EKS / Client / describe_identity_provider_config

describe_identity_provider_config

EKS.Client.describe_identity_provider_config(**kwargs)

Returns descriptive information about an identity provider configuration.

See also: AWS API Documentation

Request Syntax

response = client.describe_identity_provider_config(
    clusterName='string',
    identityProviderConfig={
        'type': 'string',
        'name': 'string'
    }
)

Parameters:

• clusterName (string) –

  [REQUIRED]

  The cluster name that the identity provider configuration is associated to.

• identityProviderConfig (dict) –

  [REQUIRED]

  An object representing an identity provider configuration.

  • type (string) – [REQUIRED]

    The type of the identity provider configuration. The only type available is oidc.

  • name (string) – [REQUIRED]

    The name of the identity provider configuration.

Return type:

dict

Returns:

Response Syntax

{
    'identityProviderConfig': {
        'oidc': {
            'identityProviderConfigName': 'string',
            'identityProviderConfigArn': 'string',
            'clusterName': 'string',
            'issuerUrl': 'string',
            'clientId': 'string',
            'usernameClaim': 'string',
            'usernamePrefix': 'string',
            'groupsClaim': 'string',
            'groupsPrefix': 'string',
            'requiredClaims': {
                'string': 'string'
            },
            'tags': {
                'string': 'string'
            },
            'status': 'CREATING'|'DELETING'|'ACTIVE'
        }
    }
}

Response Structure

• (dict) –

  • identityProviderConfig (dict) –

    The object that represents an OpenID Connect (OIDC) identity provider configuration.

    • oidc (dict) –

      An object representing an OpenID Connect (OIDC) identity provider configuration.

      • identityProviderConfigName (string) –

        The name of the configuration.

      • identityProviderConfigArn (string) –

        The ARN of the configuration.

      • clusterName (string) –

        The cluster that the configuration is associated to.

      • issuerUrl (string) –

        The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.

      • clientId (string) –

        This is also known as audience. The ID of the client application that makes authentication requests to the OIDC identity provider.

      • usernameClaim (string) –

        The JSON Web token (JWT) claim that is used as the username.

      • usernamePrefix (string) –

        The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can’t contain system:

      • groupsClaim (string) –

        The JSON web token (JWT) claim that the provider uses to return your groups.

      • groupsPrefix (string) –

        The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value `` oidc:`` creates group names like oidc:engineering and oidc:infra. The prefix can’t contain system:

      • requiredClaims (dict) –

        The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.

        • (string) –

          • (string) –

      • tags (dict) –

        The metadata to apply to the provider configuration to assist with categorization and organization. Each tag consists of a key and an optional value. You define both.

        • (string) –

          • (string) –

      • status (string) –

        The status of the OIDC identity provider.

Exceptions

• EKS.Client.exceptions.InvalidParameterException

• EKS.Client.exceptions.ResourceNotFoundException

• EKS.Client.exceptions.ClientException

• EKS.Client.exceptions.ServerException

• EKS.Client.exceptions.ServiceUnavailableException