Skip to main content

Reference for the teleport_access_monitoring_rule Terraform resource

Example Usage

resource "teleport_access_monitoring_rule" "test" {
  version = "v1"
  metadata = {
    name = "test"
  }
  spec = {
    subjects  = ["access_request"]
    condition = "access_request.spec.roles.contains(\"your_role_name\")"
    notification = {
      name       = "slack"
      recipients = ["your-slack-channel"]
    }
  }
}

Schema

Required

  • spec (Attributes) Spec is an AccessMonitoringRule specification (see below for nested schema)
  • version (String) version is version

Optional

  • metadata (Attributes) metadata is the rules's metadata. (see below for nested schema)
  • sub_kind (String) sub_kind is an optional resource sub kind, used in some resources

Nested Schema for spec

Required:

  • subjects (List of String) subjects the rule operates on, can be a resource kind or a particular resource property.

Optional:

  • condition (String) condition is a predicate expression that operates on the specified subject resources, and determines whether the subject will be moved into desired state.
  • notification (Attributes) notification defines the plugin configuration for notifications if rule is triggered. (see below for nested schema)
  • states (List of String) states are the desired state which the monitoring rule is attempting to bring the subjects matching the condition to.

Nested Schema for spec.notification

Optional:

  • name (String) name is the name of the plugin to which this configuration should apply.
  • recipients (List of String) recipients is the list of recipients the plugin should notify.

Nested Schema for metadata

Required:

  • name (String) name is an object name.

Optional:

  • description (String) description is object description.
  • expires (String) expires is a global expiry time header can be set on any resource in the system.
  • labels (Map of String) labels is a set of labels.