IdentityProvider is the Schema for the IdentityProviders API
Type
CRD
Group
cognitoidentityprovider.aws.crossplane.io
Version
v1alpha1
apiVersion: cognitoidentityprovider.aws.crossplane.io/v1alpha1
kind: IdentityProvider
IdentityProviderSpec defines the desired state of IdentityProvider
IdentityProviderParameters defines the desired state of IdentityProvider
A list of IdP identifiers.
ProviderDetailsSecretRef contins a reference to a secret containing keys according to ProviderDetails. The following list describes the provider detail keys for each identity provider type.
-
For Google and Login with Amazon: client_id client_secret authorize_scopes
-
For Facebook: client_id client_secret authorize_scopes api_version
-
For Sign in with Apple: client_id team_id key_id private_key authorize_scopes
-
For OIDC providers: client_id client_secret attributes_request_method oidc_issuer authorize_scopes authorize_url if not available from discovery URL specified by oidc_issuer key token_url if not available from discovery URL specified by oidc_issuer key attributes_url if not available from discovery URL specified by oidc_issuer key jwks_uri if not available from discovery URL specified by oidc_issuer key
-
For SAML providers: MetadataFile OR MetadataURL IDPSignout optional
UserPoolIDRef is a reference to an server instance.
Policies for referencing.
UserPoolIDSelector selects references to an server instance.
Policies for selection.
THIS IS A BETA FIELD. It is on by default but can be opted out through a Crossplane feature flag. ManagementPolicies specify the array of actions Crossplane is allowed to take on the managed and external resources. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. If both are custom, the DeletionPolicy field will be ignored. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
Policies for referencing.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
IdentityProviderStatus defines the observed state of IdentityProvider.
IdentityProviderObservation defines the observed state of IdentityProvider
Conditions of the resource.
example-provider-with-secret
apiVersion: cognitoidentityprovider.aws.crossplane.io/v1alpha1
kind: IdentityProvider
metadata:
name: example-provider-with-secret
spec:
forProvider:
providerDetailsSecretRef:
name: providerdetails-example
namespace: crossplane-system
providerType: OIDC
region: us-east-1
userPoolIdRef:
name: example
providerConfigRef:
name: example