AWS v7.11.0 published on Wednesday, Nov 5, 2025 by Pulumi
aws.iam.getOpenIdConnectProvider
Start a Neo task
Explain and create an aws.iam.getOpenIdConnectProvider resource
This data source can be used to fetch information about a specific
IAM OpenID Connect provider. By using this data source, you can retrieve the
the resource information by either its arn or url.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.iam.getOpenIdConnectProvider({
arn: "arn:aws:iam::123456789012:oidc-provider/accounts.google.com",
});
import pulumi
import pulumi_aws as aws
example = aws.iam.get_open_id_connect_provider(arn="arn:aws:iam::123456789012:oidc-provider/accounts.google.com")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iam.LookupOpenIdConnectProvider(ctx, &iam.LookupOpenIdConnectProviderArgs{
Arn: pulumi.StringRef("arn:aws:iam::123456789012:oidc-provider/accounts.google.com"),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.Iam.GetOpenIdConnectProvider.Invoke(new()
{
Arn = "arn:aws:iam::123456789012:oidc-provider/accounts.google.com",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetOpenIdConnectProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = IamFunctions.getOpenIdConnectProvider(GetOpenIdConnectProviderArgs.builder()
.arn("arn:aws:iam::123456789012:oidc-provider/accounts.google.com")
.build());
}
}
variables:
example:
fn::invoke:
function: aws:iam:getOpenIdConnectProvider
arguments:
arn: arn:aws:iam::123456789012:oidc-provider/accounts.google.com
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.iam.getOpenIdConnectProvider({
url: "https://accounts.google.com",
});
import pulumi
import pulumi_aws as aws
example = aws.iam.get_open_id_connect_provider(url="https://accounts.google.com")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iam.LookupOpenIdConnectProvider(ctx, &iam.LookupOpenIdConnectProviderArgs{
Url: pulumi.StringRef("https://accounts.google.com"),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.Iam.GetOpenIdConnectProvider.Invoke(new()
{
Url = "https://accounts.google.com",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetOpenIdConnectProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = IamFunctions.getOpenIdConnectProvider(GetOpenIdConnectProviderArgs.builder()
.url("https://accounts.google.com")
.build());
}
}
variables:
example:
fn::invoke:
function: aws:iam:getOpenIdConnectProvider
arguments:
url: https://accounts.google.com
Using getOpenIdConnectProvider
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getOpenIdConnectProvider(args: GetOpenIdConnectProviderArgs, opts?: InvokeOptions): Promise<GetOpenIdConnectProviderResult>
function getOpenIdConnectProviderOutput(args: GetOpenIdConnectProviderOutputArgs, opts?: InvokeOptions): Output<GetOpenIdConnectProviderResult>def get_open_id_connect_provider(arn: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
url: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetOpenIdConnectProviderResult
def get_open_id_connect_provider_output(arn: Optional[pulumi.Input[str]] = None,
tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
url: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetOpenIdConnectProviderResult]func LookupOpenIdConnectProvider(ctx *Context, args *LookupOpenIdConnectProviderArgs, opts ...InvokeOption) (*LookupOpenIdConnectProviderResult, error)
func LookupOpenIdConnectProviderOutput(ctx *Context, args *LookupOpenIdConnectProviderOutputArgs, opts ...InvokeOption) LookupOpenIdConnectProviderResultOutput> Note: This function is named LookupOpenIdConnectProvider in the Go SDK.
public static class GetOpenIdConnectProvider
{
public static Task<GetOpenIdConnectProviderResult> InvokeAsync(GetOpenIdConnectProviderArgs args, InvokeOptions? opts = null)
public static Output<GetOpenIdConnectProviderResult> Invoke(GetOpenIdConnectProviderInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetOpenIdConnectProviderResult> getOpenIdConnectProvider(GetOpenIdConnectProviderArgs args, InvokeOptions options)
public static Output<GetOpenIdConnectProviderResult> getOpenIdConnectProvider(GetOpenIdConnectProviderArgs args, InvokeOptions options)
fn::invoke:
function: aws:iam/getOpenIdConnectProvider:getOpenIdConnectProvider
arguments:
# arguments dictionaryThe following arguments are supported:
getOpenIdConnectProvider Result
The following output properties are available:
- Arn string
- Client
Id List<string>Lists - List of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)
- Id string
- The provider-assigned unique ID for this managed resource.
- Dictionary<string, string>
- Map of resource tags for the IAM OIDC provider.
- Thumbprint
Lists List<string> - List of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
- Url string
- Arn string
- Client
Id []stringLists - List of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)
- Id string
- The provider-assigned unique ID for this managed resource.
- map[string]string
- Map of resource tags for the IAM OIDC provider.
- Thumbprint
Lists []string - List of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
- Url string
- arn String
- client
Id List<String>Lists - List of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)
- id String
- The provider-assigned unique ID for this managed resource.
- Map<String,String>
- Map of resource tags for the IAM OIDC provider.
- thumbprint
Lists List<String> - List of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
- url String
- arn string
- client
Id string[]Lists - List of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)
- id string
- The provider-assigned unique ID for this managed resource.
- {[key: string]: string}
- Map of resource tags for the IAM OIDC provider.
- thumbprint
Lists string[] - List of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
- url string
- arn str
- client_
id_ Sequence[str]lists - List of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)
- id str
- The provider-assigned unique ID for this managed resource.
- Mapping[str, str]
- Map of resource tags for the IAM OIDC provider.
- thumbprint_
lists Sequence[str] - List of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
- url str
- arn String
- client
Id List<String>Lists - List of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)
- id String
- The provider-assigned unique ID for this managed resource.
- Map<String>
- Map of resource tags for the IAM OIDC provider.
- thumbprint
Lists List<String> - List of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
- url String
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
