Difference between revisions of "OpenID Connect (OIDC)"
Jump to navigation
Jump to search
↑ https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener_rule#action-blocks
(→AWS) |
|||
| (6 intermediate revisions by the same user not shown) | |||
| Line 15: | Line 15: | ||
* [[Creating an IAM OIDC provider for your EKS cluster]] | * [[Creating an IAM OIDC provider for your EKS cluster]] | ||
* [[Managing the Amazon EBS CSI driver as an Amazon EKS add-on]] | * [[Managing the Amazon EBS CSI driver as an Amazon EKS add-on]] | ||
| + | * Read [[About security hardening with OpenID Connect]] | ||
== AWS == | == AWS == | ||
| Line 20: | Line 21: | ||
* <code>[[aws iam create-open-id-connect-provider]]</code> | * <code>[[aws iam create-open-id-connect-provider]]</code> | ||
* <code>[[aws iam get-open-id-connect-provider]]</code> | * <code>[[aws iam get-open-id-connect-provider]]</code> | ||
| − | * [[aws_lb_listener_rule]] | + | * <code>[[aws_lb_listener_rule]]: [[authenticate_oidc]]</code> |
| + | * <code>[[aws sts assume-role-with-web-identity]]</code> | ||
| + | * [[Terraform EKS module]] | ||
| + | * [[Dynamic Credentials with the AWS Provider]] | ||
| + | |||
| + | == GitHub == | ||
| + | * [[Terraform module: Github-oidc-provider]] | ||
==Related terms== | ==Related terms== | ||
| Line 41: | Line 48: | ||
* [[kubectl config set-credentials]] USER_NAME --auth-provider=oidc .../... | * [[kubectl config set-credentials]] USER_NAME --auth-provider=oidc .../... | ||
* <code>[[kubectl krew install oidc-login]]</code> | * <code>[[kubectl krew install oidc-login]]</code> | ||
| + | * [[Google Cloud Identity]] | ||
== See also == | == See also == | ||
Latest revision as of 14:27, 4 July 2024
wikipedia:OpenID Connect identity provider is an authentication layer on top of OAuth 2.0
EKS, aws eks describe-cluster:
.../...
"identity": {
"oidc": {
"issuer": "https://oidc.eks.us-east-2.amazonaws.com/id/6457185BA3C72F8Axxxxxxxx"
}
},
Contents
Activities[edit]
- Creating an IAM OIDC provider for your EKS cluster
- Managing the Amazon EBS CSI driver as an Amazon EKS add-on
- Read About security hardening with OpenID Connect
AWS[edit]
aws iam list-open-id-connect-providersaws iam create-open-id-connect-provideraws iam get-open-id-connect-provideraws_lb_listener_rule: authenticate_oidcaws sts assume-role-with-web-identity- Terraform EKS module
- Dynamic Credentials with the AWS Provider
GitHub[edit]
Related terms[edit]
- Keycloak
- Atlassian: Server vs. Data Center
vault auth enable oidc- IdP, SAML
aws cognito-idp create-identity-provider --provider-type OIDC- EKS OIDC:
eksctl utils associate-iam-oidc-provider kubectl oidc-loginaws eks describe-cluster --name my-cluster --query "cluster.identity.oidc.issuer" --output text- OIDC Identity Provider: IAM OIDC provider
- Terraform resource:
aws_lb_listener_rule: actionblock:forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc. [1] - Terraform resource:
aws_iam_openid_connect_provider
- Access Management (AM) Magic Quadrant
- kubectl config set-credentials USER_NAME --auth-provider=oidc .../...
kubectl krew install oidc-login- Google Cloud Identity
See also[edit]
aws iam oidc[list-open-id-connect-providers | create-open-id-connect-provider | get-open-id-connect-provider]- OIDC,
kubectl oidc-login, AWS IAM OIDC, EKS OIDC, EKS module,aws iam list-open-id-connect-providers | aws iam create-open-id-connect-provider | aws iam get-open-id-connect-provider, OIDC tokens,aws_lb_listener_rule - OpenID, OpenID Foundation, OIDC, OAuth, OpenID Connect Provider,
eksctl utils associate-iam-oidc-provider, aws_iam_openid_connect_provider, Relying Party (RP)
Advertising:
