@Generated(value="jsii-pacmak/1.63.2 (build a8a8833)",
date="2022-08-02T20:25:36.412Z")
public class OpenIdConnectProvider
extends OpenIdConnectProvider
You use an IAM OIDC identity provider when you want to establish trust between an OIDC-compatible IdP and your AWS account.
This implementation has default values for thumbprints and clientIds props that will be compatible with the eks cluster
Example:
// or create a new one using an existing issuer url
String issuerUrl;
// you can import an existing provider
IOpenIdConnectProvider provider = OpenIdConnectProvider.fromOpenIdConnectProviderArn(this, "Provider", "arn:aws:iam::123456:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/AB123456ABC");
OpenIdConnectProvider provider2 = OpenIdConnectProvider.Builder.create(this, "Provider")
.url(issuerUrl)
.build();
ICluster cluster = Cluster.fromClusterAttributes(this, "MyCluster", ClusterAttributes.builder()
.clusterName("Cluster")
.openIdConnectProvider(provider)
.kubectlRoleArn("arn:aws:iam::123456:role/service-role/k8sservicerole")
.build());
ServiceAccount serviceAccount = cluster.addServiceAccount("MyServiceAccount");
Bucket bucket = new Bucket(this, "Bucket");
bucket.grantReadWrite(serviceAccount);
| Modifier and Type | Class and Description |
|---|---|
static class |
OpenIdConnectProvider.Builder
A fluent builder for
OpenIdConnectProvider. |
IOpenIdConnectProvider.Jsii$Default, IOpenIdConnectProvider.Jsii$Proxy| Modifier | Constructor and Description |
|---|---|
protected |
OpenIdConnectProvider(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
OpenIdConnectProvider(software.amazon.jsii.JsiiObjectRef objRef) |
|
OpenIdConnectProvider(software.constructs.Construct scope,
java.lang.String id,
OpenIdConnectProviderProps props)
Defines an OpenID Connect provider.
|
fromOpenIdConnectProviderArn, getOpenIdConnectProviderArn, getOpenIdConnectProviderIssuerapplyRemovalPolicy, generatePhysicalName, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, getStack, isResourcegetNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validateclone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitapplyRemovalPolicy, getEnv, getStackgetNodeprotected OpenIdConnectProvider(software.amazon.jsii.JsiiObjectRef objRef)
protected OpenIdConnectProvider(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
public OpenIdConnectProvider(software.constructs.Construct scope,
java.lang.String id,
OpenIdConnectProviderProps props)
scope - The definition scope. This parameter is required.id - Construct ID. This parameter is required.props - Initialization properties. This parameter is required.