Securing Infrastructure Access at Scale in Large Enterprises
Dec 12
Virtual
Register Now
Teleport logoTry For Free
Fork me on GitHub

Teleport

Reference for the teleport_static_host_user Terraform resource

Example Usage

resource "teleport_static_host_user" "test" {
  version = "v2"
  metadata = {
    name = "test"
  }
  spec = {
    matchers = [
      {
        node_labels = [
          {
            name   = "foo"
            values = ["bar"]
          }
        ]
        node_labels_expression = "labels.foo == \"bar\""
        groups                 = ["foo", "bar"]
        sudoers                = ["abcd1234"]
        uid                    = 1234
        gid                    = 1234
        default_shell          = "/bin/bash"
      }
    ]
  }
}

Schema

Required

  • metadata (Attributes) metadata is resource metadata. (see below for nested schema)
  • spec (Attributes) spec is the static host user spec. (see below for nested schema)
  • version (String) version is the resource version. It must be specified. Supported values are: v2.

Optional

  • sub_kind (String) sub_kind is an optional resource sub kind, used in some resources.

Nested Schema for metadata

Required:

  • name (String) name is an object name.

Optional:

  • description (String) description is object description.
  • expires (String) expires is a global expiry time header can be set on any resource in the system.
  • labels (Map of String) labels is a set of labels.

Nested Schema for spec

Required:

Nested Schema for spec.matchers

Optional:

  • default_shell (String) default_shell is the new user's default shell
  • gid (Number) gid is the new user's gid.
  • groups (List of String) groups is a list of additional groups to add the user to.
  • node_labels (Attributes List) node_labels is a map of node labels that will create a user from this resource. (see below for nested schema)
  • node_labels_expression (String) node_labels_expression is a predicate expression to create a user from this resource.
  • sudoers (List of String) sudoers is a list of sudoer entries to add.
  • take_ownership_if_user_exists (Boolean) take_ownership_if_user_exists will take ownership of existing, unmanaged users
  • uid (Number) uid is the new user's uid.

Nested Schema for spec.matchers.node_labels

Required:

  • name (String) The name of the label.
  • values (List of String) The values associated with the label.