Skip to content

Commit b6f0081

Browse files
blink1073blink1073
authored
PYTHON-3601 OIDC: Fix documentation example and remove EKS section (#1614)
1 parent b5e54aa commit b6f0081

File tree

1 file changed

+1
-28
lines changed

1 file changed

+1
-28
lines changed

doc/examples/authentication.rst

Lines changed: 1 addition & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -455,32 +455,6 @@ Custom Callbacks
455455
For environments that are not directly supported by the driver, you can use :class:`~pymongo.auth_oidc.OIDCCallback`.
456456
Some examples are given below.
457457

458-
AWS EKS
459-
^^^^^^^
460-
461-
For an EKS Cluster with a configured `IAM OIDC provider`_, the token can be read from a path given by
462-
the ``AWS_WEB_IDENTITY_TOKEN_FILE`` environment variable.
463-
464-
.. code-block:: python
465-
466-
import os
467-
from pymongo.auth_oidc import OIDCCallback, OIDCCallbackContext, OIDCCallbackResult
468-
469-
470-
class MyCallback(OIDCCallback):
471-
def fetch(self, context: OIDCCallbackContext) -> OIDCCallbackResult:
472-
with open(os.environ["AWS_WEB_IDENTITY_TOKEN_FILE"]) as fid:
473-
token = fid.read()
474-
return OIDCCallbackResult(access_token=token)
475-
476-
477-
uri = os.environ["MONGODB_URI"]
478-
props = {"OIDC_CALLBACK": MyCallback()}
479-
c = MongoClient(uri, authMechanism="MONGODB-OIDC", authMechanismProperties=props)
480-
c.test.test.insert_one({})
481-
c.close()
482-
483-
484458
Other Azure Environments
485459
^^^^^^^^^^^^^^^^^^^^^^^^
486460

@@ -510,7 +484,7 @@ managed identity.
510484
511485
512486
props = {"OIDC_CALLBACK": MyCallback()}
513-
c = MongoClient(uri, authMechanismProperties=props)
487+
c = MongoClient(uri, authMechanism="MONGODB-OIDC", authMechanismProperties=props)
514488
c.test.test.insert_one({})
515489
c.close()
516490
@@ -543,6 +517,5 @@ service account token file location.
543517
.. _Azure Internal Metadata Service: https://learn.microsoft.com/en-us/azure/virtual-machines/instance-metadata-service
544518
.. _configured on your MongoDB deployment: https://www.mongodb.com/docs/manual/reference/parameters/#mongodb-parameter-param.oidcIdentityProviders
545519
.. _GCP Internal Metadata Service: https://cloud.google.com/compute/docs/metadata/querying-metadata
546-
.. _IAM OIDC provider: https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html
547520
.. _azure-identity package: https://pypi.org/project/azure-identity/
548521
.. _configured service account: https://cloud.google.com/kubernetes-engine/docs/how-to/service-accounts

0 commit comments

Comments
 (0)