Class OpenIdConnectProvider
java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.core.Construct
software.amazon.awscdk.core.Resource
software.amazon.awscdk.services.iam.OpenIdConnectProvider
software.amazon.awscdk.services.eks.OpenIdConnectProvider
- All Implemented Interfaces:
IConstruct
,IDependable
,IResource
,IOpenIdConnectProvider
,software.amazon.jsii.JsiiSerializable
,software.constructs.IConstruct
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
date="2023-06-19T16:30:46.658Z")
@Stability(Stable)
public class OpenIdConnectProvider
extends OpenIdConnectProvider
IAM OIDC identity providers are entities in IAM that describe an external identity provider (IdP) service that supports the OpenID Connect (OIDC) standard, such as Google or Salesforce.
You use an IAM OIDC identity provider when you want to establish trust between an OIDC-compatible IdP and your AWS account.
This implementation has default values for thumbprints and clientIds props that will be compatible with the eks cluster
Example:
// or create a new one using an existing issuer url String issuerUrl; // you can import an existing provider IOpenIdConnectProvider provider = OpenIdConnectProvider.fromOpenIdConnectProviderArn(this, "Provider", "arn:aws:iam::123456:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/AB123456ABC"); OpenIdConnectProvider provider2 = OpenIdConnectProvider.Builder.create(this, "Provider") .url(issuerUrl) .build(); ICluster cluster = Cluster.fromClusterAttributes(this, "MyCluster", ClusterAttributes.builder() .clusterName("Cluster") .openIdConnectProvider(provider) .kubectlRoleArn("arn:aws:iam::123456:role/service-role/k8sservicerole") .build()); ServiceAccount serviceAccount = cluster.addServiceAccount("MyServiceAccount"); Bucket bucket = new Bucket(this, "Bucket"); bucket.grantReadWrite(serviceAccount);
-
Nested Class Summary
Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationMode
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct
IConstruct.Jsii$Default
Nested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$Default
Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IOpenIdConnectProvider
IOpenIdConnectProvider.Jsii$Default, IOpenIdConnectProvider.Jsii$Proxy
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IResource
IResource.Jsii$Default
-
Constructor Summary
ModifierConstructorDescriptionprotected
OpenIdConnectProvider
(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protected
OpenIdConnectProvider
(software.amazon.jsii.JsiiObjectRef objRef) OpenIdConnectProvider
(software.constructs.Construct scope, String id, OpenIdConnectProviderProps props) Defines an OpenID Connect provider. -
Method Summary
Methods inherited from class software.amazon.awscdk.services.iam.OpenIdConnectProvider
fromOpenIdConnectProviderArn, getOpenIdConnectProviderArn, getOpenIdConnectProviderIssuer, getOpenIdConnectProviderthumbprints
Methods inherited from class software.amazon.awscdk.core.Resource
applyRemovalPolicy, generatePhysicalName, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, getStack, isResource
Methods inherited from class software.amazon.awscdk.core.Construct
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate
Methods inherited from class software.constructs.Construct
toString
Methods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface software.amazon.awscdk.core.IConstruct
getNode
Methods inherited from interface software.amazon.awscdk.core.IResource
applyRemovalPolicy, getEnv, getStack
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Constructor Details
-
OpenIdConnectProvider
protected OpenIdConnectProvider(software.amazon.jsii.JsiiObjectRef objRef) -
OpenIdConnectProvider
protected OpenIdConnectProvider(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
OpenIdConnectProvider
@Stability(Stable) public OpenIdConnectProvider(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull OpenIdConnectProviderProps props) Defines an OpenID Connect provider.- Parameters:
scope
- The definition scope. This parameter is required.id
- Construct ID. This parameter is required.props
- Initialization properties. This parameter is required.
-