Add-VSElasticLoadBalancingV2ListenerRuleAuthenticateOidcConfig
Add-VSElasticLoadBalancingV2ListenerRuleAuthenticateOidcConfig
SYNOPSIS
Adds an AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig resource property to the template. Specifies information required using an identity provide (IdP that is compliant with OpenID Connect (OIDC to authenticate users.
SYNTAX
Add-VSElasticLoadBalancingV2ListenerRuleAuthenticateOidcConfig
[[-AuthenticationRequestExtraParams] <Hashtable>] [-AuthorizationEndpoint] <Object> [-ClientId] <Object>
[-ClientSecret] <Object> [-Issuer] <Object> [[-OnUnauthenticatedRequest] <Object>] [[-Scope] <Object>]
[[-SessionCookieName] <Object>] [[-SessionTimeout] <Object>] [-TokenEndpoint] <Object>
[-UserInfoEndpoint] <Object> [<CommonParameters>]
DESCRIPTION
Adds an AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig resource property to the template. Specifies information required using an identity provide (IdP that is compliant with OpenID Connect (OIDC to authenticate users.
PARAMETERS
-AuthenticationRequestExtraParams
The query parameters up to 10 to include in the redirect request to the authorization endpoint.
Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-authenticationrequestextraparams DuplicatesAllowed: False PrimitiveItemType: String Type: Map UpdateType: Mutable
Type: Hashtable
Parameter Sets: (All)
Aliases:
Required: False
Position: 1
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-AuthorizationEndpoint
The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-authorizationendpoint PrimitiveType: String UpdateType: Mutable
Type: Object
Parameter Sets: (All)
Aliases:
Required: True
Position: 2
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-ClientId
The OAuth 2.0 client identifier.
Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-clientid PrimitiveType: String UpdateType: Mutable
Type: Object
Parameter Sets: (All)
Aliases:
Required: True
Position: 3
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-ClientSecret
The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true.
Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-clientsecret PrimitiveType: String UpdateType: Mutable
Type: Object
Parameter Sets: (All)
Aliases:
Required: True
Position: 4
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Issuer
The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-issuer PrimitiveType: String UpdateType: Mutable
Type: Object
Parameter Sets: (All)
Aliases:
Required: True
Position: 5
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-OnUnauthenticatedRequest
The behavior if the user is not authenticated. The following are possible values:
- deny - Return an HTTP 401 Unauthorized error.
- allow - Allow the request to be forwarded to the target.
- authenticate - Redirect the request to the IdP authorization endpoint. This is the default value.
Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-onunauthenticatedrequest PrimitiveType: String UpdateType: Mutable
Type: Object
Parameter Sets: (All)
Aliases:
Required: False
Position: 6
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Scope
The set of user claims to be requested from the IdP. The default is openid. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.
Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-scope PrimitiveType: String UpdateType: Mutable
Type: Object
Parameter Sets: (All)
Aliases:
Required: False
Position: 7
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-SessionCookieName
The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.
Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-sessioncookiename PrimitiveType: String UpdateType: Mutable
Type: Object
Parameter Sets: (All)
Aliases:
Required: False
Position: 8
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-SessionTimeout
The maximum duration of the authentication session, in seconds. The default is 604800 seconds 7 days.
Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-sessiontimeout PrimitiveType: Long UpdateType: Mutable
Type: Object
Parameter Sets: (All)
Aliases:
Required: False
Position: 9
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-TokenEndpoint
The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-tokenendpoint PrimitiveType: String UpdateType: Mutable
Type: Object
Parameter Sets: (All)
Aliases:
Required: True
Position: 10
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-UserInfoEndpoint
The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-userinfoendpoint PrimitiveType: String UpdateType: Mutable
Type: Object
Parameter Sets: (All)
Aliases:
Required: True
Position: 11
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.