Google Anthos Multi Cloud V1 Client - Class AttachedOidcConfig (0.2.3)

Reference documentation and code samples for the Google Anthos Multi Cloud V1 Client class AttachedOidcConfig.

OIDC discovery information of the target cluster.

Kubernetes Service Account (KSA) tokens are JWT tokens signed by the cluster API server. This fields indicates how Google Cloud Platform services validate KSA tokens in order to allow system workloads (such as GKE Connect and telemetry agents) to authenticate back to Google Cloud Platform. Both clusters with public and private issuer URLs are supported. Clusters with public issuers only need to specify the issuer_url field while clusters with private issuers need to provide both issuer_url and oidc_jwks.

Generated from protobuf message google.cloud.gkemulticloud.v1.AttachedOidcConfig

Methods

__construct

Constructor.

Parameters
NameDescription
data array

Optional. Data for populating the Message object.

↳ issuer_url string

A JSON Web Token (JWT) issuer URI. issuer must start with https://.

↳ jwks string

Optional. OIDC verification keys in JWKS format (RFC 7517). It contains a list of OIDC verification keys that can be used to verify OIDC JWTs. This field is required for cluster that doesn't have a publicly available discovery endpoint. When provided, it will be directly used to verify the OIDC JWT asserted by the IDP.

getIssuerUrl

A JSON Web Token (JWT) issuer URI. issuer must start with https://.

Returns
TypeDescription
string

setIssuerUrl

A JSON Web Token (JWT) issuer URI. issuer must start with https://.

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getJwks

Optional. OIDC verification keys in JWKS format (RFC 7517).

It contains a list of OIDC verification keys that can be used to verify OIDC JWTs. This field is required for cluster that doesn't have a publicly available discovery endpoint. When provided, it will be directly used to verify the OIDC JWT asserted by the IDP.

Returns
TypeDescription
string

setJwks

Optional. OIDC verification keys in JWKS format (RFC 7517).

It contains a list of OIDC verification keys that can be used to verify OIDC JWTs. This field is required for cluster that doesn't have a publicly available discovery endpoint. When provided, it will be directly used to verify the OIDC JWT asserted by the IDP.

Parameter
NameDescription
var string
Returns
TypeDescription
$this