Create AWS IAM OIDC provider tutorial
TypeScriptSure, let's create an AWS IAM OIDC provider utilizing the Pulumi AWS package
aws.iam.OpenIdConnectProvider
. This resource enables you to establish a federation partnership between a SAML compatible Identity Provider (IdP) and AWS by declaring an IAM OIDC identity provider entity in AWS.The requisite properties for this resource are
url
,client_id_list
, andthumbprint_list
.Here's a sample Pulumi program in TypeScript:
import * as aws from "@pulumi/aws"; // Create a new IAM OIDC provider const example = new aws.iam.OpenIdConnectProvider("example", { clientIdLists: ["my-application-id"], // your application's id thumbprintLists: ["${module.oidc.thumbprint_list}"], // thumbprint of the OIDC provider's server certificate url: "https://oidc.example.com", // the URL of the OIDC identity provider });
This program describes the creation of a new OpenIdConnectProvider named "example". The "clientIdLists", "thumbprintLists" and "url" are properties of the OpenIdConnectProvider.
Keep in mind, in a real-world scenario, the
clientIdLists
,thumbprintLists
andurl
values would need to be replaced with your application's id, the thumbprint of the OIDC provider's server certificate, and the URL of the OIDC identity provider, respectively.You can learn more about this on the Pulumi AWS Documentation and AWS Documentation.