teleport-plugin-slack Chart Reference

The teleport-plugin-slack Helm chart is used to configure the Slack Teleport plugin, which allows users to receive Access Requests via channels or direct messages in Slack.

You can browse the source on GitHub.

This reference details available values for the teleport-plugin-slack chart.

teleport.address

This parameter contains the host/port combination of the Teleport Proxy Service (or the Auth Service if you are configuring your plugin to connect to it directly).

values.yaml example:

teleport:
  address: "teleport.example.com:3025"

teleport.identitySecretName

Name of the Kubernetes secret that contains the credentials for the connection to your Teleport cluster.

The secret should be in the following format:

apiVersion: v1
kind: Secret
type: Opaque
metadata:
  name: teleport-plugin-slack-identity
data:
  auth_id: ...

Check out the Access Requests with Slack guide for more information about how to acquire these credentials.

values.yaml example:

teleport:
  identitySecretName: "teleport-plugin-slack-identity"

teleport.identitySecretPath

The key in the Kubernetes secret specified by teleport.identitySecretName that holds the credentials for the connection to your Teleport cluster. If the secret has the path, "auth_id", you can omit this field.

values.yaml example:

teleport:
  identitySecretPath: "auth_id"

slack.token

Slack token of the bot user to impersonate when sending Access Request messages. Ignored when slack.tokenFromSecret is set. It's only recommended for testing purposes. Please use slack.tokenFromSecret instead.

values.yaml example:

slack:
  token: "xoxb-1234"

slack.tokenFromSecret

Secret containing the Slack token of the bot user.

values.yaml example:

slack:
  tokenFromSecret: "teleport-slack-plugin-token"

slack.tokenSecretPath

Key where the token is located inside the secret specified by slack.tokenFromSecret.

values.yaml example:

slack:
  tokenSecretPath: "token"

roleToRecipients

Mapping of roles to a list of channels and Slack emails. It must contain a mapping for * in case no matching roles are found.

values.yaml example:

roleToRecipients:
  dev: ["dev-access-requests", "[email protected]"]
  "*": ["access-requests"]

log.output

Logger output. Could be stdout, stderr or a file name, eg. /var/log/teleport/slack.log

values.yaml example:

log:
  output: /var/log/teleport/slack.log

log.severity

Logger severity. Possible values are INFO, ERROR, DEBUG or WARN.

values.yaml example:

log:
  severity: DEBUG

annotations.config

Kubernetes reference

Kubernetes annotations which should be applied to the ConfigMap created by the chart.

values.yaml example:

annotations:
  config:
    kubernetes.io/annotation: value

annotations.deployment

Kubernetes reference

Kubernetes annotations which should be applied to the Deployment created by the chart.

values.yaml example:

annotations:
  deployment:
    kubernetes.io/annotation: value

annotations.pod

Kubernetes reference

Kubernetes annotations which should be applied to each Pod created by the chart.

values.yaml example:

annotations:
  pod:
    kubernetes.io/annotation: value

annotations.secret

Kubernetes reference

Kubernetes annotations which should be applied to the Secret created by the chart.

values.yaml example:

annotations:
  secret:
    kubernetes.io/annotation: value