addon-podidentityassociation-rolearn
+            '''
+            result = self._values.get("role_arn")
+            assert result is not None, "Required property 'role_arn' is missing"
+            return typing.cast(builtins.str, result)
+
+        @builtins.property
+        def service_account(self) -> builtins.str:
+            '''The Kubernetes service account that the pod identity association is created for.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-addon-podidentityassociation.html#cfn-eks-addon-podidentityassociation-serviceaccount
+            '''
+            result = self._values.get("service_account")
+            assert result is not None, "Required property 'service_account' is missing"
+            return typing.cast(builtins.str, result)
+
+        def __eq__(self, rhs: typing.Any) -> builtins.bool:
+            return isinstance(rhs, self.__class__) and rhs._values == self._values
+
+        def __ne__(self, rhs: typing.Any) -> builtins.bool:
+            return not (rhs == self)
+
+        def __repr__(self) -> str:
+            return "PodIdentityAssociationProperty(%s)" % ", ".join(
+                k + "=" + repr(v) for k, v in self._values.items()
+            )
+
 
 @jsii.data_type(
     jsii_type="aws-cdk-lib.aws_eks.CfnAddonProps",
@@ -4428,6 +4524,7 @@ class CfnAddon(
         "cluster_name": "clusterName",
         "addon_version": "addonVersion",
         "configuration_values": "configurationValues",
+        "pod_identity_associations": "podIdentityAssociations",
         "preserve_on_delete": "preserveOnDelete",
         "resolve_conflicts": "resolveConflicts",
         "service_account_role_arn": "serviceAccountRoleArn",
@@ -4442,6 +4539,7 @@ class CfnAddonProps:
         cluster_name: builtins.str,
         addon_version: typing.Optional[builtins.str] = None,
         configuration_values: typing.Optional[builtins.str] = None,
+        pod_identity_associations: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnAddon.PodIdentityAssociationProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
         preserve_on_delete: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         resolve_conflicts: typing.Optional[builtins.str] = None,
         service_account_role_arn: typing.Optional[builtins.str] = None,
@@ -4453,6 +4551,7 @@ class CfnAddonProps:
         :param cluster_name: The name of your cluster.
         :param addon_version: The version of the add-on.
         :param configuration_values: The configuration values that you provided.
+        :param pod_identity_associations: An array of pod identities to apply to this add-on.
         :param preserve_on_delete: Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed.
         :param resolve_conflicts: How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose: - *None* – If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail. - *Overwrite* – If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value. - *Preserve* – This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see `UpdateAddon <https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html>`_ . If you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.
         :param service_account_role_arn: The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see `Amazon EKS node IAM role <https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html>`_ in the *Amazon EKS User Guide* . .. epigraph:: To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see `Enabling IAM roles for service accounts on your cluster <https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html>`_ in the *Amazon EKS User Guide* .
@@ -4474,6 +4573,10 @@ class CfnAddonProps:
                 # the properties below are optional
                 addon_version="addonVersion",
                 configuration_values="configurationValues",
+                pod_identity_associations=[eks.CfnAddon.PodIdentityAssociationProperty(
+                    role_arn="roleArn",
+                    service_account="serviceAccount"
+                )],
                 preserve_on_delete=False,
                 resolve_conflicts="resolveConflicts",
                 service_account_role_arn="serviceAccountRoleArn",
@@ -4489,6 +4592,7 @@ class CfnAddonProps:
             check_type(argname="argument cluster_name", value=cluster_name, expected_type=type_hints["cluster_name"])
             check_type(argname="argument addon_version", value=addon_version, expected_type=type_hints["addon_version"])
             check_type(argname="argument configuration_values", value=configuration_values, expected_type=type_hints["configuration_values"])
+            check_type(argname="argument pod_identity_associations", value=pod_identity_associations, expected_type=type_hints["pod_identity_associations"])
             check_type(argname="argument preserve_on_delete", value=preserve_on_delete, expected_type=type_hints["preserve_on_delete"])
             check_type(argname="argument resolve_conflicts", value=resolve_conflicts, expected_type=type_hints["resolve_conflicts"])
             check_type(argname="argument service_account_role_arn", value=service_account_role_arn, expected_type=type_hints["service_account_role_arn"])
@@ -4501,6 +4605,8 @@ class CfnAddonProps:
             self._values["addon_version"] = addon_version
         if configuration_values is not None:
             self._values["configuration_values"] = configuration_values
+        if pod_identity_associations is not None:
+            self._values["pod_identity_associations"] = pod_identity_associations
         if preserve_on_delete is not None:
             self._values["preserve_on_delete"] = preserve_on_delete
         if resolve_conflicts is not None:
@@ -4548,6 +4654,17 @@ class CfnAddonProps:
         result = self._values.get("configuration_values")
         return typing.cast(typing.Optional[builtins.str], result)
 
+    @builtins.property
+    def pod_identity_associations(
+        self,
+    ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, CfnAddon.PodIdentityAssociationProperty]]]]:
+        '''An array of pod identities to apply to this add-on.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-addon.html#cfn-eks-addon-podidentityassociations
+        '''
+        result = self._values.get("pod_identity_associations")
+        return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, CfnAddon.PodIdentityAssociationProperty]]]], result)
+
     @builtins.property
     def preserve_on_delete(
         self,
@@ -9340,7 +9457,7 @@ class ClusterLoggingTypes(enum.Enum):
 
         cluster = eks.Cluster(self, "Cluster",
             # ...
-            version=eks.KubernetesVersion.V1_29,
+            version=eks.KubernetesVersion.V1_30,
             cluster_logging=[eks.ClusterLoggingTypes.API, eks.ClusterLoggingTypes.AUTHENTICATOR, eks.ClusterLoggingTypes.SCHEDULER
             ]
         )
@@ -9579,7 +9696,7 @@ class DefaultCapacityType(enum.Enum):
     Example::
 
         cluster = eks.Cluster(self, "HelloEKS",
-            version=eks.KubernetesVersion.V1_29,
+            version=eks.KubernetesVersion.V1_30,
             default_capacity_type=eks.DefaultCapacityType.EC2
         )
     '''
@@ -9748,7 +9865,7 @@ class EndpointAccess(
     Example::
 
         cluster = eks.Cluster(self, "hello-eks",
-            version=eks.KubernetesVersion.V1_29,
+            version=eks.KubernetesVersion.V1_30,
             endpoint_access=eks.EndpointAccess.PRIVATE
         )
     '''
@@ -11690,7 +11807,7 @@ class IpFamily(enum.Enum):
             subnetcount = subnetcount + 1
         
         cluster = eks.Cluster(self, "hello-eks",
-            version=eks.KubernetesVersion.V1_29,
+            version=eks.KubernetesVersion.V1_30,
             vpc=vpc,
             ip_family=eks.IpFamily.IP_V6,
             vpc_subnets=[ec2.SubnetSelection(subnets=vpc.public_subnets)]
@@ -12815,7 +12932,7 @@ class KubernetesVersion(
     Example::
 
         cluster = eks.Cluster(self, "HelloEKS",
-            version=eks.KubernetesVersion.V1_29,
+            version=eks.KubernetesVersion.V1_30,
             default_capacity=0
         )
         
@@ -13020,6 +13137,17 @@ class KubernetesVersion(
         '''
         return typing.cast("KubernetesVersion", jsii.sget(cls, "V1_29"))
 
+    @jsii.python.classproperty
+    @jsii.member(jsii_name="V1_30")
+    def V1_30(cls) -> "KubernetesVersion":
+        '''Kubernetes version 1.30.
+
+        When creating a ``Cluster`` with this version, you need to also specify the
+        ``kubectlLayer`` property with a ``KubectlV29Layer`` from
+        ``@aws-cdk/lambda-layer-kubectl-v30``.
+        '''
+        return typing.cast("KubernetesVersion", jsii.sget(cls, "V1_30"))
+
     @builtins.property
     @jsii.member(jsii_name="version")
     def version(self) -> builtins.str:
@@ -16760,7 +16888,7 @@ class ClusterProps(ClusterOptions):
             # vpc: ec2.Vpc
             eks.Cluster(self, "MyCluster",
                 kubectl_memory=Size.gibibytes(4),
-                version=eks.KubernetesVersion.V1_29
+                version=eks.KubernetesVersion.V1_30
             )
             eks.Cluster.from_cluster_attributes(self, "MyCluster",
                 kubectl_memory=Size.gibibytes(4),
@@ -17250,7 +17378,7 @@ class FargateCluster(
     Example::
 
         cluster = eks.FargateCluster(self, "MyCluster",
-            version=eks.KubernetesVersion.V1_29
+            version=eks.KubernetesVersion.V1_30
         )
     '''
 
@@ -17461,7 +17589,7 @@ class FargateClusterProps(ClusterOptions):
         Example::
 
             cluster = eks.FargateCluster(self, "MyCluster",
-                version=eks.KubernetesVersion.V1_29
+                version=eks.KubernetesVersion.V1_30
             )
         '''
         if isinstance(alb_controller, dict):
@@ -18306,6 +18434,7 @@ def _typecheckingstub__45ff0728c7d6fc5f47c97aa791c327f70a32e19bdf463d94d9351053f
     cluster_name: builtins.str,
     addon_version: typing.Optional[builtins.str] = None,
     configuration_values: typing.Optional[builtins.str] = None,
+    pod_identity_associations: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnAddon.PodIdentityAssociationProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
     preserve_on_delete: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     resolve_conflicts: typing.Optional[builtins.str] = None,
     service_account_role_arn: typing.Optional[builtins.str] = None,
@@ -18350,6 +18479,12 @@ def _typecheckingstub__f2b158aed78a78d2962c2650df64f6c3880ccb508ebd6b281bda6c1a1
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__04a430658e28600fba10a8c3e5edab2978904829dda6f2c70e9cca8560f7e400(
+    value: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, CfnAddon.PodIdentityAssociationProperty]]]],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__c38bc0bc32707ba96b79f5dda73d99054ea5b77577796b10a0f95ff6fe51b133(
     value: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]],
 ) -> None:
@@ -18374,12 +18509,21 @@ def _typecheckingstub__61cfcc2cd9aba81e02df7f2a5c976044dc5e5cbf6c05b880c4944cb35
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__3925c850dd0d0ad3b9faeea87aafbe69220a7bf33d95af5527715674625c9891(
+    *,
+    role_arn: builtins.str,
+    service_account: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__484b2779e40e4780cb0940ac7bc9daaf91fa04347613d732138d3be3d3f5a2d9(
     *,
     addon_name: builtins.str,
     cluster_name: builtins.str,
     addon_version: typing.Optional[builtins.str] = None,
     configuration_values: typing.Optional[builtins.str] = None,
+    pod_identity_associations: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnAddon.PodIdentityAssociationProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
     preserve_on_delete: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     resolve_conflicts: typing.Optional[builtins.str] = None,
     service_account_role_arn: typing.Optional[builtins.str] = None,

aws_cdk/aws_iam/__init__.py

@@ -13753,7 +13753,7 @@ class ArnPrincipal(
     Example::
 
         # Option 2: create your custom mastersRole with scoped assumeBy arn as the Cluster prop. Switch to this role from the AWS console.
-        from aws_cdk.lambda_layer_kubectl_v29 import KubectlV29Layer
+        from aws_cdk.lambda_layer_kubectl_v30 import KubectlV30Layer
         # vpc: ec2.Vpc
         
         
@@ -13763,8 +13763,8 @@ class ArnPrincipal(
         
         cluster = eks.Cluster(self, "EksCluster",
             vpc=vpc,
-            version=eks.KubernetesVersion.V1_29,
-            kubectl_layer=KubectlV29Layer(self, "KubectlLayer"),
+            version=eks.KubernetesVersion.V1_30,
+            kubectl_layer=KubectlV30Layer(self, "KubectlLayer"),
             masters_role=masters_role
         )
         

aws_cdk/aws_lambda/__init__.py

@@ -1647,6 +1647,12 @@ class AdotLambdaLayerGenericVersion(
         '''Version 0.90.1.'''
         return typing.cast("AdotLambdaLayerGenericVersion", jsii.sget(cls, "V0_90_1"))
 
+    @jsii.python.classproperty
+    @jsii.member(jsii_name="V0_98_0")
+    def V0_98_0(cls) -> "AdotLambdaLayerGenericVersion":
+        '''Version 0.98.0.'''
+        return typing.cast("AdotLambdaLayerGenericVersion", jsii.sget(cls, "V0_98_0"))
+
     @builtins.property
     @jsii.member(jsii_name="layerVersion")
     def _layer_version(self) -> builtins.str:
@@ -2002,6 +2008,12 @@ class AdotLambdaLayerPythonSdkVersion(
         '''Version 1.21.0.'''
         return typing.cast("AdotLambdaLayerPythonSdkVersion", jsii.sget(cls, "V1_21_0"))
 
+    @jsii.python.classproperty
+    @jsii.member(jsii_name="V1_24_0")
+    def V1_24_0(cls) -> "AdotLambdaLayerPythonSdkVersion":
+        '''Version 1.24.0.'''
+        return typing.cast("AdotLambdaLayerPythonSdkVersion", jsii.sget(cls, "V1_24_0"))
+
     @builtins.property
     @jsii.member(jsii_name="layerVersion")
     def _layer_version(self) -> builtins.str: