Hardening Infrastructure Security Against SSO Identity Provider Compromise
Jul 11
Virtual
Register Today
Support
LOG IN
Teleport logoTry For Free
Contact SalesTry for Free
Support
LOG IN
Fork me on GitHub

Teleport

Reference for the teleport_okta_import_rule Terraform resource

Version 16.x

Example Usage 

# Teleport Okta Import Rule resource

resource "teleport_okta_import_rule" "example" {
  metadata = {
    description = "Example Okta Import Rule"
    labels = {
      "example" = "yes"
    }
  }

  version = "v1"

  spec = {
    priority = 100
    mappings = [
      {
        add_labels = {
          "label1" : "value1"
        }
        match = [
          {
            app_ids = ["1", "2", "3"]
          },
        ],
      },
      {
        add_labels = {
          "label2" : "value2"
        }
        match = [
          {
            group_ids = ["1", "2", "3"]
          },
        ],
      },
      {
        add_labels = {
          "label3" : "value3",
        }
        match = [
          {
            group_name_regexes = ["^.*$"]
          },
        ],
      },
      {
        add_labels = {
          "label4" : "value4",
        }
        match = [
          {
            app_name_regexes = ["^.*$"]
          },
        ],
      }
    ]
  }
}

Schema

Required

  • spec (Attributes) Spec is the specification for the Okta import rule. (see below for nested schema)
  • version (String) Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by "v". For example: v1

Optional

  • metadata (Attributes) Metadata is resource metadata (see below for nested schema)
  • sub_kind (String) SubKind is an optional resource sub kind, used in some resources

Nested Schema for spec

Optional:

  • mappings (Attributes List) Mappings is a list of matches that will map match conditions to labels. (see below for nested schema)
  • priority (Number) Priority represents the priority of the rule application. Lower numbered rules will be applied first.

Nested Schema for spec.mappings

Optional:

  • add_labels (Map of String) AddLabels specifies which labels to add if any of the previous matches match.
  • match (Attributes List) Match is a set of matching rules for this mapping. If any of these match, then the mapping will be applied. (see below for nested schema)

Nested Schema for spec.mappings.match

Optional:

  • app_ids (List of String) AppIDs is a list of app IDs to match against.
  • app_name_regexes (List of String) AppNameRegexes is a list of regexes to match against app names.
  • group_ids (List of String) GroupIDs is a list of group IDs to match against.
  • group_name_regexes (List of String) GroupNameRegexes is a list of regexes to match against group names.

Nested Schema for metadata

Required:

  • name (String) Name is an object name

Optional:

  • description (String) Description is object description
  • expires (String) Expires is a global expiry time header can be set on any resource in the system.
  • labels (Map of String) Labels is a set of labels