AWS Amazon EKS Identity Provider Config

This page shows how to write Terraform and CloudFormation for Amazon EKS Identity Provider Config and write them securely.

aws_eks_identity_provider_config (Terraform)

The Identity Provider Config in Amazon EKS can be configured in Terraform with the resource name aws_eks_identity_provider_config. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Parameters

The following arguments are supported:

  • cluster_name – (Required) Name of the EKS Cluster.
  • oidc - (Required) Nested attribute containing OpenID Connect identity provider information for the cluster. Detailed below.
  • tags - (Optional) Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

oidc Configuration Block

  • client_id – (Required) Client ID for the OpenID Connect identity provider.
  • groups_claim - (Optional) The JWT claim that the provider will use to return groups.
  • groups_prefix - (Optional) A prefix that is prepended to group claims e.g., oidc:.
  • identity_provider_config_name – (Required) The name of the identity provider config.
  • issuer_url - (Required) Issuer URL for the OpenID Connect identity provider.
  • required_claims - (Optional) The key value pairs that describe required claims in the identity token.
  • username_claim - (Optional) The JWT claim that the provider will use as the username.
  • username_prefix - (Optional) A prefix that is prepended to username claims.

In addition to all arguments above, the following attributes are exported:

  • arn - Amazon Resource Name (ARN) of the EKS Identity Provider Configuration.
  • id - EKS Cluster name and EKS Identity Provider Configuration name separated by a colon (:).
  • status - Status of the EKS Identity Provider Configuration.
  • tags_all - A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Explanation in Terraform Registry

Manages an EKS Identity Provider Configuration.

AWS::EKS::Cluster Provider (CloudFormation)

The Cluster Provider in EKS can be configured in CloudFormation with the resource name AWS::EKS::Cluster Provider. The following sections describe how to use the resource and its parameters.

Parameters

KeyArn Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key. For more information, see Allowing Users in Other Accounts to Use a KMS key in the AWS Key Management Service Developer Guide.
Required: No
Type: String
Update requires: No interruption

Explanation in CloudFormation Registry

Identifies the AWS Key Management Service (AWS KMS) key used to encrypt the secrets.

Frequently asked questions

What is AWS Amazon EKS Identity Provider Config?

AWS Amazon EKS Identity Provider Config is a resource for Amazon EKS of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.