Provides an IAM OpenID Connect provider.
resource "aws_iam_openid_connect_provider" "default" {
url = "https://accounts.google.com"
client_id_list = [
"266362248691-342342xasdasdasda-apps.googleusercontent.com",
]
thumbprint_list = ["cf23df2207d99a74fbe169e3eba035e633b65d94"]
}
This resource supports the following arguments:
url
- (Required) The URL of the identity provider. Corresponds to the _iss_ claim.client_id_list
- (Required) A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)thumbprint_list
- (Required) A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).tags
- (Optional) Map of resource tags for the IAM OIDC provider. If configured with a provider default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.This resource exports the following attributes in addition to the arguments above:
arn
- The ARN assigned by AWS for this provider.tags_all
- A map of tags assigned to the resource, including those inherited from the provider default_tags
configuration block.In Terraform v1.5.0 and later, use an import
block to import IAM OpenID Connect Providers using the arn
. For example:
import {
to = aws_iam_openid_connect_provider.default
id = "arn:aws:iam::123456789012:oidc-provider/accounts.google.com"
}
Using terraform import
, import IAM OpenID Connect Providers using the arn
. For example:
% terraform import aws_iam_openid_connect_provider.default arn:aws:iam::123456789012:oidc-provider/accounts.google.com