agent-claw: automated task changes

cdk/node_modules/aws-cdk-lib/aws-iam/lib/oidc-provider-native.d.ts

@@ -0,0 +1,164 @@
+import type { Construct } from 'constructs';
+import type { IOIDCProviderRef, OIDCProviderReference } from './iam.generated';
+import type { IResource, RemovalPolicy } from '../../core';
+import { Resource } from '../../core';
+/**
+ * Represents an IAM OpenID Connect provider.
+ *
+ */
+export interface IOidcProvider extends IResource, IOIDCProviderRef {
+    /**
+     * The Amazon Resource Name (ARN) of the IAM OpenID Connect provider.
+     *
+     * @attribute
+     */
+    readonly oidcProviderArn: string;
+    /**
+     * The issuer for OIDC Provider
+     *
+     * @attribute
+     */
+    readonly oidcProviderIssuer: string;
+    /**
+     * Alias for `oidcProviderArn` to maintain backwards compatibility for
+     * constructs which accept `iam.IOpenIdConnectProvider`.
+     *
+     * Use `oidcProviderArn` instead. This property exists for backward compatibility with existing constructs as migrating between the 2 constructs (OpenIdConnectProvider and OidcProviderNative) is not reasonably feasible as it requires a manual step (cdk import) since the resource type is changing between OpenIdConnectProvider and OidcProviderNative.
+     */
+    readonly openIdConnectProviderArn: string;
+    /**
+     * Alias for `oidcProviderIssuer` to maintain backwards compatibility for
+     * constructs which accept `iam.IOpenIdConnectProvider.
+     *
+     * Use `oidcProviderIssuer` instead. This property exists for backward compatibility with existing constructs as migrating between the 2 constructs (OpenIdConnectProvider and OidcProviderNative) is not reasonably feasible as it requires a manual step (cdk import) since the resource type is changing between OpenIdConnectProvider and OidcProviderNative.
+     */
+    readonly openIdConnectProviderIssuer: string;
+}
+/**
+ * Initialization properties for `OIDCProviderNative`.
+ */
+export interface OidcProviderNativeProps {
+    /**
+     * The name of the Native OIDC Provider.
+     *
+     * @default - A name is automatically generated.
+     */
+    readonly oidcProviderName?: string;
+    /**
+     * The URL of the identity provider. The URL must begin with https:// and
+     * should correspond to the iss claim in the provider's OpenID Connect ID
+     * tokens. Per the OIDC standard, path components are allowed but query
+     * parameters are not. Typically the URL consists of only a hostname, like
+     * https://server.example.org or https://example.com.
+     *
+     * You cannot register the same provider multiple times in a single AWS
+     * account. If you try to submit a URL that has already been used for an
+     * OpenID Connect provider in the AWS account, you will get an error.
+     *
+     * Warning: This URL cannot contain any port numbers
+     */
+    readonly url: string;
+    /**
+     * A list of client IDs (also known as audiences). When a mobile or web app
+     * registers with an OpenID Connect provider, they establish a value that
+     * identifies the application. (This is the value that's sent as the client_id
+     * parameter on OAuth requests.)
+     *
+     * You can register multiple client IDs with the same provider. For example,
+     * you might have multiple applications that use the same OIDC provider. You
+     * cannot register more than 100 client IDs with a single IAM OIDC provider.
+     *
+     * Client IDs are up to 255 characters long.
+     *
+     * @default - no clients are allowed
+     */
+    readonly clientIds?: string[];
+    /**
+     * A list of server certificate thumbprints for the OpenID Connect (OIDC)
+     * identity provider's server certificates.
+     *
+     * Typically this list includes only 1 entry or empty. However, IAM lets
+     * you have up to 5 thumbprints for an OIDC provider. This lets you maintain
+     * multiple thumbprints if the identity provider is rotating certificates.
+     *
+     * The server certificate thumbprint is the hex-encoded SHA-1 hash value of
+     * the X.509 certificate used by the domain where the OpenID Connect provider
+     * makes its keys available. It is always a 40-character string.
+     *
+     * For example, assume that the OIDC provider is server.example.com and the
+     * provider stores its keys at https://keys.server.example.com/openid-connect.
+     * In that case, the thumbprint string would be the hex-encoded SHA-1 hash
+     * value of the certificate used by https://keys.server.example.com.
+     *
+     * This property is optional. If it is not included, IAM will retrieve and use
+     * the top intermediate certificate authority (CA) thumbprint of the OpenID
+     * Connect identity provider server certificate.
+     *
+     * Obtain the thumbprint of the root certificate authority from the provider's
+     * server as described in https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc_verify-thumbprint.html
+     *
+     * @default - no thumbprints are allowed. IAM will retrieve and use thumbprint
+     * of idenity provider server cerctificate
+     */
+    readonly thumbprints?: string[];
+    /**
+     * The removal policy to apply to the OpenID Connect Provider.
+     *
+     * @default - RemovalPolicy.DESTROY
+     */
+    readonly removalPolicy?: RemovalPolicy;
+}
+/**
+ * IAM OIDC identity providers are entities in IAM that describe an external
+ * identity provider (IdP) service that supports the OpenID Connect (OIDC)
+ * standard, such as Google or Salesforce. You use an IAM OIDC identity provider
+ * when you want to establish trust between an OIDC-compatible IdP and your AWS
+ * account. This is useful when creating a mobile app or web application that
+ * requires access to AWS resources, but you don't want to create custom sign-in
+ * code or manage your own user identities.
+ *
+ * @see http://openid.net/connect
+ * @see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html
+ *
+ * @resource AWS::IAM::OIDCProvider
+ */
+export declare class OidcProviderNative extends Resource implements IOidcProvider {
+    /** Uniquely identifies this class. */
+    static readonly PROPERTY_INJECTION_ID: string;
+    /**
+     * Imports an Open ID connect provider from an ARN.
+     * @param scope The definition scope
+     * @param id ID of the construct
+     * @param oidcProviderArn the ARN to import
+     */
+    static fromOidcProviderArn(scope: Construct, id: string, oidcProviderArn: string): IOidcProvider;
+    private readonly resource;
+    get openIdConnectProviderArn(): string;
+    get openIdConnectProviderIssuer(): string;
+    /**
+     * Defines a Native OpenID Connect provider.
+     * @param scope The definition scope
+     * @param id Construct ID
+     * @param props Initialization properties
+     */
+    constructor(scope: Construct, id: string, props: OidcProviderNativeProps);
+    /**
+     * The Amazon Resource Name (ARN) of the Native IAM OpenID Connect provider.
+     *
+     * @attribute
+     */
+    get oidcProviderArn(): string;
+    /**
+     * The issuer for the Native OIDC Provider
+     *
+     * @attribute
+     */
+    get oidcProviderIssuer(): string;
+    /**
+     * The thumbprints configured for this provider.
+     *
+     * @attribute
+     */
+    get oidcProviderThumbprints(): string;
+    get oidcProviderRef(): OIDCProviderReference;
+}