IncludedOauth2TenantCredentialProviderProps

class aws_cdk.aws_bedrockagentcore.IncludedOauth2TenantCredentialProviderProps(*, o_auth2_credential_provider_name=None, tags=None, client_id, client_secret, authorization_endpoint=None, issuer=None, token_endpoint=None)

Bases: OAuth2CredentialProviderFactoryBaseProps, IncludedOauth2TenantEndpoints

Props for IncludedOauth2ProviderConfig IdPs whose outbound documentation requires issuer, authorizationEndpoint, and/or tokenEndpoint (for example Okta, Auth0, Amazon Cognito, OneLogin, PingOne, CyberArk, FusionAuth).

Parameters:

• o_auth2_credential_provider_name (Optional[str]) – Name of the credential provider. Default: a name generated by CDK

• tags (Optional[Mapping[str, str]]) – Tags for this credential provider. Default: - no tags

• client_id (str) – OAuth2 client identifier.

• client_secret (SecretValue) – OAuth2 client secret. NOTE: The client secret will be included in the CloudFormation template as part of synthesis. The service stores the secret in Secrets Manager after creation, but the value is visible in the template and deployment history. Use SecretValue.unsafePlainText() to explicitly acknowledge plaintext, or pass a reference from another construct to avoid embedding the literal value.

• authorization_endpoint (Optional[str]) – OAuth2 authorization endpoint for your tenant. Default: - not specified; use when your IdP requires an explicit endpoint

• issuer (Optional[str]) – Token issuer URL for your tenant (often the IdP base or issuer URI). Default: - not specified; use when your IdP requires an explicit issuer

• token_endpoint (Optional[str]) – OAuth2 token endpoint for your tenant. Default: - not specified; use when your IdP requires an explicit endpoint

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk as cdk
from aws_cdk import aws_bedrockagentcore as bedrockagentcore

# secret_value: cdk.SecretValue

included_oauth2_tenant_credential_provider_props = bedrockagentcore.IncludedOauth2TenantCredentialProviderProps(
    client_id="clientId",
    client_secret=secret_value,

    # the properties below are optional
    authorization_endpoint="authorizationEndpoint",
    issuer="issuer",
    o_auth2_credential_provider_name="oAuth2CredentialProviderName",
    tags={
        "tags_key": "tags"
    },
    token_endpoint="tokenEndpoint"
)

Attributes

authorization_endpoint

OAuth2 authorization endpoint for your tenant.

Default:

• not specified; use when your IdP requires an explicit endpoint

client_id

OAuth2 client identifier.

client_secret

OAuth2 client secret.

NOTE: The client secret will be included in the CloudFormation template as part of synthesis. The service stores the secret in Secrets Manager after creation, but the value is visible in the template and deployment history. Use SecretValue.unsafePlainText() to explicitly acknowledge plaintext, or pass a reference from another construct to avoid embedding the literal value.

issuer

Token issuer URL for your tenant (often the IdP base or issuer URI).

Default:

• not specified; use when your IdP requires an explicit issuer

o_auth2_credential_provider_name

Name of the credential provider.

Default:

a name generated by CDK

tags

Tags for this credential provider.

Default:

• no tags

token_endpoint

OAuth2 token endpoint for your tenant.

Default:

• not specified; use when your IdP requires an explicit endpoint