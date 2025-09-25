Reference for the teleport_trusted_cluster Terraform resource
This page describes the supported values of the teleport_trusted_cluster resource of the Teleport Terraform provider.
Example Usage
# Teleport trusted cluster
resource "teleport_trusted_cluster" "cluster" {
version = "v2"
metadata = {
name = "primary"
labels = {
test = "yes"
}
}
spec = {
enabled = false
role_map = [{
remote = "test"
local = ["admin"]
}]
proxy_addr = "localhost:3080"
token = "salami"
}
}
Schema
Required
spec(Attributes) Spec is a Trusted Cluster specification. (see below for nested schema)
version(String) Version is the resource version. It must be specified. Supported values are:
v2.
Optional
metadata(Attributes) Metadata holds resource metadata. (see below for nested schema)
sub_kind(String) SubKind is an optional resource sub kind, used in some resources.
Nested Schema for
spec
Optional:
enabled(Boolean) Enabled is a bool that indicates if the TrustedCluster is enabled or disabled. Setting Enabled to false has a side effect of deleting the user and host certificate authority (CA).
role_map(Attributes List) RoleMap specifies role mappings to remote roles. (see below for nested schema)
roles(List of String) Roles is a list of roles that users will be assuming when connecting to this cluster.
token(String, Sensitive) Token is the authorization token provided by another cluster needed by this cluster to join.
tunnel_addr(String) ReverseTunnelAddress is the address of the SSH proxy server of the cluster to join. If not set, it is derived from
<metadata.name>:<default reverse tunnel port>.
web_proxy_addr(String) ProxyAddress is the address of the web proxy server of the cluster to join. If not set, it is derived from
<metadata.name>:<default web proxy server port>.
Nested Schema for
spec.role_map
Optional:
local(List of String) Local specifies local roles to map to
remote(String) Remote specifies remote role name to map from
Nested Schema for
metadata
Required:
name(String) Name is an object name
Optional:
description(String) Description is object description
expires(String) Expires is a global expiry time header can be set on any resource in the system.
labels(Map of String) Labels is a set of labels