Struct scaleway_api_rs::models::scaleway_k8s_v1_cluster_open_id_connect_config::ScalewayK8sV1ClusterOpenIdConnectConfig [−][src]
pub struct ScalewayK8sV1ClusterOpenIdConnectConfig { pub issuer_url: Option<String>, pub client_id: Option<String>, pub username_claim: Option<String>, pub username_prefix: Option<String>, pub groups_claim: Option<Vec<String>>, pub groups_prefix: Option<String>, pub required_claim: Option<Vec<String>>, }
Expand description
ScalewayK8sV1ClusterOpenIdConnectConfig : This feature is in ALPHA state, it may be deleted or modified. This configuration is the OpenID Connect configuration of the Kubernetes API server.
Fields
issuer_url: Option<String>
URL of the provider which allows the API server to discover public signing keys. Only URLs which use the https://
scheme are accepted. This is typically the provider’s discovery URL without a path, for example "https://accounts.google.com" or "https://login.salesforce.com". This URL should point to the level below .well-known/openid-configuration.
client_id: Option<String>
A client id that all tokens must be issued for
username_claim: Option<String>
JWT claim to use as the user name. By default sub
, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as email
or name
, depending on their provider. However, claims other than email
will be prefixed with the issuer URL to prevent naming clashes with other plugins.
username_prefix: Option<String>
Prefix prepended to username claims to prevent clashes with existing names (such as system:
users). For example, the value oidc:
will create usernames like oidc:jane.doe
. If this flag isn’t provided and username_claim
is a value other than email
the prefix defaults to ( Issuer URL )#
where ( Issuer URL )
is the value of issuer_url
. The value -
can be used to disable all prefixing.
groups_claim: Option<Vec<String>>
JWT claim to use as the user’s group
groups_prefix: Option<String>
Prefix prepended to group claims to prevent clashes with existing names (such as system:
groups). For example, the value oidc:
will create group names like oidc:engineering
and oidc:infra
.
required_claim: Option<Vec<String>>
Multiple key=value pairs that describes a required claim in the ID Token. If set, the claims are verified to be present in the ID Token with a matching value.
Implementations
This feature is in ALPHA state, it may be deleted or modified. This configuration is the OpenID Connect configuration of the Kubernetes API server.
Trait Implementations
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
This method tests for self
and other
values to be equal, and is used
by ==
. Read more
This method tests for !=
.
Auto Trait Implementations
Blanket Implementations
Mutably borrows from an owned value. Read more
Instruments this type with the provided Span
, returning an
Instrumented
wrapper. Read more