Class Authority (1.17.3)

Authority(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details:

Attributes
Name	Description
`issuer`	`str` Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters.="" if="" set,="" then="" google="" will="" allow="" valid="" oidc="" tokens="" from="" this="" issuer="" to="" authenticate="" within="" the="" workload_identity_pool.="" oidc="" discovery="" will="" be="" performed="" on="" this="" uri="" to="" validate="" tokens="" from="" the="" issuer.="" clearing="">`issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity).
`workload_identity_pool`	`str` Output only. The name of the workload identity pool in which `issuer` will be recognized. There is a single Workload Identity Pool per Hub that is shared between all Memberships that belong to that Hub. For a Hub hosted in {PROJECT_ID}, the workload pool format is `{PROJECT_ID}.hub.id.goog`, although this is subject to change in newer versions of this API.
`identity_provider`	`str` Output only. An identity provider that reflects the `issuer` in the workload identity pool.
`oidc_jwks`	`bytes` Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field.

Class Authority (1.17.3) Stay organized with collections Save and categorize content based on your preferences.