stale-answer-34162
11/08/2023, 1:07 PMsteep-toddler-94095
11/08/2023, 5:36 PMimport { OpenIdConnectProvider } from '@pulumi/aws/iam'
import { getCertificate } from '@pulumi/tls'
new OpenIdConnectProvider('foo', {
clientIdLists: ['sts.amazonaws.com'],
thumbprintLists: [
eksCluster.identities.apply(async (i) =>
getCertificate({
url: i[0].oidcs[0].issuer,
}),
).certificates[0].sha1Fingerprint,
],
url: eksCluster.identities[0].oidcs[0].issuer,
})
stale-answer-34162
11/08/2023, 5:36 PMsteep-toddler-94095
11/08/2023, 5:41 PMeksCluster
with the variable that represents your cluster.
it's not well documented because this isn't really a Pulumi issue - it's an implementation detail of the cloud provider.