Reference for the teleport_saml_connector Terraform data-source
Schema
Required
spec(Attributes) Spec is an SAML connector specification. (see below for nested schema)
version(String) Version is the resource version. It must be specified. Supported values are:
v2.
Optional
metadata(Attributes) Metadata holds resource metadata. (see below for nested schema)
sub_kind(String) SubKind is an optional resource sub kind, used in some resources.
Nested Schema for
spec
Required:
acs(String) AssertionConsumerService is a URL for assertion consumer service on the service provider (Teleport's side).
attributes_to_roles(Attributes List) AttributesToRoles is a list of mappings of attribute statements to roles. (see below for nested schema)
Optional:
allow_idp_initiated(Boolean) AllowIDPInitiated is a flag that indicates if the connector can be used for IdP-initiated logins.
assertion_key_pair(Attributes) EncryptionKeyPair is a key pair used for decrypting SAML assertions. (see below for nested schema)
audience(String) Audience uniquely identifies our service provider.
cert(String, Sensitive) Cert is the identity provider certificate PEM. IDP signs
<Response>responses using this certificate.
client_redirect_settings(Attributes) ClientRedirectSettings defines which client redirect URLs are allowed for non-browser SSO logins other than the standard localhost ones. (see below for nested schema)
display(String) Display controls how this connector is displayed.
entity_descriptor(String, Sensitive) EntityDescriptor is XML with descriptor. It can be used to supply configuration parameters in one XML file rather than supplying them in the individual elements.
entity_descriptor_url(String) EntityDescriptorURL is a URL that supplies a configuration XML.
issuer(String) Issuer is the identity provider issuer.
provider(String) Provider is the external identity provider.
service_provider_issuer(String) ServiceProviderIssuer is the issuer of the service provider (Teleport).
signing_key_pair(Attributes) SigningKeyPair is an x509 key pair used to sign AuthnRequest. (see below for nested schema)
single_logout_url(String) SingleLogoutURL is the SAML Single log-out URL to initiate SAML SLO (single log-out). If this is not provided, SLO is disabled.
sso(String) SSO is the URL of the identity provider's SSO service.
Nested Schema for
spec.attributes_to_roles
Optional:
name(String) Name is an attribute statement name.
roles(List of String) Roles is a list of static teleport roles to map to.
value(String) Value is an attribute statement value to match.
Nested Schema for
spec.assertion_key_pair
Optional:
cert(String) Cert is a PEM-encoded x509 certificate.
private_key(String, Sensitive) PrivateKey is a PEM encoded x509 private key.
Nested Schema for
spec.client_redirect_settings
Optional:
allowed_https_hostnames(List of String) a list of hostnames allowed for https client redirect URLs
insecure_allowed_cidr_ranges(List of String) a list of CIDRs allowed for HTTP or HTTPS client redirect URLs
Nested Schema for
spec.signing_key_pair
Optional:
cert(String) Cert is a PEM-encoded x509 certificate.
private_key(String, Sensitive) PrivateKey is a PEM encoded x509 private key.
Nested Schema for
metadata
Required:
name(String) Name is an object name
Optional:
description(String) Description is object description
expires(String) Expires is a global expiry time header can be set on any resource in the system.
labels(Map of String) Labels is a set of labels