Class OpenIdConnectProviderProps
Initialization properties for OpenIdConnectProvider
.
Inheritance
System.Object
OpenIdConnectProviderProps
Implements
Namespace: Amazon.CDK.AWS.EKS
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class OpenIdConnectProviderProps : Object, IOpenIdConnectProviderProps
Syntax (vb)
Public Class OpenIdConnectProviderProps
Inherits Object
Implements IOpenIdConnectProviderProps
Remarks
ExampleMetadata: infused
Examples
// or create a new one using an existing issuer url
string issuerUrl;
// you can import an existing provider
var provider = OpenIdConnectProvider.FromOpenIdConnectProviderArn(this, "Provider", "arn:aws:iam::123456:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/AB123456ABC");
var provider2 = new OpenIdConnectProvider(this, "Provider", new OpenIdConnectProviderProps {
Url = issuerUrl
});
var cluster = Cluster.FromClusterAttributes(this, "MyCluster", new ClusterAttributes {
ClusterName = "Cluster",
OpenIdConnectProvider = provider,
KubectlRoleArn = "arn:aws:iam::123456:role/service-role/k8sservicerole"
});
var serviceAccount = cluster.AddServiceAccount("MyServiceAccount");
var bucket = new Bucket(this, "Bucket");
bucket.GrantReadWrite(serviceAccount);
Synopsis
Constructors
OpenIdConnectProviderProps() |
Properties
Url | The URL of the identity provider. |
Constructors
OpenIdConnectProviderProps()
public OpenIdConnectProviderProps()
Properties
Url
The URL of the identity provider.
public string Url { get; set; }
Property Value
System.String
Remarks
The URL must begin with https:// and should correspond to the iss claim in the provider's OpenID Connect ID tokens. Per the OIDC standard, path components are allowed but query parameters are not. Typically the URL consists of only a hostname, like https://server.example.org or https://example.com.
You can find your OIDC Issuer URL by: aws eks describe-cluster --name %cluster_name% --query "cluster.identity.oidc.issuer" --output text