Reference for the teleportmwi_kubernetes Terraform data-source

Report an issue with this page

The Kubernetes data source provides credentials to allow other providers to access Kubernetes cluster through Teleport Machine & Workload Identity.

Example Usage

// Warning: The teleportmwi_kubernetes data source will not function correctly
// when the Teleport cluster is fronted by a L7 load balancer that terminates
// TLS.
data "teleportmwi_kubernetes" "my_cluster" {
  selector = {
    name = "my-k8s-cluster"
  }
  credential_ttl = "1h"
}


// https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs
provider "kubernetes" {
  host                   = data.teleportmwi_kubernetes.my_cluster.output.host
  tls_server_name        = data.teleportmwi_kubernetes.my_cluster.output.tls_server_name
  client_certificate     = data.teleportmwi_kubernetes.my_cluster.output.client_certificate
  client_key             = data.teleportmwi_kubernetes.my_cluster.output.client_key
  cluster_ca_certificate = data.teleportmwi_kubernetes.my_cluster.output.cluster_ca_certificate
}

Schema

Required

• selector (Attributes) Selects the Kubernetes cluster to connect to. (see below for nested schema)

Optional

• credential_ttl (String) How long the issued credentials should be valid for. Defaults to 30 minutes.

Read-Only

• output (Attributes) (see below for nested schema)

Nested Schema for selector

Required:

• name (String) The name of the Kubernetes cluster to connect to.

Nested Schema for output

Read-Only:

• client_certificate (String) Compatible with the client_certificate argument of the kubernetes provider.
• client_key (String, Sensitive) Compatible with the client_key argument of the kubernetes provider.
• cluster_ca_certificate (String) Compatible with the cluster_ca_certificate argument of the kubernetes provider.
• host (String) Compatible with the host argument of the kubernetes provider.
• tls_server_name (String) Compatible with the tls_server_name argument of the kubernetes provider.