Difference between revisions of "Terraform resource: aws iam openid connect provider"
Jump to navigation
Jump to search
(10 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
* <code>aws_iam_openid_connect_provider</code> [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_openid_connect_provider ref] provides an IAM [[OpenID Connect]] provider | * <code>aws_iam_openid_connect_provider</code> [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_openid_connect_provider ref] provides an IAM [[OpenID Connect]] provider | ||
− | |||
* <code>[[url]] = "[[oidc.eks.us-east-2.amazonaws.com]]/id/XXXXX"</code> | * <code>[[url]] = "[[oidc.eks.us-east-2.amazonaws.com]]/id/XXXXX"</code> | ||
+ | * <code>[[url]], [[arn]], [[id]]</code> | ||
− | * <code>client_id_list</code> - (Required) A list of client IDs (also known as [[audiences]]). When a mobile or web app registers with an [[OpenID Connect provider]], they establish a value that identifies the application. (This is the value that's sent as the <code>[[client_id]]</code> parameter on [[OAuth]] requests.) | + | * <code>[[client_id_list]]</code> - (Required) A list of client IDs (also known as [[audiences]]). When a mobile or web app registers with an [[OpenID Connect provider]], they establish a value that identifies the application. (This is the value that's sent as the <code>[[client_id]]</code> parameter on [[OAuth]] requests.) |
* <code>[[thumbprint_list]]</code> (Required) A list of server [[certificate thumbprints]] for the [[OpenID Connect (OIDC)]] identity provider's server certificate(s). | * <code>[[thumbprint_list]]</code> (Required) A list of server [[certificate thumbprints]] for the [[OpenID Connect (OIDC)]] identity provider's server certificate(s). | ||
Line 22: | Line 22: | ||
== Related == | == Related == | ||
* [[Terraform EKS module]]: <code>[[module.eks.oidc_provider]]</code> | * [[Terraform EKS module]]: <code>[[module.eks.oidc_provider]]</code> | ||
+ | * <code>[[oidc-provider/]]</code> | ||
+ | * <code>[[aws iam create-open-id-connect-provider]]</code> | ||
+ | * [[Terraform EKS module input: cluster endpoint public access]] | ||
+ | * Audience: <code>[[sts.amazonaws.com]]</code> | ||
+ | * [[Terraform resource: aws iam saml provider]] | ||
== See also == | == See also == | ||
* {{Terraform aws iam resources}} | * {{Terraform aws iam resources}} | ||
+ | * {{aws iam oidc}} | ||
* {{OpenID}} | * {{OpenID}} | ||
[[Category:Terraform]] | [[Category:Terraform]] |
Latest revision as of 16:04, 4 July 2024
aws_iam_openid_connect_provider
ref provides an IAM OpenID Connect provider
url = "oidc.eks.us-east-2.amazonaws.com/id/XXXXX"
client_id_list
- (Required) A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as theclient_id
parameter on OAuth requests.)
thumbprint_list
(Required) A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
Official example[edit]
resource "aws_iam_openid_connect_provider" "default" { url = "https://accounts.google.com" client_id_list = [ "266362248691-342342xasdasdasda-apps.googleusercontent.com", ] thumbprint_list = ["cf23df2207d99a74fbe169e3eba035e633b65d94"] }
Related[edit]
- Terraform EKS module:
module.eks.oidc_provider
oidc-provider/
aws iam create-open-id-connect-provider
- Terraform EKS module input: cluster endpoint public access
- Audience:
sts.amazonaws.com
- Terraform resource: aws iam saml provider
See also[edit]
- Terraform IAM resources:
aws_iam_user, aws_iam_group, aws_iam_role, aws_iam_role_policy_attachment
,aws_iam_policy
,aws_iam_role_policy, aws_iam_user_policy, aws_iam_user_policy_attachment
,aws_iam_access_key, aws_iam_group_policy, aws_iam_group_policy_attachment, aws_iam_openid_connect_provider
aws iam oidc
[list-open-id-connect-providers | create-open-id-connect-provider | get-open-id-connect-provider
]- OpenID, OpenID Foundation, OIDC, OAuth, OpenID Connect Provider,
eksctl utils associate-iam-oidc-provider, aws_iam_openid_connect_provider
, Relying Party (RP)
Advertising: