interface OidcIdentityProviderConfigProperty
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.Mixins.Preview.AWS.EKS.Mixins.CfnIdentityProviderConfigPropsMixin.OidcIdentityProviderConfigProperty |
 Go | github.com/aws/aws-cdk-go/awscdkmixinspreview/v2/awseks/mixins#CfnIdentityProviderConfigPropsMixin_OidcIdentityProviderConfigProperty |
 Java | software.amazon.awscdk.mixins.preview.services.eks.mixins.CfnIdentityProviderConfigPropsMixin.OidcIdentityProviderConfigProperty |
 Python | aws_cdk.mixins_preview.aws_eks.mixins.CfnIdentityProviderConfigPropsMixin.OidcIdentityProviderConfigProperty |
 TypeScript | @aws-cdk/mixins-preview » aws_eks » mixins » CfnIdentityProviderConfigPropsMixin » OidcIdentityProviderConfigProperty |
An object representing the configuration for an OpenID Connect (OIDC) identity provider.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { mixins as eks_mixins } from '@aws-cdk/mixins-preview/aws-eks';
const oidcIdentityProviderConfigProperty: eks_mixins.CfnIdentityProviderConfigPropsMixin.OidcIdentityProviderConfigProperty = {
clientId: 'clientId',
groupsClaim: 'groupsClaim',
groupsPrefix: 'groupsPrefix',
issuerUrl: 'issuerUrl',
requiredClaims: [{
key: 'key',
value: 'value',
}],
usernameClaim: 'usernameClaim',
usernamePrefix: 'usernamePrefix',
};
Properties
| Name | Type | Description |
|---|---|---|
| client | string | This is also known as audience . |
| groups | string | The JSON web token (JWT) claim that the provider uses to return your groups. |
| groups | string | The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups). |
| issuer | string | The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens. |
| required | IResolvable | (IResolvable | Required)[] | The key-value pairs that describe required claims in the identity token. |
| username | string | The JSON Web token (JWT) claim that is used as the username. |
| username | string | The prefix that is prepended to username claims to prevent clashes with existing names. |
clientId?
Type:
string
(optional)
This is also known as audience .
The ID of the client application that makes authentication requests to the OIDC identity provider.
groupsClaim?
Type:
string
(optional)
The JSON web token (JWT) claim that the provider uses to return your groups.
groupsPrefix?
Type:
string
(optional)
The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups).
For example, the value oidc: creates group names like oidc:engineering and oidc:infra . The prefix can't contain system:
issuerUrl?
Type:
string
(optional)
The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.
requiredClaims?
Type:
IResolvable | (IResolvable | Required)[]
(optional)
The key-value pairs that describe required claims in the identity token.
If set, each claim is verified to be present in the token with a matching value.
usernameClaim?
Type:
string
(optional)
The JSON Web token (JWT) claim that is used as the username.
usernamePrefix?
Type:
string
(optional)
The prefix that is prepended to username claims to prevent clashes with existing names.
The prefix can't contain system: