Package com.hashicorp.cdktf.providers.google.iam_workload_identity_pool_provider

Interface IamWorkloadIdentityPoolProviderOidc

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

IamWorkloadIdentityPoolProviderOidc.Jsii$Proxy

@Generated(value="jsii-pacmak/1.102.0 (build e354887)",
           date="2024-08-31T03:59:21.583Z")
@Stability(Stable)
public interface IamWorkloadIdentityPoolProviderOidc
extends software.amazon.jsii.JsiiSerializable

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static class	IamWorkloadIdentityPoolProviderOidc.Builder	A builder for IamWorkloadIdentityPoolProviderOidc
static class	IamWorkloadIdentityPoolProviderOidc.Jsii$Proxy	An implementation for IamWorkloadIdentityPoolProviderOidc

Method Summary

Modifier and Type	Method	Description
static IamWorkloadIdentityPoolProviderOidc.Builder	builder()
default List<String>	getAllowedAudiences()	Acceptable values for the 'aud' field (audience) in the OIDC token.
String	getIssuerUri()	The OIDC issuer URL.
default String	getJwksJson()	OIDC JWKs in JSON String format.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Detail

getIssuerUri

@Stability(Stable)
@NotNull
String getIssuerUri()

The OIDC issuer URL.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/5.43.1/docs/resources/iam_workload_identity_pool_provider#issuer_uri IamWorkloadIdentityPoolProvider#issuer_uri}

getAllowedAudiences

@Stability(Stable)
@Nullable
default List<String> getAllowedAudiences()

Acceptable values for the 'aud' field (audience) in the OIDC token.

Token exchange requests are rejected if the token audience does not match one of the configured values. Each audience may be at most 256 characters. A maximum of 10 audiences may be configured. If this list is empty, the OIDC token audience must be equal to the full canonical resource name of the WorkloadIdentityPoolProvider, with or without the HTTPS prefix. For example: ``` //iam.googleapis.com/projects//locations//workloadIdentityPools//providers/ https://iam.googleapis.com/projects//locations//workloadIdentityPools//providers/ ``` Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/5.43.1/docs/resources/iam_workload_identity_pool_provider#allowed_audiences IamWorkloadIdentityPoolProvider#allowed_audiences}

getJwksJson

@Stability(Stable)
@Nullable
default String getJwksJson()

OIDC JWKs in JSON String format.

For details on definition of a JWK, see https:tools.ietf.org/html/rfc7517. If not set, then we use the 'jwks_uri' from the discovery document fetched from the .well-known path for the 'issuer_uri'. Currently, RSA and EC asymmetric keys are supported. The JWK must use following format and include only the following fields: ``` { "keys": [ { "kty": "RSA/EC", "alg": "", "use": "sig", "kid": "", "n": "", "e": "", "x": "", "y": "", "crv": "" } ] } ``` Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/5.43.1/docs/resources/iam_workload_identity_pool_provider#jwks_json IamWorkloadIdentityPoolProvider#jwks_json}

builder

@Stability(Stable)
static IamWorkloadIdentityPoolProviderOidc.Builder builder()

Returns:

a IamWorkloadIdentityPoolProviderOidc.Builder of IamWorkloadIdentityPoolProviderOidc