Package software.amazon.awssdk.services.eks.model

Interface OidcIdentityProviderConfigRequest.Builder

All Superinterfaces:
Buildable, CopyableBuilder<OidcIdentityProviderConfigRequest.Builder,OidcIdentityProviderConfigRequest>, SdkBuilder<OidcIdentityProviderConfigRequest.Builder,OidcIdentityProviderConfigRequest>, SdkPojo
Enclosing class:
OidcIdentityProviderConfigRequest
public static interface OidcIdentityProviderConfigRequest.Builder extends SdkPojo, CopyableBuilder<OidcIdentityProviderConfigRequest.Builder,OidcIdentityProviderConfigRequest>

  • Method Details

    • identityProviderConfigName

      OidcIdentityProviderConfigRequest.Builder identityProviderConfigName(String identityProviderConfigName)

      The name of the OIDC provider configuration.

      Parameters:
      identityProviderConfigName - The name of the OIDC provider configuration.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • issuerUrl

      OidcIdentityProviderConfigRequest.Builder issuerUrl(String issuerUrl)

      The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens. The URL must begin with https:// and should correspond to the iss claim in the provider's OIDC ID tokens. Based on the OIDC standard, path components are allowed but query parameters are not. Typically the URL consists of only a hostname, like https://server.example.org or https://example.com. This URL should point to the level below .well-known/openid-configuration and must be publicly accessible over the internet.

      Parameters:
      issuerUrl - The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens. The URL must begin with https:// and should correspond to the iss claim in the provider's OIDC ID tokens. Based on the OIDC standard, path components are allowed but query parameters are not. Typically the URL consists of only a hostname, like https://server.example.org or https://example.com. This URL should point to the level below .well-known/openid-configuration and must be publicly accessible over the internet.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • clientId

      OidcIdentityProviderConfigRequest.Builder clientId(String clientId)

      This is also known as audience. The ID for the client application that makes authentication requests to the OIDC identity provider.

      Parameters:
      clientId - This is also known as audience. The ID for the client application that makes authentication requests to the OIDC identity provider.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • usernameClaim

      OidcIdentityProviderConfigRequest.Builder usernameClaim(String usernameClaim)

      The JSON Web Token (JWT) claim to use as the username. The default is sub, which is expected to be a unique identifier of the end user. You can choose other claims, such as email or name, depending on the OIDC identity provider. Claims other than email are prefixed with the issuer URL to prevent naming clashes with other plug-ins.

      Parameters:
      usernameClaim - The JSON Web Token (JWT) claim to use as the username. The default is sub, which is expected to be a unique identifier of the end user. You can choose other claims, such as email or name, depending on the OIDC identity provider. Claims other than email are prefixed with the issuer URL to prevent naming clashes with other plug-ins.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • usernamePrefix

      OidcIdentityProviderConfigRequest.Builder usernamePrefix(String usernamePrefix)

      The prefix that is prepended to username claims to prevent clashes with existing names. If you do not provide this field, and username is a value other than email, the prefix defaults to issuerurl#. You can use the value - to disable all prefixing.

      Parameters:
      usernamePrefix - The prefix that is prepended to username claims to prevent clashes with existing names. If you do not provide this field, and username is a value other than email, the prefix defaults to issuerurl#. You can use the value - to disable all prefixing.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • groupsClaim

      OidcIdentityProviderConfigRequest.Builder groupsClaim(String groupsClaim)

      The JWT claim that the provider uses to return your groups.

      Parameters:
      groupsClaim - The JWT claim that the provider uses to return your groups.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • groupsPrefix

      OidcIdentityProviderConfigRequest.Builder groupsPrefix(String groupsPrefix)

      The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.

      Parameters:
      groupsPrefix - The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • requiredClaims

      OidcIdentityProviderConfigRequest.Builder requiredClaims(Map<String,String> requiredClaims)

      The key value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value. For the maximum number of claims that you can require, see Amazon EKS service quotas in the Amazon EKS User Guide.

      Parameters:
      requiredClaims - The key value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value. For the maximum number of claims that you can require, see Amazon EKS service quotas in the Amazon EKS User Guide.
      Returns:
      Returns a reference to this object so that method calls can be chained together.