pulumi-google-native-kotlin/com.pulumi.googlenative.gkehub.v1alpha.kotlin.inputs/IdentityServiceOidcConfigArgs

IdentityServiceOidcConfigArgs

data class IdentityServiceOidcConfigArgs(val certificateAuthorityData: Output<String>? = null, val clientId: Output<String>? = null, val clientSecret: Output<String>? = null, val deployCloudConsoleProxy: Output<Boolean>? = null, val enableAccessToken: Output<Boolean>? = null, val extraParams: Output<String>? = null, val groupPrefix: Output<String>? = null, val groupsClaim: Output<String>? = null, val issuerUri: Output<String>? = null, val kubectlRedirectUri: Output<String>? = null, val scopes: Output<String>? = null, val userClaim: Output<String>? = null, val userPrefix: Output<String>? = null) : ConvertibleToJava<IdentityServiceOidcConfigArgs>

Configuration for OIDC Auth flow.

Constructors

Link copied to clipboard
fun IdentityServiceOidcConfigArgs(certificateAuthorityData: Output<String>? = null, clientId: Output<String>? = null, clientSecret: Output<String>? = null, deployCloudConsoleProxy: Output<Boolean>? = null, enableAccessToken: Output<Boolean>? = null, extraParams: Output<String>? = null, groupPrefix: Output<String>? = null, groupsClaim: Output<String>? = null, issuerUri: Output<String>? = null, kubectlRedirectUri: Output<String>? = null, scopes: Output<String>? = null, userClaim: Output<String>? = null, userPrefix: Output<String>? = null)

Functions

Link copied to clipboard
open override fun toJava(): IdentityServiceOidcConfigArgs

Properties

Link copied to clipboard
val certificateAuthorityData: Output<String>? = null

PEM-encoded CA for OIDC provider.

Link copied to clipboard
val clientId: Output<String>? = null

ID for OIDC client application.

Link copied to clipboard
val clientSecret: Output<String>? = null

Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.

Link copied to clipboard
val deployCloudConsoleProxy: Output<Boolean>? = null

Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console.

Link copied to clipboard
val enableAccessToken: Output<Boolean>? = null

Enable access token.

Link copied to clipboard
val extraParams: Output<String>? = null

Comma-separated list of key-value pairs.

Link copied to clipboard
val groupPrefix: Output<String>? = null

Prefix to prepend to group name.

Link copied to clipboard
val groupsClaim: Output<String>? = null

Claim in OIDC ID token that holds group information.

Link copied to clipboard
val issuerUri: Output<String>? = null

URI for the OIDC provider. This should point to the level below .well-known/openid-configuration.

Link copied to clipboard
val kubectlRedirectUri: Output<String>? = null

Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.

Link copied to clipboard
val scopes: Output<String>? = null

Comma-separated list of identifiers.

Link copied to clipboard
val userClaim: Output<String>? = null

Claim in OIDC ID token that holds username.

Link copied to clipboard
val userPrefix: Output<String>? = null

Prefix to prepend to user name.