Skip to main content
Version: 19.x (unreleased)

Reference for the teleport_app_auth_config Terraform data-source

Report an Issue

This page describes the supported values of the teleport_app_auth_config data source of the Teleport Terraform provider.

Schema

Required

  • metadata (Attributes) Metadata is the app auth config resource's metadata. (see below for nested schema)
  • spec (Attributes) Spec is the app auth config specification. (see below for nested schema)
  • version (String) Version is the app auth config resource version.

Optional

  • sub_kind (String) SubKind is the app auth config subkind.

Nested Schema for metadata

Required:

  • name (String) name is an object name.

Optional:

  • description (String) description is object description.
  • expires (String) expires is a global expiry time header can be set on any resource in the system.
  • labels (Map of String) labels is a set of labels.

Nested Schema for spec

Optional:

  • app_labels (Attributes List) AppLabels is used to define the app_labels matcher, which selects applications that can use this authentication conifg. An empty value means no application will use it. (see below for nested schema)
  • jwt (Attributes) Jwt is the JWT authentication config spec. (see below for nested schema)

Nested Schema for spec.app_labels

Optional:

  • name (String) The name of the label.
  • values (List of String) The values associated with the label.

Nested Schema for spec.jwt

Optional:

  • audience (String) Audience is the expected token audience. It will usually be a OAuth client_id issued for Teleport use.
  • authorization_header (String) AuthorizationHeader is the HTTP header name that will contain the token. Defaults to Authorization.
  • issuer (String) Issuer is the JWT token issuer name. This value is used to verify the token.
  • jwks_url (String) JwksUrl is the JSON Web Key Set (JWKS) URL used to fetch signing keys.
  • static_jwks (String) StaticJwks is the JSON Web Key Set (JWKS) formatted public keys of the token issuer in JSON format.
  • username_claim (String) UsernameClaim specifies which token claim name's value will be used as the username. Defaults to email.