View a markdown version of this page

AWS::BedrockAgentCore::OAuth2CredentialProvider MicrosoftOauth2ProviderConfigInput - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

This is the new Amazon CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the Amazon CloudFormation User Guide.

AWS::BedrockAgentCore::OAuth2CredentialProvider MicrosoftOauth2ProviderConfigInput

Input configuration for a Microsoft OAuth2 provider.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{ "ClientId" : String, "ClientSecret" : String, "ClientSecretConfig" : SecretReference, "ClientSecretSource" : String, "TenantId" : String }

Properties

ClientId

The client ID for the Microsoft OAuth2 provider.

Required: Yes

Type: String

Minimum: 1

Maximum: 256

Update requires: No interruption

ClientSecret

The client secret for the Microsoft OAuth2 provider.

Required: No

Type: String

Minimum: 1

Maximum: 2048

Update requires: No interruption

ClientSecretConfig

A reference to the Amazon Secrets Manager secret that stores the client secret. This includes the secret ID and the JSON key used to extract the client secret value from the secret. Required when clientSecretSource is set to EXTERNAL.

Required: No

Type: SecretReference

Update requires: No interruption

ClientSecretSource

The source type of the client secret. Use MANAGED if the secret is managed by the service, or EXTERNAL if you manage the secret yourself in Amazon Secrets Manager.

Required: No

Type: String

Allowed values: MANAGED | EXTERNAL

Update requires: No interruption

TenantId

The Microsoft Entra ID (formerly Azure AD) tenant ID for your organization. This identifies the specific tenant within Microsoft's identity platform where your application is registered.

Required: No

Type: String

Minimum: 1

Maximum: 2048

Update requires: No interruption