Package com.pulumi.gcp.iam.outputs

Class WorkforcePoolProviderOidc

  • public final class WorkforcePoolProviderOidc
extends java.lang.Object

    • Method Detail

      • clientId

        public java.lang.String clientId()
        Returns:
        The client ID. Must match the audience claim of the JWT issued by the identity provider.

      • clientSecret

        public java.util.Optional<WorkforcePoolProviderOidcClientSecret> clientSecret()
        Returns:
        The optional client secret. Required to enable Authorization Code flow for web sign-in. Structure is documented below.

      • issuerUri

        public java.lang.String issuerUri()
        Returns:
        The OIDC issuer URI. Must be a valid URI using the 'https' scheme.

      • jwksJson

        public java.util.Optional<java.lang.String> jwksJson()
        Returns:
        OIDC JWKs in JSON String format. For details on definition of a JWK, see https:tools.ietf.org/html/rfc7517. If not set, then we use the `jwks_uri` from the discovery document fetched from the .well-known path for the `issuer_uri`. Currently, RSA and EC asymmetric keys are supported. The JWK must use following format and include only the following fields: ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } } ```

      • webSsoConfig

        public java.util.Optional<WorkforcePoolProviderOidcWebSsoConfig> webSsoConfig()
        Returns:
        Configuration for web single sign-on for the OIDC provider. Here, web sign-in refers to console sign-in and gcloud sign-in through the browser. Structure is documented below.