Teleport
Reference for the teleport_app Terraform resource
Version preview- Older Versions
Example Usage
# Teleport App
resource "teleport_app" "example" {
version = "v3"
metadata = {
name = "example"
description = "Test app"
labels = {
"teleport.dev/origin" = "dynamic" // This label is added on Teleport side by default
}
}
spec = {
uri = "localhost:3000"
}
}
Schema
Required
version
(String) Version is the resource version. It must be specified. Supported values are:v3
.
Optional
metadata
(Attributes) Metadata is the app resource metadata. (see below for nested schema)spec
(Attributes) Spec is the app resource spec. (see below for nested schema)sub_kind
(String) SubKind is an optional resource subkind.
Nested Schema for metadata
Required:
name
(String) Name is an object name
Optional:
description
(String) Description is object descriptionexpires
(String) Expires is a global expiry time header can be set on any resource in the system.labels
(Map of String) Labels is a set of labels
Nested Schema for spec
Optional:
aws
(Attributes) AWS contains additional options for AWS applications. (see below for nested schema)cloud
(String) Cloud identifies the cloud instance the app represents.cors
(Attributes) CORSPolicy defines the Cross-Origin Resource Sharing settings for the app. (see below for nested schema)dynamic_labels
(Attributes Map) DynamicLabels are the app's command labels. (see below for nested schema)identity_center
(Attributes) IdentityCenter encasulates AWS identity-center specific information. Only valid for Identity Center account apps. (see below for nested schema)insecure_skip_verify
(Boolean) InsecureSkipVerify disables app's TLS certificate verification.integration
(String) Integration is the integration name that must be used to access this Application. Only applicable to AWS App Access. If present, the Application must use the Integration's credentials instead of ambient credentials to access Cloud APIs.public_addr
(String) PublicAddr is the public address the application is accessible at.required_app_names
(List of String) RequiredAppNames is a list of app names that are required for this app to function. Any app listed here will be part of the authentication redirect flow and authenticate along side this app.rewrite
(Attributes) Rewrite is a list of rewriting rules to apply to requests and responses. (see below for nested schema)uri
(String) URI is the web app endpoint.user_groups
(List of String) UserGroups are a list of user group IDs that this app is associated with.
Nested Schema for spec.aws
Optional:
external_id
(String) ExternalID is the AWS External ID used when assuming roles in this app.
Nested Schema for spec.cors
Optional:
allow_credentials
(Boolean) allow_credentials indicates whether credentials are allowed.allowed_headers
(List of String) allowed_headers specifies which headers can be used when accessing the app.allowed_methods
(List of String) allowed_methods specifies which methods are allowed when accessing the app.allowed_origins
(List of String) allowed_origins specifies which origins are allowed to access the app.exposed_headers
(List of String) exposed_headers indicates which headers are made available to scripts via the browser.max_age
(Number) max_age indicates how long (in seconds) the results of a preflight request can be cached.
Nested Schema for spec.dynamic_labels
Optional:
command
(List of String) Command is a command to runperiod
(String) Period is a time between command runsresult
(String) Result captures standard output
Nested Schema for spec.identity_center
Optional:
account_id
(String) Account ID is the AWS-assigned ID of the accountpermission_sets
(Attributes List) PermissionSets lists the available permission sets on the given account (see below for nested schema)
Nested Schema for spec.identity_center.permission_sets
Optional:
arn
(String) ARN is the fully-formed ARN of the Permission Set.name
(String) Name is the human-readable name of the Permission Set.
Nested Schema for spec.rewrite
Optional:
headers
(Attributes List) Headers is a list of headers to inject when passing the request over to the application. (see below for nested schema)jwt_claims
(String) JWTClaims configures whether roles/traits are included in the JWT token.redirect
(List of String) Redirect defines a list of hosts which will be rewritten to the public address of the application if they occur in the "Location" header.
Nested Schema for spec.rewrite.headers
Optional:
name
(String) Name is the http header name.value
(String) Value is the http header value.