[ aws . eks ]

describe-identity-provider-config

Description

Returns descriptive information about an identity provider configuration.

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  describe-identity-provider-config
--cluster-name <value>
--identity-provider-config <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]

Options

--cluster-name (string)

The cluster name that the identity provider configuration is associated to.

--identity-provider-config (structure)

An object that represents an identity provider configuration.

type -> (string)

The type of the identity provider configuration.

name -> (string)

The name of the identity provider configuration.

Shorthand Syntax:

type=string,name=string

JSON Syntax:

{
  "type": "string",
  "name": "string"
}

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See ‘aws help’ for descriptions of global parameters.

Output

identityProviderConfig -> (structure)

The object that represents an OpenID Connect (OIDC) identity provider configuration.

oidc -> (structure)

An object that represents an OpenID Connect (OIDC) identity provider configuration.

identityProviderConfigName -> (string)

The name of the configuration.

identityProviderConfigArn -> (string)

The ARN of the configuration.

clusterName -> (string)

The cluster that the configuration is associated to.

issuerUrl -> (string)

The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.

clientId -> (string)

This is also known as audience . The ID of the client application that makes authentication requests to the OIDC identity provider.

usernameClaim -> (string)

The JSON Web token (JWT) claim that is used as the username.

usernamePrefix -> (string)

The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can’t contain system:

groupsClaim -> (string)

The JSON web token (JWT) claim that the provider uses to return your groups.

groupsPrefix -> (string)

The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value``oidc:`` creates group names like oidc:engineering and oidc:infra . The prefix can’t contain system:

requiredClaims -> (map)

The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.

key -> (string)

value -> (string)

tags -> (map)

The metadata to apply to the provider configuration to assist with categorization and organization. Each tag consists of a key and an optional value. You define both.

key -> (string)

value -> (string)

status -> (string)

The status of the OIDC identity provider.