describe_identity_provider_config

describe_identity_provider_config(**kwargs)

Returns descriptive information about an identity provider configuration.

See also: AWS API Documentation

Request Syntax

response = client.describe_identity_provider_config(
    clusterName='string',
    identityProviderConfig={
        'type': 'string',
        'name': 'string'
    }
)

Parameters

• clusterName (string) --

  [REQUIRED]

  The cluster name that the identity provider configuration is associated to.

• identityProviderConfig (dict) --

  [REQUIRED]

  An object representing an identity provider configuration.

  • type (string) -- [REQUIRED]

    The type of the identity provider configuration. The only type available is oidc .

  • name (string) -- [REQUIRED]

    The name of the identity provider configuration.

Return type

dict

Returns

Response Syntax

{
    'identityProviderConfig': {
        'oidc': {
            'identityProviderConfigName': 'string',
            'identityProviderConfigArn': 'string',
            'clusterName': 'string',
            'issuerUrl': 'string',
            'clientId': 'string',
            'usernameClaim': 'string',
            'usernamePrefix': 'string',
            'groupsClaim': 'string',
            'groupsPrefix': 'string',
            'requiredClaims': {
                'string': 'string'
            },
            'tags': {
                'string': 'string'
            },
            'status': 'CREATING'|'DELETING'|'ACTIVE'
        }
    }
}

Response Structure

• (dict) --

  • identityProviderConfig (dict) --

    The object that represents an OpenID Connect (OIDC) identity provider configuration.

    • oidc (dict) --

      An object representing an OpenID Connect (OIDC) identity provider configuration.

      • identityProviderConfigName (string) --

        The name of the configuration.

      • identityProviderConfigArn (string) --

        The ARN of the configuration.

      • clusterName (string) --

        The cluster that the configuration is associated to.

      • issuerUrl (string) --

        The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.

      • clientId (string) --

        This is also known as audience . The ID of the client application that makes authentication requests to the OIDC identity provider.

      • usernameClaim (string) --

        The JSON Web token (JWT) claim that is used as the username.

      • usernamePrefix (string) --

        The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can't contain system:

      • groupsClaim (string) --

        The JSON web token (JWT) claim that the provider uses to return your groups.

      • groupsPrefix (string) --

        The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: creates group names like oidc:engineering and oidc:infra . The prefix can't contain system:

      • requiredClaims (dict) --

        The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.

        • (string) --
          • (string) --

      • tags (dict) --

        The metadata to apply to the provider configuration to assist with categorization and organization. Each tag consists of a key and an optional value. You define both.

        • (string) --
          • (string) --

      • status (string) --

        The status of the OIDC identity provider.

Exceptions

• EKS.Client.exceptions.InvalidParameterException
• EKS.Client.exceptions.ResourceNotFoundException
• EKS.Client.exceptions.ClientException
• EKS.Client.exceptions.ServerException
• EKS.Client.exceptions.ServiceUnavailableException