Skip to content

Commit d8e6c09

Browse files
WarFoxWarFox
authored
feat(iam): introduce OidcProviderNative construct utilizing the native CloudFormation resource (#28634)
IAM is stable in CDK, so we should not introduce breaking changes. This PR introduces a new version of OIDC provider without introducing breaking changes. Older `iam.OpenIdConnectProvider`, which uses custom resources with lambda, is marked as deprecated. The newly introduced `OidcProviderNative` uses the native CloudFormation resource `AWS::IAM::OIDCProvider` ## ThumbprintList `ThumbprintList` must not be empty when using `AWS::IAM::OIDCProvider` https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc_verify-thumbprint.html https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-oidcprovider.html https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html Closes #21197 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
1 parent bfa6490 commit d8e6c09

16 files changed

+32142
-2
lines changed

packages/@aws-cdk-testing/framework-integ/test/aws-iam/test/integ.oidc-provider-native.js.snapshot/asset.530055f7515b3f0a47900f5df37e729ba40ca977b2d07b952bdefa2b8f883f42.bundle/index.js

Lines changed: 30676 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/@aws-cdk-testing/framework-integ/test/aws-iam/test/integ.oidc-provider-native.js.snapshot/cdk.out

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/@aws-cdk-testing/framework-integ/test/aws-iam/test/integ.oidc-provider-native.js.snapshot/integ.json

Lines changed: 14 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/@aws-cdk-testing/framework-integ/test/aws-iam/test/integ.oidc-provider-native.js.snapshot/manifest.json

Lines changed: 275 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/@aws-cdk-testing/framework-integ/test/aws-iam/test/integ.oidc-provider-native.js.snapshot/oidc-provider-native-integ-stack.assets.json

Lines changed: 20 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)