1. Packages
  2. OVH
  3. API Docs
  4. CloudProject
  5. getKubeOidc
OVHCloud v1.1.0 published on Thursday, Nov 21, 2024 by OVHcloud

ovh.CloudProject.getKubeOidc

Explore with Pulumi AI

ovh logo
OVHCloud v1.1.0 published on Thursday, Nov 21, 2024 by OVHcloud

    Use this data source to get a OVHcloud Managed Kubernetes Service cluster OIDC.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as ovh from "@pulumi/ovh";
    
    export = async () => {
        const oidc = await ovh.CloudProject.getKubeOidc({
            serviceName: "XXXXXX",
            kubeId: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
        });
        return {
            "oidc-val": oidc.clientId,
        };
    }
    
    import pulumi
    import pulumi_ovh as ovh
    
    oidc = ovh.CloudProject.get_kube_oidc(service_name="XXXXXX",
        kube_id="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx")
    pulumi.export("oidc-val", oidc.client_id)
    
    package main
    
    import (
    	"github.com/ovh/pulumi-ovh/sdk/go/ovh/CloudProject"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		oidc, err := CloudProject.GetKubeOidc(ctx, &cloudproject.GetKubeOidcArgs{
    			ServiceName: "XXXXXX",
    			KubeId:      "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		ctx.Export("oidc-val", oidc.ClientId)
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Ovh = Pulumi.Ovh;
    
    return await Deployment.RunAsync(() => 
    {
        var oidc = Ovh.CloudProject.GetKubeOidc.Invoke(new()
        {
            ServiceName = "XXXXXX",
            KubeId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
        });
    
        return new Dictionary<string, object?>
        {
            ["oidc-val"] = oidc.Apply(getKubeOidcResult => getKubeOidcResult.ClientId),
        };
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.ovh.CloudProject.CloudProjectFunctions;
    import com.pulumi.ovh.CloudProject.inputs.GetKubeOidcArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var oidc = CloudProjectFunctions.getKubeOidc(GetKubeOidcArgs.builder()
                .serviceName("XXXXXX")
                .kubeId("xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx")
                .build());
    
            ctx.export("oidc-val", oidc.applyValue(getKubeOidcResult -> getKubeOidcResult.clientId()));
        }
    }
    
    variables:
      oidc:
        fn::invoke:
          Function: ovh:CloudProject:getKubeOidc
          Arguments:
            serviceName: XXXXXX
            kubeId: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx
    outputs:
      oidc-val: ${oidc.clientId}
    

    Using getKubeOidc

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getKubeOidc(args: GetKubeOidcArgs, opts?: InvokeOptions): Promise<GetKubeOidcResult>
    function getKubeOidcOutput(args: GetKubeOidcOutputArgs, opts?: InvokeOptions): Output<GetKubeOidcResult>
    def get_kube_oidc(client_id: Optional[str] = None,
                      issuer_url: Optional[str] = None,
                      kube_id: Optional[str] = None,
                      oidc_ca_content: Optional[str] = None,
                      oidc_groups_claims: Optional[Sequence[str]] = None,
                      oidc_groups_prefix: Optional[str] = None,
                      oidc_required_claims: Optional[Sequence[str]] = None,
                      oidc_signing_algs: Optional[Sequence[str]] = None,
                      oidc_username_claim: Optional[str] = None,
                      oidc_username_prefix: Optional[str] = None,
                      service_name: Optional[str] = None,
                      opts: Optional[InvokeOptions] = None) -> GetKubeOidcResult
    def get_kube_oidc_output(client_id: Optional[pulumi.Input[str]] = None,
                      issuer_url: Optional[pulumi.Input[str]] = None,
                      kube_id: Optional[pulumi.Input[str]] = None,
                      oidc_ca_content: Optional[pulumi.Input[str]] = None,
                      oidc_groups_claims: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                      oidc_groups_prefix: Optional[pulumi.Input[str]] = None,
                      oidc_required_claims: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                      oidc_signing_algs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                      oidc_username_claim: Optional[pulumi.Input[str]] = None,
                      oidc_username_prefix: Optional[pulumi.Input[str]] = None,
                      service_name: Optional[pulumi.Input[str]] = None,
                      opts: Optional[InvokeOptions] = None) -> Output[GetKubeOidcResult]
    func GetKubeOidc(ctx *Context, args *GetKubeOidcArgs, opts ...InvokeOption) (*GetKubeOidcResult, error)
    func GetKubeOidcOutput(ctx *Context, args *GetKubeOidcOutputArgs, opts ...InvokeOption) GetKubeOidcResultOutput

    > Note: This function is named GetKubeOidc in the Go SDK.

    public static class GetKubeOidc 
    {
        public static Task<GetKubeOidcResult> InvokeAsync(GetKubeOidcArgs args, InvokeOptions? opts = null)
        public static Output<GetKubeOidcResult> Invoke(GetKubeOidcInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetKubeOidcResult> getKubeOidc(GetKubeOidcArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: ovh:CloudProject/getKubeOidc:getKubeOidc
      arguments:
        # arguments dictionary

    The following arguments are supported:

    KubeId string
    The id of the managed kubernetes cluster.
    ServiceName string
    The id of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used.
    ClientId string
    The OIDC client ID.
    IssuerUrl string
    The OIDC issuer url.
    OidcCaContent string
    Content of the certificate for the CA, in base64 format, that signed your identity provider's web certificate. Defaults to the host's root CAs.
    OidcGroupsClaims List<string>
    Array of JWT claim to use as the user's group. If the claim is present it must be an array of strings.
    OidcGroupsPrefix string
    Prefix prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.
    OidcRequiredClaims List<string>
    Array of key=value pairs that describe required claims in the ID Token. If set, the claims are verified to be present in the ID Token with a matching value."
    OidcSigningAlgs List<string>
    Array of signing algorithms accepted. Default is "RS256".
    OidcUsernameClaim string
    JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
    OidcUsernamePrefix string
    Prefix prepended to username claims to prevent clashes with existing names (such as system: users). For example, the value oidc: will create usernames like oidc:jane.doe. If this field isn't set and oidc_username_claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of oidcIssuerUrl. The value - can be used to disable all prefixing.
    KubeId string
    The id of the managed kubernetes cluster.
    ServiceName string
    The id of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used.
    ClientId string
    The OIDC client ID.
    IssuerUrl string
    The OIDC issuer url.
    OidcCaContent string
    Content of the certificate for the CA, in base64 format, that signed your identity provider's web certificate. Defaults to the host's root CAs.
    OidcGroupsClaims []string
    Array of JWT claim to use as the user's group. If the claim is present it must be an array of strings.
    OidcGroupsPrefix string
    Prefix prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.
    OidcRequiredClaims []string
    Array of key=value pairs that describe required claims in the ID Token. If set, the claims are verified to be present in the ID Token with a matching value."
    OidcSigningAlgs []string
    Array of signing algorithms accepted. Default is "RS256".
    OidcUsernameClaim string
    JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
    OidcUsernamePrefix string
    Prefix prepended to username claims to prevent clashes with existing names (such as system: users). For example, the value oidc: will create usernames like oidc:jane.doe. If this field isn't set and oidc_username_claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of oidcIssuerUrl. The value - can be used to disable all prefixing.
    kubeId String
    The id of the managed kubernetes cluster.
    serviceName String
    The id of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used.
    clientId String
    The OIDC client ID.
    issuerUrl String
    The OIDC issuer url.
    oidcCaContent String
    Content of the certificate for the CA, in base64 format, that signed your identity provider's web certificate. Defaults to the host's root CAs.
    oidcGroupsClaims List<String>
    Array of JWT claim to use as the user's group. If the claim is present it must be an array of strings.
    oidcGroupsPrefix String
    Prefix prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.
    oidcRequiredClaims List<String>
    Array of key=value pairs that describe required claims in the ID Token. If set, the claims are verified to be present in the ID Token with a matching value."
    oidcSigningAlgs List<String>
    Array of signing algorithms accepted. Default is "RS256".
    oidcUsernameClaim String
    JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
    oidcUsernamePrefix String
    Prefix prepended to username claims to prevent clashes with existing names (such as system: users). For example, the value oidc: will create usernames like oidc:jane.doe. If this field isn't set and oidc_username_claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of oidcIssuerUrl. The value - can be used to disable all prefixing.
    kubeId string
    The id of the managed kubernetes cluster.
    serviceName string
    The id of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used.
    clientId string
    The OIDC client ID.
    issuerUrl string
    The OIDC issuer url.
    oidcCaContent string
    Content of the certificate for the CA, in base64 format, that signed your identity provider's web certificate. Defaults to the host's root CAs.
    oidcGroupsClaims string[]
    Array of JWT claim to use as the user's group. If the claim is present it must be an array of strings.
    oidcGroupsPrefix string
    Prefix prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.
    oidcRequiredClaims string[]
    Array of key=value pairs that describe required claims in the ID Token. If set, the claims are verified to be present in the ID Token with a matching value."
    oidcSigningAlgs string[]
    Array of signing algorithms accepted. Default is "RS256".
    oidcUsernameClaim string
    JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
    oidcUsernamePrefix string
    Prefix prepended to username claims to prevent clashes with existing names (such as system: users). For example, the value oidc: will create usernames like oidc:jane.doe. If this field isn't set and oidc_username_claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of oidcIssuerUrl. The value - can be used to disable all prefixing.
    kube_id str
    The id of the managed kubernetes cluster.
    service_name str
    The id of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used.
    client_id str
    The OIDC client ID.
    issuer_url str
    The OIDC issuer url.
    oidc_ca_content str
    Content of the certificate for the CA, in base64 format, that signed your identity provider's web certificate. Defaults to the host's root CAs.
    oidc_groups_claims Sequence[str]
    Array of JWT claim to use as the user's group. If the claim is present it must be an array of strings.
    oidc_groups_prefix str
    Prefix prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.
    oidc_required_claims Sequence[str]
    Array of key=value pairs that describe required claims in the ID Token. If set, the claims are verified to be present in the ID Token with a matching value."
    oidc_signing_algs Sequence[str]
    Array of signing algorithms accepted. Default is "RS256".
    oidc_username_claim str
    JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
    oidc_username_prefix str
    Prefix prepended to username claims to prevent clashes with existing names (such as system: users). For example, the value oidc: will create usernames like oidc:jane.doe. If this field isn't set and oidc_username_claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of oidcIssuerUrl. The value - can be used to disable all prefixing.
    kubeId String
    The id of the managed kubernetes cluster.
    serviceName String
    The id of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used.
    clientId String
    The OIDC client ID.
    issuerUrl String
    The OIDC issuer url.
    oidcCaContent String
    Content of the certificate for the CA, in base64 format, that signed your identity provider's web certificate. Defaults to the host's root CAs.
    oidcGroupsClaims List<String>
    Array of JWT claim to use as the user's group. If the claim is present it must be an array of strings.
    oidcGroupsPrefix String
    Prefix prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.
    oidcRequiredClaims List<String>
    Array of key=value pairs that describe required claims in the ID Token. If set, the claims are verified to be present in the ID Token with a matching value."
    oidcSigningAlgs List<String>
    Array of signing algorithms accepted. Default is "RS256".
    oidcUsernameClaim String
    JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
    oidcUsernamePrefix String
    Prefix prepended to username claims to prevent clashes with existing names (such as system: users). For example, the value oidc: will create usernames like oidc:jane.doe. If this field isn't set and oidc_username_claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of oidcIssuerUrl. The value - can be used to disable all prefixing.

    getKubeOidc Result

    The following output properties are available:

    Id string
    The provider-assigned unique ID for this managed resource.
    KubeId string
    See Argument Reference above.
    ServiceName string
    See Argument Reference above.
    ClientId string
    The OIDC client ID.
    IssuerUrl string
    The OIDC issuer url.
    OidcCaContent string
    Content of the certificate for the CA, in base64 format, that signed your identity provider's web certificate. Defaults to the host's root CAs.
    OidcGroupsClaims List<string>
    Array of JWT claim to use as the user's group. If the claim is present it must be an array of strings.
    OidcGroupsPrefix string
    Prefix prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.
    OidcRequiredClaims List<string>
    Array of key=value pairs that describe required claims in the ID Token. If set, the claims are verified to be present in the ID Token with a matching value."
    OidcSigningAlgs List<string>
    Array of signing algorithms accepted. Default is "RS256".
    OidcUsernameClaim string
    JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
    OidcUsernamePrefix string
    Prefix prepended to username claims to prevent clashes with existing names (such as system: users). For example, the value oidc: will create usernames like oidc:jane.doe. If this field isn't set and oidc_username_claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of oidcIssuerUrl. The value - can be used to disable all prefixing.
    Id string
    The provider-assigned unique ID for this managed resource.
    KubeId string
    See Argument Reference above.
    ServiceName string
    See Argument Reference above.
    ClientId string
    The OIDC client ID.
    IssuerUrl string
    The OIDC issuer url.
    OidcCaContent string
    Content of the certificate for the CA, in base64 format, that signed your identity provider's web certificate. Defaults to the host's root CAs.
    OidcGroupsClaims []string
    Array of JWT claim to use as the user's group. If the claim is present it must be an array of strings.
    OidcGroupsPrefix string
    Prefix prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.
    OidcRequiredClaims []string
    Array of key=value pairs that describe required claims in the ID Token. If set, the claims are verified to be present in the ID Token with a matching value."
    OidcSigningAlgs []string
    Array of signing algorithms accepted. Default is "RS256".
    OidcUsernameClaim string
    JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
    OidcUsernamePrefix string
    Prefix prepended to username claims to prevent clashes with existing names (such as system: users). For example, the value oidc: will create usernames like oidc:jane.doe. If this field isn't set and oidc_username_claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of oidcIssuerUrl. The value - can be used to disable all prefixing.
    id String
    The provider-assigned unique ID for this managed resource.
    kubeId String
    See Argument Reference above.
    serviceName String
    See Argument Reference above.
    clientId String
    The OIDC client ID.
    issuerUrl String
    The OIDC issuer url.
    oidcCaContent String
    Content of the certificate for the CA, in base64 format, that signed your identity provider's web certificate. Defaults to the host's root CAs.
    oidcGroupsClaims List<String>
    Array of JWT claim to use as the user's group. If the claim is present it must be an array of strings.
    oidcGroupsPrefix String
    Prefix prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.
    oidcRequiredClaims List<String>
    Array of key=value pairs that describe required claims in the ID Token. If set, the claims are verified to be present in the ID Token with a matching value."
    oidcSigningAlgs List<String>
    Array of signing algorithms accepted. Default is "RS256".
    oidcUsernameClaim String
    JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
    oidcUsernamePrefix String
    Prefix prepended to username claims to prevent clashes with existing names (such as system: users). For example, the value oidc: will create usernames like oidc:jane.doe. If this field isn't set and oidc_username_claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of oidcIssuerUrl. The value - can be used to disable all prefixing.
    id string
    The provider-assigned unique ID for this managed resource.
    kubeId string
    See Argument Reference above.
    serviceName string
    See Argument Reference above.
    clientId string
    The OIDC client ID.
    issuerUrl string
    The OIDC issuer url.
    oidcCaContent string
    Content of the certificate for the CA, in base64 format, that signed your identity provider's web certificate. Defaults to the host's root CAs.
    oidcGroupsClaims string[]
    Array of JWT claim to use as the user's group. If the claim is present it must be an array of strings.
    oidcGroupsPrefix string
    Prefix prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.
    oidcRequiredClaims string[]
    Array of key=value pairs that describe required claims in the ID Token. If set, the claims are verified to be present in the ID Token with a matching value."
    oidcSigningAlgs string[]
    Array of signing algorithms accepted. Default is "RS256".
    oidcUsernameClaim string
    JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
    oidcUsernamePrefix string
    Prefix prepended to username claims to prevent clashes with existing names (such as system: users). For example, the value oidc: will create usernames like oidc:jane.doe. If this field isn't set and oidc_username_claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of oidcIssuerUrl. The value - can be used to disable all prefixing.
    id str
    The provider-assigned unique ID for this managed resource.
    kube_id str
    See Argument Reference above.
    service_name str
    See Argument Reference above.
    client_id str
    The OIDC client ID.
    issuer_url str
    The OIDC issuer url.
    oidc_ca_content str
    Content of the certificate for the CA, in base64 format, that signed your identity provider's web certificate. Defaults to the host's root CAs.
    oidc_groups_claims Sequence[str]
    Array of JWT claim to use as the user's group. If the claim is present it must be an array of strings.
    oidc_groups_prefix str
    Prefix prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.
    oidc_required_claims Sequence[str]
    Array of key=value pairs that describe required claims in the ID Token. If set, the claims are verified to be present in the ID Token with a matching value."
    oidc_signing_algs Sequence[str]
    Array of signing algorithms accepted. Default is "RS256".
    oidc_username_claim str
    JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
    oidc_username_prefix str
    Prefix prepended to username claims to prevent clashes with existing names (such as system: users). For example, the value oidc: will create usernames like oidc:jane.doe. If this field isn't set and oidc_username_claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of oidcIssuerUrl. The value - can be used to disable all prefixing.
    id String
    The provider-assigned unique ID for this managed resource.
    kubeId String
    See Argument Reference above.
    serviceName String
    See Argument Reference above.
    clientId String
    The OIDC client ID.
    issuerUrl String
    The OIDC issuer url.
    oidcCaContent String
    Content of the certificate for the CA, in base64 format, that signed your identity provider's web certificate. Defaults to the host's root CAs.
    oidcGroupsClaims List<String>
    Array of JWT claim to use as the user's group. If the claim is present it must be an array of strings.
    oidcGroupsPrefix String
    Prefix prepended to group claims to prevent clashes with existing names (such as system: groups). For example, the value oidc: will create group names like oidc:engineering and oidc:infra.
    oidcRequiredClaims List<String>
    Array of key=value pairs that describe required claims in the ID Token. If set, the claims are verified to be present in the ID Token with a matching value."
    oidcSigningAlgs List<String>
    Array of signing algorithms accepted. Default is "RS256".
    oidcUsernameClaim String
    JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email or name, depending on their provider. However, claims other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins.
    oidcUsernamePrefix String
    Prefix prepended to username claims to prevent clashes with existing names (such as system: users). For example, the value oidc: will create usernames like oidc:jane.doe. If this field isn't set and oidc_username_claim is a value other than email the prefix defaults to ( Issuer URL )# where ( Issuer URL ) is the value of oidcIssuerUrl. The value - can be used to disable all prefixing.

    Package Details

    Repository
    ovh ovh/pulumi-ovh
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the ovh Terraform Provider.
    ovh logo
    OVHCloud v1.1.0 published on Thursday, Nov 21, 2024 by OVHcloud