diff --git a/.gitignore b/.gitignore
index 98cc7be36c..e6b90d450d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -67,13 +67,13 @@ dist/
/docs/reference/cdk8s/java.md
/docs/reference/cdk8s/typescript.md
/docs/reference/cdk8s/python.md
+/docs/reference/cdk8s-plus-30/java.md
+/docs/reference/cdk8s-plus-30/typescript.md
+/docs/reference/cdk8s-plus-30/python.md
/docs/reference/cdk8s-plus-29/java.md
/docs/reference/cdk8s-plus-29/typescript.md
/docs/reference/cdk8s-plus-29/python.md
/docs/reference/cdk8s-plus-28/java.md
/docs/reference/cdk8s-plus-28/typescript.md
/docs/reference/cdk8s-plus-28/python.md
-/docs/reference/cdk8s-plus-27/java.md
-/docs/reference/cdk8s-plus-27/typescript.md
-/docs/reference/cdk8s-plus-27/python.md
!/.projenrc.ts
diff --git a/.projen/deps.json b/.projen/deps.json
index 0d87b2c830..f4fa1a066f 100644
--- a/.projen/deps.json
+++ b/.projen/deps.json
@@ -32,15 +32,15 @@
"type": "build"
},
{
- "name": "cdk8s-plus-27",
+ "name": "cdk8s-plus-28",
"type": "build"
},
{
- "name": "cdk8s-plus-28",
+ "name": "cdk8s-plus-29",
"type": "build"
},
{
- "name": "cdk8s-plus-29",
+ "name": "cdk8s-plus-30",
"type": "build"
},
{
diff --git a/.projen/tasks.json b/.projen/tasks.json
index c88c9ad0da..9e0233978b 100644
--- a/.projen/tasks.json
+++ b/.projen/tasks.json
@@ -137,7 +137,7 @@
"name": "rotate-cdk8s-plus",
"steps": [
{
- "exec": "ts-node src/rotate-cdk8s-plus.ts 29"
+ "exec": "ts-node src/rotate-cdk8s-plus.ts 30"
}
]
},
@@ -206,13 +206,13 @@
},
"steps": [
{
- "exec": "npx npm-check-updates@16 --upgrade --target=minor --peer --dep=dev --filter=@types/jest,cdk8s,cdk8s-cli,cdk8s-plus-27,cdk8s-plus-28,cdk8s-plus-29,eslint-import-resolver-typescript,eslint-plugin-import,jest,lerna,semver,ts-jest,ts-node"
+ "exec": "npx npm-check-updates@16 --upgrade --target=minor --peer --dep=dev --filter=@types/jest,cdk8s,cdk8s-cli,cdk8s-plus-28,cdk8s-plus-29,cdk8s-plus-30,eslint-import-resolver-typescript,eslint-plugin-import,jest,lerna,semver,ts-jest,ts-node"
},
{
"exec": "yarn install --check-files"
},
{
- "exec": "yarn upgrade @types/jest @types/node @typescript-eslint/eslint-plugin @typescript-eslint/parser cdk8s cdk8s-cli cdk8s-plus-27 cdk8s-plus-28 cdk8s-plus-29 constructs eslint-import-resolver-typescript eslint-plugin-import eslint jest jest-junit lerna semver ts-jest ts-node"
+ "exec": "yarn upgrade @types/jest @types/node @typescript-eslint/eslint-plugin @typescript-eslint/parser cdk8s cdk8s-cli cdk8s-plus-28 cdk8s-plus-29 cdk8s-plus-30 constructs eslint-import-resolver-typescript eslint-plugin-import eslint jest jest-junit lerna semver ts-jest ts-node"
},
{
"exec": "npx projen"
diff --git a/docs/basics/api-object.md b/docs/basics/api-object.md
index f035074ab3..15a88d9f8b 100644
--- a/docs/basics/api-object.md
+++ b/docs/basics/api-object.md
@@ -20,7 +20,7 @@ For example, the following code:
```ts
import { App, Chart } from 'cdk8s';
-import * as kplus from 'cdk8s-plus-29';
+import * as kplus from 'cdk8s-plus-30';
const app = new App();
const chart = new MyChart(app, 'my-chart');
diff --git a/docs/basics/escape-hatches.md b/docs/basics/escape-hatches.md
index ab6ea77c3f..6d38535af8 100644
--- a/docs/basics/escape-hatches.md
+++ b/docs/basics/escape-hatches.md
@@ -51,7 +51,7 @@ To do that, you will need to "peak" into the construct tree and find the underly
API object, so you can apply the patch to it:
```ts
-import { Pod } from 'cdk8s-plus-29';
+import { Pod } from 'cdk8s-plus-30';
import { ApiObject } from 'cdk8s';
const pod = new Pod(...);
diff --git a/docs/plus/.pages b/docs/plus/.pages
index f2c89185a9..7ba3e21a5e 100644
--- a/docs/plus/.pages
+++ b/docs/plus/.pages
@@ -1,5 +1,5 @@
nav:
- index.md
- - cdk8s-plus-27: cdk8s-plus-27
- cdk8s-plus-28: cdk8s-plus-28
- cdk8s-plus-29: cdk8s-plus-29
+ - cdk8s-plus-30: cdk8s-plus-30
diff --git a/docs/plus/index.md b/docs/plus/index.md
index 1c49576200..6a80fdb692 100644
--- a/docs/plus/index.md
+++ b/docs/plus/index.md
@@ -59,7 +59,7 @@ manifests.
## At a glance
```typescript
-import * as kplus from 'cdk8s-plus-29';
+import * as kplus from 'cdk8s-plus-30';
import * as cdk8s from 'cdk8s';
import * as path from 'path';
@@ -177,10 +177,10 @@ app.synth();
=== "TypeScript"
- `❯ npm install cdk8s-plus-29 cdk8s constructs`
+ `❯ npm install cdk8s-plus-30 cdk8s constructs`
```typescript
- import * as kplus from 'cdk8s-plus-29';
+ import * as kplus from 'cdk8s-plus-30';
import * as cdk8s from 'cdk8s';
const app = new cdk8s.App();
@@ -198,10 +198,10 @@ app.synth();
=== "JavaScript"
- `❯ npm install cdk8s-plus-29 cdk8s constructs`
+ `❯ npm install cdk8s-plus-30 cdk8s constructs`
```typescript
- const kplus = require('cdk8s-plus-29');
+ const kplus = require('cdk8s-plus-30');
const cdk8s = require('cdk8s');
const app = new cdk8s.App();
@@ -219,7 +219,7 @@ app.synth();
=== "Python"
- `❯ pip install cdk8s-plus-29 cdk8s`
+ `❯ pip install cdk8s-plus-30 cdk8s`
```python
import cdk8s_plus_27 as kplus
@@ -246,7 +246,7 @@ app.synth();
org.cdk8s
- cdk8s-plus-29
+ cdk8s-plus-30
2.0.0
```
@@ -259,8 +259,8 @@ app.synth();
import org.cdk8s.App;
import org.cdk8s.Chart;
import org.cdk8s.ChartProps;
- import org.cdk8s.plus29.Deployment;
- import org.cdk8s.plus29.ContainerProps;
+ import org.cdk8s.plus30.Deployment;
+ import org.cdk8s.plus30.ContainerProps;
import java.util.Arrays;
@@ -297,7 +297,7 @@ app.synth();
"github.com/aws/constructs-go/constructs/v10"
"github.com/aws/jsii-runtime-go"
"github.com/cdk8s-team/cdk8s-core-go/cdk8s/v2"
- "github.com/cdk8s-team/cdk8s-plus-go/cdk8splus29"
+ "github.com/cdk8s-team/cdk8s-plus-go/cdk8splus30"
)
```
@@ -305,9 +305,9 @@ app.synth();
app := cdk8s.NewApp(nil)
chart := cdk8s.NewChart(app, jsii.String("ubuntu"), nil)
- cdk8splus29.NewDeployment(chart, jsii.String("Deployment"), &cdk8splus29.DeploymentProps{
+ cdk8splus30.NewDeployment(chart, jsii.String("Deployment"), &cdk8splus30.DeploymentProps{
Replicas: jsii.Number(3),
- Containers: &[]*cdk8splus29.ContainerProps{{
+ Containers: &[]*cdk8splus30.ContainerProps{{
Image: jsii.String("ubuntu"),
}},
})
@@ -328,7 +328,7 @@ which are available from within **cdk8s+**, so you don't need to install an addi
or [import](https://cdk8s.io/docs/latest/cli/import/) any resources. For example:
```ts
-import * as kplus from 'cdk8s-plus-29';
+import * as kplus from 'cdk8s-plus-30';
import * as cdk8s from 'cdk8s';
const app = new cdk8s.App();
diff --git a/docs/reference/.pages b/docs/reference/.pages
index 879c5ae9bf..bccc76a0da 100644
--- a/docs/reference/.pages
+++ b/docs/reference/.pages
@@ -1,6 +1,6 @@
nav:
- index.md
- cdk8s: cdk8s
- - cdk8s-plus-27: cdk8s-plus-27
- cdk8s-plus-28: cdk8s-plus-28
- cdk8s-plus-29: cdk8s-plus-29
+ - cdk8s-plus-30: cdk8s-plus-30
diff --git a/docs/reference/cdk8s-plus-27/java.md b/docs/reference/cdk8s-plus-27/java.md
new file mode 100644
index 0000000000..1808da0db9
--- /dev/null
+++ b/docs/reference/cdk8s-plus-27/java.md
@@ -0,0 +1,23234 @@
+# cdk8s-plus-27 (Java)
+
+## Constructs
+
+### AbstractPod
+
+- *Implements:* [`org.cdk8s.plus27.IPodSelector`](#org.cdk8s.plus27.IPodSelector), [`org.cdk8s.plus27.INetworkPolicyPeer`](#org.cdk8s.plus27.INetworkPolicyPeer), [`org.cdk8s.plus27.ISubject`](#org.cdk8s.plus27.ISubject)
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.AbstractPod;
+
+AbstractPod.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .automountServiceAccountToken(java.lang.Boolean)
+// .containers(java.util.List)
+// .dns(PodDnsProps)
+// .dockerRegistryAuth(ISecret)
+// .hostAliases(java.util.List)
+// .hostNetwork(java.lang.Boolean)
+// .initContainers(java.util.List)
+// .isolate(java.lang.Boolean)
+// .restartPolicy(RestartPolicy)
+// .securityContext(PodSecurityContextProps)
+// .serviceAccount(IServiceAccount)
+// .terminationGracePeriod(Duration)
+// .volumes(java.util.List)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountServiceAccountToken`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether a service account token should be automatically mounted.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `containers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No containers. Note that a pod spec must include at least one container.
+
+List of containers belonging to the pod.
+
+Containers cannot currently be
+added or removed. There must be at least one container in a Pod.
+
+You can add additionnal containers using `podSpec.addContainer()`
+
+---
+
+##### `dns`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodDnsProps`](#org.cdk8s.plus27.PodDnsProps)
+- *Default:* policy: DnsPolicy.CLUSTER_FIRST
+ hostnameAsFQDN: false
+
+DNS settings for the pod.
+
+> https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* No auth. Images are assumed to be publicly available.
+
+A secret containing docker credentials for authenticating to a registry.
+
+---
+
+##### `hostAliases`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
+
+---
+
+##### `hostNetwork`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Host network for the pod.
+
+---
+
+##### `initContainers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No init containers.
+
+List of initialization containers belonging to the pod.
+
+Init containers are executed in order prior to containers being started.
+If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy.
+The name for an init container or normal container must be unique among all containers.
+Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
+The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit
+for each resource type, and then using the max of of that value or the sum of the normal containers.
+Limits are applied to init containers in a similar fashion.
+
+Init containers cannot currently be added ,removed or updated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+
+---
+
+##### `isolate`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Isolates the pod.
+
+This will prevent any ingress or egress connections to / from this pod.
+You can however allow explicit connections post instantiation by using the `.connections` property.
+
+---
+
+##### `restartPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+- *Default:* RestartPolicy.ALWAYS
+
+Restart policy for all containers within the pod.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+
+---
+
+##### `securityContext`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContextProps`](#org.cdk8s.plus27.PodSecurityContextProps)
+- *Default:* fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS
+ ensureNonRoot: true
+
+SecurityContext holds pod-level security attributes and common container settings.
+
+---
+
+##### `serviceAccount`Optional
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+- *Default:* No service account.
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the
+apiserver. When they do, they are authenticated as a particular Service
+Account (for example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
+---
+
+##### `terminationGracePeriod`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(30)
+
+Grace period until the pod is terminated.
+
+---
+
+##### `volumes`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+- *Default:* No volumes.
+
+List of volumes that can be mounted by containers belonging to the pod.
+
+You can also add volumes later using `podSpec.addVolume()`
+
+> https://kubernetes.io/docs/concepts/storage/volumes
+
+---
+
+#### Methods
+
+##### `addContainer`
+
+```java
+public addContainer(ContainerProps cont)
+```
+
+###### `cont`Required
+
+- *Type:* [`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)
+
+---
+
+##### `addHostAlias`
+
+```java
+public addHostAlias(HostAlias hostAlias)
+```
+
+###### `hostAlias`Required
+
+- *Type:* [`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)
+
+---
+
+##### `addInitContainer`
+
+```java
+public addInitContainer(ContainerProps cont)
+```
+
+###### `cont`Required
+
+- *Type:* [`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)
+
+---
+
+##### `addVolume`
+
+```java
+public addVolume(Volume vol)
+```
+
+###### `vol`Required
+
+- *Type:* [`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)
+
+---
+
+##### `attachContainer`
+
+```java
+public attachContainer(Container cont)
+```
+
+###### `cont`Required
+
+- *Type:* [`org.cdk8s.plus27.Container`](#org.cdk8s.plus27.Container)
+
+---
+
+##### `toNetworkPolicyPeerConfig`
+
+```java
+public toNetworkPolicyPeerConfig()
+```
+
+##### `toPodSelector`
+
+```java
+public toPodSelector()
+```
+
+##### `toPodSelectorConfig`
+
+```java
+public toPodSelectorConfig()
+```
+
+##### `toSubjectConfiguration`
+
+```java
+public toSubjectConfiguration()
+```
+
+
+#### Properties
+
+##### `automountServiceAccountToken`Required
+
+```java
+public java.lang.Boolean getAutomountServiceAccountToken();
+```
+
+- *Type:* `java.lang.Boolean`
+
+---
+
+##### `containers`Required
+
+```java
+public java.util.List getContainers();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Container`](#org.cdk8s.plus27.Container)>
+
+---
+
+##### `dns`Required
+
+```java
+public PodDns getDns();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodDns`](#org.cdk8s.plus27.PodDns)
+
+---
+
+##### `hostAliases`Required
+
+```java
+public java.util.List getHostAliases();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+---
+
+##### `initContainers`Required
+
+```java
+public java.util.List getInitContainers();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Container`](#org.cdk8s.plus27.Container)>
+
+---
+
+##### `podMetadata`Required
+
+```java
+public ApiObjectMetadataDefinition getPodMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadataDefinition`](#org.cdk8s.ApiObjectMetadataDefinition)
+
+---
+
+##### `securityContext`Required
+
+```java
+public PodSecurityContext getSecurityContext();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContext`](#org.cdk8s.plus27.PodSecurityContext)
+
+---
+
+##### `volumes`Required
+
+```java
+public java.util.List getVolumes();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+```java
+public ISecret getDockerRegistryAuth();
+```
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+
+---
+
+##### `hostNetwork`Optional
+
+```java
+public java.lang.Boolean getHostNetwork();
+```
+
+- *Type:* `java.lang.Boolean`
+
+---
+
+##### `restartPolicy`Optional
+
+```java
+public RestartPolicy getRestartPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+
+---
+
+##### `serviceAccount`Optional
+
+```java
+public IServiceAccount getServiceAccount();
+```
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+
+---
+
+##### `terminationGracePeriod`Optional
+
+```java
+public Duration getTerminationGracePeriod();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+
+---
+
+
+### AwsElasticBlockStorePersistentVolume
+
+Represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod.
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.AwsElasticBlockStorePersistentVolume;
+
+AwsElasticBlockStorePersistentVolume.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .accessModes(java.util.List)
+// .claim(IPersistentVolumeClaim)
+// .mountOptions(java.util.List)
+// .reclaimPolicy(PersistentVolumeReclaimPolicy)
+// .storage(Size)
+// .storageClassName(java.lang.String)
+// .volumeMode(PersistentVolumeMode)
+ .volumeId(java.lang.String)
+// .fsType(java.lang.String)
+// .partition(java.lang.Number)
+// .readOnly(java.lang.Boolean)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `accessModes`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.PersistentVolumeAccessMode`](#org.cdk8s.plus27.PersistentVolumeAccessMode)>
+- *Default:* No access modes.
+
+Contains all ways the volume can be mounted.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
+
+---
+
+##### `claim`Optional
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolumeClaim`](#org.cdk8s.plus27.IPersistentVolumeClaim)
+- *Default:* Not bound to a specific claim.
+
+Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
+
+Expected to be non-nil when bound.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
+
+---
+
+##### `mountOptions`Optional
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* No options.
+
+A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will simply fail if one is invalid.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
+
+---
+
+##### `reclaimPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeReclaimPolicy`](#org.cdk8s.plus27.PersistentVolumeReclaimPolicy)
+- *Default:* PersistentVolumeReclaimPolicy.RETAIN
+
+When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
+
+The reclaim policy tells the cluster what to do with
+the volume after it has been released of its claim.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
+
+---
+
+##### `storage`Optional
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+- *Default:* No specified.
+
+What is the storage capacity of this volume.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+
+---
+
+##### `storageClassName`Optional
+
+- *Type:* `java.lang.String`
+- *Default:* Volume does not belong to any storage class.
+
+Name of StorageClass to which this persistent volume belongs.
+
+---
+
+##### `volumeMode`Optional
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeMode`](#org.cdk8s.plus27.PersistentVolumeMode)
+- *Default:* VolumeMode.FILE_SYSTEM
+
+Defines what type of volume is required by the claim.
+
+---
+
+##### `volumeId`Required
+
+- *Type:* `java.lang.String`
+
+Unique ID of the persistent disk resource in AWS (Amazon EBS volume).
+
+More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+##### `fsType`Optional
+
+- *Type:* `java.lang.String`
+- *Default:* 'ext4'
+
+Filesystem type of the volume that you want to mount.
+
+Tip: Ensure that the filesystem type is supported by the host operating system.
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+##### `partition`Optional
+
+- *Type:* `java.lang.Number`
+- *Default:* No partition.
+
+The partition in the volume that you want to mount.
+
+If omitted, the default is to mount by volume name.
+Examples: For volume /dev/sda1, you specify the partition as "1".
+Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+
+---
+
+##### `readOnly`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+
+
+#### Properties
+
+##### `fsType`Required
+
+```java
+public java.lang.String getFsType();
+```
+
+- *Type:* `java.lang.String`
+
+File system type of this volume.
+
+---
+
+##### `readOnly`Required
+
+```java
+public java.lang.Boolean getReadOnly();
+```
+
+- *Type:* `java.lang.Boolean`
+
+Whether or not it is mounted as a read-only volume.
+
+---
+
+##### `volumeId`Required
+
+```java
+public java.lang.String getVolumeId();
+```
+
+- *Type:* `java.lang.String`
+
+Volume id of this volume.
+
+---
+
+##### `partition`Optional
+
+```java
+public java.lang.Number getPartition();
+```
+
+- *Type:* `java.lang.Number`
+
+Partition of this volume.
+
+---
+
+
+### AzureDiskPersistentVolume
+
+AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.AzureDiskPersistentVolume;
+
+AzureDiskPersistentVolume.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .accessModes(java.util.List)
+// .claim(IPersistentVolumeClaim)
+// .mountOptions(java.util.List)
+// .reclaimPolicy(PersistentVolumeReclaimPolicy)
+// .storage(Size)
+// .storageClassName(java.lang.String)
+// .volumeMode(PersistentVolumeMode)
+ .diskName(java.lang.String)
+ .diskUri(java.lang.String)
+// .cachingMode(AzureDiskPersistentVolumeCachingMode)
+// .fsType(java.lang.String)
+// .kind(AzureDiskPersistentVolumeKind)
+// .readOnly(java.lang.Boolean)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `accessModes`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.PersistentVolumeAccessMode`](#org.cdk8s.plus27.PersistentVolumeAccessMode)>
+- *Default:* No access modes.
+
+Contains all ways the volume can be mounted.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
+
+---
+
+##### `claim`Optional
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolumeClaim`](#org.cdk8s.plus27.IPersistentVolumeClaim)
+- *Default:* Not bound to a specific claim.
+
+Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
+
+Expected to be non-nil when bound.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
+
+---
+
+##### `mountOptions`Optional
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* No options.
+
+A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will simply fail if one is invalid.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
+
+---
+
+##### `reclaimPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeReclaimPolicy`](#org.cdk8s.plus27.PersistentVolumeReclaimPolicy)
+- *Default:* PersistentVolumeReclaimPolicy.RETAIN
+
+When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
+
+The reclaim policy tells the cluster what to do with
+the volume after it has been released of its claim.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
+
+---
+
+##### `storage`Optional
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+- *Default:* No specified.
+
+What is the storage capacity of this volume.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+
+---
+
+##### `storageClassName`Optional
+
+- *Type:* `java.lang.String`
+- *Default:* Volume does not belong to any storage class.
+
+Name of StorageClass to which this persistent volume belongs.
+
+---
+
+##### `volumeMode`Optional
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeMode`](#org.cdk8s.plus27.PersistentVolumeMode)
+- *Default:* VolumeMode.FILE_SYSTEM
+
+Defines what type of volume is required by the claim.
+
+---
+
+##### `diskName`Required
+
+- *Type:* `java.lang.String`
+
+The Name of the data disk in the blob storage.
+
+---
+
+##### `diskUri`Required
+
+- *Type:* `java.lang.String`
+
+The URI the data disk in the blob storage.
+
+---
+
+##### `cachingMode`Optional
+
+- *Type:* [`org.cdk8s.plus27.AzureDiskPersistentVolumeCachingMode`](#org.cdk8s.plus27.AzureDiskPersistentVolumeCachingMode)
+- *Default:* AzureDiskPersistentVolumeCachingMode.NONE.
+
+Host Caching mode.
+
+---
+
+##### `fsType`Optional
+
+- *Type:* `java.lang.String`
+- *Default:* 'ext4'
+
+Filesystem type to mount.
+
+Must be a filesystem type supported by the host operating system.
+
+---
+
+##### `kind`Optional
+
+- *Type:* [`org.cdk8s.plus27.AzureDiskPersistentVolumeKind`](#org.cdk8s.plus27.AzureDiskPersistentVolumeKind)
+- *Default:* AzureDiskPersistentVolumeKind.SHARED
+
+Kind of disk.
+
+---
+
+##### `readOnly`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Force the ReadOnly setting in VolumeMounts.
+
+---
+
+
+
+#### Properties
+
+##### `azureKind`Required
+
+```java
+public AzureDiskPersistentVolumeKind getAzureKind();
+```
+
+- *Type:* [`org.cdk8s.plus27.AzureDiskPersistentVolumeKind`](#org.cdk8s.plus27.AzureDiskPersistentVolumeKind)
+
+Azure kind of this volume.
+
+---
+
+##### `cachingMode`Required
+
+```java
+public AzureDiskPersistentVolumeCachingMode getCachingMode();
+```
+
+- *Type:* [`org.cdk8s.plus27.AzureDiskPersistentVolumeCachingMode`](#org.cdk8s.plus27.AzureDiskPersistentVolumeCachingMode)
+
+Caching mode of this volume.
+
+---
+
+##### `diskName`Required
+
+```java
+public java.lang.String getDiskName();
+```
+
+- *Type:* `java.lang.String`
+
+Disk name of this volume.
+
+---
+
+##### `diskUri`Required
+
+```java
+public java.lang.String getDiskUri();
+```
+
+- *Type:* `java.lang.String`
+
+Disk URI of this volume.
+
+---
+
+##### `fsType`Required
+
+```java
+public java.lang.String getFsType();
+```
+
+- *Type:* `java.lang.String`
+
+File system type of this volume.
+
+---
+
+##### `readOnly`Required
+
+```java
+public java.lang.Boolean getReadOnly();
+```
+
+- *Type:* `java.lang.Boolean`
+
+Whether or not it is mounted as a read-only volume.
+
+---
+
+
+### BasicAuthSecret
+
+Create a secret for basic authentication.
+
+> https://kubernetes.io/docs/concepts/configuration/secret/#basic-authentication-secret
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.BasicAuthSecret;
+
+BasicAuthSecret.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .immutable(java.lang.Boolean)
+ .password(java.lang.String)
+ .username(java.lang.String)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `immutable`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
+
+If not set to true, the field can be modified at any time.
+
+---
+
+##### `password`Required
+
+- *Type:* `java.lang.String`
+
+The password or token for authentication.
+
+---
+
+##### `username`Required
+
+- *Type:* `java.lang.String`
+
+The user name for authentication.
+
+---
+
+
+
+
+
+### ClusterRole
+
+- *Implements:* [`org.cdk8s.plus27.IClusterRole`](#org.cdk8s.plus27.IClusterRole), [`org.cdk8s.plus27.IRole`](#org.cdk8s.plus27.IRole)
+
+ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.ClusterRole;
+
+ClusterRole.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .aggregationLabels(java.util.Map)
+// .rules(java.util.List)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `aggregationLabels`Optional
+
+- *Type:* java.util.Map
+
+Specify labels that should be used to locate ClusterRoles, whose rules will be automatically filled into this ClusterRole's rules.
+
+---
+
+##### `rules`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ClusterRolePolicyRule`](#org.cdk8s.plus27.ClusterRolePolicyRule)>
+- *Default:* []
+
+A list of rules the role should allow.
+
+---
+
+#### Methods
+
+##### `aggregate`
+
+```java
+public aggregate(java.lang.String key, java.lang.String value)
+```
+
+###### `key`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `value`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `allow`
+
+```java
+public allow(java.util.List verbs, IApiEndpoint endpoints)
+```
+
+###### `verbs`Required
+
+- *Type:* java.util.List<`java.lang.String`>
+
+---
+
+###### `endpoints`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiEndpoint`](#org.cdk8s.plus27.IApiEndpoint)
+
+The endpoints(s) to apply to.
+
+---
+
+##### `allowCreate`
+
+```java
+public allowCreate(IApiEndpoint endpoints)
+```
+
+###### `endpoints`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiEndpoint`](#org.cdk8s.plus27.IApiEndpoint)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowDelete`
+
+```java
+public allowDelete(IApiEndpoint endpoints)
+```
+
+###### `endpoints`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiEndpoint`](#org.cdk8s.plus27.IApiEndpoint)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowDeleteCollection`
+
+```java
+public allowDeleteCollection(IApiEndpoint endpoints)
+```
+
+###### `endpoints`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiEndpoint`](#org.cdk8s.plus27.IApiEndpoint)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowGet`
+
+```java
+public allowGet(IApiEndpoint endpoints)
+```
+
+###### `endpoints`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiEndpoint`](#org.cdk8s.plus27.IApiEndpoint)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowList`
+
+```java
+public allowList(IApiEndpoint endpoints)
+```
+
+###### `endpoints`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiEndpoint`](#org.cdk8s.plus27.IApiEndpoint)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowPatch`
+
+```java
+public allowPatch(IApiEndpoint endpoints)
+```
+
+###### `endpoints`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiEndpoint`](#org.cdk8s.plus27.IApiEndpoint)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowRead`
+
+```java
+public allowRead(IApiEndpoint endpoints)
+```
+
+###### `endpoints`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiEndpoint`](#org.cdk8s.plus27.IApiEndpoint)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowReadWrite`
+
+```java
+public allowReadWrite(IApiEndpoint endpoints)
+```
+
+###### `endpoints`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiEndpoint`](#org.cdk8s.plus27.IApiEndpoint)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowUpdate`
+
+```java
+public allowUpdate(IApiEndpoint endpoints)
+```
+
+###### `endpoints`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiEndpoint`](#org.cdk8s.plus27.IApiEndpoint)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowWatch`
+
+```java
+public allowWatch(IApiEndpoint endpoints)
+```
+
+###### `endpoints`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiEndpoint`](#org.cdk8s.plus27.IApiEndpoint)
+
+The resource(s) to apply to.
+
+---
+
+##### `bind`
+
+```java
+public bind(ISubject subjects)
+```
+
+###### `subjects`Required
+
+- *Type:* [`org.cdk8s.plus27.ISubject`](#org.cdk8s.plus27.ISubject)
+
+a list of subjects to bind to.
+
+---
+
+##### `bindInNamespace`
+
+```java
+public bindInNamespace(java.lang.String namespace, ISubject subjects)
+```
+
+###### `namespace`Required
+
+- *Type:* `java.lang.String`
+
+the namespace to limit permissions to.
+
+---
+
+###### `subjects`Required
+
+- *Type:* [`org.cdk8s.plus27.ISubject`](#org.cdk8s.plus27.ISubject)
+
+a list of subjects to bind to.
+
+---
+
+##### `combine`
+
+```java
+public combine(ClusterRole rol)
+```
+
+###### `rol`Required
+
+- *Type:* [`org.cdk8s.plus27.ClusterRole`](#org.cdk8s.plus27.ClusterRole)
+
+---
+
+#### Static Functions
+
+##### `fromClusterRoleName`
+
+```java
+import org.cdk8s.plus27.ClusterRole;
+
+ClusterRole.fromClusterRoleName(Construct scope, java.lang.String id, java.lang.String name)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `name`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+#### Properties
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `rules`Required
+
+```java
+public java.util.List getRules();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ClusterRolePolicyRule`](#org.cdk8s.plus27.ClusterRolePolicyRule)>
+
+Rules associaated with this Role.
+
+Returns a copy, use `allow` to add rules.
+
+---
+
+
+### ClusterRoleBinding
+
+A ClusterRoleBinding grants permissions cluster-wide to a user or set of users.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.ClusterRoleBinding;
+
+ClusterRoleBinding.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+ .role(IClusterRole)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `role`Required
+
+- *Type:* [`org.cdk8s.plus27.IClusterRole`](#org.cdk8s.plus27.IClusterRole)
+
+The role to bind to.
+
+---
+
+#### Methods
+
+##### `addSubjects`
+
+```java
+public addSubjects(ISubject subjects)
+```
+
+###### `subjects`Required
+
+- *Type:* [`org.cdk8s.plus27.ISubject`](#org.cdk8s.plus27.ISubject)
+
+The subjects to add.
+
+---
+
+
+#### Properties
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `role`Required
+
+```java
+public IClusterRole getRole();
+```
+
+- *Type:* [`org.cdk8s.plus27.IClusterRole`](#org.cdk8s.plus27.IClusterRole)
+
+---
+
+##### `subjects`Required
+
+```java
+public java.util.List getSubjects();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ISubject`](#org.cdk8s.plus27.ISubject)>
+
+---
+
+
+### ConfigMap
+
+- *Implements:* [`org.cdk8s.plus27.IConfigMap`](#org.cdk8s.plus27.IConfigMap)
+
+ConfigMap holds configuration data for pods to consume.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.ConfigMap;
+
+ConfigMap.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .binaryData(java.util.Map)
+// .data(java.util.Map)
+// .immutable(java.lang.Boolean)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `binaryData`Optional
+
+- *Type:* java.util.Map
+
+BinaryData contains the binary data.
+
+Each key must consist of alphanumeric characters, '-', '_' or '.'.
+BinaryData can contain byte sequences that are not in the UTF-8 range. The
+keys stored in BinaryData must not overlap with the ones in the Data field,
+this is enforced during validation process.
+
+You can also add binary data using `configMap.addBinaryData()`.
+
+---
+
+##### `data`Optional
+
+- *Type:* java.util.Map
+
+Data contains the configuration data.
+
+Each key must consist of alphanumeric characters, '-', '_' or '.'. Values
+with non-UTF-8 byte sequences must use the BinaryData field. The keys
+stored in Data must not overlap with the keys in the BinaryData field, this
+is enforced during validation process.
+
+You can also add data using `configMap.addData()`.
+
+---
+
+##### `immutable`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+If set to true, ensures that data stored in the ConfigMap cannot be updated (only object metadata can be modified).
+
+If not set to true, the field can be modified at any time.
+
+---
+
+#### Methods
+
+##### `addBinaryData`
+
+```java
+public addBinaryData(java.lang.String key, java.lang.String value)
+```
+
+###### `key`Required
+
+- *Type:* `java.lang.String`
+
+The key.
+
+---
+
+###### `value`Required
+
+- *Type:* `java.lang.String`
+
+The value.
+
+---
+
+##### `addData`
+
+```java
+public addData(java.lang.String key, java.lang.String value)
+```
+
+###### `key`Required
+
+- *Type:* `java.lang.String`
+
+The key.
+
+---
+
+###### `value`Required
+
+- *Type:* `java.lang.String`
+
+The value.
+
+---
+
+##### `addDirectory`
+
+```java
+public addDirectory(java.lang.String localDir)
+public addDirectory(java.lang.String localDir, AddDirectoryOptions options)
+```
+
+###### `localDir`Required
+
+- *Type:* `java.lang.String`
+
+A path to a local directory.
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.AddDirectoryOptions`](#org.cdk8s.plus27.AddDirectoryOptions)
+
+Options.
+
+---
+
+##### `addFile`
+
+```java
+public addFile(java.lang.String localFile)
+public addFile(java.lang.String localFile, java.lang.String key)
+```
+
+###### `localFile`Required
+
+- *Type:* `java.lang.String`
+
+The path to the local file.
+
+---
+
+###### `key`Optional
+
+- *Type:* `java.lang.String`
+
+The ConfigMap key (default to the file name).
+
+---
+
+#### Static Functions
+
+##### `fromConfigMapName`
+
+```java
+import org.cdk8s.plus27.ConfigMap;
+
+ConfigMap.fromConfigMapName(Construct scope, java.lang.String id, java.lang.String name)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `name`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+#### Properties
+
+##### `binaryData`Required
+
+```java
+public java.util.Map getBinaryData();
+```
+
+- *Type:* java.util.Map
+
+The binary data associated with this config map.
+
+Returns a copy. To add data records, use `addBinaryData()` or `addData()`.
+
+---
+
+##### `data`Required
+
+```java
+public java.util.Map getData();
+```
+
+- *Type:* java.util.Map
+
+The data associated with this config map.
+
+Returns an copy. To add data records, use `addData()` or `addBinaryData()`.
+
+---
+
+##### `immutable`Required
+
+```java
+public java.lang.Boolean getImmutable();
+```
+
+- *Type:* `java.lang.Boolean`
+
+Whether or not this config map is immutable.
+
+---
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+
+### CronJob
+
+A CronJob is responsible for creating a Job and scheduling it based on provided cron schedule.
+
+This helps running Jobs in a recurring manner.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.CronJob;
+
+CronJob.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .automountServiceAccountToken(java.lang.Boolean)
+// .containers(java.util.List)
+// .dns(PodDnsProps)
+// .dockerRegistryAuth(ISecret)
+// .hostAliases(java.util.List)
+// .hostNetwork(java.lang.Boolean)
+// .initContainers(java.util.List)
+// .isolate(java.lang.Boolean)
+// .restartPolicy(RestartPolicy)
+// .securityContext(PodSecurityContextProps)
+// .serviceAccount(IServiceAccount)
+// .terminationGracePeriod(Duration)
+// .volumes(java.util.List)
+// .podMetadata(ApiObjectMetadata)
+// .select(java.lang.Boolean)
+// .spread(java.lang.Boolean)
+// .activeDeadline(Duration)
+// .backoffLimit(java.lang.Number)
+// .ttlAfterFinished(Duration)
+ .schedule(Cron)
+// .concurrencyPolicy(ConcurrencyPolicy)
+// .failedJobsRetained(java.lang.Number)
+// .startingDeadline(Duration)
+// .successfulJobsRetained(java.lang.Number)
+// .suspend(java.lang.Boolean)
+// .timeZone(java.lang.String)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountServiceAccountToken`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether a service account token should be automatically mounted.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `containers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No containers. Note that a pod spec must include at least one container.
+
+List of containers belonging to the pod.
+
+Containers cannot currently be
+added or removed. There must be at least one container in a Pod.
+
+You can add additionnal containers using `podSpec.addContainer()`
+
+---
+
+##### `dns`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodDnsProps`](#org.cdk8s.plus27.PodDnsProps)
+- *Default:* policy: DnsPolicy.CLUSTER_FIRST
+ hostnameAsFQDN: false
+
+DNS settings for the pod.
+
+> https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* No auth. Images are assumed to be publicly available.
+
+A secret containing docker credentials for authenticating to a registry.
+
+---
+
+##### `hostAliases`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
+
+---
+
+##### `hostNetwork`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Host network for the pod.
+
+---
+
+##### `initContainers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No init containers.
+
+List of initialization containers belonging to the pod.
+
+Init containers are executed in order prior to containers being started.
+If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy.
+The name for an init container or normal container must be unique among all containers.
+Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
+The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit
+for each resource type, and then using the max of of that value or the sum of the normal containers.
+Limits are applied to init containers in a similar fashion.
+
+Init containers cannot currently be added ,removed or updated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+
+---
+
+##### `isolate`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Isolates the pod.
+
+This will prevent any ingress or egress connections to / from this pod.
+You can however allow explicit connections post instantiation by using the `.connections` property.
+
+---
+
+##### `restartPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+- *Default:* RestartPolicy.ALWAYS
+
+Restart policy for all containers within the pod.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+
+---
+
+##### `securityContext`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContextProps`](#org.cdk8s.plus27.PodSecurityContextProps)
+- *Default:* fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS
+ ensureNonRoot: true
+
+SecurityContext holds pod-level security attributes and common container settings.
+
+---
+
+##### `serviceAccount`Optional
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+- *Default:* No service account.
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the
+apiserver. When they do, they are authenticated as a particular Service
+Account (for example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
+---
+
+##### `terminationGracePeriod`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(30)
+
+Grace period until the pod is terminated.
+
+---
+
+##### `volumes`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+- *Default:* No volumes.
+
+List of volumes that can be mounted by containers belonging to the pod.
+
+You can also add volumes later using `podSpec.addVolume()`
+
+> https://kubernetes.io/docs/concepts/storage/volumes
+
+---
+
+##### `podMetadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+The pod metadata of this workload.
+
+---
+
+##### `select`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* true
+
+Automatically allocates a pod label selector for this workload and add it to the pod metadata.
+
+This ensures this workload manages pods created by
+its pod template.
+
+---
+
+##### `spread`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Automatically spread pods across hostname and zones.
+
+> https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
+
+---
+
+##### `activeDeadline`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* If unset, then there is no deadline.
+
+Specifies the duration the job may be active before the system tries to terminate it.
+
+---
+
+##### `backoffLimit`Optional
+
+- *Type:* `java.lang.Number`
+- *Default:* If not set, system defaults to 6.
+
+Specifies the number of retries before marking this job failed.
+
+---
+
+##### `ttlAfterFinished`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* If this field is unset, the Job won't be automatically deleted.
+
+Limits the lifetime of a Job that has finished execution (either Complete or Failed).
+
+If this field is set, after the Job finishes, it is eligible to
+be automatically deleted. When the Job is being deleted, its lifecycle
+guarantees (e.g. finalizers) will be honored. If this field is set to zero,
+the Job becomes eligible to be deleted immediately after it finishes. This
+field is alpha-level and is only honored by servers that enable the
+`TTLAfterFinished` feature.
+
+---
+
+##### `schedule`Required
+
+- *Type:* [`org.cdk8s.Cron`](#org.cdk8s.Cron)
+
+Specifies the time in which the job would run again.
+
+This is defined as a cron expression in the CronJob resource.
+
+---
+
+##### `concurrencyPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.ConcurrencyPolicy`](#org.cdk8s.plus27.ConcurrencyPolicy)
+- *Default:* ConcurrencyPolicy.Forbid
+
+Specifies the concurrency policy for the job.
+
+---
+
+##### `failedJobsRetained`Optional
+
+- *Type:* `java.lang.Number`
+- *Default:* 1
+
+Specifies the number of failed jobs history retained.
+
+This would retain the Job and the associated Pod resource and can be useful for debugging.
+
+---
+
+##### `startingDeadline`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(10)
+
+Kubernetes attempts to start cron jobs at its schedule time, but this is not guaranteed.
+
+This deadline specifies
+how much time can pass after a schedule point, for which kubernetes can still start the job.
+For example, if this is set to 100 seconds, kubernetes is allowed to start the job at a maximum 100 seconds after
+the scheduled time.
+
+Note that the Kubernetes CronJobController checks for things every 10 seconds, for this reason, a deadline below 10
+seconds is not allowed, as it may cause your job to never be scheduled.
+
+In addition, kubernetes will stop scheduling jobs if more than 100 schedules were missed (for any reason).
+This property also controls what time interval should kubernetes consider when counting for missed schedules.
+
+For example, suppose a CronJob is set to schedule a new Job every one minute beginning at 08:30:00,
+and its `startingDeadline` field is not set. If the CronJob controller happens to be down from 08:29:00 to 10:21:00,
+the job will not start as the number of missed jobs which missed their schedule is greater than 100.
+However, if `startingDeadline` is set to 200 seconds, kubernetes will only count 3 missed schedules, and thus
+start a new execution at 10:22:00.
+
+---
+
+##### `successfulJobsRetained`Optional
+
+- *Type:* `java.lang.Number`
+- *Default:* 3
+
+Specifies the number of successful jobs history retained.
+
+This would retain the Job and the associated Pod resource and can be useful for debugging.
+
+---
+
+##### `suspend`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Specifies if the cron job should be suspended.
+
+Only applies to future executions, current ones are remained untouched.
+
+---
+
+##### `timeZone`Optional
+
+- *Type:* `java.lang.String`
+- *Default:* Timezone of kube-controller-manager process.
+
+Specifies the timezone for the job.
+
+This helps aligining the schedule to follow the specified timezone.
+
+> {@link https://en.wikipedia.org/wiki/List_of_tz_database_time_zones} for list of valid timezone values.
+
+---
+
+
+
+#### Properties
+
+##### `concurrencyPolicy`Required
+
+```java
+public java.lang.String getConcurrencyPolicy();
+```
+
+- *Type:* `java.lang.String`
+
+The policy used by this cron job to determine the concurrency mode in which to schedule jobs.
+
+---
+
+##### `failedJobsRetained`Required
+
+```java
+public java.lang.Number getFailedJobsRetained();
+```
+
+- *Type:* `java.lang.Number`
+
+The number of failed jobs retained by this cron job.
+
+---
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+Represents the resource type.
+
+---
+
+##### `schedule`Required
+
+```java
+public Cron getSchedule();
+```
+
+- *Type:* [`org.cdk8s.Cron`](#org.cdk8s.Cron)
+
+The schedule this cron job is scheduled to run in.
+
+---
+
+##### `startingDeadline`Required
+
+```java
+public Duration getStartingDeadline();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+
+The time by which the running cron job needs to schedule the next job execution.
+
+The job is considered as failed if it misses this deadline.
+
+---
+
+##### `successfulJobsRetained`Required
+
+```java
+public java.lang.Number getSuccessfulJobsRetained();
+```
+
+- *Type:* `java.lang.Number`
+
+The number of successful jobs retained by this cron job.
+
+---
+
+##### `suspend`Required
+
+```java
+public java.lang.Boolean getSuspend();
+```
+
+- *Type:* `java.lang.Boolean`
+
+Whether or not the cron job is currently suspended or not.
+
+---
+
+##### `timeZone`Optional
+
+```java
+public java.lang.String getTimeZone();
+```
+
+- *Type:* `java.lang.String`
+
+The timezone which this cron job would follow to schedule jobs.
+
+---
+
+
+### DaemonSet
+
+A DaemonSet ensures that all (or some) Nodes run a copy of a Pod.
+
+As nodes are added to the cluster, Pods are added to them.
+As nodes are removed from the cluster, those Pods are garbage collected.
+Deleting a DaemonSet will clean up the Pods it created.
+
+Some typical uses of a DaemonSet are:
+
+* running a cluster storage daemon on every node
+* running a logs collection daemon on every node
+* running a node monitoring daemon on every node
+
+In a simple case, one DaemonSet, covering all nodes, would be used for each type of daemon.
+A more complex setup might use multiple DaemonSets for a single type of daemon,
+but with different flags and/or different memory and cpu requests for different hardware types.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.DaemonSet;
+
+DaemonSet.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .automountServiceAccountToken(java.lang.Boolean)
+// .containers(java.util.List)
+// .dns(PodDnsProps)
+// .dockerRegistryAuth(ISecret)
+// .hostAliases(java.util.List)
+// .hostNetwork(java.lang.Boolean)
+// .initContainers(java.util.List)
+// .isolate(java.lang.Boolean)
+// .restartPolicy(RestartPolicy)
+// .securityContext(PodSecurityContextProps)
+// .serviceAccount(IServiceAccount)
+// .terminationGracePeriod(Duration)
+// .volumes(java.util.List)
+// .podMetadata(ApiObjectMetadata)
+// .select(java.lang.Boolean)
+// .spread(java.lang.Boolean)
+// .minReadySeconds(java.lang.Number)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountServiceAccountToken`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether a service account token should be automatically mounted.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `containers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No containers. Note that a pod spec must include at least one container.
+
+List of containers belonging to the pod.
+
+Containers cannot currently be
+added or removed. There must be at least one container in a Pod.
+
+You can add additionnal containers using `podSpec.addContainer()`
+
+---
+
+##### `dns`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodDnsProps`](#org.cdk8s.plus27.PodDnsProps)
+- *Default:* policy: DnsPolicy.CLUSTER_FIRST
+ hostnameAsFQDN: false
+
+DNS settings for the pod.
+
+> https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* No auth. Images are assumed to be publicly available.
+
+A secret containing docker credentials for authenticating to a registry.
+
+---
+
+##### `hostAliases`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
+
+---
+
+##### `hostNetwork`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Host network for the pod.
+
+---
+
+##### `initContainers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No init containers.
+
+List of initialization containers belonging to the pod.
+
+Init containers are executed in order prior to containers being started.
+If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy.
+The name for an init container or normal container must be unique among all containers.
+Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
+The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit
+for each resource type, and then using the max of of that value or the sum of the normal containers.
+Limits are applied to init containers in a similar fashion.
+
+Init containers cannot currently be added ,removed or updated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+
+---
+
+##### `isolate`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Isolates the pod.
+
+This will prevent any ingress or egress connections to / from this pod.
+You can however allow explicit connections post instantiation by using the `.connections` property.
+
+---
+
+##### `restartPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+- *Default:* RestartPolicy.ALWAYS
+
+Restart policy for all containers within the pod.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+
+---
+
+##### `securityContext`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContextProps`](#org.cdk8s.plus27.PodSecurityContextProps)
+- *Default:* fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS
+ ensureNonRoot: true
+
+SecurityContext holds pod-level security attributes and common container settings.
+
+---
+
+##### `serviceAccount`Optional
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+- *Default:* No service account.
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the
+apiserver. When they do, they are authenticated as a particular Service
+Account (for example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
+---
+
+##### `terminationGracePeriod`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(30)
+
+Grace period until the pod is terminated.
+
+---
+
+##### `volumes`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+- *Default:* No volumes.
+
+List of volumes that can be mounted by containers belonging to the pod.
+
+You can also add volumes later using `podSpec.addVolume()`
+
+> https://kubernetes.io/docs/concepts/storage/volumes
+
+---
+
+##### `podMetadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+The pod metadata of this workload.
+
+---
+
+##### `select`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* true
+
+Automatically allocates a pod label selector for this workload and add it to the pod metadata.
+
+This ensures this workload manages pods created by
+its pod template.
+
+---
+
+##### `spread`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Automatically spread pods across hostname and zones.
+
+> https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
+
+---
+
+##### `minReadySeconds`Optional
+
+- *Type:* `java.lang.Number`
+- *Default:* 0
+
+Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
+
+---
+
+
+
+#### Properties
+
+##### `minReadySeconds`Required
+
+```java
+public java.lang.Number getMinReadySeconds();
+```
+
+- *Type:* `java.lang.Number`
+
+---
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+
+### Deployment
+
+- *Implements:* [`org.cdk8s.plus27.IScalable`](#org.cdk8s.plus27.IScalable)
+
+A Deployment provides declarative updates for Pods and ReplicaSets.
+
+You describe a desired state in a Deployment, and the Deployment Controller changes the actual
+state to the desired state at a controlled rate. You can define Deployments to create new ReplicaSets, or to remove
+existing Deployments and adopt all their resources with new Deployments.
+
+> Note: Do not manage ReplicaSets owned by a Deployment. Consider opening an issue in the main Kubernetes repository if your use case is not covered below.
+
+Use Case
+
+The following are typical use cases for Deployments:
+
+* Create a Deployment to rollout a ReplicaSet. The ReplicaSet creates Pods in the background.
+ Check the status of the rollout to see if it succeeds or not.
+* Declare the new state of the Pods by updating the PodTemplateSpec of the Deployment.
+ A new ReplicaSet is created and the Deployment manages moving the Pods from the old ReplicaSet to the new one at a controlled rate.
+ Each new ReplicaSet updates the revision of the Deployment.
+* Rollback to an earlier Deployment revision if the current state of the Deployment is not stable.
+ Each rollback updates the revision of the Deployment.
+* Scale up the Deployment to facilitate more load.
+* Pause the Deployment to apply multiple fixes to its PodTemplateSpec and then resume it to start a new rollout.
+* Use the status of the Deployment as an indicator that a rollout has stuck.
+* Clean up older ReplicaSets that you don't need anymore.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.Deployment;
+
+Deployment.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .automountServiceAccountToken(java.lang.Boolean)
+// .containers(java.util.List)
+// .dns(PodDnsProps)
+// .dockerRegistryAuth(ISecret)
+// .hostAliases(java.util.List)
+// .hostNetwork(java.lang.Boolean)
+// .initContainers(java.util.List)
+// .isolate(java.lang.Boolean)
+// .restartPolicy(RestartPolicy)
+// .securityContext(PodSecurityContextProps)
+// .serviceAccount(IServiceAccount)
+// .terminationGracePeriod(Duration)
+// .volumes(java.util.List)
+// .podMetadata(ApiObjectMetadata)
+// .select(java.lang.Boolean)
+// .spread(java.lang.Boolean)
+// .minReady(Duration)
+// .progressDeadline(Duration)
+// .replicas(java.lang.Number)
+// .strategy(DeploymentStrategy)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountServiceAccountToken`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether a service account token should be automatically mounted.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `containers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No containers. Note that a pod spec must include at least one container.
+
+List of containers belonging to the pod.
+
+Containers cannot currently be
+added or removed. There must be at least one container in a Pod.
+
+You can add additionnal containers using `podSpec.addContainer()`
+
+---
+
+##### `dns`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodDnsProps`](#org.cdk8s.plus27.PodDnsProps)
+- *Default:* policy: DnsPolicy.CLUSTER_FIRST
+ hostnameAsFQDN: false
+
+DNS settings for the pod.
+
+> https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* No auth. Images are assumed to be publicly available.
+
+A secret containing docker credentials for authenticating to a registry.
+
+---
+
+##### `hostAliases`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
+
+---
+
+##### `hostNetwork`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Host network for the pod.
+
+---
+
+##### `initContainers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No init containers.
+
+List of initialization containers belonging to the pod.
+
+Init containers are executed in order prior to containers being started.
+If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy.
+The name for an init container or normal container must be unique among all containers.
+Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
+The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit
+for each resource type, and then using the max of of that value or the sum of the normal containers.
+Limits are applied to init containers in a similar fashion.
+
+Init containers cannot currently be added ,removed or updated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+
+---
+
+##### `isolate`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Isolates the pod.
+
+This will prevent any ingress or egress connections to / from this pod.
+You can however allow explicit connections post instantiation by using the `.connections` property.
+
+---
+
+##### `restartPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+- *Default:* RestartPolicy.ALWAYS
+
+Restart policy for all containers within the pod.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+
+---
+
+##### `securityContext`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContextProps`](#org.cdk8s.plus27.PodSecurityContextProps)
+- *Default:* fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS
+ ensureNonRoot: true
+
+SecurityContext holds pod-level security attributes and common container settings.
+
+---
+
+##### `serviceAccount`Optional
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+- *Default:* No service account.
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the
+apiserver. When they do, they are authenticated as a particular Service
+Account (for example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
+---
+
+##### `terminationGracePeriod`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(30)
+
+Grace period until the pod is terminated.
+
+---
+
+##### `volumes`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+- *Default:* No volumes.
+
+List of volumes that can be mounted by containers belonging to the pod.
+
+You can also add volumes later using `podSpec.addVolume()`
+
+> https://kubernetes.io/docs/concepts/storage/volumes
+
+---
+
+##### `podMetadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+The pod metadata of this workload.
+
+---
+
+##### `select`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* true
+
+Automatically allocates a pod label selector for this workload and add it to the pod metadata.
+
+This ensures this workload manages pods created by
+its pod template.
+
+---
+
+##### `spread`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Automatically spread pods across hostname and zones.
+
+> https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
+
+---
+
+##### `minReady`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(0)
+
+Minimum duration for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
+
+Zero means the pod will be considered available as soon as it is ready.
+
+> https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#min-ready-seconds
+
+---
+
+##### `progressDeadline`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(600)
+
+The maximum duration for a deployment to make progress before it is considered to be failed.
+
+The deployment controller will continue
+to process failed deployments and a condition with a ProgressDeadlineExceeded
+reason will be surfaced in the deployment status.
+
+Note that progress will not be estimated during the time a deployment is paused.
+
+> https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#progress-deadline-seconds
+
+---
+
+##### `replicas`Optional
+
+- *Type:* `java.lang.Number`
+- *Default:* 2
+
+Number of desired pods.
+
+---
+
+##### `strategy`Optional
+
+- *Type:* [`org.cdk8s.plus27.DeploymentStrategy`](#org.cdk8s.plus27.DeploymentStrategy)
+- *Default:* RollingUpdate with maxSurge and maxUnavailable set to 25%.
+
+Specifies the strategy used to replace old Pods by new ones.
+
+---
+
+#### Methods
+
+##### `exposeViaIngress`
+
+```java
+public exposeViaIngress(java.lang.String path)
+public exposeViaIngress(java.lang.String path, ExposeDeploymentViaIngressOptions options)
+```
+
+###### `path`Required
+
+- *Type:* `java.lang.String`
+
+The ingress path to register under.
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.ExposeDeploymentViaIngressOptions`](#org.cdk8s.plus27.ExposeDeploymentViaIngressOptions)
+
+Additional options.
+
+---
+
+##### `exposeViaService`
+
+```java
+public exposeViaService()
+public exposeViaService(DeploymentExposeViaServiceOptions options)
+```
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.DeploymentExposeViaServiceOptions`](#org.cdk8s.plus27.DeploymentExposeViaServiceOptions)
+
+Options to determine details of the service and port exposed.
+
+---
+
+##### `markHasAutoscaler`
+
+```java
+public markHasAutoscaler()
+```
+
+##### `toScalingTarget`
+
+```java
+public toScalingTarget()
+```
+
+
+#### Properties
+
+##### `minReady`Required
+
+```java
+public Duration getMinReady();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+
+Minimum duration for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
+
+---
+
+##### `progressDeadline`Required
+
+```java
+public Duration getProgressDeadline();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+
+The maximum duration for a deployment to make progress before it is considered to be failed.
+
+---
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `strategy`Required
+
+```java
+public DeploymentStrategy getStrategy();
+```
+
+- *Type:* [`org.cdk8s.plus27.DeploymentStrategy`](#org.cdk8s.plus27.DeploymentStrategy)
+
+---
+
+##### `replicas`Optional
+
+```java
+public java.lang.Number getReplicas();
+```
+
+- *Type:* `java.lang.Number`
+
+Number of desired pods.
+
+---
+
+##### `hasAutoscaler`Required
+
+```java
+public java.lang.Boolean getHasAutoscaler();
+```
+
+- *Type:* `java.lang.Boolean`
+
+If this is a target of an autoscaler.
+
+---
+
+
+### DockerConfigSecret
+
+Create a secret for storing credentials for accessing a container image registry.
+
+> https://kubernetes.io/docs/concepts/configuration/secret/#docker-config-secrets
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.DockerConfigSecret;
+
+DockerConfigSecret.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .immutable(java.lang.Boolean)
+ .data(java.util.Map)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `immutable`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
+
+If not set to true, the field can be modified at any time.
+
+---
+
+##### `data`Required
+
+- *Type:* java.util.Map
+
+JSON content to provide for the `~/.docker/config.json` file. This will be stringified and inserted as stringData.
+
+> https://docs.docker.com/engine/reference/commandline/cli/#sample-configuration-file
+
+---
+
+
+
+
+
+### GCEPersistentDiskPersistentVolume
+
+GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod.
+
+Provisioned by an admin.
+
+> https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.GCEPersistentDiskPersistentVolume;
+
+GCEPersistentDiskPersistentVolume.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .accessModes(java.util.List)
+// .claim(IPersistentVolumeClaim)
+// .mountOptions(java.util.List)
+// .reclaimPolicy(PersistentVolumeReclaimPolicy)
+// .storage(Size)
+// .storageClassName(java.lang.String)
+// .volumeMode(PersistentVolumeMode)
+ .pdName(java.lang.String)
+// .fsType(java.lang.String)
+// .partition(java.lang.Number)
+// .readOnly(java.lang.Boolean)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `accessModes`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.PersistentVolumeAccessMode`](#org.cdk8s.plus27.PersistentVolumeAccessMode)>
+- *Default:* No access modes.
+
+Contains all ways the volume can be mounted.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
+
+---
+
+##### `claim`Optional
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolumeClaim`](#org.cdk8s.plus27.IPersistentVolumeClaim)
+- *Default:* Not bound to a specific claim.
+
+Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
+
+Expected to be non-nil when bound.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
+
+---
+
+##### `mountOptions`Optional
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* No options.
+
+A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will simply fail if one is invalid.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
+
+---
+
+##### `reclaimPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeReclaimPolicy`](#org.cdk8s.plus27.PersistentVolumeReclaimPolicy)
+- *Default:* PersistentVolumeReclaimPolicy.RETAIN
+
+When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
+
+The reclaim policy tells the cluster what to do with
+the volume after it has been released of its claim.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
+
+---
+
+##### `storage`Optional
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+- *Default:* No specified.
+
+What is the storage capacity of this volume.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+
+---
+
+##### `storageClassName`Optional
+
+- *Type:* `java.lang.String`
+- *Default:* Volume does not belong to any storage class.
+
+Name of StorageClass to which this persistent volume belongs.
+
+---
+
+##### `volumeMode`Optional
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeMode`](#org.cdk8s.plus27.PersistentVolumeMode)
+- *Default:* VolumeMode.FILE_SYSTEM
+
+Defines what type of volume is required by the claim.
+
+---
+
+##### `pdName`Required
+
+- *Type:* `java.lang.String`
+
+Unique name of the PD resource in GCE.
+
+Used to identify the disk in GCE.
+
+> https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+
+---
+
+##### `fsType`Optional
+
+- *Type:* `java.lang.String`
+- *Default:* 'ext4'
+
+Filesystem type of the volume that you want to mount.
+
+Tip: Ensure that the filesystem type is supported by the host operating system.
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+##### `partition`Optional
+
+- *Type:* `java.lang.Number`
+- *Default:* No partition.
+
+The partition in the volume that you want to mount.
+
+If omitted, the default is to mount by volume name.
+Examples: For volume /dev/sda1, you specify the partition as "1".
+Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+
+---
+
+##### `readOnly`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+
+
+#### Properties
+
+##### `fsType`Required
+
+```java
+public java.lang.String getFsType();
+```
+
+- *Type:* `java.lang.String`
+
+File system type of this volume.
+
+---
+
+##### `pdName`Required
+
+```java
+public java.lang.String getPdName();
+```
+
+- *Type:* `java.lang.String`
+
+PD resource in GCE of this volume.
+
+---
+
+##### `readOnly`Required
+
+```java
+public java.lang.Boolean getReadOnly();
+```
+
+- *Type:* `java.lang.Boolean`
+
+Whether or not it is mounted as a read-only volume.
+
+---
+
+##### `partition`Optional
+
+```java
+public java.lang.Number getPartition();
+```
+
+- *Type:* `java.lang.Number`
+
+Partition of this volume.
+
+---
+
+
+### Group
+
+- *Implements:* [`org.cdk8s.plus27.ISubject`](#org.cdk8s.plus27.ISubject)
+
+Represents a group.
+
+#### Methods
+
+##### `toSubjectConfiguration`
+
+```java
+public toSubjectConfiguration()
+```
+
+#### Static Functions
+
+##### `fromName`
+
+```java
+import org.cdk8s.plus27.Group;
+
+Group.fromName(Construct scope, java.lang.String id, java.lang.String name)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `name`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+#### Properties
+
+##### `kind`Required
+
+```java
+public java.lang.String getKind();
+```
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `name`Required
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `apiGroup`Optional
+
+```java
+public java.lang.String getApiGroup();
+```
+
+- *Type:* `java.lang.String`
+
+---
+
+
+### HorizontalPodAutoscaler
+
+A HorizontalPodAutoscaler scales a workload up or down in response to a metric change.
+
+This allows your services to scale up when demand is high and scale down
+when they are no longer needed.
+
+Typical use cases for HorizontalPodAutoscaler:
+
+* When Memory usage is above 70%, scale up the number of replicas to meet the demand.
+* When CPU usage is below 30%, scale down the number of replicas to save resources.
+* When a service is experiencing a spike in traffic, scale up the number of replicas
+ to meet the demand. Then, when the traffic subsides, scale down the number of
+ replicas to save resources.
+
+The autoscaler uses the following algorithm to determine the number of replicas to scale:
+
+`desiredReplicas = ceil[currentReplicas * ( currentMetricValue / desiredMetricValue )]`
+
+HorizontalPodAutoscaler's can be used to with any `Scalable` workload:
+
+* Deployment
+* StatefulSet
+
+**Targets that already have a replica count defined:**
+
+Remove any replica counts from the target resource before associating with a
+HorizontalPodAutoscaler. If this isn't done, then any time a change to that object is applied,
+Kubernetes will scale the current number of Pods to the value of the target.replicas key. This
+may not be desired and could lead to unexpected behavior.
+
+> https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#implicit-maintenance-mode-deactivation
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.HorizontalPodAutoscaler;
+
+HorizontalPodAutoscaler.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+ .maxReplicas(java.lang.Number)
+ .target(IScalable)
+// .metrics(java.util.List)
+// .minReplicas(java.lang.Number)
+// .scaleDown(ScalingRules)
+// .scaleUp(ScalingRules)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `maxReplicas`Required
+
+- *Type:* `java.lang.Number`
+
+The maximum number of replicas that can be scaled up to.
+
+---
+
+##### `target`Required
+
+- *Type:* [`org.cdk8s.plus27.IScalable`](#org.cdk8s.plus27.IScalable)
+
+The workload to scale up or down.
+
+Scalable workload types:
+
+* Deployment
+* StatefulSet
+
+---
+
+##### `metrics`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Metric`](#org.cdk8s.plus27.Metric)>
+- *Default:* If metrics are not provided, then the target resource
+constraints (e.g. cpu limit) will be used as scaling metrics.
+
+The metric conditions that trigger a scale up or scale down.
+
+---
+
+##### `minReplicas`Optional
+
+- *Type:* `java.lang.Number`
+- *Default:* 1
+
+The minimum number of replicas that can be scaled down to.
+
+Can be set to 0 if the alpha feature gate `HPAScaleToZero` is enabled and
+at least one Object or External metric is configured.
+
+---
+
+##### `scaleDown`Optional
+
+- *Type:* [`org.cdk8s.plus27.ScalingRules`](#org.cdk8s.plus27.ScalingRules)
+- *Default:* Scale down to minReplica count with a 5 minute stabilization window.
+
+The scaling behavior when scaling down.
+
+---
+
+##### `scaleUp`Optional
+
+- *Type:* [`org.cdk8s.plus27.ScalingRules`](#org.cdk8s.plus27.ScalingRules)
+- *Default:* Is the higher of:
+* Increase no more than 4 pods per 60 seconds
+* Double the number of pods per 60 seconds
+
+The scaling behavior when scaling up.
+
+---
+
+
+
+#### Properties
+
+##### `maxReplicas`Required
+
+```java
+public java.lang.Number getMaxReplicas();
+```
+
+- *Type:* `java.lang.Number`
+
+The maximum number of replicas that can be scaled up to.
+
+---
+
+##### `minReplicas`Required
+
+```java
+public java.lang.Number getMinReplicas();
+```
+
+- *Type:* `java.lang.Number`
+
+The minimum number of replicas that can be scaled down to.
+
+---
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `scaleDown`Required
+
+```java
+public ScalingRules getScaleDown();
+```
+
+- *Type:* [`org.cdk8s.plus27.ScalingRules`](#org.cdk8s.plus27.ScalingRules)
+
+The scaling behavior when scaling down.
+
+---
+
+##### `scaleUp`Required
+
+```java
+public ScalingRules getScaleUp();
+```
+
+- *Type:* [`org.cdk8s.plus27.ScalingRules`](#org.cdk8s.plus27.ScalingRules)
+
+The scaling behavior when scaling up.
+
+---
+
+##### `target`Required
+
+```java
+public IScalable getTarget();
+```
+
+- *Type:* [`org.cdk8s.plus27.IScalable`](#org.cdk8s.plus27.IScalable)
+
+The workload to scale up or down.
+
+---
+
+##### `metrics`Optional
+
+```java
+public java.util.List getMetrics();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Metric`](#org.cdk8s.plus27.Metric)>
+
+The metric conditions that trigger a scale up or scale down.
+
+---
+
+
+### Ingress
+
+Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend.
+
+An Ingress can be configured to give services
+externally-reachable urls, load balance traffic, terminate SSL, offer name
+based virtual hosting etc.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.Ingress;
+
+Ingress.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .defaultBackend(IngressBackend)
+// .rules(java.util.List)
+// .tls(java.util.List)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `defaultBackend`Optional
+
+- *Type:* [`org.cdk8s.plus27.IngressBackend`](#org.cdk8s.plus27.IngressBackend)
+
+The default backend services requests that do not match any rule.
+
+Using this option or the `addDefaultBackend()` method is equivalent to
+adding a rule with both `path` and `host` undefined.
+
+---
+
+##### `rules`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.IngressRule`](#org.cdk8s.plus27.IngressRule)>
+
+Routing rules for this ingress.
+
+Each rule must define an `IngressBackend` that will receive the requests
+that match this rule. If both `host` and `path` are not specifiec, this
+backend will be used as the default backend of the ingress.
+
+You can also add rules later using `addRule()`, `addHostRule()`,
+`addDefaultBackend()` and `addHostDefaultBackend()`.
+
+---
+
+##### `tls`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.IngressTls`](#org.cdk8s.plus27.IngressTls)>
+
+TLS settings for this ingress.
+
+Using this option tells the ingress controller to expose a TLS endpoint.
+Currently the Ingress only supports a single TLS port, 443. If multiple
+members of this list specify different hosts, they will be multiplexed on
+the same port according to the hostname specified through the SNI TLS
+extension, if the ingress controller fulfilling the ingress supports SNI.
+
+---
+
+#### Methods
+
+##### `addDefaultBackend`
+
+```java
+public addDefaultBackend(IngressBackend backend)
+```
+
+###### `backend`Required
+
+- *Type:* [`org.cdk8s.plus27.IngressBackend`](#org.cdk8s.plus27.IngressBackend)
+
+The backend to use for requests that do not match any rule.
+
+---
+
+##### `addHostDefaultBackend`
+
+```java
+public addHostDefaultBackend(java.lang.String host, IngressBackend backend)
+```
+
+###### `host`Required
+
+- *Type:* `java.lang.String`
+
+The host name to match.
+
+---
+
+###### `backend`Required
+
+- *Type:* [`org.cdk8s.plus27.IngressBackend`](#org.cdk8s.plus27.IngressBackend)
+
+The backend to route to.
+
+---
+
+##### `addHostRule`
+
+```java
+public addHostRule(java.lang.String host, java.lang.String path, IngressBackend backend)
+public addHostRule(java.lang.String host, java.lang.String path, IngressBackend backend, HttpIngressPathType pathType)
+```
+
+###### `host`Required
+
+- *Type:* `java.lang.String`
+
+The host name.
+
+---
+
+###### `path`Required
+
+- *Type:* `java.lang.String`
+
+The HTTP path.
+
+---
+
+###### `backend`Required
+
+- *Type:* [`org.cdk8s.plus27.IngressBackend`](#org.cdk8s.plus27.IngressBackend)
+
+The backend to route requests to.
+
+---
+
+###### `pathType`Optional
+
+- *Type:* [`org.cdk8s.plus27.HttpIngressPathType`](#org.cdk8s.plus27.HttpIngressPathType)
+
+How the path is matched against request paths.
+
+---
+
+##### `addRule`
+
+```java
+public addRule(java.lang.String path, IngressBackend backend)
+public addRule(java.lang.String path, IngressBackend backend, HttpIngressPathType pathType)
+```
+
+###### `path`Required
+
+- *Type:* `java.lang.String`
+
+The HTTP path.
+
+---
+
+###### `backend`Required
+
+- *Type:* [`org.cdk8s.plus27.IngressBackend`](#org.cdk8s.plus27.IngressBackend)
+
+The backend to route requests to.
+
+---
+
+###### `pathType`Optional
+
+- *Type:* [`org.cdk8s.plus27.HttpIngressPathType`](#org.cdk8s.plus27.HttpIngressPathType)
+
+How the path is matched against request paths.
+
+---
+
+##### `addRules`
+
+```java
+public addRules(IngressRule rules)
+```
+
+###### `rules`Required
+
+- *Type:* [`org.cdk8s.plus27.IngressRule`](#org.cdk8s.plus27.IngressRule)
+
+The rules to add.
+
+---
+
+##### `addTls`
+
+```java
+public addTls(java.util.List tls)
+```
+
+###### `tls`Required
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.IngressTls`](#org.cdk8s.plus27.IngressTls)>
+
+---
+
+
+#### Properties
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+
+### Job
+
+A Job creates one or more Pods and ensures that a specified number of them successfully terminate.
+
+As pods successfully complete,
+the Job tracks the successful completions. When a specified number of successful completions is reached, the task (ie, Job) is complete.
+Deleting a Job will clean up the Pods it created. A simple case is to create one Job object in order to reliably run one Pod to completion.
+The Job object will start a new Pod if the first Pod fails or is deleted (for example due to a node hardware failure or a node reboot).
+You can also use a Job to run multiple Pods in parallel.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.Job;
+
+Job.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .automountServiceAccountToken(java.lang.Boolean)
+// .containers(java.util.List)
+// .dns(PodDnsProps)
+// .dockerRegistryAuth(ISecret)
+// .hostAliases(java.util.List)
+// .hostNetwork(java.lang.Boolean)
+// .initContainers(java.util.List)
+// .isolate(java.lang.Boolean)
+// .restartPolicy(RestartPolicy)
+// .securityContext(PodSecurityContextProps)
+// .serviceAccount(IServiceAccount)
+// .terminationGracePeriod(Duration)
+// .volumes(java.util.List)
+// .podMetadata(ApiObjectMetadata)
+// .select(java.lang.Boolean)
+// .spread(java.lang.Boolean)
+// .activeDeadline(Duration)
+// .backoffLimit(java.lang.Number)
+// .ttlAfterFinished(Duration)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountServiceAccountToken`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether a service account token should be automatically mounted.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `containers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No containers. Note that a pod spec must include at least one container.
+
+List of containers belonging to the pod.
+
+Containers cannot currently be
+added or removed. There must be at least one container in a Pod.
+
+You can add additionnal containers using `podSpec.addContainer()`
+
+---
+
+##### `dns`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodDnsProps`](#org.cdk8s.plus27.PodDnsProps)
+- *Default:* policy: DnsPolicy.CLUSTER_FIRST
+ hostnameAsFQDN: false
+
+DNS settings for the pod.
+
+> https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* No auth. Images are assumed to be publicly available.
+
+A secret containing docker credentials for authenticating to a registry.
+
+---
+
+##### `hostAliases`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
+
+---
+
+##### `hostNetwork`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Host network for the pod.
+
+---
+
+##### `initContainers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No init containers.
+
+List of initialization containers belonging to the pod.
+
+Init containers are executed in order prior to containers being started.
+If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy.
+The name for an init container or normal container must be unique among all containers.
+Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
+The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit
+for each resource type, and then using the max of of that value or the sum of the normal containers.
+Limits are applied to init containers in a similar fashion.
+
+Init containers cannot currently be added ,removed or updated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+
+---
+
+##### `isolate`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Isolates the pod.
+
+This will prevent any ingress or egress connections to / from this pod.
+You can however allow explicit connections post instantiation by using the `.connections` property.
+
+---
+
+##### `restartPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+- *Default:* RestartPolicy.ALWAYS
+
+Restart policy for all containers within the pod.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+
+---
+
+##### `securityContext`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContextProps`](#org.cdk8s.plus27.PodSecurityContextProps)
+- *Default:* fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS
+ ensureNonRoot: true
+
+SecurityContext holds pod-level security attributes and common container settings.
+
+---
+
+##### `serviceAccount`Optional
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+- *Default:* No service account.
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the
+apiserver. When they do, they are authenticated as a particular Service
+Account (for example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
+---
+
+##### `terminationGracePeriod`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(30)
+
+Grace period until the pod is terminated.
+
+---
+
+##### `volumes`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+- *Default:* No volumes.
+
+List of volumes that can be mounted by containers belonging to the pod.
+
+You can also add volumes later using `podSpec.addVolume()`
+
+> https://kubernetes.io/docs/concepts/storage/volumes
+
+---
+
+##### `podMetadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+The pod metadata of this workload.
+
+---
+
+##### `select`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* true
+
+Automatically allocates a pod label selector for this workload and add it to the pod metadata.
+
+This ensures this workload manages pods created by
+its pod template.
+
+---
+
+##### `spread`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Automatically spread pods across hostname and zones.
+
+> https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
+
+---
+
+##### `activeDeadline`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* If unset, then there is no deadline.
+
+Specifies the duration the job may be active before the system tries to terminate it.
+
+---
+
+##### `backoffLimit`Optional
+
+- *Type:* `java.lang.Number`
+- *Default:* If not set, system defaults to 6.
+
+Specifies the number of retries before marking this job failed.
+
+---
+
+##### `ttlAfterFinished`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* If this field is unset, the Job won't be automatically deleted.
+
+Limits the lifetime of a Job that has finished execution (either Complete or Failed).
+
+If this field is set, after the Job finishes, it is eligible to
+be automatically deleted. When the Job is being deleted, its lifecycle
+guarantees (e.g. finalizers) will be honored. If this field is set to zero,
+the Job becomes eligible to be deleted immediately after it finishes. This
+field is alpha-level and is only honored by servers that enable the
+`TTLAfterFinished` feature.
+
+---
+
+
+
+#### Properties
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `activeDeadline`Optional
+
+```java
+public Duration getActiveDeadline();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+
+Duration before job is terminated.
+
+If undefined, there is no deadline.
+
+---
+
+##### `backoffLimit`Optional
+
+```java
+public java.lang.Number getBackoffLimit();
+```
+
+- *Type:* `java.lang.Number`
+
+Number of retries before marking failed.
+
+---
+
+##### `ttlAfterFinished`Optional
+
+```java
+public Duration getTtlAfterFinished();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+
+TTL before the job is deleted after it is finished.
+
+---
+
+
+### Namespace
+
+- *Implements:* [`org.cdk8s.plus27.INamespaceSelector`](#org.cdk8s.plus27.INamespaceSelector), [`org.cdk8s.plus27.INetworkPolicyPeer`](#org.cdk8s.plus27.INetworkPolicyPeer)
+
+In Kubernetes, namespaces provides a mechanism for isolating groups of resources within a single cluster.
+
+Names of resources need to be unique within a namespace, but not across namespaces.
+Namespace-based scoping is applicable only for namespaced objects (e.g. Deployments, Services, etc) and
+not for cluster-wide objects (e.g. StorageClass, Nodes, PersistentVolumes, etc).
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.Namespace;
+
+Namespace.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+#### Methods
+
+##### `toNamespaceSelectorConfig`
+
+```java
+public toNamespaceSelectorConfig()
+```
+
+##### `toNetworkPolicyPeerConfig`
+
+```java
+public toNetworkPolicyPeerConfig()
+```
+
+##### `toPodSelector`
+
+```java
+public toPodSelector()
+```
+
+
+#### Properties
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+#### Constants
+
+##### `NAME_LABEL`
+
+- *Type:* `java.lang.String`
+
+> https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/#automatic-labelling
+
+---
+
+### Namespaces
+
+- *Implements:* [`org.cdk8s.plus27.INamespaceSelector`](#org.cdk8s.plus27.INamespaceSelector), [`org.cdk8s.plus27.INetworkPolicyPeer`](#org.cdk8s.plus27.INetworkPolicyPeer)
+
+Represents a group of namespaces.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.Namespaces;
+
+new Namespaces(Construct scope, java.lang.String id);
+new Namespaces(Construct scope, java.lang.String id, java.util.List expressions);
+new Namespaces(Construct scope, java.lang.String id, java.util.List expressions, java.util.List names);
+new Namespaces(Construct scope, java.lang.String id, java.util.List expressions, java.util.List names, java.util.Map labels);
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `expressions`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.LabelExpression`](#org.cdk8s.plus27.LabelExpression)>
+
+---
+
+##### `names`Optional
+
+- *Type:* java.util.List<`java.lang.String`>
+
+---
+
+##### `labels`Optional
+
+- *Type:* java.util.Map
+
+---
+
+#### Methods
+
+##### `toNamespaceSelectorConfig`
+
+```java
+public toNamespaceSelectorConfig()
+```
+
+##### `toNetworkPolicyPeerConfig`
+
+```java
+public toNetworkPolicyPeerConfig()
+```
+
+##### `toPodSelector`
+
+```java
+public toPodSelector()
+```
+
+#### Static Functions
+
+##### `all`
+
+```java
+import org.cdk8s.plus27.Namespaces;
+
+Namespaces.all(Construct scope, java.lang.String id)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `select`
+
+```java
+import org.cdk8s.plus27.Namespaces;
+
+Namespaces.select(Construct scope, java.lang.String id, NamespacesSelectOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `options`Required
+
+- *Type:* [`org.cdk8s.plus27.NamespacesSelectOptions`](#org.cdk8s.plus27.NamespacesSelectOptions)
+
+---
+
+
+
+### NetworkPolicy
+
+Control traffic flow at the IP address or port level (OSI layer 3 or 4), network policies are an application-centric construct which allow you to specify how a pod is allowed to communicate with various network peers.
+
+* Outgoing traffic is allowed if there are no network policies selecting
+ the pod (and cluster policy otherwise allows the traffic),
+ OR if the traffic matches at least one egress rule across all of the
+ network policies that select the pod.
+* Incoming traffic is allowed to a pod if there are no network policies
+ selecting the pod (and cluster policy otherwise allows the traffic),
+ OR if the traffic source is the pod's local node,
+ OR if the traffic matches at least one ingress rule across all of
+ the network policies that select the pod.
+
+Network policies do not conflict; they are additive.
+If any policy or policies apply to a given pod for a given
+direction, the connections allowed in that direction from
+that pod is the union of what the applicable policies allow.
+Thus, order of evaluation does not affect the policy result.
+
+For a connection from a source pod to a destination pod to be allowed,
+both the egress policy on the source pod and the ingress policy on the
+destination pod need to allow the connection.
+If either side does not allow the connection, it will not happen.
+
+> https://kubernetes.io/docs/concepts/services-networking/network-policies/#networkpolicy-resource
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.NetworkPolicy;
+
+NetworkPolicy.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .egress(NetworkPolicyTraffic)
+// .ingress(NetworkPolicyTraffic)
+// .selector(IPodSelector)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `egress`Optional
+
+- *Type:* [`org.cdk8s.plus27.NetworkPolicyTraffic`](#org.cdk8s.plus27.NetworkPolicyTraffic)
+- *Default:* the policy doesn't change egress behavior of the pods it selects.
+
+Egress traffic configuration.
+
+---
+
+##### `ingress`Optional
+
+- *Type:* [`org.cdk8s.plus27.NetworkPolicyTraffic`](#org.cdk8s.plus27.NetworkPolicyTraffic)
+- *Default:* the policy doesn't change ingress behavior of the pods it selects.
+
+Ingress traffic configuration.
+
+---
+
+##### `selector`Optional
+
+- *Type:* [`org.cdk8s.plus27.IPodSelector`](#org.cdk8s.plus27.IPodSelector)
+- *Default:* will select all pods in the namespace of the policy.
+
+Which pods does this policy object applies to.
+
+This can either be a single pod / workload, or a grouping of pods selected
+via the `Pods.select` function. Rules is applied to any pods selected by this property.
+Multiple network policies can select the same set of pods.
+In this case, the rules for each are combined additively.
+
+Note that
+
+---
+
+#### Methods
+
+##### `addEgressRule`
+
+```java
+public addEgressRule(INetworkPolicyPeer peer)
+public addEgressRule(INetworkPolicyPeer peer, java.util.List ports)
+```
+
+###### `peer`Required
+
+- *Type:* [`org.cdk8s.plus27.INetworkPolicyPeer`](#org.cdk8s.plus27.INetworkPolicyPeer)
+
+---
+
+###### `ports`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.NetworkPolicyPort`](#org.cdk8s.plus27.NetworkPolicyPort)>
+
+---
+
+##### `addIngressRule`
+
+```java
+public addIngressRule(INetworkPolicyPeer peer)
+public addIngressRule(INetworkPolicyPeer peer, java.util.List ports)
+```
+
+###### `peer`Required
+
+- *Type:* [`org.cdk8s.plus27.INetworkPolicyPeer`](#org.cdk8s.plus27.INetworkPolicyPeer)
+
+---
+
+###### `ports`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.NetworkPolicyPort`](#org.cdk8s.plus27.NetworkPolicyPort)>
+
+---
+
+
+#### Properties
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+
+### NetworkPolicyIpBlock
+
+- *Implements:* [`org.cdk8s.plus27.INetworkPolicyPeer`](#org.cdk8s.plus27.INetworkPolicyPeer)
+
+Describes a particular CIDR (Ex.
+
+"192.168.1.1/24","2001:db9::/64") that is
+allowed to the pods matched by a network policy selector.
+The except entry describes CIDRs that should not be included within this rule.
+
+#### Methods
+
+##### `toNetworkPolicyPeerConfig`
+
+```java
+public toNetworkPolicyPeerConfig()
+```
+
+##### `toPodSelector`
+
+```java
+public toPodSelector()
+```
+
+#### Static Functions
+
+##### `anyIpv4`
+
+```java
+import org.cdk8s.plus27.NetworkPolicyIpBlock;
+
+NetworkPolicyIpBlock.anyIpv4(Construct scope, java.lang.String id)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `anyIpv6`
+
+```java
+import org.cdk8s.plus27.NetworkPolicyIpBlock;
+
+NetworkPolicyIpBlock.anyIpv6(Construct scope, java.lang.String id)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `ipv4`
+
+```java
+import org.cdk8s.plus27.NetworkPolicyIpBlock;
+
+NetworkPolicyIpBlock.ipv4(Construct scope, java.lang.String id, java.lang.String cidrIp)
+NetworkPolicyIpBlock.ipv4(Construct scope, java.lang.String id, java.lang.String cidrIp, java.util.List except)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `cidrIp`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `except`Optional
+
+- *Type:* java.util.List<`java.lang.String`>
+
+---
+
+##### `ipv6`
+
+```java
+import org.cdk8s.plus27.NetworkPolicyIpBlock;
+
+NetworkPolicyIpBlock.ipv6(Construct scope, java.lang.String id, java.lang.String cidrIp)
+NetworkPolicyIpBlock.ipv6(Construct scope, java.lang.String id, java.lang.String cidrIp, java.util.List except)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `cidrIp`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `except`Optional
+
+- *Type:* java.util.List<`java.lang.String`>
+
+---
+
+#### Properties
+
+##### `cidr`Required
+
+```java
+public java.lang.String getCidr();
+```
+
+- *Type:* `java.lang.String`
+
+A string representing the IP Block Valid examples are "192.168.1.1/24" or "2001:db9::/64".
+
+---
+
+##### `except`Optional
+
+```java
+public java.util.List getExcept();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+
+A slice of CIDRs that should not be included within an IP Block Valid examples are "192.168.1.1/24" or "2001:db9::/64". Except values will be rejected if they are outside the CIDR range.
+
+---
+
+
+### PersistentVolume
+
+- *Implements:* [`org.cdk8s.plus27.IPersistentVolume`](#org.cdk8s.plus27.IPersistentVolume), [`org.cdk8s.plus27.IStorage`](#org.cdk8s.plus27.IStorage)
+
+A PersistentVolume (PV) is a piece of storage in the cluster that has been provisioned by an administrator or dynamically provisioned using Storage Classes.
+
+It is a resource in the cluster just like a node is a cluster resource.
+PVs are volume plugins like Volumes, but have a lifecycle independent of any
+individual Pod that uses the PV. This API object captures the details of the
+implementation of the storage, be that NFS, iSCSI, or a
+cloud-provider-specific storage system.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.PersistentVolume;
+
+PersistentVolume.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .accessModes(java.util.List)
+// .claim(IPersistentVolumeClaim)
+// .mountOptions(java.util.List)
+// .reclaimPolicy(PersistentVolumeReclaimPolicy)
+// .storage(Size)
+// .storageClassName(java.lang.String)
+// .volumeMode(PersistentVolumeMode)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `accessModes`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.PersistentVolumeAccessMode`](#org.cdk8s.plus27.PersistentVolumeAccessMode)>
+- *Default:* No access modes.
+
+Contains all ways the volume can be mounted.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
+
+---
+
+##### `claim`Optional
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolumeClaim`](#org.cdk8s.plus27.IPersistentVolumeClaim)
+- *Default:* Not bound to a specific claim.
+
+Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
+
+Expected to be non-nil when bound.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
+
+---
+
+##### `mountOptions`Optional
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* No options.
+
+A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will simply fail if one is invalid.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
+
+---
+
+##### `reclaimPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeReclaimPolicy`](#org.cdk8s.plus27.PersistentVolumeReclaimPolicy)
+- *Default:* PersistentVolumeReclaimPolicy.RETAIN
+
+When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
+
+The reclaim policy tells the cluster what to do with
+the volume after it has been released of its claim.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
+
+---
+
+##### `storage`Optional
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+- *Default:* No specified.
+
+What is the storage capacity of this volume.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+
+---
+
+##### `storageClassName`Optional
+
+- *Type:* `java.lang.String`
+- *Default:* Volume does not belong to any storage class.
+
+Name of StorageClass to which this persistent volume belongs.
+
+---
+
+##### `volumeMode`Optional
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeMode`](#org.cdk8s.plus27.PersistentVolumeMode)
+- *Default:* VolumeMode.FILE_SYSTEM
+
+Defines what type of volume is required by the claim.
+
+---
+
+#### Methods
+
+##### `asVolume`
+
+```java
+public asVolume()
+```
+
+##### `bind`
+
+```java
+public bind(IPersistentVolumeClaim claim)
+```
+
+###### `claim`Required
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolumeClaim`](#org.cdk8s.plus27.IPersistentVolumeClaim)
+
+The PVC to bind to.
+
+---
+
+##### `reserve`
+
+```java
+public reserve()
+```
+
+#### Static Functions
+
+##### `fromPersistentVolumeName`
+
+```java
+import org.cdk8s.plus27.PersistentVolume;
+
+PersistentVolume.fromPersistentVolumeName(Construct scope, java.lang.String id, java.lang.String volumeName)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `volumeName`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+#### Properties
+
+##### `mode`Required
+
+```java
+public PersistentVolumeMode getMode();
+```
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeMode`](#org.cdk8s.plus27.PersistentVolumeMode)
+
+Volume mode of this volume.
+
+---
+
+##### `reclaimPolicy`Required
+
+```java
+public PersistentVolumeReclaimPolicy getReclaimPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeReclaimPolicy`](#org.cdk8s.plus27.PersistentVolumeReclaimPolicy)
+
+Reclaim policy of this volume.
+
+---
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `accessModes`Optional
+
+```java
+public java.util.List getAccessModes();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.PersistentVolumeAccessMode`](#org.cdk8s.plus27.PersistentVolumeAccessMode)>
+
+Access modes requirement of this claim.
+
+---
+
+##### `claim`Optional
+
+```java
+public IPersistentVolumeClaim getClaim();
+```
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolumeClaim`](#org.cdk8s.plus27.IPersistentVolumeClaim)
+
+PVC this volume is bound to.
+
+Undefined means this volume is not yet
+claimed by any PVC.
+
+---
+
+##### `mountOptions`Optional
+
+```java
+public java.util.List getMountOptions();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+
+Mount options of this volume.
+
+---
+
+##### `storage`Optional
+
+```java
+public Size getStorage();
+```
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+
+Storage size of this volume.
+
+---
+
+##### `storageClassName`Optional
+
+```java
+public java.lang.String getStorageClassName();
+```
+
+- *Type:* `java.lang.String`
+
+Storage class this volume belongs to.
+
+---
+
+
+### PersistentVolumeClaim
+
+- *Implements:* [`org.cdk8s.plus27.IPersistentVolumeClaim`](#org.cdk8s.plus27.IPersistentVolumeClaim)
+
+A PersistentVolumeClaim (PVC) is a request for storage by a user.
+
+It is similar to a Pod. Pods consume node resources and PVCs consume PV resources.
+Pods can request specific levels of resources (CPU and Memory).
+Claims can request specific size and access modes
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.PersistentVolumeClaim;
+
+PersistentVolumeClaim.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .accessModes(java.util.List)
+// .storage(Size)
+// .storageClassName(java.lang.String)
+// .volume(IPersistentVolume)
+// .volumeMode(PersistentVolumeMode)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `accessModes`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.PersistentVolumeAccessMode`](#org.cdk8s.plus27.PersistentVolumeAccessMode)>
+- *Default:* No access modes requirement.
+
+Contains the access modes the volume should support.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
+
+---
+
+##### `storage`Optional
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+- *Default:* No storage requirement.
+
+Minimum storage size the volume should have.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+
+---
+
+##### `storageClassName`Optional
+
+- *Type:* `java.lang.String`
+- *Default:* Not set.
+
+Name of the StorageClass required by the claim. When this property is not set, the behavior is as follows:.
+
+* If the admission plugin is turned on, the storage class marked as default will be used.
+* If the admission plugin is turned off, the pvc can only be bound to volumes without a storage class.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
+
+---
+
+##### `volume`Optional
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolume`](#org.cdk8s.plus27.IPersistentVolume)
+- *Default:* No specific volume binding.
+
+The PersistentVolume backing this claim.
+
+The control plane still checks that storage class, access modes,
+and requested storage size on the volume are valid.
+
+Note that in order to guarantee a proper binding, the volume should
+also define a `claimRef` referring to this claim. Otherwise, the volume may be
+claimed be other pvc's before it gets a chance to bind to this one.
+
+If the volume is managed (i.e not imported), you can use `pv.claim()` to easily
+create a bi-directional bounded claim.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes/#binding.
+
+---
+
+##### `volumeMode`Optional
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeMode`](#org.cdk8s.plus27.PersistentVolumeMode)
+- *Default:* VolumeMode.FILE_SYSTEM
+
+Defines what type of volume is required by the claim.
+
+---
+
+#### Methods
+
+##### `bind`
+
+```java
+public bind(IPersistentVolume vol)
+```
+
+###### `vol`Required
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolume`](#org.cdk8s.plus27.IPersistentVolume)
+
+The PV to bind to.
+
+---
+
+#### Static Functions
+
+##### `fromClaimName`
+
+```java
+import org.cdk8s.plus27.PersistentVolumeClaim;
+
+PersistentVolumeClaim.fromClaimName(Construct scope, java.lang.String id, java.lang.String claimName)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `claimName`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+#### Properties
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `volumeMode`Required
+
+```java
+public PersistentVolumeMode getVolumeMode();
+```
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeMode`](#org.cdk8s.plus27.PersistentVolumeMode)
+
+Volume mode requirement of this claim.
+
+---
+
+##### `accessModes`Optional
+
+```java
+public java.util.List getAccessModes();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.PersistentVolumeAccessMode`](#org.cdk8s.plus27.PersistentVolumeAccessMode)>
+
+Access modes requirement of this claim.
+
+---
+
+##### `storage`Optional
+
+```java
+public Size getStorage();
+```
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+
+Storage requirement of this claim.
+
+---
+
+##### `storageClassName`Optional
+
+```java
+public java.lang.String getStorageClassName();
+```
+
+- *Type:* `java.lang.String`
+
+Storage class requirment of this claim.
+
+---
+
+##### `volume`Optional
+
+```java
+public IPersistentVolume getVolume();
+```
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolume`](#org.cdk8s.plus27.IPersistentVolume)
+
+PV this claim is bound to.
+
+Undefined means the claim is not bound
+to any specific volume.
+
+---
+
+
+### Pod
+
+Pod is a collection of containers that can run on a host.
+
+This resource is
+created by clients and scheduled onto hosts.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.Pod;
+
+Pod.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .automountServiceAccountToken(java.lang.Boolean)
+// .containers(java.util.List)
+// .dns(PodDnsProps)
+// .dockerRegistryAuth(ISecret)
+// .hostAliases(java.util.List)
+// .hostNetwork(java.lang.Boolean)
+// .initContainers(java.util.List)
+// .isolate(java.lang.Boolean)
+// .restartPolicy(RestartPolicy)
+// .securityContext(PodSecurityContextProps)
+// .serviceAccount(IServiceAccount)
+// .terminationGracePeriod(Duration)
+// .volumes(java.util.List)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountServiceAccountToken`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether a service account token should be automatically mounted.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `containers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No containers. Note that a pod spec must include at least one container.
+
+List of containers belonging to the pod.
+
+Containers cannot currently be
+added or removed. There must be at least one container in a Pod.
+
+You can add additionnal containers using `podSpec.addContainer()`
+
+---
+
+##### `dns`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodDnsProps`](#org.cdk8s.plus27.PodDnsProps)
+- *Default:* policy: DnsPolicy.CLUSTER_FIRST
+ hostnameAsFQDN: false
+
+DNS settings for the pod.
+
+> https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* No auth. Images are assumed to be publicly available.
+
+A secret containing docker credentials for authenticating to a registry.
+
+---
+
+##### `hostAliases`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
+
+---
+
+##### `hostNetwork`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Host network for the pod.
+
+---
+
+##### `initContainers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No init containers.
+
+List of initialization containers belonging to the pod.
+
+Init containers are executed in order prior to containers being started.
+If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy.
+The name for an init container or normal container must be unique among all containers.
+Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
+The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit
+for each resource type, and then using the max of of that value or the sum of the normal containers.
+Limits are applied to init containers in a similar fashion.
+
+Init containers cannot currently be added ,removed or updated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+
+---
+
+##### `isolate`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Isolates the pod.
+
+This will prevent any ingress or egress connections to / from this pod.
+You can however allow explicit connections post instantiation by using the `.connections` property.
+
+---
+
+##### `restartPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+- *Default:* RestartPolicy.ALWAYS
+
+Restart policy for all containers within the pod.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+
+---
+
+##### `securityContext`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContextProps`](#org.cdk8s.plus27.PodSecurityContextProps)
+- *Default:* fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS
+ ensureNonRoot: true
+
+SecurityContext holds pod-level security attributes and common container settings.
+
+---
+
+##### `serviceAccount`Optional
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+- *Default:* No service account.
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the
+apiserver. When they do, they are authenticated as a particular Service
+Account (for example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
+---
+
+##### `terminationGracePeriod`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(30)
+
+Grace period until the pod is terminated.
+
+---
+
+##### `volumes`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+- *Default:* No volumes.
+
+List of volumes that can be mounted by containers belonging to the pod.
+
+You can also add volumes later using `podSpec.addVolume()`
+
+> https://kubernetes.io/docs/concepts/storage/volumes
+
+---
+
+
+
+#### Properties
+
+##### `connections`Required
+
+```java
+public PodConnections getConnections();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodConnections`](#org.cdk8s.plus27.PodConnections)
+
+---
+
+##### `podMetadata`Required
+
+```java
+public ApiObjectMetadataDefinition getPodMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadataDefinition`](#org.cdk8s.ApiObjectMetadataDefinition)
+
+---
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `scheduling`Required
+
+```java
+public PodScheduling getScheduling();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodScheduling`](#org.cdk8s.plus27.PodScheduling)
+
+---
+
+#### Constants
+
+##### `ADDRESS_LABEL`
+
+- *Type:* `java.lang.String`
+
+This label is autoamtically added by cdk8s to any pod.
+
+It provides
+a unique and stable identifier for the pod.
+
+---
+
+### Pods
+
+- *Implements:* [`org.cdk8s.plus27.IPodSelector`](#org.cdk8s.plus27.IPodSelector)
+
+Represents a group of pods.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.Pods;
+
+new Pods(Construct scope, java.lang.String id);
+new Pods(Construct scope, java.lang.String id, java.util.List expressions);
+new Pods(Construct scope, java.lang.String id, java.util.List expressions, java.util.Map labels);
+new Pods(Construct scope, java.lang.String id, java.util.List expressions, java.util.Map labels, INamespaceSelector namespaces);
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `expressions`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.LabelExpression`](#org.cdk8s.plus27.LabelExpression)>
+
+---
+
+##### `labels`Optional
+
+- *Type:* java.util.Map
+
+---
+
+##### `namespaces`Optional
+
+- *Type:* [`org.cdk8s.plus27.INamespaceSelector`](#org.cdk8s.plus27.INamespaceSelector)
+
+---
+
+#### Methods
+
+##### `toNetworkPolicyPeerConfig`
+
+```java
+public toNetworkPolicyPeerConfig()
+```
+
+##### `toPodSelector`
+
+```java
+public toPodSelector()
+```
+
+##### `toPodSelectorConfig`
+
+```java
+public toPodSelectorConfig()
+```
+
+#### Static Functions
+
+##### `all`
+
+```java
+import org.cdk8s.plus27.Pods;
+
+Pods.all(Construct scope, java.lang.String id)
+Pods.all(Construct scope, java.lang.String id, PodsAllOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodsAllOptions`](#org.cdk8s.plus27.PodsAllOptions)
+
+---
+
+##### `select`
+
+```java
+import org.cdk8s.plus27.Pods;
+
+Pods.select(Construct scope, java.lang.String id, PodsSelectOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `options`Required
+
+- *Type:* [`org.cdk8s.plus27.PodsSelectOptions`](#org.cdk8s.plus27.PodsSelectOptions)
+
+---
+
+
+
+### Resource
+
+- *Implements:* [`org.cdk8s.plus27.IResource`](#org.cdk8s.plus27.IResource), [`org.cdk8s.plus27.IApiResource`](#org.cdk8s.plus27.IApiResource), [`org.cdk8s.plus27.IApiEndpoint`](#org.cdk8s.plus27.IApiEndpoint)
+
+Base class for all Kubernetes objects in stdk8s.
+
+Represents a single
+resource.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.Resource;
+
+new Resource(Construct scope, java.lang.String id);
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+#### Methods
+
+##### `asApiResource`
+
+```java
+public asApiResource()
+```
+
+##### `asNonApiResource`
+
+```java
+public asNonApiResource()
+```
+
+
+#### Properties
+
+##### `apiGroup`Required
+
+```java
+public java.lang.String getApiGroup();
+```
+
+- *Type:* `java.lang.String`
+
+The group portion of the API version (e.g. "authorization.k8s.io").
+
+---
+
+##### `apiVersion`Required
+
+```java
+public java.lang.String getApiVersion();
+```
+
+- *Type:* `java.lang.String`
+
+The object's API version (e.g. "authorization.k8s.io/v1").
+
+---
+
+##### `kind`Required
+
+```java
+public java.lang.String getKind();
+```
+
+- *Type:* `java.lang.String`
+
+The object kind (e.g. "Deployment").
+
+---
+
+##### `metadata`Required
+
+```java
+public ApiObjectMetadataDefinition getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadataDefinition`](#org.cdk8s.ApiObjectMetadataDefinition)
+
+---
+
+##### `name`Required
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+
+The name of this API object.
+
+---
+
+##### `permissions`Required
+
+```java
+public ResourcePermissions getPermissions();
+```
+
+- *Type:* [`org.cdk8s.plus27.ResourcePermissions`](#org.cdk8s.plus27.ResourcePermissions)
+
+---
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `resourceName`Optional
+
+```java
+public java.lang.String getResourceName();
+```
+
+- *Type:* `java.lang.String`
+
+The unique, namespace-global, name of an object inside the Kubernetes cluster.
+
+If this is omitted, the ApiResource should represent all objects of the given type.
+
+---
+
+
+### Role
+
+- *Implements:* [`org.cdk8s.plus27.IRole`](#org.cdk8s.plus27.IRole)
+
+Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.Role;
+
+Role.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .rules(java.util.List)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `rules`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.RolePolicyRule`](#org.cdk8s.plus27.RolePolicyRule)>
+- *Default:* []
+
+A list of rules the role should allow.
+
+---
+
+#### Methods
+
+##### `allow`
+
+```java
+public allow(java.util.List verbs, IApiResource resources)
+```
+
+###### `verbs`Required
+
+- *Type:* java.util.List<`java.lang.String`>
+
+---
+
+###### `resources`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiResource`](#org.cdk8s.plus27.IApiResource)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowCreate`
+
+```java
+public allowCreate(IApiResource resources)
+```
+
+###### `resources`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiResource`](#org.cdk8s.plus27.IApiResource)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowDelete`
+
+```java
+public allowDelete(IApiResource resources)
+```
+
+###### `resources`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiResource`](#org.cdk8s.plus27.IApiResource)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowDeleteCollection`
+
+```java
+public allowDeleteCollection(IApiResource resources)
+```
+
+###### `resources`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiResource`](#org.cdk8s.plus27.IApiResource)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowGet`
+
+```java
+public allowGet(IApiResource resources)
+```
+
+###### `resources`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiResource`](#org.cdk8s.plus27.IApiResource)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowList`
+
+```java
+public allowList(IApiResource resources)
+```
+
+###### `resources`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiResource`](#org.cdk8s.plus27.IApiResource)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowPatch`
+
+```java
+public allowPatch(IApiResource resources)
+```
+
+###### `resources`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiResource`](#org.cdk8s.plus27.IApiResource)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowRead`
+
+```java
+public allowRead(IApiResource resources)
+```
+
+###### `resources`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiResource`](#org.cdk8s.plus27.IApiResource)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowReadWrite`
+
+```java
+public allowReadWrite(IApiResource resources)
+```
+
+###### `resources`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiResource`](#org.cdk8s.plus27.IApiResource)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowUpdate`
+
+```java
+public allowUpdate(IApiResource resources)
+```
+
+###### `resources`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiResource`](#org.cdk8s.plus27.IApiResource)
+
+The resource(s) to apply to.
+
+---
+
+##### `allowWatch`
+
+```java
+public allowWatch(IApiResource resources)
+```
+
+###### `resources`Required
+
+- *Type:* [`org.cdk8s.plus27.IApiResource`](#org.cdk8s.plus27.IApiResource)
+
+The resource(s) to apply to.
+
+---
+
+##### `bind`
+
+```java
+public bind(ISubject subjects)
+```
+
+###### `subjects`Required
+
+- *Type:* [`org.cdk8s.plus27.ISubject`](#org.cdk8s.plus27.ISubject)
+
+a list of subjects to bind to.
+
+---
+
+#### Static Functions
+
+##### `fromRoleName`
+
+```java
+import org.cdk8s.plus27.Role;
+
+Role.fromRoleName(Construct scope, java.lang.String id, java.lang.String name)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `name`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+#### Properties
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `rules`Required
+
+```java
+public java.util.List getRules();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.RolePolicyRule`](#org.cdk8s.plus27.RolePolicyRule)>
+
+Rules associaated with this Role.
+
+Returns a copy, use `allow` to add rules.
+
+---
+
+
+### RoleBinding
+
+A RoleBinding grants permissions within a specific namespace to a user or set of users.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.RoleBinding;
+
+RoleBinding.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+ .role(IRole)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `role`Required
+
+- *Type:* [`org.cdk8s.plus27.IRole`](#org.cdk8s.plus27.IRole)
+
+The role to bind to.
+
+A RoleBinding can reference a Role or a ClusterRole.
+
+---
+
+#### Methods
+
+##### `addSubjects`
+
+```java
+public addSubjects(ISubject subjects)
+```
+
+###### `subjects`Required
+
+- *Type:* [`org.cdk8s.plus27.ISubject`](#org.cdk8s.plus27.ISubject)
+
+The subjects to add.
+
+---
+
+
+#### Properties
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `role`Required
+
+```java
+public IRole getRole();
+```
+
+- *Type:* [`org.cdk8s.plus27.IRole`](#org.cdk8s.plus27.IRole)
+
+---
+
+##### `subjects`Required
+
+```java
+public java.util.List getSubjects();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ISubject`](#org.cdk8s.plus27.ISubject)>
+
+---
+
+
+### Secret
+
+- *Implements:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+
+Kubernetes Secrets let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys.
+
+Storing confidential information in a
+Secret is safer and more flexible than putting it verbatim in a Pod
+definition or in a container image.
+
+> https://kubernetes.io/docs/concepts/configuration/secret
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.Secret;
+
+Secret.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .immutable(java.lang.Boolean)
+// .stringData(java.util.Map)
+// .type(java.lang.String)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `immutable`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
+
+If not set to true, the field can be modified at any time.
+
+---
+
+##### `stringData`Optional
+
+- *Type:* java.util.Map
+
+stringData allows specifying non-binary secret data in string form.
+
+It is
+provided as a write-only convenience method. All keys and values are merged
+into the data field on write, overwriting any existing values. It is never
+output when reading from the API.
+
+---
+
+##### `type`Optional
+
+- *Type:* `java.lang.String`
+- *Default:* undefined - Don't set a type.
+
+Optional type associated with the secret.
+
+Used to facilitate programmatic
+handling of secret data by various controllers.
+
+---
+
+#### Methods
+
+##### `addStringData`
+
+```java
+public addStringData(java.lang.String key, java.lang.String value)
+```
+
+###### `key`Required
+
+- *Type:* `java.lang.String`
+
+Key.
+
+---
+
+###### `value`Required
+
+- *Type:* `java.lang.String`
+
+Value.
+
+---
+
+##### `envValue`
+
+```java
+public envValue(java.lang.String key)
+public envValue(java.lang.String key, EnvValueFromSecretOptions options)
+```
+
+###### `key`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.EnvValueFromSecretOptions`](#org.cdk8s.plus27.EnvValueFromSecretOptions)
+
+---
+
+##### `getStringData`
+
+```java
+public getStringData(java.lang.String key)
+```
+
+###### `key`Required
+
+- *Type:* `java.lang.String`
+
+Key.
+
+---
+
+#### Static Functions
+
+##### `fromSecretName`
+
+```java
+import org.cdk8s.plus27.Secret;
+
+Secret.fromSecretName(Construct scope, java.lang.String id, java.lang.String name)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `name`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+#### Properties
+
+##### `immutable`Required
+
+```java
+public java.lang.Boolean getImmutable();
+```
+
+- *Type:* `java.lang.Boolean`
+
+Whether or not the secret is immutable.
+
+---
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+
+### Service
+
+An abstract way to expose an application running on a set of Pods as a network service.
+
+With Kubernetes you don't need to modify your application to use an unfamiliar service discovery mechanism.
+Kubernetes gives Pods their own IP addresses and a single DNS name for a set of Pods, and can load-balance across them.
+
+For example, consider a stateless image-processing backend which is running with 3 replicas. Those replicas are fungible—frontends do not care which backend they use.
+While the actual Pods that compose the backend set may change, the frontend clients should not need to be aware of that,
+nor should they need to keep track of the set of backends themselves.
+The Service abstraction enables this decoupling.
+
+If you're able to use Kubernetes APIs for service discovery in your application, you can query the API server for Endpoints,
+that get updated whenever the set of Pods in a Service changes. For non-native applications, Kubernetes offers ways to place a network port
+or load balancer in between your application and the backend Pods.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.Service;
+
+Service.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .clusterIP(java.lang.String)
+// .externalIPs(java.util.List)
+// .externalName(java.lang.String)
+// .loadBalancerSourceRanges(java.util.List)
+// .ports(java.util.List)
+// .selector(IPodSelector)
+// .type(ServiceType)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `clusterIP`Optional
+
+- *Type:* `java.lang.String`
+- *Default:* Automatically assigned.
+
+The IP address of the service and is usually assigned randomly by the master.
+
+If an address is specified manually and is not in use by others, it
+will be allocated to the service; otherwise, creation of the service will
+fail. This field can not be changed through updates. Valid values are
+"None", empty string (""), or a valid IP address. "None" can be specified
+for headless services when proxying is not required. Only applies to types
+ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName.
+
+> https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
+
+---
+
+##### `externalIPs`Optional
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* No external IPs.
+
+A list of IP addresses for which nodes in the cluster will also accept traffic for this service.
+
+These IPs are not managed by Kubernetes. The user
+is responsible for ensuring that traffic arrives at a node with this IP. A
+common example is external load-balancers that are not part of the
+Kubernetes system.
+
+---
+
+##### `externalName`Optional
+
+- *Type:* `java.lang.String`
+- *Default:* No external name.
+
+The externalName to be used when ServiceType.EXTERNAL_NAME is set.
+
+---
+
+##### `loadBalancerSourceRanges`Optional
+
+- *Type:* java.util.List<`java.lang.String`>
+
+A list of CIDR IP addresses, if specified and supported by the platform, will restrict traffic through the cloud-provider load-balancer to the specified client IPs.
+
+More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/
+
+---
+
+##### `ports`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ServicePort`](#org.cdk8s.plus27.ServicePort)>
+- *Default:* either the selector ports, or none.
+
+The ports this service binds to.
+
+If the selector of the service is a managed pod / workload,
+its ports will are automatically extracted and used as the default value.
+Otherwise, no ports are bound.
+
+---
+
+##### `selector`Optional
+
+- *Type:* [`org.cdk8s.plus27.IPodSelector`](#org.cdk8s.plus27.IPodSelector)
+- *Default:* unset, the service is assumed to have an external process managing
+its endpoints, which Kubernetes will not modify.
+
+Which pods should the service select and route to.
+
+You can pass one of the following:
+
+* An instance of `Pod` or any workload resource (e.g `Deployment`, `StatefulSet`, ...)
+* Pods selected by the `Pods.select` function. Note that in this case only labels can be specified.
+
+---
+
+##### `type`Optional
+
+- *Type:* [`org.cdk8s.plus27.ServiceType`](#org.cdk8s.plus27.ServiceType)
+- *Default:* ServiceType.ClusterIP
+
+Determines how the Service is exposed.
+
+More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
+
+---
+
+#### Methods
+
+##### `bind`
+
+```java
+public bind(java.lang.Number port)
+public bind(java.lang.Number port, ServiceBindOptions options)
+```
+
+###### `port`Required
+
+- *Type:* `java.lang.Number`
+
+The port definition.
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.ServiceBindOptions`](#org.cdk8s.plus27.ServiceBindOptions)
+
+---
+
+##### `exposeViaIngress`
+
+```java
+public exposeViaIngress(java.lang.String path)
+public exposeViaIngress(java.lang.String path, ExposeServiceViaIngressOptions options)
+```
+
+###### `path`Required
+
+- *Type:* `java.lang.String`
+
+The path to expose the service under.
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.ExposeServiceViaIngressOptions`](#org.cdk8s.plus27.ExposeServiceViaIngressOptions)
+
+Additional options.
+
+---
+
+##### `select`
+
+```java
+public select(IPodSelector selector)
+```
+
+###### `selector`Required
+
+- *Type:* [`org.cdk8s.plus27.IPodSelector`](#org.cdk8s.plus27.IPodSelector)
+
+---
+
+##### `selectLabel`
+
+```java
+public selectLabel(java.lang.String key, java.lang.String value)
+```
+
+###### `key`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `value`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+
+#### Properties
+
+##### `port`Required
+
+```java
+public java.lang.Number getPort();
+```
+
+- *Type:* `java.lang.Number`
+
+Return the first port of the service.
+
+---
+
+##### `ports`Required
+
+```java
+public java.util.List getPorts();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ServicePort`](#org.cdk8s.plus27.ServicePort)>
+
+Ports for this service.
+
+Use `bind()` to bind additional service ports.
+
+---
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `type`Required
+
+```java
+public ServiceType getType();
+```
+
+- *Type:* [`org.cdk8s.plus27.ServiceType`](#org.cdk8s.plus27.ServiceType)
+
+Determines how the Service is exposed.
+
+---
+
+##### `clusterIP`Optional
+
+```java
+public java.lang.String getClusterIP();
+```
+
+- *Type:* `java.lang.String`
+
+The IP address of the service and is usually assigned randomly by the master.
+
+---
+
+##### `externalName`Optional
+
+```java
+public java.lang.String getExternalName();
+```
+
+- *Type:* `java.lang.String`
+
+The externalName to be used for EXTERNAL_NAME types.
+
+---
+
+
+### ServiceAccount
+
+- *Implements:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount), [`org.cdk8s.plus27.ISubject`](#org.cdk8s.plus27.ISubject)
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the apiserver.
+When they do, they are authenticated as a particular Service Account (for
+example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.ServiceAccount;
+
+ServiceAccount.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .automountToken(java.lang.Boolean)
+// .secrets(java.util.List)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountToken`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether pods running as this service account should have an API token automatically mounted.
+
+Can be overridden at the pod level.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `secrets`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)>
+
+List of secrets allowed to be used by pods running using this ServiceAccount.
+
+> https://kubernetes.io/docs/concepts/configuration/secret
+
+---
+
+#### Methods
+
+##### `addSecret`
+
+```java
+public addSecret(ISecret secr)
+```
+
+###### `secr`Required
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+
+The secret.
+
+---
+
+##### `toSubjectConfiguration`
+
+```java
+public toSubjectConfiguration()
+```
+
+#### Static Functions
+
+##### `fromServiceAccountName`
+
+```java
+import org.cdk8s.plus27.ServiceAccount;
+
+ServiceAccount.fromServiceAccountName(Construct scope, java.lang.String id, java.lang.String name)
+ServiceAccount.fromServiceAccountName(Construct scope, java.lang.String id, java.lang.String name, FromServiceAccountNameOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `name`Required
+
+- *Type:* `java.lang.String`
+
+The name of the service account resource.
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.FromServiceAccountNameOptions`](#org.cdk8s.plus27.FromServiceAccountNameOptions)
+
+additional options.
+
+---
+
+#### Properties
+
+##### `automountToken`Required
+
+```java
+public java.lang.Boolean getAutomountToken();
+```
+
+- *Type:* `java.lang.Boolean`
+
+Whether or not a token is automatically mounted for this service account.
+
+---
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `secrets`Required
+
+```java
+public java.util.List getSecrets();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)>
+
+List of secrets allowed to be used by pods running using this service account.
+
+Returns a copy. To add a secret, use `addSecret()`.
+
+---
+
+
+### ServiceAccountTokenSecret
+
+Create a secret for a service account token.
+
+> https://kubernetes.io/docs/concepts/configuration/secret/#service-account-token-secrets
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.ServiceAccountTokenSecret;
+
+ServiceAccountTokenSecret.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .immutable(java.lang.Boolean)
+ .serviceAccount(IServiceAccount)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `immutable`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
+
+If not set to true, the field can be modified at any time.
+
+---
+
+##### `serviceAccount`Required
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+
+The service account to store a secret for.
+
+---
+
+
+
+
+
+### SshAuthSecret
+
+Create a secret for ssh authentication.
+
+> https://kubernetes.io/docs/concepts/configuration/secret/#ssh-authentication-secrets
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.SshAuthSecret;
+
+SshAuthSecret.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .immutable(java.lang.Boolean)
+ .sshPrivateKey(java.lang.String)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `immutable`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
+
+If not set to true, the field can be modified at any time.
+
+---
+
+##### `sshPrivateKey`Required
+
+- *Type:* `java.lang.String`
+
+The SSH private key to use.
+
+---
+
+
+
+
+
+### StatefulSet
+
+- *Implements:* [`org.cdk8s.plus27.IScalable`](#org.cdk8s.plus27.IScalable)
+
+StatefulSet is the workload API object used to manage stateful applications.
+
+Manages the deployment and scaling of a set of Pods, and provides guarantees
+about the ordering and uniqueness of these Pods.
+
+Like a Deployment, a StatefulSet manages Pods that are based on an identical
+container spec. Unlike a Deployment, a StatefulSet maintains a sticky identity
+for each of their Pods. These pods are created from the same spec, but are not
+interchangeable: each has a persistent identifier that it maintains across any
+rescheduling.
+
+If you want to use storage volumes to provide persistence for your workload, you
+can use a StatefulSet as part of the solution. Although individual Pods in a StatefulSet
+are susceptible to failure, the persistent Pod identifiers make it easier to match existing
+volumes to the new Pods that replace any that have failed.
+
+## Using StatefulSets
+
+StatefulSets are valuable for applications that require one or more of the following.
+
+* Stable, unique network identifiers.
+* Stable, persistent storage.
+* Ordered, graceful deployment and scaling.
+* Ordered, automated rolling updates.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.StatefulSet;
+
+StatefulSet.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .automountServiceAccountToken(java.lang.Boolean)
+// .containers(java.util.List)
+// .dns(PodDnsProps)
+// .dockerRegistryAuth(ISecret)
+// .hostAliases(java.util.List)
+// .hostNetwork(java.lang.Boolean)
+// .initContainers(java.util.List)
+// .isolate(java.lang.Boolean)
+// .restartPolicy(RestartPolicy)
+// .securityContext(PodSecurityContextProps)
+// .serviceAccount(IServiceAccount)
+// .terminationGracePeriod(Duration)
+// .volumes(java.util.List)
+// .podMetadata(ApiObjectMetadata)
+// .select(java.lang.Boolean)
+// .spread(java.lang.Boolean)
+// .minReady(Duration)
+// .podManagementPolicy(PodManagementPolicy)
+// .replicas(java.lang.Number)
+// .service(Service)
+// .strategy(StatefulSetUpdateStrategy)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountServiceAccountToken`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether a service account token should be automatically mounted.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `containers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No containers. Note that a pod spec must include at least one container.
+
+List of containers belonging to the pod.
+
+Containers cannot currently be
+added or removed. There must be at least one container in a Pod.
+
+You can add additionnal containers using `podSpec.addContainer()`
+
+---
+
+##### `dns`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodDnsProps`](#org.cdk8s.plus27.PodDnsProps)
+- *Default:* policy: DnsPolicy.CLUSTER_FIRST
+ hostnameAsFQDN: false
+
+DNS settings for the pod.
+
+> https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* No auth. Images are assumed to be publicly available.
+
+A secret containing docker credentials for authenticating to a registry.
+
+---
+
+##### `hostAliases`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
+
+---
+
+##### `hostNetwork`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Host network for the pod.
+
+---
+
+##### `initContainers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No init containers.
+
+List of initialization containers belonging to the pod.
+
+Init containers are executed in order prior to containers being started.
+If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy.
+The name for an init container or normal container must be unique among all containers.
+Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
+The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit
+for each resource type, and then using the max of of that value or the sum of the normal containers.
+Limits are applied to init containers in a similar fashion.
+
+Init containers cannot currently be added ,removed or updated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+
+---
+
+##### `isolate`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Isolates the pod.
+
+This will prevent any ingress or egress connections to / from this pod.
+You can however allow explicit connections post instantiation by using the `.connections` property.
+
+---
+
+##### `restartPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+- *Default:* RestartPolicy.ALWAYS
+
+Restart policy for all containers within the pod.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+
+---
+
+##### `securityContext`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContextProps`](#org.cdk8s.plus27.PodSecurityContextProps)
+- *Default:* fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS
+ ensureNonRoot: true
+
+SecurityContext holds pod-level security attributes and common container settings.
+
+---
+
+##### `serviceAccount`Optional
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+- *Default:* No service account.
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the
+apiserver. When they do, they are authenticated as a particular Service
+Account (for example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
+---
+
+##### `terminationGracePeriod`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(30)
+
+Grace period until the pod is terminated.
+
+---
+
+##### `volumes`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+- *Default:* No volumes.
+
+List of volumes that can be mounted by containers belonging to the pod.
+
+You can also add volumes later using `podSpec.addVolume()`
+
+> https://kubernetes.io/docs/concepts/storage/volumes
+
+---
+
+##### `podMetadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+The pod metadata of this workload.
+
+---
+
+##### `select`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* true
+
+Automatically allocates a pod label selector for this workload and add it to the pod metadata.
+
+This ensures this workload manages pods created by
+its pod template.
+
+---
+
+##### `spread`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Automatically spread pods across hostname and zones.
+
+> https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
+
+---
+
+##### `minReady`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(0)
+
+Minimum duration for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
+
+Zero means the pod will be considered available as soon as it is ready.
+
+This is an alpha field and requires enabling StatefulSetMinReadySeconds feature gate.
+
+> https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#min-ready-seconds
+
+---
+
+##### `podManagementPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodManagementPolicy`](#org.cdk8s.plus27.PodManagementPolicy)
+- *Default:* PodManagementPolicy.ORDERED_READY
+
+Pod management policy to use for this statefulset.
+
+---
+
+##### `replicas`Optional
+
+- *Type:* `java.lang.Number`
+- *Default:* 1
+
+Number of desired pods.
+
+---
+
+##### `service`Optional
+
+- *Type:* [`org.cdk8s.plus27.Service`](#org.cdk8s.plus27.Service)
+- *Default:* A new headless service will be created.
+
+Service to associate with the statefulset.
+
+---
+
+##### `strategy`Optional
+
+- *Type:* [`org.cdk8s.plus27.StatefulSetUpdateStrategy`](#org.cdk8s.plus27.StatefulSetUpdateStrategy)
+- *Default:* RollingUpdate with partition set to 0
+
+Indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template.
+
+---
+
+#### Methods
+
+##### `markHasAutoscaler`
+
+```java
+public markHasAutoscaler()
+```
+
+##### `toScalingTarget`
+
+```java
+public toScalingTarget()
+```
+
+
+#### Properties
+
+##### `minReady`Required
+
+```java
+public Duration getMinReady();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+
+Minimum duration for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
+
+---
+
+##### `podManagementPolicy`Required
+
+```java
+public PodManagementPolicy getPodManagementPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodManagementPolicy`](#org.cdk8s.plus27.PodManagementPolicy)
+
+Management policy to use for the set.
+
+---
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of a resource type as it appears in the relevant API endpoint.
+
+---
+
+##### `service`Required
+
+```java
+public Service getService();
+```
+
+- *Type:* [`org.cdk8s.plus27.Service`](#org.cdk8s.plus27.Service)
+
+---
+
+##### `strategy`Required
+
+```java
+public StatefulSetUpdateStrategy getStrategy();
+```
+
+- *Type:* [`org.cdk8s.plus27.StatefulSetUpdateStrategy`](#org.cdk8s.plus27.StatefulSetUpdateStrategy)
+
+The update startegy of this stateful set.
+
+---
+
+##### `replicas`Optional
+
+```java
+public java.lang.Number getReplicas();
+```
+
+- *Type:* `java.lang.Number`
+
+Number of desired pods.
+
+---
+
+##### `hasAutoscaler`Required
+
+```java
+public java.lang.Boolean getHasAutoscaler();
+```
+
+- *Type:* `java.lang.Boolean`
+
+If this is a target of an autoscaler.
+
+---
+
+
+### TlsSecret
+
+Create a secret for storing a TLS certificate and its associated key.
+
+> https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.TlsSecret;
+
+TlsSecret.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .immutable(java.lang.Boolean)
+ .tlsCert(java.lang.String)
+ .tlsKey(java.lang.String)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `immutable`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
+
+If not set to true, the field can be modified at any time.
+
+---
+
+##### `tlsCert`Required
+
+- *Type:* `java.lang.String`
+
+The TLS cert.
+
+---
+
+##### `tlsKey`Required
+
+- *Type:* `java.lang.String`
+
+The TLS key.
+
+---
+
+
+
+
+
+### User
+
+- *Implements:* [`org.cdk8s.plus27.ISubject`](#org.cdk8s.plus27.ISubject)
+
+Represents a user.
+
+#### Methods
+
+##### `toSubjectConfiguration`
+
+```java
+public toSubjectConfiguration()
+```
+
+#### Static Functions
+
+##### `fromName`
+
+```java
+import org.cdk8s.plus27.User;
+
+User.fromName(Construct scope, java.lang.String id, java.lang.String name)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `name`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+#### Properties
+
+##### `kind`Required
+
+```java
+public java.lang.String getKind();
+```
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `name`Required
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `apiGroup`Optional
+
+```java
+public java.lang.String getApiGroup();
+```
+
+- *Type:* `java.lang.String`
+
+---
+
+
+### Volume
+
+- *Implements:* [`org.cdk8s.plus27.IStorage`](#org.cdk8s.plus27.IStorage)
+
+Volume represents a named volume in a pod that may be accessed by any container in the pod.
+
+Docker also has a concept of volumes, though it is somewhat looser and less
+managed. In Docker, a volume is simply a directory on disk or in another
+Container. Lifetimes are not managed and until very recently there were only
+local-disk-backed volumes. Docker now provides volume drivers, but the
+functionality is very limited for now (e.g. as of Docker 1.7 only one volume
+driver is allowed per Container and there is no way to pass parameters to
+volumes).
+
+A Kubernetes volume, on the other hand, has an explicit lifetime - the same
+as the Pod that encloses it. Consequently, a volume outlives any Containers
+that run within the Pod, and data is preserved across Container restarts. Of
+course, when a Pod ceases to exist, the volume will cease to exist, too.
+Perhaps more importantly than this, Kubernetes supports many types of
+volumes, and a Pod can use any number of them simultaneously.
+
+At its core, a volume is just a directory, possibly with some data in it,
+which is accessible to the Containers in a Pod. How that directory comes to
+be, the medium that backs it, and the contents of it are determined by the
+particular volume type used.
+
+To use a volume, a Pod specifies what volumes to provide for the Pod (the
+.spec.volumes field) and where to mount those into Containers (the
+.spec.containers[*].volumeMounts field).
+
+A process in a container sees a filesystem view composed from their Docker
+image and volumes. The Docker image is at the root of the filesystem
+hierarchy, and any volumes are mounted at the specified paths within the
+image. Volumes can not mount onto other volumes
+
+#### Methods
+
+##### `asVolume`
+
+```java
+public asVolume()
+```
+
+#### Static Functions
+
+##### `fromAwsElasticBlockStore`
+
+```java
+import org.cdk8s.plus27.Volume;
+
+Volume.fromAwsElasticBlockStore(Construct scope, java.lang.String id, java.lang.String volumeId)
+Volume.fromAwsElasticBlockStore(Construct scope, java.lang.String id, java.lang.String volumeId, AwsElasticBlockStoreVolumeOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `volumeId`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.AwsElasticBlockStoreVolumeOptions`](#org.cdk8s.plus27.AwsElasticBlockStoreVolumeOptions)
+
+---
+
+##### `fromAzureDisk`
+
+```java
+import org.cdk8s.plus27.Volume;
+
+Volume.fromAzureDisk(Construct scope, java.lang.String id, java.lang.String diskName, java.lang.String diskUri)
+Volume.fromAzureDisk(Construct scope, java.lang.String id, java.lang.String diskName, java.lang.String diskUri, AzureDiskVolumeOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `diskName`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `diskUri`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.AzureDiskVolumeOptions`](#org.cdk8s.plus27.AzureDiskVolumeOptions)
+
+---
+
+##### `fromConfigMap`
+
+```java
+import org.cdk8s.plus27.Volume;
+
+Volume.fromConfigMap(Construct scope, java.lang.String id, IConfigMap configMap)
+Volume.fromConfigMap(Construct scope, java.lang.String id, IConfigMap configMap, ConfigMapVolumeOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `configMap`Required
+
+- *Type:* [`org.cdk8s.plus27.IConfigMap`](#org.cdk8s.plus27.IConfigMap)
+
+The config map to use to populate the volume.
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.ConfigMapVolumeOptions`](#org.cdk8s.plus27.ConfigMapVolumeOptions)
+
+Options.
+
+---
+
+##### `fromCsi`
+
+```java
+import org.cdk8s.plus27.Volume;
+
+Volume.fromCsi(Construct scope, java.lang.String id, java.lang.String driver)
+Volume.fromCsi(Construct scope, java.lang.String id, java.lang.String driver, CsiVolumeOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `driver`Required
+
+- *Type:* `java.lang.String`
+
+The name of the CSI driver to use to populate the volume.
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.CsiVolumeOptions`](#org.cdk8s.plus27.CsiVolumeOptions)
+
+Options for the CSI volume, including driver-specific ones.
+
+---
+
+##### `fromEmptyDir`
+
+```java
+import org.cdk8s.plus27.Volume;
+
+Volume.fromEmptyDir(Construct scope, java.lang.String id, java.lang.String name)
+Volume.fromEmptyDir(Construct scope, java.lang.String id, java.lang.String name, EmptyDirVolumeOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `name`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.EmptyDirVolumeOptions`](#org.cdk8s.plus27.EmptyDirVolumeOptions)
+
+Additional options.
+
+---
+
+##### `fromGcePersistentDisk`
+
+```java
+import org.cdk8s.plus27.Volume;
+
+Volume.fromGcePersistentDisk(Construct scope, java.lang.String id, java.lang.String pdName)
+Volume.fromGcePersistentDisk(Construct scope, java.lang.String id, java.lang.String pdName, GCEPersistentDiskVolumeOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `pdName`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.GCEPersistentDiskVolumeOptions`](#org.cdk8s.plus27.GCEPersistentDiskVolumeOptions)
+
+---
+
+##### `fromHostPath`
+
+```java
+import org.cdk8s.plus27.Volume;
+
+Volume.fromHostPath(Construct scope, java.lang.String id, java.lang.String name, HostPathVolumeOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `name`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `options`Required
+
+- *Type:* [`org.cdk8s.plus27.HostPathVolumeOptions`](#org.cdk8s.plus27.HostPathVolumeOptions)
+
+---
+
+##### `fromNfs`
+
+```java
+import org.cdk8s.plus27.Volume;
+
+Volume.fromNfs(Construct scope, java.lang.String id, java.lang.String name, NfsVolumeOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `name`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `options`Required
+
+- *Type:* [`org.cdk8s.plus27.NfsVolumeOptions`](#org.cdk8s.plus27.NfsVolumeOptions)
+
+---
+
+##### `fromPersistentVolumeClaim`
+
+```java
+import org.cdk8s.plus27.Volume;
+
+Volume.fromPersistentVolumeClaim(Construct scope, java.lang.String id, IPersistentVolumeClaim claim)
+Volume.fromPersistentVolumeClaim(Construct scope, java.lang.String id, IPersistentVolumeClaim claim, PersistentVolumeClaimVolumeOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `claim`Required
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolumeClaim`](#org.cdk8s.plus27.IPersistentVolumeClaim)
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeClaimVolumeOptions`](#org.cdk8s.plus27.PersistentVolumeClaimVolumeOptions)
+
+---
+
+##### `fromSecret`
+
+```java
+import org.cdk8s.plus27.Volume;
+
+Volume.fromSecret(Construct scope, java.lang.String id, ISecret secr)
+Volume.fromSecret(Construct scope, java.lang.String id, ISecret secr, SecretVolumeOptions options)
+```
+
+###### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+###### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+###### `secr`Required
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+
+The secret to use to populate the volume.
+
+---
+
+###### `options`Optional
+
+- *Type:* [`org.cdk8s.plus27.SecretVolumeOptions`](#org.cdk8s.plus27.SecretVolumeOptions)
+
+Options.
+
+---
+
+#### Properties
+
+##### `name`Required
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+
+---
+
+
+### Workload
+
+A workload is an application running on Kubernetes.
+
+Whether your workload is a single
+component or several that work together, on Kubernetes you run it inside a set of pods.
+In Kubernetes, a Pod represents a set of running containers on your cluster.
+
+#### Initializers
+
+```java
+import org.cdk8s.plus27.Workload;
+
+Workload.Builder.create(Construct scope, java.lang.String id)
+// .metadata(ApiObjectMetadata)
+// .automountServiceAccountToken(java.lang.Boolean)
+// .containers(java.util.List)
+// .dns(PodDnsProps)
+// .dockerRegistryAuth(ISecret)
+// .hostAliases(java.util.List)
+// .hostNetwork(java.lang.Boolean)
+// .initContainers(java.util.List)
+// .isolate(java.lang.Boolean)
+// .restartPolicy(RestartPolicy)
+// .securityContext(PodSecurityContextProps)
+// .serviceAccount(IServiceAccount)
+// .terminationGracePeriod(Duration)
+// .volumes(java.util.List)
+// .podMetadata(ApiObjectMetadata)
+// .select(java.lang.Boolean)
+// .spread(java.lang.Boolean)
+ .build();
+```
+
+##### `scope`Required
+
+- *Type:* [`software.constructs.Construct`](#software.constructs.Construct)
+
+---
+
+##### `id`Required
+
+- *Type:* `java.lang.String`
+
+---
+
+##### `metadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountServiceAccountToken`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether a service account token should be automatically mounted.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `containers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No containers. Note that a pod spec must include at least one container.
+
+List of containers belonging to the pod.
+
+Containers cannot currently be
+added or removed. There must be at least one container in a Pod.
+
+You can add additionnal containers using `podSpec.addContainer()`
+
+---
+
+##### `dns`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodDnsProps`](#org.cdk8s.plus27.PodDnsProps)
+- *Default:* policy: DnsPolicy.CLUSTER_FIRST
+ hostnameAsFQDN: false
+
+DNS settings for the pod.
+
+> https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* No auth. Images are assumed to be publicly available.
+
+A secret containing docker credentials for authenticating to a registry.
+
+---
+
+##### `hostAliases`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
+
+---
+
+##### `hostNetwork`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Host network for the pod.
+
+---
+
+##### `initContainers`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No init containers.
+
+List of initialization containers belonging to the pod.
+
+Init containers are executed in order prior to containers being started.
+If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy.
+The name for an init container or normal container must be unique among all containers.
+Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
+The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit
+for each resource type, and then using the max of of that value or the sum of the normal containers.
+Limits are applied to init containers in a similar fashion.
+
+Init containers cannot currently be added ,removed or updated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+
+---
+
+##### `isolate`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Isolates the pod.
+
+This will prevent any ingress or egress connections to / from this pod.
+You can however allow explicit connections post instantiation by using the `.connections` property.
+
+---
+
+##### `restartPolicy`Optional
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+- *Default:* RestartPolicy.ALWAYS
+
+Restart policy for all containers within the pod.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+
+---
+
+##### `securityContext`Optional
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContextProps`](#org.cdk8s.plus27.PodSecurityContextProps)
+- *Default:* fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS
+ ensureNonRoot: true
+
+SecurityContext holds pod-level security attributes and common container settings.
+
+---
+
+##### `serviceAccount`Optional
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+- *Default:* No service account.
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the
+apiserver. When they do, they are authenticated as a particular Service
+Account (for example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
+---
+
+##### `terminationGracePeriod`Optional
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(30)
+
+Grace period until the pod is terminated.
+
+---
+
+##### `volumes`Optional
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+- *Default:* No volumes.
+
+List of volumes that can be mounted by containers belonging to the pod.
+
+You can also add volumes later using `podSpec.addVolume()`
+
+> https://kubernetes.io/docs/concepts/storage/volumes
+
+---
+
+##### `podMetadata`Optional
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+The pod metadata of this workload.
+
+---
+
+##### `select`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* true
+
+Automatically allocates a pod label selector for this workload and add it to the pod metadata.
+
+This ensures this workload manages pods created by
+its pod template.
+
+---
+
+##### `spread`Optional
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Automatically spread pods across hostname and zones.
+
+> https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
+
+---
+
+#### Methods
+
+##### `select`
+
+```java
+public select(LabelSelector selectors)
+```
+
+###### `selectors`Required
+
+- *Type:* [`org.cdk8s.plus27.LabelSelector`](#org.cdk8s.plus27.LabelSelector)
+
+---
+
+
+#### Properties
+
+##### `connections`Required
+
+```java
+public PodConnections getConnections();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodConnections`](#org.cdk8s.plus27.PodConnections)
+
+---
+
+##### `matchExpressions`Required
+
+```java
+public java.util.List getMatchExpressions();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.LabelSelectorRequirement`](#org.cdk8s.plus27.LabelSelectorRequirement)>
+
+The expression matchers this workload will use in order to select pods.
+
+Returns a a copy. Use `select()` to add expression matchers.
+
+---
+
+##### `matchLabels`Required
+
+```java
+public java.util.Map getMatchLabels();
+```
+
+- *Type:* java.util.Map
+
+The label matchers this workload will use in order to select pods.
+
+Returns a a copy. Use `select()` to add label matchers.
+
+---
+
+##### `podMetadata`Required
+
+```java
+public ApiObjectMetadataDefinition getPodMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadataDefinition`](#org.cdk8s.ApiObjectMetadataDefinition)
+
+The metadata of pods in this workload.
+
+---
+
+##### `scheduling`Required
+
+```java
+public WorkloadScheduling getScheduling();
+```
+
+- *Type:* [`org.cdk8s.plus27.WorkloadScheduling`](#org.cdk8s.plus27.WorkloadScheduling)
+
+---
+
+
+## Structs
+
+### AbstractPodProps
+
+Properties for `AbstractPod`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.AbstractPodProps;
+
+AbstractPodProps.builder()
+// .metadata(ApiObjectMetadata)
+// .automountServiceAccountToken(java.lang.Boolean)
+// .containers(java.util.List)
+// .dns(PodDnsProps)
+// .dockerRegistryAuth(ISecret)
+// .hostAliases(java.util.List)
+// .hostNetwork(java.lang.Boolean)
+// .initContainers(java.util.List)
+// .isolate(java.lang.Boolean)
+// .restartPolicy(RestartPolicy)
+// .securityContext(PodSecurityContextProps)
+// .serviceAccount(IServiceAccount)
+// .terminationGracePeriod(Duration)
+// .volumes(java.util.List)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountServiceAccountToken`Optional
+
+```java
+public java.lang.Boolean getAutomountServiceAccountToken();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether a service account token should be automatically mounted.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `containers`Optional
+
+```java
+public java.util.List getContainers();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No containers. Note that a pod spec must include at least one container.
+
+List of containers belonging to the pod.
+
+Containers cannot currently be
+added or removed. There must be at least one container in a Pod.
+
+You can add additionnal containers using `podSpec.addContainer()`
+
+---
+
+##### `dns`Optional
+
+```java
+public PodDnsProps getDns();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodDnsProps`](#org.cdk8s.plus27.PodDnsProps)
+- *Default:* policy: DnsPolicy.CLUSTER_FIRST
+ hostnameAsFQDN: false
+
+DNS settings for the pod.
+
+> https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+```java
+public ISecret getDockerRegistryAuth();
+```
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* No auth. Images are assumed to be publicly available.
+
+A secret containing docker credentials for authenticating to a registry.
+
+---
+
+##### `hostAliases`Optional
+
+```java
+public java.util.List getHostAliases();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
+
+---
+
+##### `hostNetwork`Optional
+
+```java
+public java.lang.Boolean getHostNetwork();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Host network for the pod.
+
+---
+
+##### `initContainers`Optional
+
+```java
+public java.util.List getInitContainers();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No init containers.
+
+List of initialization containers belonging to the pod.
+
+Init containers are executed in order prior to containers being started.
+If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy.
+The name for an init container or normal container must be unique among all containers.
+Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
+The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit
+for each resource type, and then using the max of of that value or the sum of the normal containers.
+Limits are applied to init containers in a similar fashion.
+
+Init containers cannot currently be added ,removed or updated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+
+---
+
+##### `isolate`Optional
+
+```java
+public java.lang.Boolean getIsolate();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Isolates the pod.
+
+This will prevent any ingress or egress connections to / from this pod.
+You can however allow explicit connections post instantiation by using the `.connections` property.
+
+---
+
+##### `restartPolicy`Optional
+
+```java
+public RestartPolicy getRestartPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+- *Default:* RestartPolicy.ALWAYS
+
+Restart policy for all containers within the pod.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+
+---
+
+##### `securityContext`Optional
+
+```java
+public PodSecurityContextProps getSecurityContext();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContextProps`](#org.cdk8s.plus27.PodSecurityContextProps)
+- *Default:* fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS
+ ensureNonRoot: true
+
+SecurityContext holds pod-level security attributes and common container settings.
+
+---
+
+##### `serviceAccount`Optional
+
+```java
+public IServiceAccount getServiceAccount();
+```
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+- *Default:* No service account.
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the
+apiserver. When they do, they are authenticated as a particular Service
+Account (for example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
+---
+
+##### `terminationGracePeriod`Optional
+
+```java
+public Duration getTerminationGracePeriod();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(30)
+
+Grace period until the pod is terminated.
+
+---
+
+##### `volumes`Optional
+
+```java
+public java.util.List getVolumes();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+- *Default:* No volumes.
+
+List of volumes that can be mounted by containers belonging to the pod.
+
+You can also add volumes later using `podSpec.addVolume()`
+
+> https://kubernetes.io/docs/concepts/storage/volumes
+
+---
+
+### AddDeploymentOptions
+
+Options to add a deployment to a service.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.AddDeploymentOptions;
+
+AddDeploymentOptions.builder()
+// .name(java.lang.String)
+// .nodePort(java.lang.Number)
+// .protocol(Protocol)
+// .targetPort(java.lang.Number)
+// .port(java.lang.Number)
+ .build();
+```
+
+##### `name`Optional
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+
+The name of this port within the service.
+
+This must be a DNS_LABEL. All
+ports within a ServiceSpec must have unique names. This maps to the 'Name'
+field in EndpointPort objects. Optional if only one ServicePort is defined
+on this service.
+
+---
+
+##### `nodePort`Optional
+
+```java
+public java.lang.Number getNodePort();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* auto-allocate a port if the ServiceType of this Service requires one.
+
+The port on each node on which this service is exposed when type=NodePort or LoadBalancer.
+
+Usually assigned by the system. If specified, it will be
+allocated to the service if unused or else creation of the service will
+fail. Default is to auto-allocate a port if the ServiceType of this Service
+requires one.
+
+> https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
+
+---
+
+##### `protocol`Optional
+
+```java
+public Protocol getProtocol();
+```
+
+- *Type:* [`org.cdk8s.plus27.Protocol`](#org.cdk8s.plus27.Protocol)
+- *Default:* Protocol.TCP
+
+The IP protocol for this port.
+
+Supports "TCP", "UDP", and "SCTP". Default is TCP.
+
+---
+
+##### `targetPort`Optional
+
+```java
+public java.lang.Number getTargetPort();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* The value of `port` will be used.
+
+The port number the service will redirect to.
+
+---
+
+##### `port`Optional
+
+```java
+public java.lang.Number getPort();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* Copied from the first container of the deployment.
+
+The port number the service will bind to.
+
+---
+
+### AddDirectoryOptions
+
+Options for `configmap.addDirectory()`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.AddDirectoryOptions;
+
+AddDirectoryOptions.builder()
+// .exclude(java.util.List)
+// .keyPrefix(java.lang.String)
+ .build();
+```
+
+##### `exclude`Optional
+
+```java
+public java.util.List getExclude();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* include all files
+
+Glob patterns to exclude when adding files.
+
+---
+
+##### `keyPrefix`Optional
+
+```java
+public java.lang.String getKeyPrefix();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* ""
+
+A prefix to add to all keys in the config map.
+
+---
+
+### ApiResourceOptions
+
+Options for `ApiResource`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ApiResourceOptions;
+
+ApiResourceOptions.builder()
+ .apiGroup(java.lang.String)
+ .resourceType(java.lang.String)
+ .build();
+```
+
+##### `apiGroup`Required
+
+```java
+public java.lang.String getApiGroup();
+```
+
+- *Type:* `java.lang.String`
+
+The group portion of the API version (e.g. `authorization.k8s.io`).
+
+---
+
+##### `resourceType`Required
+
+```java
+public java.lang.String getResourceType();
+```
+
+- *Type:* `java.lang.String`
+
+The name of the resource type as it appears in the relevant API endpoint.
+
+> https://kubernetes.io/docs/reference/access-authn-authz/rbac/#referring-to-resources
+
+---
+
+### AwsElasticBlockStorePersistentVolumeProps
+
+Properties for `AwsElasticBlockStorePersistentVolume`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.AwsElasticBlockStorePersistentVolumeProps;
+
+AwsElasticBlockStorePersistentVolumeProps.builder()
+// .metadata(ApiObjectMetadata)
+// .accessModes(java.util.List)
+// .claim(IPersistentVolumeClaim)
+// .mountOptions(java.util.List)
+// .reclaimPolicy(PersistentVolumeReclaimPolicy)
+// .storage(Size)
+// .storageClassName(java.lang.String)
+// .volumeMode(PersistentVolumeMode)
+ .volumeId(java.lang.String)
+// .fsType(java.lang.String)
+// .partition(java.lang.Number)
+// .readOnly(java.lang.Boolean)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `accessModes`Optional
+
+```java
+public java.util.List getAccessModes();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.PersistentVolumeAccessMode`](#org.cdk8s.plus27.PersistentVolumeAccessMode)>
+- *Default:* No access modes.
+
+Contains all ways the volume can be mounted.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
+
+---
+
+##### `claim`Optional
+
+```java
+public IPersistentVolumeClaim getClaim();
+```
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolumeClaim`](#org.cdk8s.plus27.IPersistentVolumeClaim)
+- *Default:* Not bound to a specific claim.
+
+Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
+
+Expected to be non-nil when bound.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
+
+---
+
+##### `mountOptions`Optional
+
+```java
+public java.util.List getMountOptions();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* No options.
+
+A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will simply fail if one is invalid.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
+
+---
+
+##### `reclaimPolicy`Optional
+
+```java
+public PersistentVolumeReclaimPolicy getReclaimPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeReclaimPolicy`](#org.cdk8s.plus27.PersistentVolumeReclaimPolicy)
+- *Default:* PersistentVolumeReclaimPolicy.RETAIN
+
+When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
+
+The reclaim policy tells the cluster what to do with
+the volume after it has been released of its claim.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
+
+---
+
+##### `storage`Optional
+
+```java
+public Size getStorage();
+```
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+- *Default:* No specified.
+
+What is the storage capacity of this volume.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+
+---
+
+##### `storageClassName`Optional
+
+```java
+public java.lang.String getStorageClassName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* Volume does not belong to any storage class.
+
+Name of StorageClass to which this persistent volume belongs.
+
+---
+
+##### `volumeMode`Optional
+
+```java
+public PersistentVolumeMode getVolumeMode();
+```
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeMode`](#org.cdk8s.plus27.PersistentVolumeMode)
+- *Default:* VolumeMode.FILE_SYSTEM
+
+Defines what type of volume is required by the claim.
+
+---
+
+##### `volumeId`Required
+
+```java
+public java.lang.String getVolumeId();
+```
+
+- *Type:* `java.lang.String`
+
+Unique ID of the persistent disk resource in AWS (Amazon EBS volume).
+
+More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+##### `fsType`Optional
+
+```java
+public java.lang.String getFsType();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* 'ext4'
+
+Filesystem type of the volume that you want to mount.
+
+Tip: Ensure that the filesystem type is supported by the host operating system.
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+##### `partition`Optional
+
+```java
+public java.lang.Number getPartition();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* No partition.
+
+The partition in the volume that you want to mount.
+
+If omitted, the default is to mount by volume name.
+Examples: For volume /dev/sda1, you specify the partition as "1".
+Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+
+---
+
+##### `readOnly`Optional
+
+```java
+public java.lang.Boolean getReadOnly();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+### AwsElasticBlockStoreVolumeOptions
+
+Options of `Volume.fromAwsElasticBlockStore`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.AwsElasticBlockStoreVolumeOptions;
+
+AwsElasticBlockStoreVolumeOptions.builder()
+// .fsType(java.lang.String)
+// .name(java.lang.String)
+// .partition(java.lang.Number)
+// .readOnly(java.lang.Boolean)
+ .build();
+```
+
+##### `fsType`Optional
+
+```java
+public java.lang.String getFsType();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* 'ext4'
+
+Filesystem type of the volume that you want to mount.
+
+Tip: Ensure that the filesystem type is supported by the host operating system.
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+##### `name`Optional
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* auto-generated
+
+The volume name.
+
+---
+
+##### `partition`Optional
+
+```java
+public java.lang.Number getPartition();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* No partition.
+
+The partition in the volume that you want to mount.
+
+If omitted, the default is to mount by volume name.
+Examples: For volume /dev/sda1, you specify the partition as "1".
+Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+
+---
+
+##### `readOnly`Optional
+
+```java
+public java.lang.Boolean getReadOnly();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+### AzureDiskPersistentVolumeProps
+
+Properties for `AzureDiskPersistentVolume`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.AzureDiskPersistentVolumeProps;
+
+AzureDiskPersistentVolumeProps.builder()
+// .metadata(ApiObjectMetadata)
+// .accessModes(java.util.List)
+// .claim(IPersistentVolumeClaim)
+// .mountOptions(java.util.List)
+// .reclaimPolicy(PersistentVolumeReclaimPolicy)
+// .storage(Size)
+// .storageClassName(java.lang.String)
+// .volumeMode(PersistentVolumeMode)
+ .diskName(java.lang.String)
+ .diskUri(java.lang.String)
+// .cachingMode(AzureDiskPersistentVolumeCachingMode)
+// .fsType(java.lang.String)
+// .kind(AzureDiskPersistentVolumeKind)
+// .readOnly(java.lang.Boolean)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `accessModes`Optional
+
+```java
+public java.util.List getAccessModes();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.PersistentVolumeAccessMode`](#org.cdk8s.plus27.PersistentVolumeAccessMode)>
+- *Default:* No access modes.
+
+Contains all ways the volume can be mounted.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
+
+---
+
+##### `claim`Optional
+
+```java
+public IPersistentVolumeClaim getClaim();
+```
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolumeClaim`](#org.cdk8s.plus27.IPersistentVolumeClaim)
+- *Default:* Not bound to a specific claim.
+
+Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
+
+Expected to be non-nil when bound.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
+
+---
+
+##### `mountOptions`Optional
+
+```java
+public java.util.List getMountOptions();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* No options.
+
+A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will simply fail if one is invalid.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
+
+---
+
+##### `reclaimPolicy`Optional
+
+```java
+public PersistentVolumeReclaimPolicy getReclaimPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeReclaimPolicy`](#org.cdk8s.plus27.PersistentVolumeReclaimPolicy)
+- *Default:* PersistentVolumeReclaimPolicy.RETAIN
+
+When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
+
+The reclaim policy tells the cluster what to do with
+the volume after it has been released of its claim.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
+
+---
+
+##### `storage`Optional
+
+```java
+public Size getStorage();
+```
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+- *Default:* No specified.
+
+What is the storage capacity of this volume.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+
+---
+
+##### `storageClassName`Optional
+
+```java
+public java.lang.String getStorageClassName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* Volume does not belong to any storage class.
+
+Name of StorageClass to which this persistent volume belongs.
+
+---
+
+##### `volumeMode`Optional
+
+```java
+public PersistentVolumeMode getVolumeMode();
+```
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeMode`](#org.cdk8s.plus27.PersistentVolumeMode)
+- *Default:* VolumeMode.FILE_SYSTEM
+
+Defines what type of volume is required by the claim.
+
+---
+
+##### `diskName`Required
+
+```java
+public java.lang.String getDiskName();
+```
+
+- *Type:* `java.lang.String`
+
+The Name of the data disk in the blob storage.
+
+---
+
+##### `diskUri`Required
+
+```java
+public java.lang.String getDiskUri();
+```
+
+- *Type:* `java.lang.String`
+
+The URI the data disk in the blob storage.
+
+---
+
+##### `cachingMode`Optional
+
+```java
+public AzureDiskPersistentVolumeCachingMode getCachingMode();
+```
+
+- *Type:* [`org.cdk8s.plus27.AzureDiskPersistentVolumeCachingMode`](#org.cdk8s.plus27.AzureDiskPersistentVolumeCachingMode)
+- *Default:* AzureDiskPersistentVolumeCachingMode.NONE.
+
+Host Caching mode.
+
+---
+
+##### `fsType`Optional
+
+```java
+public java.lang.String getFsType();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* 'ext4'
+
+Filesystem type to mount.
+
+Must be a filesystem type supported by the host operating system.
+
+---
+
+##### `kind`Optional
+
+```java
+public AzureDiskPersistentVolumeKind getKind();
+```
+
+- *Type:* [`org.cdk8s.plus27.AzureDiskPersistentVolumeKind`](#org.cdk8s.plus27.AzureDiskPersistentVolumeKind)
+- *Default:* AzureDiskPersistentVolumeKind.SHARED
+
+Kind of disk.
+
+---
+
+##### `readOnly`Optional
+
+```java
+public java.lang.Boolean getReadOnly();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Force the ReadOnly setting in VolumeMounts.
+
+---
+
+### AzureDiskVolumeOptions
+
+Options of `Volume.fromAzureDisk`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.AzureDiskVolumeOptions;
+
+AzureDiskVolumeOptions.builder()
+// .cachingMode(AzureDiskPersistentVolumeCachingMode)
+// .fsType(java.lang.String)
+// .kind(AzureDiskPersistentVolumeKind)
+// .name(java.lang.String)
+// .readOnly(java.lang.Boolean)
+ .build();
+```
+
+##### `cachingMode`Optional
+
+```java
+public AzureDiskPersistentVolumeCachingMode getCachingMode();
+```
+
+- *Type:* [`org.cdk8s.plus27.AzureDiskPersistentVolumeCachingMode`](#org.cdk8s.plus27.AzureDiskPersistentVolumeCachingMode)
+- *Default:* AzureDiskPersistentVolumeCachingMode.NONE.
+
+Host Caching mode.
+
+---
+
+##### `fsType`Optional
+
+```java
+public java.lang.String getFsType();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* 'ext4'
+
+Filesystem type to mount.
+
+Must be a filesystem type supported by the host operating system.
+
+---
+
+##### `kind`Optional
+
+```java
+public AzureDiskPersistentVolumeKind getKind();
+```
+
+- *Type:* [`org.cdk8s.plus27.AzureDiskPersistentVolumeKind`](#org.cdk8s.plus27.AzureDiskPersistentVolumeKind)
+- *Default:* AzureDiskPersistentVolumeKind.SHARED
+
+Kind of disk.
+
+---
+
+##### `name`Optional
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* auto-generated
+
+The volume name.
+
+---
+
+##### `readOnly`Optional
+
+```java
+public java.lang.Boolean getReadOnly();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Force the ReadOnly setting in VolumeMounts.
+
+---
+
+### BasicAuthSecretProps
+
+Options for `BasicAuthSecret`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.BasicAuthSecretProps;
+
+BasicAuthSecretProps.builder()
+// .metadata(ApiObjectMetadata)
+// .immutable(java.lang.Boolean)
+ .password(java.lang.String)
+ .username(java.lang.String)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `immutable`Optional
+
+```java
+public java.lang.Boolean getImmutable();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
+
+If not set to true, the field can be modified at any time.
+
+---
+
+##### `password`Required
+
+```java
+public java.lang.String getPassword();
+```
+
+- *Type:* `java.lang.String`
+
+The password or token for authentication.
+
+---
+
+##### `username`Required
+
+```java
+public java.lang.String getUsername();
+```
+
+- *Type:* `java.lang.String`
+
+The user name for authentication.
+
+---
+
+### ClusterRoleBindingProps
+
+Properties for `ClusterRoleBinding`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ClusterRoleBindingProps;
+
+ClusterRoleBindingProps.builder()
+// .metadata(ApiObjectMetadata)
+ .role(IClusterRole)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `role`Required
+
+```java
+public IClusterRole getRole();
+```
+
+- *Type:* [`org.cdk8s.plus27.IClusterRole`](#org.cdk8s.plus27.IClusterRole)
+
+The role to bind to.
+
+---
+
+### ClusterRolePolicyRule
+
+Policy rule of a `ClusterRole.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ClusterRolePolicyRule;
+
+ClusterRolePolicyRule.builder()
+ .endpoints(java.util.List)
+ .verbs(java.util.List)
+ .build();
+```
+
+##### `endpoints`Required
+
+```java
+public java.util.List getEndpoints();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.IApiEndpoint`](#org.cdk8s.plus27.IApiEndpoint)>
+
+Endpoints this rule applies to.
+
+Can be either api resources
+or non api resources.
+
+---
+
+##### `verbs`Required
+
+```java
+public java.util.List getVerbs();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+
+Verbs to allow.
+
+(e.g ['get', 'watch'])
+
+---
+
+### ClusterRoleProps
+
+Properties for `ClusterRole`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ClusterRoleProps;
+
+ClusterRoleProps.builder()
+// .metadata(ApiObjectMetadata)
+// .aggregationLabels(java.util.Map)
+// .rules(java.util.List)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `aggregationLabels`Optional
+
+```java
+public java.util.Map getAggregationLabels();
+```
+
+- *Type:* java.util.Map
+
+Specify labels that should be used to locate ClusterRoles, whose rules will be automatically filled into this ClusterRole's rules.
+
+---
+
+##### `rules`Optional
+
+```java
+public java.util.List getRules();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ClusterRolePolicyRule`](#org.cdk8s.plus27.ClusterRolePolicyRule)>
+- *Default:* []
+
+A list of rules the role should allow.
+
+---
+
+### CommandProbeOptions
+
+Options for `Probe.fromCommand()`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.CommandProbeOptions;
+
+CommandProbeOptions.builder()
+// .failureThreshold(java.lang.Number)
+// .initialDelaySeconds(Duration)
+// .periodSeconds(Duration)
+// .successThreshold(java.lang.Number)
+// .timeoutSeconds(Duration)
+ .build();
+```
+
+##### `failureThreshold`Optional
+
+```java
+public java.lang.Number getFailureThreshold();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* 3
+
+Minimum consecutive failures for the probe to be considered failed after having succeeded.
+
+Defaults to 3. Minimum value is 1.
+
+---
+
+##### `initialDelaySeconds`Optional
+
+```java
+public Duration getInitialDelaySeconds();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* immediate
+
+Number of seconds after the container has started before liveness probes are initiated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+
+---
+
+##### `periodSeconds`Optional
+
+```java
+public Duration getPeriodSeconds();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(10) Minimum value is 1.
+
+How often (in seconds) to perform the probe.
+
+Default to 10 seconds. Minimum value is 1.
+
+---
+
+##### `successThreshold`Optional
+
+```java
+public java.lang.Number getSuccessThreshold();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* 1 Must be 1 for liveness and startup. Minimum value is 1.
+
+Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1.
+
+Must be 1 for liveness and startup. Minimum value is 1.
+
+---
+
+##### `timeoutSeconds`Optional
+
+```java
+public Duration getTimeoutSeconds();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(1)
+
+Number of seconds after which the probe times out.
+
+Defaults to 1 second. Minimum value is 1.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+
+---
+
+### CommonSecretProps
+
+Common properties for `Secret`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.CommonSecretProps;
+
+CommonSecretProps.builder()
+// .metadata(ApiObjectMetadata)
+// .immutable(java.lang.Boolean)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `immutable`Optional
+
+```java
+public java.lang.Boolean getImmutable();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
+
+If not set to true, the field can be modified at any time.
+
+---
+
+### ConfigMapProps
+
+Properties for initialization of `ConfigMap`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ConfigMapProps;
+
+ConfigMapProps.builder()
+// .metadata(ApiObjectMetadata)
+// .binaryData(java.util.Map)
+// .data(java.util.Map)
+// .immutable(java.lang.Boolean)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `binaryData`Optional
+
+```java
+public java.util.Map getBinaryData();
+```
+
+- *Type:* java.util.Map
+
+BinaryData contains the binary data.
+
+Each key must consist of alphanumeric characters, '-', '_' or '.'.
+BinaryData can contain byte sequences that are not in the UTF-8 range. The
+keys stored in BinaryData must not overlap with the ones in the Data field,
+this is enforced during validation process.
+
+You can also add binary data using `configMap.addBinaryData()`.
+
+---
+
+##### `data`Optional
+
+```java
+public java.util.Map getData();
+```
+
+- *Type:* java.util.Map
+
+Data contains the configuration data.
+
+Each key must consist of alphanumeric characters, '-', '_' or '.'. Values
+with non-UTF-8 byte sequences must use the BinaryData field. The keys
+stored in Data must not overlap with the keys in the BinaryData field, this
+is enforced during validation process.
+
+You can also add data using `configMap.addData()`.
+
+---
+
+##### `immutable`Optional
+
+```java
+public java.lang.Boolean getImmutable();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+If set to true, ensures that data stored in the ConfigMap cannot be updated (only object metadata can be modified).
+
+If not set to true, the field can be modified at any time.
+
+---
+
+### ConfigMapVolumeOptions
+
+Options for the ConfigMap-based volume.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ConfigMapVolumeOptions;
+
+ConfigMapVolumeOptions.builder()
+// .defaultMode(java.lang.Number)
+// .items(java.util.Map)
+// .name(java.lang.String)
+// .optional(java.lang.Boolean)
+ .build();
+```
+
+##### `defaultMode`Optional
+
+```java
+public java.lang.Number getDefaultMode();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* 0644. Directories within the path are not affected by this
+setting. This might be in conflict with other options that affect the file
+mode, like fsGroup, and the result can be other mode bits set.
+
+Mode bits to use on created files by default.
+
+Must be a value between 0 and
+0777. Defaults to 0644. Directories within the path are not affected by
+this setting. This might be in conflict with other options that affect the
+file mode, like fsGroup, and the result can be other mode bits set.
+
+---
+
+##### `items`Optional
+
+```java
+public java.util.Map getItems();
+```
+
+- *Type:* java.util.Map
+- *Default:* no mapping
+
+If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value.
+
+If specified, the listed keys will be projected
+into the specified paths, and unlisted keys will not be present. If a key
+is specified which is not present in the ConfigMap, the volume setup will
+error unless it is marked optional. Paths must be relative and may not
+contain the '..' path or start with '..'.
+
+---
+
+##### `name`Optional
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* auto-generated
+
+The volume name.
+
+---
+
+##### `optional`Optional
+
+```java
+public java.lang.Boolean getOptional();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* undocumented
+
+Specify whether the ConfigMap or its keys must be defined.
+
+---
+
+### ContainerLifecycle
+
+Container lifecycle properties.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ContainerLifecycle;
+
+ContainerLifecycle.builder()
+// .postStart(Handler)
+// .preStop(Handler)
+ .build();
+```
+
+##### `postStart`Optional
+
+```java
+public Handler getPostStart();
+```
+
+- *Type:* [`org.cdk8s.plus27.Handler`](#org.cdk8s.plus27.Handler)
+- *Default:* No post start handler.
+
+This hook is executed immediately after a container is created.
+
+However,
+there is no guarantee that the hook will execute before the container ENTRYPOINT.
+
+---
+
+##### `preStop`Optional
+
+```java
+public Handler getPreStop();
+```
+
+- *Type:* [`org.cdk8s.plus27.Handler`](#org.cdk8s.plus27.Handler)
+- *Default:* No pre stop handler.
+
+This hook is called immediately before a container is terminated due to an API request or management event such as a liveness/startup probe failure, preemption, resource contention and others.
+
+A call to the PreStop hook fails if the container is already in a terminated or completed state
+and the hook must complete before the TERM signal to stop the container can be sent.
+The Pod's termination grace period countdown begins before the PreStop hook is executed,
+so regardless of the outcome of the handler, the container will eventually terminate
+within the Pod's termination grace period. No parameters are passed to the handler.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-termination
+
+---
+
+### ContainerOpts
+
+Optional properties of a container.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ContainerOpts;
+
+ContainerOpts.builder()
+// .args(java.util.List)
+// .command(java.util.List)
+// .envFrom(java.util.List)
+// .envVariables(java.util.Map)
+// .imagePullPolicy(ImagePullPolicy)
+// .lifecycle(ContainerLifecycle)
+// .liveness(Probe)
+// .name(java.lang.String)
+// .port(java.lang.Number)
+// .portNumber(java.lang.Number)
+// .ports(java.util.List)
+// .readiness(Probe)
+// .resources(ContainerResources)
+// .securityContext(ContainerSecurityContextProps)
+// .startup(Probe)
+// .volumeMounts(java.util.List)
+// .workingDir(java.lang.String)
+ .build();
+```
+
+##### `args`Optional
+
+```java
+public java.util.List getArgs();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* []
+
+Arguments to the entrypoint. The docker image's CMD is used if `command` is not provided.
+
+Variable references $(VAR_NAME) are expanded using the container's
+environment. If a variable cannot be resolved, the reference in the input
+string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
+double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
+regardless of whether the variable exists or not.
+
+Cannot be updated.
+
+> https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+
+---
+
+##### `command`Optional
+
+```java
+public java.util.List getCommand();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* The docker image's ENTRYPOINT.
+
+Entrypoint array.
+
+Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment.
+If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME).
+Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated.
+More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+
+---
+
+##### `envFrom`Optional
+
+```java
+public java.util.List getEnvFrom();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.EnvFrom`](#org.cdk8s.plus27.EnvFrom)>
+- *Default:* No sources.
+
+List of sources to populate environment variables in the container.
+
+When a key exists in multiple sources, the value associated with
+the last source will take precedence. Values defined by the `envVariables` property
+with a duplicate key will take precedence.
+
+---
+
+##### `envVariables`Optional
+
+```java
+public java.util.Map getEnvVariables();
+```
+
+- *Type:* java.util.Map
+- *Default:* No environment variables.
+
+Environment variables to set in the container.
+
+---
+
+##### `imagePullPolicy`Optional
+
+```java
+public ImagePullPolicy getImagePullPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.ImagePullPolicy`](#org.cdk8s.plus27.ImagePullPolicy)
+- *Default:* ImagePullPolicy.ALWAYS
+
+Image pull policy for this container.
+
+---
+
+##### `lifecycle`Optional
+
+```java
+public ContainerLifecycle getLifecycle();
+```
+
+- *Type:* [`org.cdk8s.plus27.ContainerLifecycle`](#org.cdk8s.plus27.ContainerLifecycle)
+
+Describes actions that the management system should take in response to container lifecycle events.
+
+---
+
+##### `liveness`Optional
+
+```java
+public Probe getLiveness();
+```
+
+- *Type:* [`org.cdk8s.plus27.Probe`](#org.cdk8s.plus27.Probe)
+- *Default:* no liveness probe is defined
+
+Periodic probe of container liveness.
+
+Container will be restarted if the probe fails.
+
+---
+
+##### `name`Optional
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* 'main'
+
+Name of the container specified as a DNS_LABEL.
+
+Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
+
+---
+
+##### ~~`port`~~Optional
+
+- *Deprecated:* - use `portNumber`.
+
+```java
+public java.lang.Number getPort();
+```
+
+- *Type:* `java.lang.Number`
+
+---
+
+##### `portNumber`Optional
+
+```java
+public java.lang.Number getPortNumber();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* Only the ports mentiond in the `ports` property are exposed.
+
+Number of port to expose on the pod's IP address.
+
+This must be a valid port number, 0 < x < 65536.
+
+This is a convinience property if all you need a single TCP numbered port.
+In case more advanced configuartion is required, use the `ports` property.
+
+This port is added to the list of ports mentioned in the `ports` property.
+
+---
+
+##### `ports`Optional
+
+```java
+public java.util.List getPorts();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerPort`](#org.cdk8s.plus27.ContainerPort)>
+- *Default:* Only the port mentioned in the `portNumber` property is exposed.
+
+List of ports to expose from this container.
+
+---
+
+##### `readiness`Optional
+
+```java
+public Probe getReadiness();
+```
+
+- *Type:* [`org.cdk8s.plus27.Probe`](#org.cdk8s.plus27.Probe)
+- *Default:* no readiness probe is defined
+
+Determines when the container is ready to serve traffic.
+
+---
+
+##### `resources`Optional
+
+```java
+public ContainerResources getResources();
+```
+
+- *Type:* [`org.cdk8s.plus27.ContainerResources`](#org.cdk8s.plus27.ContainerResources)
+- *Default:* cpu:
+ request: 1000 millis
+ limit: 1500 millis
+ memory:
+ request: 512 mebibytes
+ limit: 2048 mebibytes
+
+Compute resources (CPU and memory requests and limits) required by the container.
+
+> https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+
+---
+
+##### `securityContext`Optional
+
+```java
+public ContainerSecurityContextProps getSecurityContext();
+```
+
+- *Type:* [`org.cdk8s.plus27.ContainerSecurityContextProps`](#org.cdk8s.plus27.ContainerSecurityContextProps)
+- *Default:* ensureNonRoot: true
+ privileged: false
+ readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ user: 25000
+ group: 26000
+
+SecurityContext defines the security options the container should be run with.
+
+If set, the fields override equivalent fields of the pod's security context.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+
+---
+
+##### `startup`Optional
+
+```java
+public Probe getStartup();
+```
+
+- *Type:* [`org.cdk8s.plus27.Probe`](#org.cdk8s.plus27.Probe)
+- *Default:* If a port is provided, then knocks on that port
+to determine when the container is ready for readiness and
+liveness probe checks.
+Otherwise, no startup probe is defined.
+
+StartupProbe indicates that the Pod has successfully initialized.
+
+If specified, no other probes are executed until this completes successfully
+
+---
+
+##### `volumeMounts`Optional
+
+```java
+public java.util.List getVolumeMounts();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.VolumeMount`](#org.cdk8s.plus27.VolumeMount)>
+
+Pod volumes to mount into the container's filesystem.
+
+Cannot be updated.
+
+---
+
+##### `workingDir`Optional
+
+```java
+public java.lang.String getWorkingDir();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* The container runtime's default.
+
+Container's working directory.
+
+If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.
+
+---
+
+### ContainerPort
+
+Represents a network port in a single container.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ContainerPort;
+
+ContainerPort.builder()
+ .number(java.lang.Number)
+// .hostIp(java.lang.String)
+// .hostPort(java.lang.Number)
+// .name(java.lang.String)
+// .protocol(Protocol)
+ .build();
+```
+
+##### `number`Required
+
+```java
+public java.lang.Number getNumber();
+```
+
+- *Type:* `java.lang.Number`
+
+Number of port to expose on the pod's IP address.
+
+This must be a valid port number, 0 < x < 65536.
+
+---
+
+##### `hostIp`Optional
+
+```java
+public java.lang.String getHostIp();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* 127.0.0.1.
+
+What host IP to bind the external port to.
+
+---
+
+##### `hostPort`Optional
+
+```java
+public java.lang.Number getHostPort();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* auto generated by kubernetes and might change on restarts.
+
+Number of port to expose on the host.
+
+If specified, this must be a valid port number, 0 < x < 65536.
+Most containers do not need this.
+
+---
+
+##### `name`Optional
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* port is not named.
+
+If specified, this must be an IANA_SVC_NAME and unique within the pod.
+
+Each named port in a pod must have a unique name.
+Name for the port that can be referred to by services.
+
+---
+
+##### `protocol`Optional
+
+```java
+public Protocol getProtocol();
+```
+
+- *Type:* [`org.cdk8s.plus27.Protocol`](#org.cdk8s.plus27.Protocol)
+- *Default:* Protocol.TCP
+
+Protocol for port.
+
+Must be UDP, TCP, or SCTP. Defaults to "TCP".
+
+---
+
+### ContainerProps
+
+Properties for creating a container.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ContainerProps;
+
+ContainerProps.builder()
+// .args(java.util.List)
+// .command(java.util.List)
+// .envFrom(java.util.List)
+// .envVariables(java.util.Map)
+// .imagePullPolicy(ImagePullPolicy)
+// .lifecycle(ContainerLifecycle)
+// .liveness(Probe)
+// .name(java.lang.String)
+// .port(java.lang.Number)
+// .portNumber(java.lang.Number)
+// .ports(java.util.List)
+// .readiness(Probe)
+// .resources(ContainerResources)
+// .securityContext(ContainerSecurityContextProps)
+// .startup(Probe)
+// .volumeMounts(java.util.List)
+// .workingDir(java.lang.String)
+ .image(java.lang.String)
+ .build();
+```
+
+##### `args`Optional
+
+```java
+public java.util.List getArgs();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* []
+
+Arguments to the entrypoint. The docker image's CMD is used if `command` is not provided.
+
+Variable references $(VAR_NAME) are expanded using the container's
+environment. If a variable cannot be resolved, the reference in the input
+string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
+double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
+regardless of whether the variable exists or not.
+
+Cannot be updated.
+
+> https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+
+---
+
+##### `command`Optional
+
+```java
+public java.util.List getCommand();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* The docker image's ENTRYPOINT.
+
+Entrypoint array.
+
+Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment.
+If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME).
+Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated.
+More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+
+---
+
+##### `envFrom`Optional
+
+```java
+public java.util.List getEnvFrom();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.EnvFrom`](#org.cdk8s.plus27.EnvFrom)>
+- *Default:* No sources.
+
+List of sources to populate environment variables in the container.
+
+When a key exists in multiple sources, the value associated with
+the last source will take precedence. Values defined by the `envVariables` property
+with a duplicate key will take precedence.
+
+---
+
+##### `envVariables`Optional
+
+```java
+public java.util.Map getEnvVariables();
+```
+
+- *Type:* java.util.Map
+- *Default:* No environment variables.
+
+Environment variables to set in the container.
+
+---
+
+##### `imagePullPolicy`Optional
+
+```java
+public ImagePullPolicy getImagePullPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.ImagePullPolicy`](#org.cdk8s.plus27.ImagePullPolicy)
+- *Default:* ImagePullPolicy.ALWAYS
+
+Image pull policy for this container.
+
+---
+
+##### `lifecycle`Optional
+
+```java
+public ContainerLifecycle getLifecycle();
+```
+
+- *Type:* [`org.cdk8s.plus27.ContainerLifecycle`](#org.cdk8s.plus27.ContainerLifecycle)
+
+Describes actions that the management system should take in response to container lifecycle events.
+
+---
+
+##### `liveness`Optional
+
+```java
+public Probe getLiveness();
+```
+
+- *Type:* [`org.cdk8s.plus27.Probe`](#org.cdk8s.plus27.Probe)
+- *Default:* no liveness probe is defined
+
+Periodic probe of container liveness.
+
+Container will be restarted if the probe fails.
+
+---
+
+##### `name`Optional
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* 'main'
+
+Name of the container specified as a DNS_LABEL.
+
+Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
+
+---
+
+##### ~~`port`~~Optional
+
+- *Deprecated:* - use `portNumber`.
+
+```java
+public java.lang.Number getPort();
+```
+
+- *Type:* `java.lang.Number`
+
+---
+
+##### `portNumber`Optional
+
+```java
+public java.lang.Number getPortNumber();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* Only the ports mentiond in the `ports` property are exposed.
+
+Number of port to expose on the pod's IP address.
+
+This must be a valid port number, 0 < x < 65536.
+
+This is a convinience property if all you need a single TCP numbered port.
+In case more advanced configuartion is required, use the `ports` property.
+
+This port is added to the list of ports mentioned in the `ports` property.
+
+---
+
+##### `ports`Optional
+
+```java
+public java.util.List getPorts();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerPort`](#org.cdk8s.plus27.ContainerPort)>
+- *Default:* Only the port mentioned in the `portNumber` property is exposed.
+
+List of ports to expose from this container.
+
+---
+
+##### `readiness`Optional
+
+```java
+public Probe getReadiness();
+```
+
+- *Type:* [`org.cdk8s.plus27.Probe`](#org.cdk8s.plus27.Probe)
+- *Default:* no readiness probe is defined
+
+Determines when the container is ready to serve traffic.
+
+---
+
+##### `resources`Optional
+
+```java
+public ContainerResources getResources();
+```
+
+- *Type:* [`org.cdk8s.plus27.ContainerResources`](#org.cdk8s.plus27.ContainerResources)
+- *Default:* cpu:
+ request: 1000 millis
+ limit: 1500 millis
+ memory:
+ request: 512 mebibytes
+ limit: 2048 mebibytes
+
+Compute resources (CPU and memory requests and limits) required by the container.
+
+> https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+
+---
+
+##### `securityContext`Optional
+
+```java
+public ContainerSecurityContextProps getSecurityContext();
+```
+
+- *Type:* [`org.cdk8s.plus27.ContainerSecurityContextProps`](#org.cdk8s.plus27.ContainerSecurityContextProps)
+- *Default:* ensureNonRoot: true
+ privileged: false
+ readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ user: 25000
+ group: 26000
+
+SecurityContext defines the security options the container should be run with.
+
+If set, the fields override equivalent fields of the pod's security context.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+
+---
+
+##### `startup`Optional
+
+```java
+public Probe getStartup();
+```
+
+- *Type:* [`org.cdk8s.plus27.Probe`](#org.cdk8s.plus27.Probe)
+- *Default:* If a port is provided, then knocks on that port
+to determine when the container is ready for readiness and
+liveness probe checks.
+Otherwise, no startup probe is defined.
+
+StartupProbe indicates that the Pod has successfully initialized.
+
+If specified, no other probes are executed until this completes successfully
+
+---
+
+##### `volumeMounts`Optional
+
+```java
+public java.util.List getVolumeMounts();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.VolumeMount`](#org.cdk8s.plus27.VolumeMount)>
+
+Pod volumes to mount into the container's filesystem.
+
+Cannot be updated.
+
+---
+
+##### `workingDir`Optional
+
+```java
+public java.lang.String getWorkingDir();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* The container runtime's default.
+
+Container's working directory.
+
+If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.
+
+---
+
+##### `image`Required
+
+```java
+public java.lang.String getImage();
+```
+
+- *Type:* `java.lang.String`
+
+Docker image name.
+
+---
+
+### ContainerResources
+
+CPU and memory compute resources.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ContainerResources;
+
+ContainerResources.builder()
+// .cpu(CpuResources)
+// .ephemeralStorage(EphemeralStorageResources)
+// .memory(MemoryResources)
+ .build();
+```
+
+##### `cpu`Optional
+
+```java
+public CpuResources getCpu();
+```
+
+- *Type:* [`org.cdk8s.plus27.CpuResources`](#org.cdk8s.plus27.CpuResources)
+
+---
+
+##### `ephemeralStorage`Optional
+
+```java
+public EphemeralStorageResources getEphemeralStorage();
+```
+
+- *Type:* [`org.cdk8s.plus27.EphemeralStorageResources`](#org.cdk8s.plus27.EphemeralStorageResources)
+
+---
+
+##### `memory`Optional
+
+```java
+public MemoryResources getMemory();
+```
+
+- *Type:* [`org.cdk8s.plus27.MemoryResources`](#org.cdk8s.plus27.MemoryResources)
+
+---
+
+### ContainerSecurityContextProps
+
+Properties for `ContainerSecurityContext`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ContainerSecurityContextProps;
+
+ContainerSecurityContextProps.builder()
+// .allowPrivilegeEscalation(java.lang.Boolean)
+// .ensureNonRoot(java.lang.Boolean)
+// .group(java.lang.Number)
+// .privileged(java.lang.Boolean)
+// .readOnlyRootFilesystem(java.lang.Boolean)
+// .user(java.lang.Number)
+ .build();
+```
+
+##### `allowPrivilegeEscalation`Optional
+
+```java
+public java.lang.Boolean getAllowPrivilegeEscalation();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Whether a process can gain more privileges than its parent process.
+
+---
+
+##### `ensureNonRoot`Optional
+
+```java
+public java.lang.Boolean getEnsureNonRoot();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* true
+
+Indicates that the container must run as a non-root user.
+
+If true, the Kubelet will validate the image at runtime to ensure that it does
+not run as UID 0 (root) and fail to start the container if it does.
+
+---
+
+##### `group`Optional
+
+```java
+public java.lang.Number getGroup();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* 26000. An arbitrary number bigger than 9999 is selected here.
+This is so that the container is blocked to access host files even if
+somehow it manages to get access to host file system.
+
+The GID to run the entrypoint of the container process.
+
+---
+
+##### `privileged`Optional
+
+```java
+public java.lang.Boolean getPrivileged();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Run container in privileged mode.
+
+Processes in privileged containers are essentially equivalent to root on the host.
+
+---
+
+##### `readOnlyRootFilesystem`Optional
+
+```java
+public java.lang.Boolean getReadOnlyRootFilesystem();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* true
+
+Whether this container has a read-only root filesystem.
+
+---
+
+##### `user`Optional
+
+```java
+public java.lang.Number getUser();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* 25000. An arbitrary number bigger than 9999 is selected here.
+This is so that the container is blocked to access host files even if
+somehow it manages to get access to host file system.
+
+The UID to run the entrypoint of the container process.
+
+---
+
+### CpuResources
+
+CPU request and limit.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.CpuResources;
+
+CpuResources.builder()
+// .limit(Cpu)
+// .request(Cpu)
+ .build();
+```
+
+##### `limit`Optional
+
+```java
+public Cpu getLimit();
+```
+
+- *Type:* [`org.cdk8s.plus27.Cpu`](#org.cdk8s.plus27.Cpu)
+
+---
+
+##### `request`Optional
+
+```java
+public Cpu getRequest();
+```
+
+- *Type:* [`org.cdk8s.plus27.Cpu`](#org.cdk8s.plus27.Cpu)
+
+---
+
+### CronJobProps
+
+Properties for `CronJob`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.CronJobProps;
+
+CronJobProps.builder()
+// .metadata(ApiObjectMetadata)
+// .automountServiceAccountToken(java.lang.Boolean)
+// .containers(java.util.List)
+// .dns(PodDnsProps)
+// .dockerRegistryAuth(ISecret)
+// .hostAliases(java.util.List)
+// .hostNetwork(java.lang.Boolean)
+// .initContainers(java.util.List)
+// .isolate(java.lang.Boolean)
+// .restartPolicy(RestartPolicy)
+// .securityContext(PodSecurityContextProps)
+// .serviceAccount(IServiceAccount)
+// .terminationGracePeriod(Duration)
+// .volumes(java.util.List)
+// .podMetadata(ApiObjectMetadata)
+// .select(java.lang.Boolean)
+// .spread(java.lang.Boolean)
+// .activeDeadline(Duration)
+// .backoffLimit(java.lang.Number)
+// .ttlAfterFinished(Duration)
+ .schedule(Cron)
+// .concurrencyPolicy(ConcurrencyPolicy)
+// .failedJobsRetained(java.lang.Number)
+// .startingDeadline(Duration)
+// .successfulJobsRetained(java.lang.Number)
+// .suspend(java.lang.Boolean)
+// .timeZone(java.lang.String)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountServiceAccountToken`Optional
+
+```java
+public java.lang.Boolean getAutomountServiceAccountToken();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether a service account token should be automatically mounted.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `containers`Optional
+
+```java
+public java.util.List getContainers();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No containers. Note that a pod spec must include at least one container.
+
+List of containers belonging to the pod.
+
+Containers cannot currently be
+added or removed. There must be at least one container in a Pod.
+
+You can add additionnal containers using `podSpec.addContainer()`
+
+---
+
+##### `dns`Optional
+
+```java
+public PodDnsProps getDns();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodDnsProps`](#org.cdk8s.plus27.PodDnsProps)
+- *Default:* policy: DnsPolicy.CLUSTER_FIRST
+ hostnameAsFQDN: false
+
+DNS settings for the pod.
+
+> https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+```java
+public ISecret getDockerRegistryAuth();
+```
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* No auth. Images are assumed to be publicly available.
+
+A secret containing docker credentials for authenticating to a registry.
+
+---
+
+##### `hostAliases`Optional
+
+```java
+public java.util.List getHostAliases();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
+
+---
+
+##### `hostNetwork`Optional
+
+```java
+public java.lang.Boolean getHostNetwork();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Host network for the pod.
+
+---
+
+##### `initContainers`Optional
+
+```java
+public java.util.List getInitContainers();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No init containers.
+
+List of initialization containers belonging to the pod.
+
+Init containers are executed in order prior to containers being started.
+If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy.
+The name for an init container or normal container must be unique among all containers.
+Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
+The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit
+for each resource type, and then using the max of of that value or the sum of the normal containers.
+Limits are applied to init containers in a similar fashion.
+
+Init containers cannot currently be added ,removed or updated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+
+---
+
+##### `isolate`Optional
+
+```java
+public java.lang.Boolean getIsolate();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Isolates the pod.
+
+This will prevent any ingress or egress connections to / from this pod.
+You can however allow explicit connections post instantiation by using the `.connections` property.
+
+---
+
+##### `restartPolicy`Optional
+
+```java
+public RestartPolicy getRestartPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+- *Default:* RestartPolicy.ALWAYS
+
+Restart policy for all containers within the pod.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+
+---
+
+##### `securityContext`Optional
+
+```java
+public PodSecurityContextProps getSecurityContext();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContextProps`](#org.cdk8s.plus27.PodSecurityContextProps)
+- *Default:* fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS
+ ensureNonRoot: true
+
+SecurityContext holds pod-level security attributes and common container settings.
+
+---
+
+##### `serviceAccount`Optional
+
+```java
+public IServiceAccount getServiceAccount();
+```
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+- *Default:* No service account.
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the
+apiserver. When they do, they are authenticated as a particular Service
+Account (for example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
+---
+
+##### `terminationGracePeriod`Optional
+
+```java
+public Duration getTerminationGracePeriod();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(30)
+
+Grace period until the pod is terminated.
+
+---
+
+##### `volumes`Optional
+
+```java
+public java.util.List getVolumes();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+- *Default:* No volumes.
+
+List of volumes that can be mounted by containers belonging to the pod.
+
+You can also add volumes later using `podSpec.addVolume()`
+
+> https://kubernetes.io/docs/concepts/storage/volumes
+
+---
+
+##### `podMetadata`Optional
+
+```java
+public ApiObjectMetadata getPodMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+The pod metadata of this workload.
+
+---
+
+##### `select`Optional
+
+```java
+public java.lang.Boolean getSelect();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* true
+
+Automatically allocates a pod label selector for this workload and add it to the pod metadata.
+
+This ensures this workload manages pods created by
+its pod template.
+
+---
+
+##### `spread`Optional
+
+```java
+public java.lang.Boolean getSpread();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Automatically spread pods across hostname and zones.
+
+> https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
+
+---
+
+##### `activeDeadline`Optional
+
+```java
+public Duration getActiveDeadline();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* If unset, then there is no deadline.
+
+Specifies the duration the job may be active before the system tries to terminate it.
+
+---
+
+##### `backoffLimit`Optional
+
+```java
+public java.lang.Number getBackoffLimit();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* If not set, system defaults to 6.
+
+Specifies the number of retries before marking this job failed.
+
+---
+
+##### `ttlAfterFinished`Optional
+
+```java
+public Duration getTtlAfterFinished();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* If this field is unset, the Job won't be automatically deleted.
+
+Limits the lifetime of a Job that has finished execution (either Complete or Failed).
+
+If this field is set, after the Job finishes, it is eligible to
+be automatically deleted. When the Job is being deleted, its lifecycle
+guarantees (e.g. finalizers) will be honored. If this field is set to zero,
+the Job becomes eligible to be deleted immediately after it finishes. This
+field is alpha-level and is only honored by servers that enable the
+`TTLAfterFinished` feature.
+
+---
+
+##### `schedule`Required
+
+```java
+public Cron getSchedule();
+```
+
+- *Type:* [`org.cdk8s.Cron`](#org.cdk8s.Cron)
+
+Specifies the time in which the job would run again.
+
+This is defined as a cron expression in the CronJob resource.
+
+---
+
+##### `concurrencyPolicy`Optional
+
+```java
+public ConcurrencyPolicy getConcurrencyPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.ConcurrencyPolicy`](#org.cdk8s.plus27.ConcurrencyPolicy)
+- *Default:* ConcurrencyPolicy.Forbid
+
+Specifies the concurrency policy for the job.
+
+---
+
+##### `failedJobsRetained`Optional
+
+```java
+public java.lang.Number getFailedJobsRetained();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* 1
+
+Specifies the number of failed jobs history retained.
+
+This would retain the Job and the associated Pod resource and can be useful for debugging.
+
+---
+
+##### `startingDeadline`Optional
+
+```java
+public Duration getStartingDeadline();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(10)
+
+Kubernetes attempts to start cron jobs at its schedule time, but this is not guaranteed.
+
+This deadline specifies
+how much time can pass after a schedule point, for which kubernetes can still start the job.
+For example, if this is set to 100 seconds, kubernetes is allowed to start the job at a maximum 100 seconds after
+the scheduled time.
+
+Note that the Kubernetes CronJobController checks for things every 10 seconds, for this reason, a deadline below 10
+seconds is not allowed, as it may cause your job to never be scheduled.
+
+In addition, kubernetes will stop scheduling jobs if more than 100 schedules were missed (for any reason).
+This property also controls what time interval should kubernetes consider when counting for missed schedules.
+
+For example, suppose a CronJob is set to schedule a new Job every one minute beginning at 08:30:00,
+and its `startingDeadline` field is not set. If the CronJob controller happens to be down from 08:29:00 to 10:21:00,
+the job will not start as the number of missed jobs which missed their schedule is greater than 100.
+However, if `startingDeadline` is set to 200 seconds, kubernetes will only count 3 missed schedules, and thus
+start a new execution at 10:22:00.
+
+---
+
+##### `successfulJobsRetained`Optional
+
+```java
+public java.lang.Number getSuccessfulJobsRetained();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* 3
+
+Specifies the number of successful jobs history retained.
+
+This would retain the Job and the associated Pod resource and can be useful for debugging.
+
+---
+
+##### `suspend`Optional
+
+```java
+public java.lang.Boolean getSuspend();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Specifies if the cron job should be suspended.
+
+Only applies to future executions, current ones are remained untouched.
+
+---
+
+##### `timeZone`Optional
+
+```java
+public java.lang.String getTimeZone();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* Timezone of kube-controller-manager process.
+
+Specifies the timezone for the job.
+
+This helps aligining the schedule to follow the specified timezone.
+
+> {@link https://en.wikipedia.org/wiki/List_of_tz_database_time_zones} for list of valid timezone values.
+
+---
+
+### CsiVolumeOptions
+
+Options for the CSI driver based volume.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.CsiVolumeOptions;
+
+CsiVolumeOptions.builder()
+// .attributes(java.util.Map)
+// .fsType(java.lang.String)
+// .name(java.lang.String)
+// .readOnly(java.lang.Boolean)
+ .build();
+```
+
+##### `attributes`Optional
+
+```java
+public java.util.Map getAttributes();
+```
+
+- *Type:* java.util.Map
+- *Default:* undefined
+
+Any driver-specific attributes to pass to the CSI volume builder.
+
+---
+
+##### `fsType`Optional
+
+```java
+public java.lang.String getFsType();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* driver-dependent
+
+The filesystem type to mount.
+
+Ex. "ext4", "xfs", "ntfs". If not provided,
+the empty value is passed to the associated CSI driver, which will
+determine the default filesystem to apply.
+
+---
+
+##### `name`Optional
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* auto-generated
+
+The volume name.
+
+---
+
+##### `readOnly`Optional
+
+```java
+public java.lang.Boolean getReadOnly();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Whether the mounted volume should be read-only or not.
+
+---
+
+### DaemonSetProps
+
+Properties for `DaemonSet`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.DaemonSetProps;
+
+DaemonSetProps.builder()
+// .metadata(ApiObjectMetadata)
+// .automountServiceAccountToken(java.lang.Boolean)
+// .containers(java.util.List)
+// .dns(PodDnsProps)
+// .dockerRegistryAuth(ISecret)
+// .hostAliases(java.util.List)
+// .hostNetwork(java.lang.Boolean)
+// .initContainers(java.util.List)
+// .isolate(java.lang.Boolean)
+// .restartPolicy(RestartPolicy)
+// .securityContext(PodSecurityContextProps)
+// .serviceAccount(IServiceAccount)
+// .terminationGracePeriod(Duration)
+// .volumes(java.util.List)
+// .podMetadata(ApiObjectMetadata)
+// .select(java.lang.Boolean)
+// .spread(java.lang.Boolean)
+// .minReadySeconds(java.lang.Number)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountServiceAccountToken`Optional
+
+```java
+public java.lang.Boolean getAutomountServiceAccountToken();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether a service account token should be automatically mounted.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `containers`Optional
+
+```java
+public java.util.List getContainers();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No containers. Note that a pod spec must include at least one container.
+
+List of containers belonging to the pod.
+
+Containers cannot currently be
+added or removed. There must be at least one container in a Pod.
+
+You can add additionnal containers using `podSpec.addContainer()`
+
+---
+
+##### `dns`Optional
+
+```java
+public PodDnsProps getDns();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodDnsProps`](#org.cdk8s.plus27.PodDnsProps)
+- *Default:* policy: DnsPolicy.CLUSTER_FIRST
+ hostnameAsFQDN: false
+
+DNS settings for the pod.
+
+> https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+```java
+public ISecret getDockerRegistryAuth();
+```
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* No auth. Images are assumed to be publicly available.
+
+A secret containing docker credentials for authenticating to a registry.
+
+---
+
+##### `hostAliases`Optional
+
+```java
+public java.util.List getHostAliases();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
+
+---
+
+##### `hostNetwork`Optional
+
+```java
+public java.lang.Boolean getHostNetwork();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Host network for the pod.
+
+---
+
+##### `initContainers`Optional
+
+```java
+public java.util.List getInitContainers();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No init containers.
+
+List of initialization containers belonging to the pod.
+
+Init containers are executed in order prior to containers being started.
+If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy.
+The name for an init container or normal container must be unique among all containers.
+Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
+The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit
+for each resource type, and then using the max of of that value or the sum of the normal containers.
+Limits are applied to init containers in a similar fashion.
+
+Init containers cannot currently be added ,removed or updated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+
+---
+
+##### `isolate`Optional
+
+```java
+public java.lang.Boolean getIsolate();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Isolates the pod.
+
+This will prevent any ingress or egress connections to / from this pod.
+You can however allow explicit connections post instantiation by using the `.connections` property.
+
+---
+
+##### `restartPolicy`Optional
+
+```java
+public RestartPolicy getRestartPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+- *Default:* RestartPolicy.ALWAYS
+
+Restart policy for all containers within the pod.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+
+---
+
+##### `securityContext`Optional
+
+```java
+public PodSecurityContextProps getSecurityContext();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContextProps`](#org.cdk8s.plus27.PodSecurityContextProps)
+- *Default:* fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS
+ ensureNonRoot: true
+
+SecurityContext holds pod-level security attributes and common container settings.
+
+---
+
+##### `serviceAccount`Optional
+
+```java
+public IServiceAccount getServiceAccount();
+```
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+- *Default:* No service account.
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the
+apiserver. When they do, they are authenticated as a particular Service
+Account (for example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
+---
+
+##### `terminationGracePeriod`Optional
+
+```java
+public Duration getTerminationGracePeriod();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(30)
+
+Grace period until the pod is terminated.
+
+---
+
+##### `volumes`Optional
+
+```java
+public java.util.List getVolumes();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+- *Default:* No volumes.
+
+List of volumes that can be mounted by containers belonging to the pod.
+
+You can also add volumes later using `podSpec.addVolume()`
+
+> https://kubernetes.io/docs/concepts/storage/volumes
+
+---
+
+##### `podMetadata`Optional
+
+```java
+public ApiObjectMetadata getPodMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+The pod metadata of this workload.
+
+---
+
+##### `select`Optional
+
+```java
+public java.lang.Boolean getSelect();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* true
+
+Automatically allocates a pod label selector for this workload and add it to the pod metadata.
+
+This ensures this workload manages pods created by
+its pod template.
+
+---
+
+##### `spread`Optional
+
+```java
+public java.lang.Boolean getSpread();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Automatically spread pods across hostname and zones.
+
+> https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
+
+---
+
+##### `minReadySeconds`Optional
+
+```java
+public java.lang.Number getMinReadySeconds();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* 0
+
+Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
+
+---
+
+### DeploymentExposeViaServiceOptions
+
+Options for `Deployment.exposeViaService`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.DeploymentExposeViaServiceOptions;
+
+DeploymentExposeViaServiceOptions.builder()
+// .name(java.lang.String)
+// .ports(java.util.List)
+// .serviceType(ServiceType)
+ .build();
+```
+
+##### `name`Optional
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* auto generated.
+
+The name of the service to expose.
+
+If you'd like to expose the deployment multiple times,
+you must explicitly set a name starting from the second expose call.
+
+---
+
+##### `ports`Optional
+
+```java
+public java.util.List getPorts();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ServicePort`](#org.cdk8s.plus27.ServicePort)>
+- *Default:* extracted from the deployment.
+
+The ports that the service should bind to.
+
+---
+
+##### `serviceType`Optional
+
+```java
+public ServiceType getServiceType();
+```
+
+- *Type:* [`org.cdk8s.plus27.ServiceType`](#org.cdk8s.plus27.ServiceType)
+- *Default:* ClusterIP.
+
+The type of the exposed service.
+
+---
+
+### DeploymentProps
+
+Properties for `Deployment`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.DeploymentProps;
+
+DeploymentProps.builder()
+// .metadata(ApiObjectMetadata)
+// .automountServiceAccountToken(java.lang.Boolean)
+// .containers(java.util.List)
+// .dns(PodDnsProps)
+// .dockerRegistryAuth(ISecret)
+// .hostAliases(java.util.List)
+// .hostNetwork(java.lang.Boolean)
+// .initContainers(java.util.List)
+// .isolate(java.lang.Boolean)
+// .restartPolicy(RestartPolicy)
+// .securityContext(PodSecurityContextProps)
+// .serviceAccount(IServiceAccount)
+// .terminationGracePeriod(Duration)
+// .volumes(java.util.List)
+// .podMetadata(ApiObjectMetadata)
+// .select(java.lang.Boolean)
+// .spread(java.lang.Boolean)
+// .minReady(Duration)
+// .progressDeadline(Duration)
+// .replicas(java.lang.Number)
+// .strategy(DeploymentStrategy)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountServiceAccountToken`Optional
+
+```java
+public java.lang.Boolean getAutomountServiceAccountToken();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether a service account token should be automatically mounted.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `containers`Optional
+
+```java
+public java.util.List getContainers();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No containers. Note that a pod spec must include at least one container.
+
+List of containers belonging to the pod.
+
+Containers cannot currently be
+added or removed. There must be at least one container in a Pod.
+
+You can add additionnal containers using `podSpec.addContainer()`
+
+---
+
+##### `dns`Optional
+
+```java
+public PodDnsProps getDns();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodDnsProps`](#org.cdk8s.plus27.PodDnsProps)
+- *Default:* policy: DnsPolicy.CLUSTER_FIRST
+ hostnameAsFQDN: false
+
+DNS settings for the pod.
+
+> https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+```java
+public ISecret getDockerRegistryAuth();
+```
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* No auth. Images are assumed to be publicly available.
+
+A secret containing docker credentials for authenticating to a registry.
+
+---
+
+##### `hostAliases`Optional
+
+```java
+public java.util.List getHostAliases();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
+
+---
+
+##### `hostNetwork`Optional
+
+```java
+public java.lang.Boolean getHostNetwork();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Host network for the pod.
+
+---
+
+##### `initContainers`Optional
+
+```java
+public java.util.List getInitContainers();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No init containers.
+
+List of initialization containers belonging to the pod.
+
+Init containers are executed in order prior to containers being started.
+If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy.
+The name for an init container or normal container must be unique among all containers.
+Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
+The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit
+for each resource type, and then using the max of of that value or the sum of the normal containers.
+Limits are applied to init containers in a similar fashion.
+
+Init containers cannot currently be added ,removed or updated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+
+---
+
+##### `isolate`Optional
+
+```java
+public java.lang.Boolean getIsolate();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Isolates the pod.
+
+This will prevent any ingress or egress connections to / from this pod.
+You can however allow explicit connections post instantiation by using the `.connections` property.
+
+---
+
+##### `restartPolicy`Optional
+
+```java
+public RestartPolicy getRestartPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+- *Default:* RestartPolicy.ALWAYS
+
+Restart policy for all containers within the pod.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+
+---
+
+##### `securityContext`Optional
+
+```java
+public PodSecurityContextProps getSecurityContext();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContextProps`](#org.cdk8s.plus27.PodSecurityContextProps)
+- *Default:* fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS
+ ensureNonRoot: true
+
+SecurityContext holds pod-level security attributes and common container settings.
+
+---
+
+##### `serviceAccount`Optional
+
+```java
+public IServiceAccount getServiceAccount();
+```
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+- *Default:* No service account.
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the
+apiserver. When they do, they are authenticated as a particular Service
+Account (for example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
+---
+
+##### `terminationGracePeriod`Optional
+
+```java
+public Duration getTerminationGracePeriod();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(30)
+
+Grace period until the pod is terminated.
+
+---
+
+##### `volumes`Optional
+
+```java
+public java.util.List getVolumes();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+- *Default:* No volumes.
+
+List of volumes that can be mounted by containers belonging to the pod.
+
+You can also add volumes later using `podSpec.addVolume()`
+
+> https://kubernetes.io/docs/concepts/storage/volumes
+
+---
+
+##### `podMetadata`Optional
+
+```java
+public ApiObjectMetadata getPodMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+The pod metadata of this workload.
+
+---
+
+##### `select`Optional
+
+```java
+public java.lang.Boolean getSelect();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* true
+
+Automatically allocates a pod label selector for this workload and add it to the pod metadata.
+
+This ensures this workload manages pods created by
+its pod template.
+
+---
+
+##### `spread`Optional
+
+```java
+public java.lang.Boolean getSpread();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Automatically spread pods across hostname and zones.
+
+> https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
+
+---
+
+##### `minReady`Optional
+
+```java
+public Duration getMinReady();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(0)
+
+Minimum duration for which a newly created pod should be ready without any of its container crashing, for it to be considered available.
+
+Zero means the pod will be considered available as soon as it is ready.
+
+> https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#min-ready-seconds
+
+---
+
+##### `progressDeadline`Optional
+
+```java
+public Duration getProgressDeadline();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(600)
+
+The maximum duration for a deployment to make progress before it is considered to be failed.
+
+The deployment controller will continue
+to process failed deployments and a condition with a ProgressDeadlineExceeded
+reason will be surfaced in the deployment status.
+
+Note that progress will not be estimated during the time a deployment is paused.
+
+> https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#progress-deadline-seconds
+
+---
+
+##### `replicas`Optional
+
+```java
+public java.lang.Number getReplicas();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* 2
+
+Number of desired pods.
+
+---
+
+##### `strategy`Optional
+
+```java
+public DeploymentStrategy getStrategy();
+```
+
+- *Type:* [`org.cdk8s.plus27.DeploymentStrategy`](#org.cdk8s.plus27.DeploymentStrategy)
+- *Default:* RollingUpdate with maxSurge and maxUnavailable set to 25%.
+
+Specifies the strategy used to replace old Pods by new ones.
+
+---
+
+### DeploymentStrategyRollingUpdateOptions
+
+Options for `DeploymentStrategy.rollingUpdate`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.DeploymentStrategyRollingUpdateOptions;
+
+DeploymentStrategyRollingUpdateOptions.builder()
+// .maxSurge(PercentOrAbsolute)
+// .maxUnavailable(PercentOrAbsolute)
+ .build();
+```
+
+##### `maxSurge`Optional
+
+```java
+public PercentOrAbsolute getMaxSurge();
+```
+
+- *Type:* [`org.cdk8s.plus27.PercentOrAbsolute`](#org.cdk8s.plus27.PercentOrAbsolute)
+- *Default:* '25%'
+
+The maximum number of pods that can be scheduled above the desired number of pods.
+
+Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+Absolute number is calculated from percentage by rounding up.
+This can not be 0 if `maxUnavailable` is 0.
+
+Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update
+starts, such that the total number of old and new pods do not exceed 130% of desired pods.
+Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that
+total number of pods running at any time during the update is at most 130% of desired pods.
+
+---
+
+##### `maxUnavailable`Optional
+
+```java
+public PercentOrAbsolute getMaxUnavailable();
+```
+
+- *Type:* [`org.cdk8s.plus27.PercentOrAbsolute`](#org.cdk8s.plus27.PercentOrAbsolute)
+- *Default:* '25%'
+
+The maximum number of pods that can be unavailable during the update.
+
+Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+Absolute number is calculated from percentage by rounding down.
+This can not be 0 if `maxSurge` is 0.
+
+Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired
+pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can
+be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total
+number of pods available at all times during the update is at least 70% of desired pods.
+
+---
+
+### DnsOption
+
+Custom DNS option.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.DnsOption;
+
+DnsOption.builder()
+ .name(java.lang.String)
+// .value(java.lang.String)
+ .build();
+```
+
+##### `name`Required
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+
+Option name.
+
+---
+
+##### `value`Optional
+
+```java
+public java.lang.String getValue();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* No value.
+
+Option value.
+
+---
+
+### DockerConfigSecretProps
+
+Options for `DockerConfigSecret`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.DockerConfigSecretProps;
+
+DockerConfigSecretProps.builder()
+// .metadata(ApiObjectMetadata)
+// .immutable(java.lang.Boolean)
+ .data(java.util.Map)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `immutable`Optional
+
+```java
+public java.lang.Boolean getImmutable();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+If set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified).
+
+If not set to true, the field can be modified at any time.
+
+---
+
+##### `data`Required
+
+```java
+public java.util.Map getData();
+```
+
+- *Type:* java.util.Map
+
+JSON content to provide for the `~/.docker/config.json` file. This will be stringified and inserted as stringData.
+
+> https://docs.docker.com/engine/reference/commandline/cli/#sample-configuration-file
+
+---
+
+### EmptyDirVolumeOptions
+
+Options for volumes populated with an empty directory.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.EmptyDirVolumeOptions;
+
+EmptyDirVolumeOptions.builder()
+// .medium(EmptyDirMedium)
+// .sizeLimit(Size)
+ .build();
+```
+
+##### `medium`Optional
+
+```java
+public EmptyDirMedium getMedium();
+```
+
+- *Type:* [`org.cdk8s.plus27.EmptyDirMedium`](#org.cdk8s.plus27.EmptyDirMedium)
+- *Default:* EmptyDirMedium.DEFAULT
+
+By default, emptyDir volumes are stored on whatever medium is backing the node - that might be disk or SSD or network storage, depending on your environment.
+
+However, you can set the emptyDir.medium field to
+`EmptyDirMedium.MEMORY` to tell Kubernetes to mount a tmpfs (RAM-backed
+filesystem) for you instead. While tmpfs is very fast, be aware that unlike
+disks, tmpfs is cleared on node reboot and any files you write will count
+against your Container's memory limit.
+
+---
+
+##### `sizeLimit`Optional
+
+```java
+public Size getSizeLimit();
+```
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+- *Default:* limit is undefined
+
+Total amount of local storage required for this EmptyDir volume.
+
+The size
+limit is also applicable for memory medium. The maximum usage on memory
+medium EmptyDir would be the minimum value between the SizeLimit specified
+here and the sum of memory limits of all containers in a pod.
+
+---
+
+### EnvValueFromConfigMapOptions
+
+Options to specify an envionment variable value from a ConfigMap key.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.EnvValueFromConfigMapOptions;
+
+EnvValueFromConfigMapOptions.builder()
+// .optional(java.lang.Boolean)
+ .build();
+```
+
+##### `optional`Optional
+
+```java
+public java.lang.Boolean getOptional();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Specify whether the ConfigMap or its key must be defined.
+
+---
+
+### EnvValueFromFieldRefOptions
+
+Options to specify an environment variable value from a field reference.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.EnvValueFromFieldRefOptions;
+
+EnvValueFromFieldRefOptions.builder()
+// .apiVersion(java.lang.String)
+// .key(java.lang.String)
+ .build();
+```
+
+##### `apiVersion`Optional
+
+```java
+public java.lang.String getApiVersion();
+```
+
+- *Type:* `java.lang.String`
+
+Version of the schema the FieldPath is written in terms of.
+
+---
+
+##### `key`Optional
+
+```java
+public java.lang.String getKey();
+```
+
+- *Type:* `java.lang.String`
+
+The key to select the pod label or annotation.
+
+---
+
+### EnvValueFromProcessOptions
+
+Options to specify an environment variable value from the process environment.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.EnvValueFromProcessOptions;
+
+EnvValueFromProcessOptions.builder()
+// .required(java.lang.Boolean)
+ .build();
+```
+
+##### `required`Optional
+
+```java
+public java.lang.Boolean getRequired();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Specify whether the key must exist in the environment.
+
+If this is set to true, and the key does not exist, an error will thrown.
+
+---
+
+### EnvValueFromResourceOptions
+
+Options to specify an environment variable value from a resource.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.EnvValueFromResourceOptions;
+
+EnvValueFromResourceOptions.builder()
+// .container(Container)
+// .divisor(java.lang.String)
+ .build();
+```
+
+##### `container`Optional
+
+```java
+public Container getContainer();
+```
+
+- *Type:* [`org.cdk8s.plus27.Container`](#org.cdk8s.plus27.Container)
+
+The container to select the value from.
+
+---
+
+##### `divisor`Optional
+
+```java
+public java.lang.String getDivisor();
+```
+
+- *Type:* `java.lang.String`
+
+The output format of the exposed resource.
+
+---
+
+### EnvValueFromSecretOptions
+
+Options to specify an environment variable value from a Secret.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.EnvValueFromSecretOptions;
+
+EnvValueFromSecretOptions.builder()
+// .optional(java.lang.Boolean)
+ .build();
+```
+
+##### `optional`Optional
+
+```java
+public java.lang.Boolean getOptional();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Specify whether the Secret or its key must be defined.
+
+---
+
+### EphemeralStorageResources
+
+Emphemeral storage request and limit.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.EphemeralStorageResources;
+
+EphemeralStorageResources.builder()
+// .limit(Size)
+// .request(Size)
+ .build();
+```
+
+##### `limit`Optional
+
+```java
+public Size getLimit();
+```
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+
+---
+
+##### `request`Optional
+
+```java
+public Size getRequest();
+```
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+
+---
+
+### ExposeDeploymentViaIngressOptions
+
+Options for exposing a deployment via an ingress.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ExposeDeploymentViaIngressOptions;
+
+ExposeDeploymentViaIngressOptions.builder()
+// .name(java.lang.String)
+// .ports(java.util.List)
+// .serviceType(ServiceType)
+// .ingress(Ingress)
+// .pathType(HttpIngressPathType)
+ .build();
+```
+
+##### `name`Optional
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* auto generated.
+
+The name of the service to expose.
+
+If you'd like to expose the deployment multiple times,
+you must explicitly set a name starting from the second expose call.
+
+---
+
+##### `ports`Optional
+
+```java
+public java.util.List getPorts();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ServicePort`](#org.cdk8s.plus27.ServicePort)>
+- *Default:* extracted from the deployment.
+
+The ports that the service should bind to.
+
+---
+
+##### `serviceType`Optional
+
+```java
+public ServiceType getServiceType();
+```
+
+- *Type:* [`org.cdk8s.plus27.ServiceType`](#org.cdk8s.plus27.ServiceType)
+- *Default:* ClusterIP.
+
+The type of the exposed service.
+
+---
+
+##### `ingress`Optional
+
+```java
+public Ingress getIngress();
+```
+
+- *Type:* [`org.cdk8s.plus27.Ingress`](#org.cdk8s.plus27.Ingress)
+- *Default:* An ingress will be automatically created.
+
+The ingress to add rules to.
+
+---
+
+##### `pathType`Optional
+
+```java
+public HttpIngressPathType getPathType();
+```
+
+- *Type:* [`org.cdk8s.plus27.HttpIngressPathType`](#org.cdk8s.plus27.HttpIngressPathType)
+- *Default:* HttpIngressPathType.PREFIX
+
+The type of the path.
+
+---
+
+### ExposeServiceViaIngressOptions
+
+Options for exposing a service using an ingress.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.ExposeServiceViaIngressOptions;
+
+ExposeServiceViaIngressOptions.builder()
+// .ingress(Ingress)
+// .pathType(HttpIngressPathType)
+ .build();
+```
+
+##### `ingress`Optional
+
+```java
+public Ingress getIngress();
+```
+
+- *Type:* [`org.cdk8s.plus27.Ingress`](#org.cdk8s.plus27.Ingress)
+- *Default:* An ingress will be automatically created.
+
+The ingress to add rules to.
+
+---
+
+##### `pathType`Optional
+
+```java
+public HttpIngressPathType getPathType();
+```
+
+- *Type:* [`org.cdk8s.plus27.HttpIngressPathType`](#org.cdk8s.plus27.HttpIngressPathType)
+- *Default:* HttpIngressPathType.PREFIX
+
+The type of the path.
+
+---
+
+### FromServiceAccountNameOptions
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.FromServiceAccountNameOptions;
+
+FromServiceAccountNameOptions.builder()
+// .namespaceName(java.lang.String)
+ .build();
+```
+
+##### `namespaceName`Optional
+
+```java
+public java.lang.String getNamespaceName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* "default"
+
+The name of the namespace the service account belongs to.
+
+---
+
+### GCEPersistentDiskPersistentVolumeProps
+
+Properties for `GCEPersistentDiskPersistentVolume`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.GCEPersistentDiskPersistentVolumeProps;
+
+GCEPersistentDiskPersistentVolumeProps.builder()
+// .metadata(ApiObjectMetadata)
+// .accessModes(java.util.List)
+// .claim(IPersistentVolumeClaim)
+// .mountOptions(java.util.List)
+// .reclaimPolicy(PersistentVolumeReclaimPolicy)
+// .storage(Size)
+// .storageClassName(java.lang.String)
+// .volumeMode(PersistentVolumeMode)
+ .pdName(java.lang.String)
+// .fsType(java.lang.String)
+// .partition(java.lang.Number)
+// .readOnly(java.lang.Boolean)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `accessModes`Optional
+
+```java
+public java.util.List getAccessModes();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.PersistentVolumeAccessMode`](#org.cdk8s.plus27.PersistentVolumeAccessMode)>
+- *Default:* No access modes.
+
+Contains all ways the volume can be mounted.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
+
+---
+
+##### `claim`Optional
+
+```java
+public IPersistentVolumeClaim getClaim();
+```
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolumeClaim`](#org.cdk8s.plus27.IPersistentVolumeClaim)
+- *Default:* Not bound to a specific claim.
+
+Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
+
+Expected to be non-nil when bound.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
+
+---
+
+##### `mountOptions`Optional
+
+```java
+public java.util.List getMountOptions();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* No options.
+
+A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will simply fail if one is invalid.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
+
+---
+
+##### `reclaimPolicy`Optional
+
+```java
+public PersistentVolumeReclaimPolicy getReclaimPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeReclaimPolicy`](#org.cdk8s.plus27.PersistentVolumeReclaimPolicy)
+- *Default:* PersistentVolumeReclaimPolicy.RETAIN
+
+When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
+
+The reclaim policy tells the cluster what to do with
+the volume after it has been released of its claim.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
+
+---
+
+##### `storage`Optional
+
+```java
+public Size getStorage();
+```
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+- *Default:* No specified.
+
+What is the storage capacity of this volume.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+
+---
+
+##### `storageClassName`Optional
+
+```java
+public java.lang.String getStorageClassName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* Volume does not belong to any storage class.
+
+Name of StorageClass to which this persistent volume belongs.
+
+---
+
+##### `volumeMode`Optional
+
+```java
+public PersistentVolumeMode getVolumeMode();
+```
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeMode`](#org.cdk8s.plus27.PersistentVolumeMode)
+- *Default:* VolumeMode.FILE_SYSTEM
+
+Defines what type of volume is required by the claim.
+
+---
+
+##### `pdName`Required
+
+```java
+public java.lang.String getPdName();
+```
+
+- *Type:* `java.lang.String`
+
+Unique name of the PD resource in GCE.
+
+Used to identify the disk in GCE.
+
+> https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+
+---
+
+##### `fsType`Optional
+
+```java
+public java.lang.String getFsType();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* 'ext4'
+
+Filesystem type of the volume that you want to mount.
+
+Tip: Ensure that the filesystem type is supported by the host operating system.
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+##### `partition`Optional
+
+```java
+public java.lang.Number getPartition();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* No partition.
+
+The partition in the volume that you want to mount.
+
+If omitted, the default is to mount by volume name.
+Examples: For volume /dev/sda1, you specify the partition as "1".
+Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+
+---
+
+##### `readOnly`Optional
+
+```java
+public java.lang.Boolean getReadOnly();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+### GCEPersistentDiskVolumeOptions
+
+Options of `Volume.fromGcePersistentDisk`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.GCEPersistentDiskVolumeOptions;
+
+GCEPersistentDiskVolumeOptions.builder()
+// .fsType(java.lang.String)
+// .name(java.lang.String)
+// .partition(java.lang.Number)
+// .readOnly(java.lang.Boolean)
+ .build();
+```
+
+##### `fsType`Optional
+
+```java
+public java.lang.String getFsType();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* 'ext4'
+
+Filesystem type of the volume that you want to mount.
+
+Tip: Ensure that the filesystem type is supported by the host operating system.
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+##### `name`Optional
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* auto-generated
+
+The volume name.
+
+---
+
+##### `partition`Optional
+
+```java
+public java.lang.Number getPartition();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* No partition.
+
+The partition in the volume that you want to mount.
+
+If omitted, the default is to mount by volume name.
+Examples: For volume /dev/sda1, you specify the partition as "1".
+Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+
+---
+
+##### `readOnly`Optional
+
+```java
+public java.lang.Boolean getReadOnly();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".
+
+> https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+
+---
+
+### HandlerFromHttpGetOptions
+
+Options for `Handler.fromHttpGet`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.HandlerFromHttpGetOptions;
+
+HandlerFromHttpGetOptions.builder()
+// .port(java.lang.Number)
+ .build();
+```
+
+##### `port`Optional
+
+```java
+public java.lang.Number getPort();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* defaults to `container.port`.
+
+The TCP port to use when sending the GET request.
+
+---
+
+### HandlerFromTcpSocketOptions
+
+Options for `Handler.fromTcpSocket`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.HandlerFromTcpSocketOptions;
+
+HandlerFromTcpSocketOptions.builder()
+// .host(java.lang.String)
+// .port(java.lang.Number)
+ .build();
+```
+
+##### `host`Optional
+
+```java
+public java.lang.String getHost();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* defaults to the pod IP
+
+The host name to connect to on the container.
+
+---
+
+##### `port`Optional
+
+```java
+public java.lang.Number getPort();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* defaults to `container.port`.
+
+The TCP port to connect to on the container.
+
+---
+
+### HorizontalPodAutoscalerProps
+
+Properties for HorizontalPodAutoscaler.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.HorizontalPodAutoscalerProps;
+
+HorizontalPodAutoscalerProps.builder()
+// .metadata(ApiObjectMetadata)
+ .maxReplicas(java.lang.Number)
+ .target(IScalable)
+// .metrics(java.util.List)
+// .minReplicas(java.lang.Number)
+// .scaleDown(ScalingRules)
+// .scaleUp(ScalingRules)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `maxReplicas`Required
+
+```java
+public java.lang.Number getMaxReplicas();
+```
+
+- *Type:* `java.lang.Number`
+
+The maximum number of replicas that can be scaled up to.
+
+---
+
+##### `target`Required
+
+```java
+public IScalable getTarget();
+```
+
+- *Type:* [`org.cdk8s.plus27.IScalable`](#org.cdk8s.plus27.IScalable)
+
+The workload to scale up or down.
+
+Scalable workload types:
+
+* Deployment
+* StatefulSet
+
+---
+
+##### `metrics`Optional
+
+```java
+public java.util.List getMetrics();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Metric`](#org.cdk8s.plus27.Metric)>
+- *Default:* If metrics are not provided, then the target resource
+constraints (e.g. cpu limit) will be used as scaling metrics.
+
+The metric conditions that trigger a scale up or scale down.
+
+---
+
+##### `minReplicas`Optional
+
+```java
+public java.lang.Number getMinReplicas();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* 1
+
+The minimum number of replicas that can be scaled down to.
+
+Can be set to 0 if the alpha feature gate `HPAScaleToZero` is enabled and
+at least one Object or External metric is configured.
+
+---
+
+##### `scaleDown`Optional
+
+```java
+public ScalingRules getScaleDown();
+```
+
+- *Type:* [`org.cdk8s.plus27.ScalingRules`](#org.cdk8s.plus27.ScalingRules)
+- *Default:* Scale down to minReplica count with a 5 minute stabilization window.
+
+The scaling behavior when scaling down.
+
+---
+
+##### `scaleUp`Optional
+
+```java
+public ScalingRules getScaleUp();
+```
+
+- *Type:* [`org.cdk8s.plus27.ScalingRules`](#org.cdk8s.plus27.ScalingRules)
+- *Default:* Is the higher of:
+* Increase no more than 4 pods per 60 seconds
+* Double the number of pods per 60 seconds
+
+The scaling behavior when scaling up.
+
+---
+
+### HostAlias
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's /etc/hosts file.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.HostAlias;
+
+HostAlias.builder()
+ .hostnames(java.util.List)
+ .ip(java.lang.String)
+ .build();
+```
+
+##### `hostnames`Required
+
+```java
+public java.util.List getHostnames();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+
+Hostnames for the chosen IP address.
+
+---
+
+##### `ip`Required
+
+```java
+public java.lang.String getIp();
+```
+
+- *Type:* `java.lang.String`
+
+IP address of the host file entry.
+
+---
+
+### HostPathVolumeOptions
+
+Options for a HostPathVolume-based volume.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.HostPathVolumeOptions;
+
+HostPathVolumeOptions.builder()
+ .path(java.lang.String)
+// .type(HostPathVolumeType)
+ .build();
+```
+
+##### `path`Required
+
+```java
+public java.lang.String getPath();
+```
+
+- *Type:* `java.lang.String`
+
+The path of the directory on the host.
+
+---
+
+##### `type`Optional
+
+```java
+public HostPathVolumeType getType();
+```
+
+- *Type:* [`org.cdk8s.plus27.HostPathVolumeType`](#org.cdk8s.plus27.HostPathVolumeType)
+- *Default:* HostPathVolumeType.DEFAULT
+
+The expected type of the path found on the host.
+
+---
+
+### HttpGetProbeOptions
+
+Options for `Probe.fromHttpGet()`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.HttpGetProbeOptions;
+
+HttpGetProbeOptions.builder()
+// .failureThreshold(java.lang.Number)
+// .initialDelaySeconds(Duration)
+// .periodSeconds(Duration)
+// .successThreshold(java.lang.Number)
+// .timeoutSeconds(Duration)
+// .port(java.lang.Number)
+// .scheme(ConnectionScheme)
+ .build();
+```
+
+##### `failureThreshold`Optional
+
+```java
+public java.lang.Number getFailureThreshold();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* 3
+
+Minimum consecutive failures for the probe to be considered failed after having succeeded.
+
+Defaults to 3. Minimum value is 1.
+
+---
+
+##### `initialDelaySeconds`Optional
+
+```java
+public Duration getInitialDelaySeconds();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* immediate
+
+Number of seconds after the container has started before liveness probes are initiated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+
+---
+
+##### `periodSeconds`Optional
+
+```java
+public Duration getPeriodSeconds();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(10) Minimum value is 1.
+
+How often (in seconds) to perform the probe.
+
+Default to 10 seconds. Minimum value is 1.
+
+---
+
+##### `successThreshold`Optional
+
+```java
+public java.lang.Number getSuccessThreshold();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* 1 Must be 1 for liveness and startup. Minimum value is 1.
+
+Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1.
+
+Must be 1 for liveness and startup. Minimum value is 1.
+
+---
+
+##### `timeoutSeconds`Optional
+
+```java
+public Duration getTimeoutSeconds();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(1)
+
+Number of seconds after which the probe times out.
+
+Defaults to 1 second. Minimum value is 1.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+
+---
+
+##### `port`Optional
+
+```java
+public java.lang.Number getPort();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* defaults to `container.port`.
+
+The TCP port to use when sending the GET request.
+
+---
+
+##### `scheme`Optional
+
+```java
+public ConnectionScheme getScheme();
+```
+
+- *Type:* [`org.cdk8s.plus27.ConnectionScheme`](#org.cdk8s.plus27.ConnectionScheme)
+- *Default:* ConnectionScheme.HTTP
+
+Scheme to use for connecting to the host (HTTP or HTTPS).
+
+---
+
+### IngressProps
+
+Properties for `Ingress`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.IngressProps;
+
+IngressProps.builder()
+// .metadata(ApiObjectMetadata)
+// .defaultBackend(IngressBackend)
+// .rules(java.util.List)
+// .tls(java.util.List)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `defaultBackend`Optional
+
+```java
+public IngressBackend getDefaultBackend();
+```
+
+- *Type:* [`org.cdk8s.plus27.IngressBackend`](#org.cdk8s.plus27.IngressBackend)
+
+The default backend services requests that do not match any rule.
+
+Using this option or the `addDefaultBackend()` method is equivalent to
+adding a rule with both `path` and `host` undefined.
+
+---
+
+##### `rules`Optional
+
+```java
+public java.util.List getRules();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.IngressRule`](#org.cdk8s.plus27.IngressRule)>
+
+Routing rules for this ingress.
+
+Each rule must define an `IngressBackend` that will receive the requests
+that match this rule. If both `host` and `path` are not specifiec, this
+backend will be used as the default backend of the ingress.
+
+You can also add rules later using `addRule()`, `addHostRule()`,
+`addDefaultBackend()` and `addHostDefaultBackend()`.
+
+---
+
+##### `tls`Optional
+
+```java
+public java.util.List getTls();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.IngressTls`](#org.cdk8s.plus27.IngressTls)>
+
+TLS settings for this ingress.
+
+Using this option tells the ingress controller to expose a TLS endpoint.
+Currently the Ingress only supports a single TLS port, 443. If multiple
+members of this list specify different hosts, they will be multiplexed on
+the same port according to the hostname specified through the SNI TLS
+extension, if the ingress controller fulfilling the ingress supports SNI.
+
+---
+
+### IngressRule
+
+Represents the rules mapping the paths under a specified host to the related backend services.
+
+Incoming requests are first evaluated for a host match,
+then routed to the backend associated with the matching path.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.IngressRule;
+
+IngressRule.builder()
+ .backend(IngressBackend)
+// .host(java.lang.String)
+// .path(java.lang.String)
+// .pathType(HttpIngressPathType)
+ .build();
+```
+
+##### `backend`Required
+
+```java
+public IngressBackend getBackend();
+```
+
+- *Type:* [`org.cdk8s.plus27.IngressBackend`](#org.cdk8s.plus27.IngressBackend)
+
+Backend defines the referenced service endpoint to which the traffic will be forwarded to.
+
+---
+
+##### `host`Optional
+
+```java
+public java.lang.String getHost();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* If the host is unspecified, the Ingress routes all traffic based
+on the specified IngressRuleValue.
+
+Host is the fully qualified domain name of a network host, as defined by RFC 3986.
+
+Note the following deviations from the "host" part of the URI as
+defined in the RFC: 1. IPs are not allowed. Currently an IngressRuleValue
+can only apply to the IP in the Spec of the parent Ingress. 2. The `:`
+delimiter is not respected because ports are not allowed. Currently the
+port of an Ingress is implicitly :80 for http and :443 for https. Both
+these may change in the future. Incoming requests are matched against the
+host before the IngressRuleValue.
+
+---
+
+##### `path`Optional
+
+```java
+public java.lang.String getPath();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* If unspecified, the path defaults to a catch all sending traffic
+to the backend.
+
+Path is an extended POSIX regex as defined by IEEE Std 1003.1, (i.e this follows the egrep/unix syntax, not the perl syntax) matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'.
+
+---
+
+##### `pathType`Optional
+
+```java
+public HttpIngressPathType getPathType();
+```
+
+- *Type:* [`org.cdk8s.plus27.HttpIngressPathType`](#org.cdk8s.plus27.HttpIngressPathType)
+
+Specify how the path is matched against request paths.
+
+By default, path
+types will be matched by prefix.
+
+> https://kubernetes.io/docs/concepts/services-networking/ingress/#path-types
+
+---
+
+### IngressTls
+
+Represents the TLS configuration mapping that is passed to the ingress controller for SSL termination.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.IngressTls;
+
+IngressTls.builder()
+// .hosts(java.util.List)
+// .secret(ISecret)
+ .build();
+```
+
+##### `hosts`Optional
+
+```java
+public java.util.List getHosts();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* If unspecified, it defaults to the wildcard host setting for
+the loadbalancer controller fulfilling this Ingress.
+
+Hosts are a list of hosts included in the TLS certificate.
+
+The values in
+this list must match the name/s used in the TLS Secret.
+
+---
+
+##### `secret`Optional
+
+```java
+public ISecret getSecret();
+```
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* If unspecified, it allows SSL routing based on SNI hostname.
+
+Secret is the secret that contains the certificate and key used to terminate SSL traffic on 443.
+
+If the SNI host in a listener conflicts with
+the "Host" header field used by an IngressRule, the SNI host is used for
+termination and value of the Host header is used for routing.
+
+---
+
+### JobProps
+
+Properties for `Job`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.JobProps;
+
+JobProps.builder()
+// .metadata(ApiObjectMetadata)
+// .automountServiceAccountToken(java.lang.Boolean)
+// .containers(java.util.List)
+// .dns(PodDnsProps)
+// .dockerRegistryAuth(ISecret)
+// .hostAliases(java.util.List)
+// .hostNetwork(java.lang.Boolean)
+// .initContainers(java.util.List)
+// .isolate(java.lang.Boolean)
+// .restartPolicy(RestartPolicy)
+// .securityContext(PodSecurityContextProps)
+// .serviceAccount(IServiceAccount)
+// .terminationGracePeriod(Duration)
+// .volumes(java.util.List)
+// .podMetadata(ApiObjectMetadata)
+// .select(java.lang.Boolean)
+// .spread(java.lang.Boolean)
+// .activeDeadline(Duration)
+// .backoffLimit(java.lang.Number)
+// .ttlAfterFinished(Duration)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `automountServiceAccountToken`Optional
+
+```java
+public java.lang.Boolean getAutomountServiceAccountToken();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Indicates whether a service account token should be automatically mounted.
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+
+---
+
+##### `containers`Optional
+
+```java
+public java.util.List getContainers();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No containers. Note that a pod spec must include at least one container.
+
+List of containers belonging to the pod.
+
+Containers cannot currently be
+added or removed. There must be at least one container in a Pod.
+
+You can add additionnal containers using `podSpec.addContainer()`
+
+---
+
+##### `dns`Optional
+
+```java
+public PodDnsProps getDns();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodDnsProps`](#org.cdk8s.plus27.PodDnsProps)
+- *Default:* policy: DnsPolicy.CLUSTER_FIRST
+ hostnameAsFQDN: false
+
+DNS settings for the pod.
+
+> https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+
+---
+
+##### `dockerRegistryAuth`Optional
+
+```java
+public ISecret getDockerRegistryAuth();
+```
+
+- *Type:* [`org.cdk8s.plus27.ISecret`](#org.cdk8s.plus27.ISecret)
+- *Default:* No auth. Images are assumed to be publicly available.
+
+A secret containing docker credentials for authenticating to a registry.
+
+---
+
+##### `hostAliases`Optional
+
+```java
+public java.util.List getHostAliases();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.HostAlias`](#org.cdk8s.plus27.HostAlias)>
+
+HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
+
+---
+
+##### `hostNetwork`Optional
+
+```java
+public java.lang.Boolean getHostNetwork();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Host network for the pod.
+
+---
+
+##### `initContainers`Optional
+
+```java
+public java.util.List getInitContainers();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.ContainerProps`](#org.cdk8s.plus27.ContainerProps)>
+- *Default:* No init containers.
+
+List of initialization containers belonging to the pod.
+
+Init containers are executed in order prior to containers being started.
+If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy.
+The name for an init container or normal container must be unique among all containers.
+Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
+The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit
+for each resource type, and then using the max of of that value or the sum of the normal containers.
+Limits are applied to init containers in a similar fashion.
+
+Init containers cannot currently be added ,removed or updated.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+
+---
+
+##### `isolate`Optional
+
+```java
+public java.lang.Boolean getIsolate();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Isolates the pod.
+
+This will prevent any ingress or egress connections to / from this pod.
+You can however allow explicit connections post instantiation by using the `.connections` property.
+
+---
+
+##### `restartPolicy`Optional
+
+```java
+public RestartPolicy getRestartPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.RestartPolicy`](#org.cdk8s.plus27.RestartPolicy)
+- *Default:* RestartPolicy.ALWAYS
+
+Restart policy for all containers within the pod.
+
+> https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+
+---
+
+##### `securityContext`Optional
+
+```java
+public PodSecurityContextProps getSecurityContext();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodSecurityContextProps`](#org.cdk8s.plus27.PodSecurityContextProps)
+- *Default:* fsGroupChangePolicy: FsGroupChangePolicy.FsGroupChangePolicy.ALWAYS
+ ensureNonRoot: true
+
+SecurityContext holds pod-level security attributes and common container settings.
+
+---
+
+##### `serviceAccount`Optional
+
+```java
+public IServiceAccount getServiceAccount();
+```
+
+- *Type:* [`org.cdk8s.plus27.IServiceAccount`](#org.cdk8s.plus27.IServiceAccount)
+- *Default:* No service account.
+
+A service account provides an identity for processes that run in a Pod.
+
+When you (a human) access the cluster (for example, using kubectl), you are
+authenticated by the apiserver as a particular User Account (currently this
+is usually admin, unless your cluster administrator has customized your
+cluster). Processes in containers inside pods can also contact the
+apiserver. When they do, they are authenticated as a particular Service
+Account (for example, default).
+
+> https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
+---
+
+##### `terminationGracePeriod`Optional
+
+```java
+public Duration getTerminationGracePeriod();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* Duration.seconds(30)
+
+Grace period until the pod is terminated.
+
+---
+
+##### `volumes`Optional
+
+```java
+public java.util.List getVolumes();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.Volume`](#org.cdk8s.plus27.Volume)>
+- *Default:* No volumes.
+
+List of volumes that can be mounted by containers belonging to the pod.
+
+You can also add volumes later using `podSpec.addVolume()`
+
+> https://kubernetes.io/docs/concepts/storage/volumes
+
+---
+
+##### `podMetadata`Optional
+
+```java
+public ApiObjectMetadata getPodMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+The pod metadata of this workload.
+
+---
+
+##### `select`Optional
+
+```java
+public java.lang.Boolean getSelect();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* true
+
+Automatically allocates a pod label selector for this workload and add it to the pod metadata.
+
+This ensures this workload manages pods created by
+its pod template.
+
+---
+
+##### `spread`Optional
+
+```java
+public java.lang.Boolean getSpread();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Automatically spread pods across hostname and zones.
+
+> https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints
+
+---
+
+##### `activeDeadline`Optional
+
+```java
+public Duration getActiveDeadline();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* If unset, then there is no deadline.
+
+Specifies the duration the job may be active before the system tries to terminate it.
+
+---
+
+##### `backoffLimit`Optional
+
+```java
+public java.lang.Number getBackoffLimit();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* If not set, system defaults to 6.
+
+Specifies the number of retries before marking this job failed.
+
+---
+
+##### `ttlAfterFinished`Optional
+
+```java
+public Duration getTtlAfterFinished();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* If this field is unset, the Job won't be automatically deleted.
+
+Limits the lifetime of a Job that has finished execution (either Complete or Failed).
+
+If this field is set, after the Job finishes, it is eligible to
+be automatically deleted. When the Job is being deleted, its lifecycle
+guarantees (e.g. finalizers) will be honored. If this field is set to zero,
+the Job becomes eligible to be deleted immediately after it finishes. This
+field is alpha-level and is only honored by servers that enable the
+`TTLAfterFinished` feature.
+
+---
+
+### LabelSelectorOptions
+
+Options for `LabelSelector.of`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.LabelSelectorOptions;
+
+LabelSelectorOptions.builder()
+// .expressions(java.util.List)
+// .labels(java.util.Map)
+ .build();
+```
+
+##### `expressions`Optional
+
+```java
+public java.util.List getExpressions();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.LabelExpression`](#org.cdk8s.plus27.LabelExpression)>
+
+Expression based label matchers.
+
+---
+
+##### `labels`Optional
+
+```java
+public java.util.Map getLabels();
+```
+
+- *Type:* java.util.Map
+
+Strict label matchers.
+
+---
+
+### LabelSelectorRequirement
+
+A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.LabelSelectorRequirement;
+
+LabelSelectorRequirement.builder()
+ .key(java.lang.String)
+ .operator(java.lang.String)
+// .values(java.util.List)
+ .build();
+```
+
+##### `key`Required
+
+```java
+public java.lang.String getKey();
+```
+
+- *Type:* `java.lang.String`
+
+The label key that the selector applies to.
+
+---
+
+##### `operator`Required
+
+```java
+public java.lang.String getOperator();
+```
+
+- *Type:* `java.lang.String`
+
+Represents a key's relationship to a set of values.
+
+---
+
+##### `values`Optional
+
+```java
+public java.util.List getValues();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+
+An array of string values.
+
+If the operator is In or NotIn, the values array
+must be non-empty. If the operator is Exists or DoesNotExist,
+the values array must be empty. This array is replaced during a strategic merge patch.
+
+---
+
+### MemoryResources
+
+Memory request and limit.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.MemoryResources;
+
+MemoryResources.builder()
+// .limit(Size)
+// .request(Size)
+ .build();
+```
+
+##### `limit`Optional
+
+```java
+public Size getLimit();
+```
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+
+---
+
+##### `request`Optional
+
+```java
+public Size getRequest();
+```
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+
+---
+
+### MetricContainerResourceOptions
+
+Options for `Metric.containerResource()`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.MetricContainerResourceOptions;
+
+MetricContainerResourceOptions.builder()
+ .container(Container)
+ .target(MetricTarget)
+ .build();
+```
+
+##### `container`Required
+
+```java
+public Container getContainer();
+```
+
+- *Type:* [`org.cdk8s.plus27.Container`](#org.cdk8s.plus27.Container)
+
+Container where the metric can be found.
+
+---
+
+##### `target`Required
+
+```java
+public MetricTarget getTarget();
+```
+
+- *Type:* [`org.cdk8s.plus27.MetricTarget`](#org.cdk8s.plus27.MetricTarget)
+
+Target metric value that will trigger scaling.
+
+---
+
+### MetricObjectOptions
+
+Options for `Metric.object()`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.MetricObjectOptions;
+
+MetricObjectOptions.builder()
+ .name(java.lang.String)
+ .target(MetricTarget)
+// .labelSelector(LabelSelector)
+ .object(IResource)
+ .build();
+```
+
+##### `name`Required
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+
+The name of the metric to scale on.
+
+---
+
+##### `target`Required
+
+```java
+public MetricTarget getTarget();
+```
+
+- *Type:* [`org.cdk8s.plus27.MetricTarget`](#org.cdk8s.plus27.MetricTarget)
+
+The target metric value that will trigger scaling.
+
+---
+
+##### `labelSelector`Optional
+
+```java
+public LabelSelector getLabelSelector();
+```
+
+- *Type:* [`org.cdk8s.plus27.LabelSelector`](#org.cdk8s.plus27.LabelSelector)
+- *Default:* Just the metric 'name' will be used to gather metrics.
+
+A selector to find a metric by label.
+
+When set, it is passed as an additional parameter to the metrics server
+for more specific metrics scoping.
+
+---
+
+##### `object`Required
+
+```java
+public IResource getObject();
+```
+
+- *Type:* [`org.cdk8s.plus27.IResource`](#org.cdk8s.plus27.IResource)
+
+Resource where the metric can be found.
+
+---
+
+### MetricOptions
+
+Base options for a Metric.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.MetricOptions;
+
+MetricOptions.builder()
+ .name(java.lang.String)
+ .target(MetricTarget)
+// .labelSelector(LabelSelector)
+ .build();
+```
+
+##### `name`Required
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+
+The name of the metric to scale on.
+
+---
+
+##### `target`Required
+
+```java
+public MetricTarget getTarget();
+```
+
+- *Type:* [`org.cdk8s.plus27.MetricTarget`](#org.cdk8s.plus27.MetricTarget)
+
+The target metric value that will trigger scaling.
+
+---
+
+##### `labelSelector`Optional
+
+```java
+public LabelSelector getLabelSelector();
+```
+
+- *Type:* [`org.cdk8s.plus27.LabelSelector`](#org.cdk8s.plus27.LabelSelector)
+- *Default:* Just the metric 'name' will be used to gather metrics.
+
+A selector to find a metric by label.
+
+When set, it is passed as an additional parameter to the metrics server
+for more specific metrics scoping.
+
+---
+
+### MountOptions
+
+Options for mounts.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.MountOptions;
+
+MountOptions.builder()
+// .propagation(MountPropagation)
+// .readOnly(java.lang.Boolean)
+// .subPath(java.lang.String)
+// .subPathExpr(java.lang.String)
+ .build();
+```
+
+##### `propagation`Optional
+
+```java
+public MountPropagation getPropagation();
+```
+
+- *Type:* [`org.cdk8s.plus27.MountPropagation`](#org.cdk8s.plus27.MountPropagation)
+- *Default:* MountPropagation.NONE
+
+Determines how mounts are propagated from the host to container and the other way around.
+
+When not set, MountPropagationNone is used.
+
+Mount propagation allows for sharing volumes mounted by a Container to
+other Containers in the same Pod, or even to other Pods on the same node.
+
+---
+
+##### `readOnly`Optional
+
+```java
+public java.lang.Boolean getReadOnly();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Mounted read-only if true, read-write otherwise (false or unspecified).
+
+Defaults to false.
+
+---
+
+##### `subPath`Optional
+
+```java
+public java.lang.String getSubPath();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* "" the volume's root
+
+Path within the volume from which the container's volume should be mounted.).
+
+---
+
+##### `subPathExpr`Optional
+
+```java
+public java.lang.String getSubPathExpr();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* "" volume's root.
+
+Expanded path within the volume from which the container's volume should be mounted.
+
+Behaves similarly to SubPath but environment variable references
+$(VAR_NAME) are expanded using the container's environment. Defaults to ""
+(volume's root).
+
+`subPathExpr` and `subPath` are mutually exclusive.
+
+---
+
+### NamespaceProps
+
+Properties for `Namespace`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.NamespaceProps;
+
+NamespaceProps.builder()
+// .metadata(ApiObjectMetadata)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+### NamespaceSelectorConfig
+
+Configuration for selecting namespaces.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.NamespaceSelectorConfig;
+
+NamespaceSelectorConfig.builder()
+// .labelSelector(LabelSelector)
+// .names(java.util.List)
+ .build();
+```
+
+##### `labelSelector`Optional
+
+```java
+public LabelSelector getLabelSelector();
+```
+
+- *Type:* [`org.cdk8s.plus27.LabelSelector`](#org.cdk8s.plus27.LabelSelector)
+
+A selector to select namespaces by labels.
+
+---
+
+##### `names`Optional
+
+```java
+public java.util.List getNames();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+
+A list of names to select namespaces by names.
+
+---
+
+### NamespacesSelectOptions
+
+Options for `Namespaces.select`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.NamespacesSelectOptions;
+
+NamespacesSelectOptions.builder()
+// .expressions(java.util.List)
+// .labels(java.util.Map)
+// .names(java.util.List)
+ .build();
+```
+
+##### `expressions`Optional
+
+```java
+public java.util.List getExpressions();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.LabelExpression`](#org.cdk8s.plus27.LabelExpression)>
+- *Default:* no selector requirements.
+
+Namespaces must satisfy these selectors.
+
+The selectors query labels, just like the `labels` property, but they
+provide a more advanced matching mechanism.
+
+---
+
+##### `labels`Optional
+
+```java
+public java.util.Map getLabels();
+```
+
+- *Type:* java.util.Map
+- *Default:* no strict labels requirements.
+
+Labels the namespaces must have.
+
+This is equivalent to using an 'Is' selector.
+
+---
+
+##### `names`Optional
+
+```java
+public java.util.List getNames();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* no name requirements.
+
+Namespaces names must be one of these.
+
+---
+
+### NetworkPolicyAddEgressRuleOptions
+
+Options for `NetworkPolicy.addEgressRule`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.NetworkPolicyAddEgressRuleOptions;
+
+NetworkPolicyAddEgressRuleOptions.builder()
+// .ports(java.util.List)
+ .build();
+```
+
+##### `ports`Optional
+
+```java
+public java.util.List getPorts();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.NetworkPolicyPort`](#org.cdk8s.plus27.NetworkPolicyPort)>
+- *Default:* If the peer is a managed pod, take its ports. Otherwise, all ports are allowed.
+
+Ports the rule should allow outgoing traffic to.
+
+---
+
+### NetworkPolicyPeerConfig
+
+Configuration for network peers.
+
+A peer can either by an ip block, or a selection of pods, not both.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.NetworkPolicyPeerConfig;
+
+NetworkPolicyPeerConfig.builder()
+// .ipBlock(NetworkPolicyIpBlock)
+// .podSelector(PodSelectorConfig)
+ .build();
+```
+
+##### `ipBlock`Optional
+
+```java
+public NetworkPolicyIpBlock getIpBlock();
+```
+
+- *Type:* [`org.cdk8s.plus27.NetworkPolicyIpBlock`](#org.cdk8s.plus27.NetworkPolicyIpBlock)
+
+The ip block this peer represents.
+
+---
+
+##### `podSelector`Optional
+
+```java
+public PodSelectorConfig getPodSelector();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodSelectorConfig`](#org.cdk8s.plus27.PodSelectorConfig)
+
+The pod selector this peer represents.
+
+---
+
+### NetworkPolicyPortProps
+
+Properties for `NetworkPolicyPort`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.NetworkPolicyPortProps;
+
+NetworkPolicyPortProps.builder()
+// .endPort(java.lang.Number)
+// .port(java.lang.Number)
+// .protocol(NetworkProtocol)
+ .build();
+```
+
+##### `endPort`Optional
+
+```java
+public java.lang.Number getEndPort();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* not a port range.
+
+End port (relative to `port`).
+
+Only applies if `port` is defined.
+Use this to specify a port range, rather that a specific one.
+
+---
+
+##### `port`Optional
+
+```java
+public java.lang.Number getPort();
+```
+
+- *Type:* `java.lang.Number`
+- *Default:* all ports are allowed.
+
+Specific port number.
+
+---
+
+##### `protocol`Optional
+
+```java
+public NetworkProtocol getProtocol();
+```
+
+- *Type:* [`org.cdk8s.plus27.NetworkProtocol`](#org.cdk8s.plus27.NetworkProtocol)
+- *Default:* NetworkProtocol.TCP
+
+Protocol.
+
+---
+
+### NetworkPolicyProps
+
+Properties for `NetworkPolicy`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.NetworkPolicyProps;
+
+NetworkPolicyProps.builder()
+// .metadata(ApiObjectMetadata)
+// .egress(NetworkPolicyTraffic)
+// .ingress(NetworkPolicyTraffic)
+// .selector(IPodSelector)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `egress`Optional
+
+```java
+public NetworkPolicyTraffic getEgress();
+```
+
+- *Type:* [`org.cdk8s.plus27.NetworkPolicyTraffic`](#org.cdk8s.plus27.NetworkPolicyTraffic)
+- *Default:* the policy doesn't change egress behavior of the pods it selects.
+
+Egress traffic configuration.
+
+---
+
+##### `ingress`Optional
+
+```java
+public NetworkPolicyTraffic getIngress();
+```
+
+- *Type:* [`org.cdk8s.plus27.NetworkPolicyTraffic`](#org.cdk8s.plus27.NetworkPolicyTraffic)
+- *Default:* the policy doesn't change ingress behavior of the pods it selects.
+
+Ingress traffic configuration.
+
+---
+
+##### `selector`Optional
+
+```java
+public IPodSelector getSelector();
+```
+
+- *Type:* [`org.cdk8s.plus27.IPodSelector`](#org.cdk8s.plus27.IPodSelector)
+- *Default:* will select all pods in the namespace of the policy.
+
+Which pods does this policy object applies to.
+
+This can either be a single pod / workload, or a grouping of pods selected
+via the `Pods.select` function. Rules is applied to any pods selected by this property.
+Multiple network policies can select the same set of pods.
+In this case, the rules for each are combined additively.
+
+Note that
+
+---
+
+### NetworkPolicyRule
+
+Describes a rule allowing traffic from / to pods matched by a network policy selector.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.NetworkPolicyRule;
+
+NetworkPolicyRule.builder()
+ .peer(INetworkPolicyPeer)
+// .ports(java.util.List)
+ .build();
+```
+
+##### `peer`Required
+
+```java
+public INetworkPolicyPeer getPeer();
+```
+
+- *Type:* [`org.cdk8s.plus27.INetworkPolicyPeer`](#org.cdk8s.plus27.INetworkPolicyPeer)
+
+Peer this rule interacts with.
+
+---
+
+##### `ports`Optional
+
+```java
+public java.util.List getPorts();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.NetworkPolicyPort`](#org.cdk8s.plus27.NetworkPolicyPort)>
+- *Default:* traffic is allowed on all ports.
+
+The ports of the rule.
+
+---
+
+### NetworkPolicyTraffic
+
+Describes how the network policy should configure egress / ingress traffic.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.NetworkPolicyTraffic;
+
+NetworkPolicyTraffic.builder()
+// .default(NetworkPolicyTrafficDefault)
+// .rules(java.util.List)
+ .build();
+```
+
+##### `default`Optional
+
+```java
+public NetworkPolicyTrafficDefault getDefault();
+```
+
+- *Type:* [`org.cdk8s.plus27.NetworkPolicyTrafficDefault`](#org.cdk8s.plus27.NetworkPolicyTrafficDefault)
+- *Default:* unset, the policy does not change the behavior.
+
+Specifies the default behavior of the policy when no rules are defined.
+
+---
+
+##### `rules`Optional
+
+```java
+public java.util.List getRules();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.NetworkPolicyRule`](#org.cdk8s.plus27.NetworkPolicyRule)>
+- *Default:* no rules
+
+List of rules to be applied to the selected pods.
+
+If empty, the behavior of the policy is dictated by the `default` property.
+
+---
+
+### NfsVolumeOptions
+
+Options for the NFS based volume.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.NfsVolumeOptions;
+
+NfsVolumeOptions.builder()
+ .path(java.lang.String)
+ .server(java.lang.String)
+// .readOnly(java.lang.Boolean)
+ .build();
+```
+
+##### `path`Required
+
+```java
+public java.lang.String getPath();
+```
+
+- *Type:* `java.lang.String`
+
+Path that is exported by the NFS server.
+
+---
+
+##### `server`Required
+
+```java
+public java.lang.String getServer();
+```
+
+- *Type:* `java.lang.String`
+
+Server is the hostname or IP address of the NFS server.
+
+---
+
+##### `readOnly`Optional
+
+```java
+public java.lang.Boolean getReadOnly();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+If set to true, will force the NFS export to be mounted with read-only permissions.
+
+---
+
+### NodeTaintQueryOptions
+
+Options for `NodeTaintQuery`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.NodeTaintQueryOptions;
+
+NodeTaintQueryOptions.builder()
+// .effect(TaintEffect)
+// .evictAfter(Duration)
+ .build();
+```
+
+##### `effect`Optional
+
+```java
+public TaintEffect getEffect();
+```
+
+- *Type:* [`org.cdk8s.plus27.TaintEffect`](#org.cdk8s.plus27.TaintEffect)
+- *Default:* all effects are matched.
+
+The taint effect to match.
+
+---
+
+##### `evictAfter`Optional
+
+```java
+public Duration getEvictAfter();
+```
+
+- *Type:* [`org.cdk8s.Duration`](#org.cdk8s.Duration)
+- *Default:* bound forever.
+
+How much time should a pod that tolerates the `NO_EXECUTE` effect be bound to the node.
+
+Only applies for the `NO_EXECUTE` effect.
+
+---
+
+### PathMapping
+
+Maps a string key to a path within a volume.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.PathMapping;
+
+PathMapping.builder()
+ .path(java.lang.String)
+// .mode(java.lang.Number)
+ .build();
+```
+
+##### `path`Required
+
+```java
+public java.lang.String getPath();
+```
+
+- *Type:* `java.lang.String`
+
+The relative path of the file to map the key to.
+
+May not be an absolute
+path. May not contain the path element '..'. May not start with the string
+'..'.
+
+---
+
+##### `mode`Optional
+
+```java
+public java.lang.Number getMode();
+```
+
+- *Type:* `java.lang.Number`
+
+Optional: mode bits to use on this file, must be a value between 0 and 0777.
+
+If not specified, the volume defaultMode will be used. This might be
+in conflict with other options that affect the file mode, like fsGroup, and
+the result can be other mode bits set.
+
+---
+
+### PersistentVolumeClaimProps
+
+Properties for `PersistentVolumeClaim`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.PersistentVolumeClaimProps;
+
+PersistentVolumeClaimProps.builder()
+// .metadata(ApiObjectMetadata)
+// .accessModes(java.util.List)
+// .storage(Size)
+// .storageClassName(java.lang.String)
+// .volume(IPersistentVolume)
+// .volumeMode(PersistentVolumeMode)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `accessModes`Optional
+
+```java
+public java.util.List getAccessModes();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.PersistentVolumeAccessMode`](#org.cdk8s.plus27.PersistentVolumeAccessMode)>
+- *Default:* No access modes requirement.
+
+Contains the access modes the volume should support.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
+
+---
+
+##### `storage`Optional
+
+```java
+public Size getStorage();
+```
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+- *Default:* No storage requirement.
+
+Minimum storage size the volume should have.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+
+---
+
+##### `storageClassName`Optional
+
+```java
+public java.lang.String getStorageClassName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* Not set.
+
+Name of the StorageClass required by the claim. When this property is not set, the behavior is as follows:.
+
+* If the admission plugin is turned on, the storage class marked as default will be used.
+* If the admission plugin is turned off, the pvc can only be bound to volumes without a storage class.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
+
+---
+
+##### `volume`Optional
+
+```java
+public IPersistentVolume getVolume();
+```
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolume`](#org.cdk8s.plus27.IPersistentVolume)
+- *Default:* No specific volume binding.
+
+The PersistentVolume backing this claim.
+
+The control plane still checks that storage class, access modes,
+and requested storage size on the volume are valid.
+
+Note that in order to guarantee a proper binding, the volume should
+also define a `claimRef` referring to this claim. Otherwise, the volume may be
+claimed be other pvc's before it gets a chance to bind to this one.
+
+If the volume is managed (i.e not imported), you can use `pv.claim()` to easily
+create a bi-directional bounded claim.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes/#binding.
+
+---
+
+##### `volumeMode`Optional
+
+```java
+public PersistentVolumeMode getVolumeMode();
+```
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeMode`](#org.cdk8s.plus27.PersistentVolumeMode)
+- *Default:* VolumeMode.FILE_SYSTEM
+
+Defines what type of volume is required by the claim.
+
+---
+
+### PersistentVolumeClaimVolumeOptions
+
+Options for a PersistentVolumeClaim-based volume.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.PersistentVolumeClaimVolumeOptions;
+
+PersistentVolumeClaimVolumeOptions.builder()
+// .name(java.lang.String)
+// .readOnly(java.lang.Boolean)
+ .build();
+```
+
+##### `name`Optional
+
+```java
+public java.lang.String getName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* Derived from the PVC name.
+
+The volume name.
+
+---
+
+##### `readOnly`Optional
+
+```java
+public java.lang.Boolean getReadOnly();
+```
+
+- *Type:* `java.lang.Boolean`
+- *Default:* false
+
+Will force the ReadOnly setting in VolumeMounts.
+
+---
+
+### PersistentVolumeProps
+
+Properties for `PersistentVolume`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.PersistentVolumeProps;
+
+PersistentVolumeProps.builder()
+// .metadata(ApiObjectMetadata)
+// .accessModes(java.util.List)
+// .claim(IPersistentVolumeClaim)
+// .mountOptions(java.util.List)
+// .reclaimPolicy(PersistentVolumeReclaimPolicy)
+// .storage(Size)
+// .storageClassName(java.lang.String)
+// .volumeMode(PersistentVolumeMode)
+ .build();
+```
+
+##### `metadata`Optional
+
+```java
+public ApiObjectMetadata getMetadata();
+```
+
+- *Type:* [`org.cdk8s.ApiObjectMetadata`](#org.cdk8s.ApiObjectMetadata)
+
+Metadata that all persisted resources must have, which includes all objects users must create.
+
+---
+
+##### `accessModes`Optional
+
+```java
+public java.util.List getAccessModes();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.PersistentVolumeAccessMode`](#org.cdk8s.plus27.PersistentVolumeAccessMode)>
+- *Default:* No access modes.
+
+Contains all ways the volume can be mounted.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
+
+---
+
+##### `claim`Optional
+
+```java
+public IPersistentVolumeClaim getClaim();
+```
+
+- *Type:* [`org.cdk8s.plus27.IPersistentVolumeClaim`](#org.cdk8s.plus27.IPersistentVolumeClaim)
+- *Default:* Not bound to a specific claim.
+
+Part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
+
+Expected to be non-nil when bound.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
+
+---
+
+##### `mountOptions`Optional
+
+```java
+public java.util.List getMountOptions();
+```
+
+- *Type:* java.util.List<`java.lang.String`>
+- *Default:* No options.
+
+A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will simply fail if one is invalid.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
+
+---
+
+##### `reclaimPolicy`Optional
+
+```java
+public PersistentVolumeReclaimPolicy getReclaimPolicy();
+```
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeReclaimPolicy`](#org.cdk8s.plus27.PersistentVolumeReclaimPolicy)
+- *Default:* PersistentVolumeReclaimPolicy.RETAIN
+
+When a user is done with their volume, they can delete the PVC objects from the API that allows reclamation of the resource.
+
+The reclaim policy tells the cluster what to do with
+the volume after it has been released of its claim.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
+
+---
+
+##### `storage`Optional
+
+```java
+public Size getStorage();
+```
+
+- *Type:* [`org.cdk8s.Size`](#org.cdk8s.Size)
+- *Default:* No specified.
+
+What is the storage capacity of this volume.
+
+> https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+
+---
+
+##### `storageClassName`Optional
+
+```java
+public java.lang.String getStorageClassName();
+```
+
+- *Type:* `java.lang.String`
+- *Default:* Volume does not belong to any storage class.
+
+Name of StorageClass to which this persistent volume belongs.
+
+---
+
+##### `volumeMode`Optional
+
+```java
+public PersistentVolumeMode getVolumeMode();
+```
+
+- *Type:* [`org.cdk8s.plus27.PersistentVolumeMode`](#org.cdk8s.plus27.PersistentVolumeMode)
+- *Default:* VolumeMode.FILE_SYSTEM
+
+Defines what type of volume is required by the claim.
+
+---
+
+### PodConnectionsAllowFromOptions
+
+Options for `PodConnections.allowFrom`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.PodConnectionsAllowFromOptions;
+
+PodConnectionsAllowFromOptions.builder()
+// .isolation(PodConnectionsIsolation)
+// .ports(java.util.List)
+ .build();
+```
+
+##### `isolation`Optional
+
+```java
+public PodConnectionsIsolation getIsolation();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodConnectionsIsolation`](#org.cdk8s.plus27.PodConnectionsIsolation)
+- *Default:* unset, isolates both the pod and the peer.
+
+Which isolation should be applied to establish the connection.
+
+---
+
+##### `ports`Optional
+
+```java
+public java.util.List getPorts();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.NetworkPolicyPort`](#org.cdk8s.plus27.NetworkPolicyPort)>
+- *Default:* The pod ports.
+
+Ports to allow incoming traffic to.
+
+---
+
+### PodConnectionsAllowToOptions
+
+Options for `PodConnections.allowTo`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.PodConnectionsAllowToOptions;
+
+PodConnectionsAllowToOptions.builder()
+// .isolation(PodConnectionsIsolation)
+// .ports(java.util.List)
+ .build();
+```
+
+##### `isolation`Optional
+
+```java
+public PodConnectionsIsolation getIsolation();
+```
+
+- *Type:* [`org.cdk8s.plus27.PodConnectionsIsolation`](#org.cdk8s.plus27.PodConnectionsIsolation)
+- *Default:* unset, isolates both the pod and the peer.
+
+Which isolation should be applied to establish the connection.
+
+---
+
+##### `ports`Optional
+
+```java
+public java.util.List getPorts();
+```
+
+- *Type:* java.util.List<[`org.cdk8s.plus27.NetworkPolicyPort`](#org.cdk8s.plus27.NetworkPolicyPort)>
+- *Default:* If the peer is a managed pod, take its ports. Otherwise, all ports are allowed.
+
+Ports to allow outgoing traffic to.
+
+---
+
+### PodDnsProps
+
+Properties for `PodDns`.
+
+#### Initializer
+
+```java
+import org.cdk8s.plus27.PodDnsProps;
+
+PodDnsProps.builder()
+// .hostname(java.lang.String)
+// .hostnameAsFQDN(java.lang.Boolean)
+// .nameservers(java.util.List)
+// .options(java.util.List