Returns descriptive information about an identity provider configuration.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
describe-identity-provider-config
--cluster-name <value>
--identity-provider-config <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--cluster-name
(string)
The cluster name that the identity provider configuration is associated to.
--identity-provider-config
(structure)
An object that represents an identity provider configuration.
type -> (string)
The type of the identity provider configuration.
name -> (string)
The name of the identity provider configuration.
Shorthand Syntax:
type=string,name=string
JSON Syntax:
{
"type": "string",
"name": "string"
}
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
identityProviderConfig -> (structure)
The object that represents an OpenID Connect (OIDC) identity provider configuration.
oidc -> (structure)
An object that represents an OpenID Connect (OIDC) identity provider configuration.
identityProviderConfigName -> (string)
The name of the configuration.
identityProviderConfigArn -> (string)
The ARN of the configuration.
clusterName -> (string)
The cluster that the configuration is associated to.
issuerUrl -> (string)
The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.
clientId -> (string)
This is also known as audience . The ID of the client application that makes authentication requests to the OIDC identity provider.
usernameClaim -> (string)
The JSON Web token (JWT) claim that is used as the username.
usernamePrefix -> (string)
The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can’t contain
system:
groupsClaim -> (string)
The JSON web token (JWT) claim that the provider uses to return your groups.
groupsPrefix -> (string)
The prefix that is prepended to group claims to prevent clashes with existing names (such as
system:
groups). For example, the value``oidc:`` creates group names likeoidc:engineering
andoidc:infra
. The prefix can’t containsystem:
requiredClaims -> (map)
The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.
key -> (string)
value -> (string)
tags -> (map)
The metadata to apply to the provider configuration to assist with categorization and organization. Each tag consists of a key and an optional value. You define both.
key -> (string)
value -> (string)
status -> (string)
The status of the OIDC identity provider.