iam-oidc-provider-client-id-list-check

Checks if AWS IAM OIDC providers are configured with approved client IDs. The rule is NON_COMPLIANT if configuration.ClientIdList contains IDs not specified in the required rule parameter.

Identifier: IAM_OIDC_PROVIDER_CLIENT_ID_LIST_CHECK

Resource Types: AWS::IAM::OIDCProvider

Trigger type: Configuration changes

AWS Region: Only available in US East (N. Virginia) Region

Parameters:

allowedClientIds
Type: CSV: Comma-separated list of client IDs for the rule to check. The rule is NON_COMPLIANT if configuration.ClientIdList contains values not specified in this parameter.

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

iam-no-inline-policy-check

iam-oidc-provider-tagged