Reference for the teleport_access_monitoring_rule Terraform resource
Example Usage
resource "teleport_access_monitoring_rule" "test" {
version = "v1"
metadata = {
name = "test"
}
spec = {
subjects = ["access_request"]
condition = "access_request.spec.roles.contains(\"your_role_name\")"
notification = {
name = "slack"
recipients = ["your-slack-channel"]
}
}
}
Schema
Required
spec
(Attributes) Spec is an AccessMonitoringRule specification (see below for nested schema)version
(String) version is version
Optional
metadata
(Attributes) metadata is the rules's metadata. (see below for nested schema)sub_kind
(String) sub_kind is an optional resource sub kind, used in some resources
Nested Schema for spec
Required:
subjects
(List of String) subjects the rule operates on, can be a resource kind or a particular resource property.
Optional:
condition
(String) condition is a predicate expression that operates on the specified subject resources, and determines whether the subject will be moved into desired state.notification
(Attributes) notification defines the plugin configuration for notifications if rule is triggered. (see below for nested schema)states
(List of String) states are the desired state which the monitoring rule is attempting to bring the subjects matching the condition to.
Nested Schema for spec.notification
Optional:
name
(String) name is the name of the plugin to which this configuration should apply.recipients
(List of String) recipients is the list of recipients the plugin should notify.
Nested Schema for metadata
Required:
name
(String) name is an object name.
Optional:
description
(String) description is object description.expires
(String) expires is a global expiry time header can be set on any resource in the system.labels
(Map of String) labels is a set of labels.