Skip to content

Associate Identity Provider Config

eks_associate_identity_provider_config R Documentation

Associates an identity provider configuration to a cluster

Description

Associates an identity provider configuration to a cluster.

If you want to authenticate identities using an identity provider, you can create an identity provider configuration and associate it to your cluster. After configuring authentication to your cluster you can create Kubernetes Role and ClusterRole objects, assign permissions to them, and then bind them to the identities using Kubernetes RoleBinding and ClusterRoleBinding objects. For more information see Using RBAC Authorization in the Kubernetes documentation.

Usage

eks_associate_identity_provider_config(clusterName, oidc, tags,
  clientRequestToken)

Arguments

clusterName

[required] The name of your cluster.

oidc

[required] An object representing an OpenID Connect (OIDC) identity provider configuration.

tags

Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or Amazon Web Services resources.

clientRequestToken

A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

Value

A list with the following syntax: 

list(
  update = list(
    id = "string",
    status = "InProgress"|"Failed"|"Cancelled"|"Successful",
    type = "VersionUpdate"|"EndpointAccessUpdate"|"LoggingUpdate"|"ConfigUpdate"|"AssociateIdentityProviderConfig"|"DisassociateIdentityProviderConfig"|"AssociateEncryptionConfig"|"AddonUpdate"|"VpcConfigUpdate"|"AccessConfigUpdate"|"UpgradePolicyUpdate",
    params = list(
      list(
        type = "Version"|"PlatformVersion"|"EndpointPrivateAccess"|"EndpointPublicAccess"|"ClusterLogging"|"DesiredSize"|"LabelsToAdd"|"LabelsToRemove"|"TaintsToAdd"|"TaintsToRemove"|"MaxSize"|"MinSize"|"ReleaseVersion"|"PublicAccessCidrs"|"LaunchTemplateName"|"LaunchTemplateVersion"|"IdentityProviderConfig"|"EncryptionConfig"|"AddonVersion"|"ServiceAccountRoleArn"|"ResolveConflicts"|"MaxUnavailable"|"MaxUnavailablePercentage"|"ConfigurationValues"|"SecurityGroups"|"Subnets"|"AuthenticationMode"|"PodIdentityAssociations"|"UpgradePolicy",
        value = "string"
      )
    ),
    createdAt = as.POSIXct(
      "2015-01-01"
    ),
    errors = list(
      list(
        errorCode = "SubnetNotFound"|"SecurityGroupNotFound"|"EniLimitReached"|"IpNotAvailable"|"AccessDenied"|"OperationNotPermitted"|"VpcIdNotFound"|"Unknown"|"NodeCreationFailure"|"PodEvictionFailure"|"InsufficientFreeAddresses"|"ClusterUnreachable"|"InsufficientNumberOfReplicas"|"ConfigurationConflict"|"AdmissionRequestDenied"|"UnsupportedAddonModification"|"K8sResourceNotFound",
        errorMessage = "string",
        resourceIds = list(
          "string"
        )
      )
    )
  ),
  tags = list(
    "string"
  )
)

Request syntax

svc$associate_identity_provider_config(
  clusterName = "string",
  oidc = list(
    identityProviderConfigName = "string",
    issuerUrl = "string",
    clientId = "string",
    usernameClaim = "string",
    usernamePrefix = "string",
    groupsClaim = "string",
    groupsPrefix = "string",
    requiredClaims = list(
      "string"
    )
  ),
  tags = list(
    "string"
  ),
  clientRequestToken = "string"
)