OpenIdConnectProvider (software.amazon.awscdk:aws-cdk-lib 2.42.1 API)

java.lang.Object
- software.amazon.jsii.JsiiObject
- - software.constructs.Construct
  - - software.amazon.awscdk.Resource
    - - software.amazon.awscdk.services.iam.OpenIdConnectProvider
      - software.amazon.awscdk.services.eks.OpenIdConnectProvider

All Implemented Interfaces:: IResource, IOpenIdConnectProvider, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable

@Generated(value="jsii-pacmak/1.67.0 (build 2c027f5)",
           date="2022-09-19T20:26:38.959Z")
 @Stability(value=Stable)
public class OpenIdConnectProvider
extends OpenIdConnectProvider

IAM OIDC identity providers are entities in IAM that describe an external identity provider (IdP) service that supports the OpenID Connect (OIDC) standard, such as Google or Salesforce.

You use an IAM OIDC identity provider when you want to establish trust between an OIDC-compatible IdP and your AWS account.

This implementation has default values for thumbprints and clientIds props that will be compatible with the eks cluster

Example:

 // or create a new one using an existing issuer url
 String issuerUrl;
 // you can import an existing provider
 IOpenIdConnectProvider provider = OpenIdConnectProvider.fromOpenIdConnectProviderArn(this, "Provider", "arn:aws:iam::123456:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/AB123456ABC");
 OpenIdConnectProvider provider2 = OpenIdConnectProvider.Builder.create(this, "Provider")
         .url(issuerUrl)
         .build();
 ICluster cluster = Cluster.fromClusterAttributes(this, "MyCluster", ClusterAttributes.builder()
         .clusterName("Cluster")
         .openIdConnectProvider(provider)
         .kubectlRoleArn("arn:aws:iam::123456:role/service-role/k8sservicerole")
         .build());
 ServiceAccount serviceAccount = cluster.addServiceAccount("MyServiceAccount");
 Bucket bucket = new Bucket(this, "Bucket");
 bucket.grantReadWrite(serviceAccount);

See Also:: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class OpenIdConnectProvider.Builder
A fluent builder for OpenIdConnectProvider.
- Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
  software.amazon.jsii.JsiiObject.InitializationMode
- Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IOpenIdConnectProvider
  IOpenIdConnectProvider.Jsii$Default, IOpenIdConnectProvider.Jsii$Proxy

Nested Classes
Modifier and Type	Class and Description
`static class`	`OpenIdConnectProvider.Builder` A fluent builder for `OpenIdConnectProvider`.

Constructor Summary

Constructors
Modifier	Constructor and Description
	`OpenIdConnectProvider(software.constructs.Construct scope, String id, OpenIdConnectProviderProps props)` Defines an OpenID Connect provider.
`protected`	`OpenIdConnectProvider(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)`
`protected`	`OpenIdConnectProvider(software.amazon.jsii.JsiiObjectRef objRef)`

Method Summary
- Methods inherited from class software.amazon.awscdk.services.iam.OpenIdConnectProvider
  fromOpenIdConnectProviderArn, getOpenIdConnectProviderArn, getOpenIdConnectProviderIssuer
- Methods inherited from class software.amazon.awscdk.Resource
  applyRemovalPolicy, generatePhysicalName, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, getStack, isOwnedResource, isResource
- Methods inherited from class software.constructs.Construct
  getNode, isConstruct, toString
- Methods inherited from class software.amazon.jsii.JsiiObject
  jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet
- Methods inherited from class java.lang.Object
  clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
- Methods inherited from interface software.amazon.awscdk.IResource
  applyRemovalPolicy, getEnv, getStack
- Methods inherited from interface software.constructs.IConstruct
  getNode
- Methods inherited from interface software.amazon.jsii.JsiiSerializable
  $jsii$toJson

Constructor Detail

OpenIdConnectProvider

protected OpenIdConnectProvider(software.amazon.jsii.JsiiObjectRef objRef)

OpenIdConnectProvider

protected OpenIdConnectProvider(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

OpenIdConnectProvider

@Stability(value=Stable)
public OpenIdConnectProvider(@NotNull
                                                      software.constructs.Construct scope,
                                                      @NotNull
                                                      String id,
                                                      @NotNull
                                                      OpenIdConnectProviderProps props)

Defines an OpenID Connect provider.

Parameters:: scope - The definition scope. This parameter is required.; id - Construct ID. This parameter is required.; props - Initialization properties. This parameter is required.

Class OpenIdConnectProvider

Nested Class Summary

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IOpenIdConnectProvider

Constructor Summary

Method Summary

Methods inherited from class software.amazon.awscdk.services.iam.OpenIdConnectProvider

Methods inherited from class software.amazon.awscdk.Resource

Methods inherited from class software.constructs.Construct

Methods inherited from class software.amazon.jsii.JsiiObject

Methods inherited from class java.lang.Object

Methods inherited from interface software.amazon.awscdk.IResource

Methods inherited from interface software.constructs.IConstruct

Methods inherited from interface software.amazon.jsii.JsiiSerializable

Constructor Detail

OpenIdConnectProvider

OpenIdConnectProvider

OpenIdConnectProvider