# Identity Provider Creation **Objective:** Creating an identity provider for an Amazon Elastic Kubernetes Service (EKS) cluster. The identity provider is necessary for authenticating users and granting them access to the EKS cluster. #### Prerequisites * Access to the AWS Management Console * A deployed EKS cluster * OIDC Url: \[Enter the OIDC URL obtained from the EKS stack output] * Gathered information from the Cloudformation EKS stack outputs: * OIDC Audience Name: \[Enter the OIDC Audience Name obtained from the EKS stack output] #### Instructions Below is a video guide for the following instructions: {% embed url="" %} **Step 1: Sign in to the AWS Management Console** 1. Open a web browser and navigate to the AWS Management Console ([https://console.aws.amazon.com](https://console.aws.amazon.com/)). 2. Enter your login credentials to access your AWS account. **Step 2: Navigate to the IAM (Identity and Access Management) service.** 1. Once logged in, search for "IAM" in the AWS Management Console search bar. 2. Click on the "IAM" service from the search results to open the IAM dashboard. **Step 3: Creating an Identity Provider** 1. In the IAM dashboard, click on "Identity providers" in the left-hand navigation pane under Access management **Step 4: Add an Identity provider** 1. Click on the "Add provider" button. 2. On the "Add provider" page, select "OpenID Connect" as the provider type. **Step 5: Enter the following details:** * Provider URL: (e.g., ""). * Audience: \[sts.amazonaws.com] **Step 6: Collect the Fingerprint** 1. Click on the “Get Thumbprint”. 2. Now Click on the "Add Provider" button. **Step 7: Validation** 1. If everything appears correct, You will see your Identity provider in the home page. You are now ready to proceed to the next step, which involves running a script in the AWS Cloud Shell. The `.env`file will be used in the script to configure the deployment. **Note:** Ensure that you keep the `.env` file secure and do not share it with unauthorized individuals. It contains sensitive information related to your EKS cluster. Now proceed to Stage 3: Running the Script in AWS Cloud Shell. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://launchnodes.gitbook.io/lacchain/identity-provider-creation.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.