Description
Describe the feature
The AccessEntry construct currently takes string for the principal prop. This is counterintuitive when compared with the rest of CDK where similar props take an IPrincipal/IGrantable. You should be able to pass a Role or User directly to AccessEntry without calling .arn yourself.
Use Case
I want intent based syntax, especially when using it in the context of cluster.grantAccess(), where in most other places you would just pass the IPrincipal/IGrantable.
Proposed Solution
I'd love it if this was implemented overriding the old prop as it's named best for it, but I get not wanting to break backwards compatibility. I'd suggest doing that for the eks-v2-alpha where you are explicitly breaking backwards compatibility. For the current stable version, perhaps you could add a new prop called grantee that takes an IGrantable.
Other Information
I'm open to discussion on whether IGrantable or IPrincipal makes more sense.
Acknowledgements
- I may be able to implement this feature request
- This feature might incur a breaking change
CDK version used
2.187.0
Environment details (OS name and version, etc.)
n/a