EKS / Client / describe_identity_provider_config

describe_identity_provider_config#

EKS.Client.describe_identity_provider_config(**kwargs)#

Describes an identity provider configuration.

See also: AWS API Documentation

Request Syntax

response = client.describe_identity_provider_config(
    clusterName='string',
    identityProviderConfig={
        'type': 'string',
        'name': 'string'
    }
)
Parameters:
  • clusterName (string) –

    [REQUIRED]

    The name of your cluster.

  • identityProviderConfig (dict) –

    [REQUIRED]

    An object representing an identity provider configuration.

    • type (string) – [REQUIRED]

      The type of the identity provider configuration. The only type available is oidc.

    • name (string) – [REQUIRED]

      The name of the identity provider configuration.

Return type:

dict

Returns:

Response Syntax

{
    'identityProviderConfig': {
        'oidc': {
            'identityProviderConfigName': 'string',
            'identityProviderConfigArn': 'string',
            'clusterName': 'string',
            'issuerUrl': 'string',
            'clientId': 'string',
            'usernameClaim': 'string',
            'usernamePrefix': 'string',
            'groupsClaim': 'string',
            'groupsPrefix': 'string',
            'requiredClaims': {
                'string': 'string'
            },
            'tags': {
                'string': 'string'
            },
            'status': 'CREATING'|'DELETING'|'ACTIVE'
        }
    }
}

Response Structure

  • (dict) –

    • identityProviderConfig (dict) –

      The object that represents an OpenID Connect (OIDC) identity provider configuration.

      • oidc (dict) –

        An object representing an OpenID Connect (OIDC) identity provider configuration.

        • identityProviderConfigName (string) –

          The name of the configuration.

        • identityProviderConfigArn (string) –

          The ARN of the configuration.

        • clusterName (string) –

          The name of your cluster.

        • issuerUrl (string) –

          The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.

        • clientId (string) –

          This is also known as audience. The ID of the client application that makes authentication requests to the OIDC identity provider.

        • usernameClaim (string) –

          The JSON Web token (JWT) claim that is used as the username.

        • usernamePrefix (string) –

          The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can’t contain system:

        • groupsClaim (string) –

          The JSON web token (JWT) claim that the provider uses to return your groups.

        • groupsPrefix (string) –

          The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value `` oidc:`` creates group names like oidc:engineering and oidc:infra. The prefix can’t contain system:

        • requiredClaims (dict) –

          The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.

          • (string) –

            • (string) –

        • tags (dict) –

          Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don’t propagate to any other cluster or Amazon Web Services resources.

          • (string) –

            One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.

            • (string) –

              The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).

        • status (string) –

          The status of the OIDC identity provider.

Exceptions