Simplifying Zero Trust Security for AWS with Teleport
Jan 23
Virtual
Register Now
Teleport logoTry For Free
Fork me on GitHub

Teleport

TeleportGithubConnector

This guide is a comprehensive reference to the fields in the TeleportGithubConnector resource, which you can apply after installing the Teleport Kubernetes operator.

resources.teleport.dev/v3

apiVersion: resources.teleport.dev/v3

FieldTypeDescription
apiVersionstringAPIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kindstringKind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadataobject
specobjectGithubConnector resource definition v3 from Teleport

spec

FieldTypeDescription
api_endpoint_urlstringAPIEndpointURL is the URL of the API endpoint of the Github instance this connector is for.
client_idstringClientID is the Github OAuth app client ID.
client_redirect_settingsobjectClientRedirectSettings defines which client redirect URLs are allowed for non-browser SSO logins other than the standard localhost ones.
client_secretstringClientSecret is the Github OAuth app client secret. This field supports secret lookup. See the operator documentation for more details.
displaystringDisplay is the connector display name.
endpoint_urlstringEndpointURL is the URL of the GitHub instance this connector is for.
redirect_urlstringRedirectURL is the authorization callback URL.
teams_to_roles[]objectTeamsToRoles maps Github team memberships onto allowed roles.

spec.client_redirect_settings

FieldTypeDescription
allowed_https_hostnames[]stringa list of hostnames allowed for https client redirect URLs
insecure_allowed_cidr_ranges[]stringa list of CIDRs allowed for HTTP or HTTPS client redirect URLs

spec.teams_to_roles items

FieldTypeDescription
organizationstringOrganization is a Github organization a user belongs to.
roles[]stringRoles is a list of allowed logins for this org/team.
teamstringTeam is a team within the organization a user belongs to.