OpenIdConnectProvider
IAM OIDC identity providers are entities in IAM that describe an external identity provider (IdP) service that supports the OpenID Connect (OIDC) standard, such as Google or Salesforce. You use an IAM OIDC identity provider when you want to establish trust between an OIDC-compatible IdP and your AWS account. This implementation has default values for thumbprints and clientIds props that will be compatible with the eks cluster
Import
import { OpenIdConnectProvider } from 'aws-cdk-lib/aws-eks';Or use the module namespace:
import * as eks from 'aws-cdk-lib/aws-eks';
// eks.OpenIdConnectProviderProperties
Configuration passed to the constructor as OpenIdConnectProviderProps.
urlRequiredstringThe URL of the identity provider. The URL must begin with https:// and should correspond to the iss claim in the provider's OpenID Connect ID tokens. Per the OIDC standard, path components are allowed but query parameters are not. Typically the URL consists of only a hostname, like https://server.example.org or https://example.com. You can find your OIDC Issuer URL by: aws eks describe-cluster --name %cluster_name% --query "cluster.identity.oidc.issuer" --output text
removalPolicyOptionalRemovalPolicyThe removal policy to apply to the OpenID Connect Provider.
Default: - RemovalPolicy.DESTROY
Learn AWS the Practical Way
Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.
Subscribe to NewsletterQuick Facts
aws-eks