:doc:`EKS <../../eks>` / Client / describe_identity_provider_config

*********************************
describe_identity_provider_config
*********************************



.. py:method:: EKS.Client.describe_identity_provider_config(**kwargs)

  

  Describes an identity provider configuration.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeIdentityProviderConfig>`_  


  **Request Syntax**
  ::

    response = client.describe_identity_provider_config(
        clusterName='string',
        identityProviderConfig={
            'type': 'string',
            'name': 'string'
        }
    )
    
  :type clusterName: string
  :param clusterName: **[REQUIRED]** 

    The name of your cluster.

    

  
  :type identityProviderConfig: dict
  :param identityProviderConfig: **[REQUIRED]** 

    An object representing an identity provider configuration.

    

  
    - **type** *(string) --* **[REQUIRED]** 

      The type of the identity provider configuration. The only type available is ``oidc``.

      

    
    - **name** *(string) --* **[REQUIRED]** 

      The name of the identity provider configuration.

      

    
  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'identityProviderConfig': {
              'oidc': {
                  'identityProviderConfigName': 'string',
                  'identityProviderConfigArn': 'string',
                  'clusterName': 'string',
                  'issuerUrl': 'string',
                  'clientId': 'string',
                  'usernameClaim': 'string',
                  'usernamePrefix': 'string',
                  'groupsClaim': 'string',
                  'groupsPrefix': 'string',
                  'requiredClaims': {
                      'string': 'string'
                  },
                  'tags': {
                      'string': 'string'
                  },
                  'status': 'CREATING'|'DELETING'|'ACTIVE'
              }
          }
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **identityProviderConfig** *(dict) --* 

        The object that represents an OpenID Connect (OIDC) identity provider configuration.

        
        

        - **oidc** *(dict) --* 

          An object representing an OpenID Connect (OIDC) identity provider configuration.

          
          

          - **identityProviderConfigName** *(string) --* 

            The name of the configuration.

            
          

          - **identityProviderConfigArn** *(string) --* 

            The ARN of the configuration.

            
          

          - **clusterName** *(string) --* 

            The name of your cluster.

            
          

          - **issuerUrl** *(string) --* 

            The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.

            
          

          - **clientId** *(string) --* 

            This is also known as *audience*. The ID of the client application that makes authentication requests to the OIDC identity provider.

            
          

          - **usernameClaim** *(string) --* 

            The JSON Web token (JWT) claim that is used as the username.

            
          

          - **usernamePrefix** *(string) --* 

            The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can't contain ``system:``

            
          

          - **groupsClaim** *(string) --* 

            The JSON web token (JWT) claim that the provider uses to return your groups.

            
          

          - **groupsPrefix** *(string) --* 

            The prefix that is prepended to group claims to prevent clashes with existing names (such as ``system:`` groups). For example, the value `` oidc:`` creates group names like ``oidc:engineering`` and ``oidc:infra``. The prefix can't contain ``system:``

            
          

          - **requiredClaims** *(dict) --* 

            The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.

            
            

            - *(string) --* 
              

              - *(string) --* 
        
      
          

          - **tags** *(dict) --* 

            Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or Amazon Web Services resources.

            
            

            - *(string) --* 

              One part of a key-value pair that make up a tag. A ``key`` is a general label that acts like a category for more specific tag values.

              
              

              - *(string) --* 

                The optional part of a key-value pair that make up a tag. A ``value`` acts as a descriptor within a tag category (key).

                
        
      
          

          - **status** *(string) --* 

            The status of the OIDC identity provider.

            
      
    
  
  **Exceptions**
  
  *   :py:class:`EKS.Client.exceptions.InvalidParameterException`

  
  *   :py:class:`EKS.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`EKS.Client.exceptions.ClientException`

  
  *   :py:class:`EKS.Client.exceptions.ServerException`

  
  *   :py:class:`EKS.Client.exceptions.ServiceUnavailableException`

  