moj-terraform-aws-sso

This Terraform module creates an Auth0 application and associated integrations to enable AWS SSO.

Usage

module "sso" {
  source                     = "github.com/ministryofjustice/moj-terraform-aws-sso"
  auth0_tenant_domain        = ""
  auth0_client_id            = ""
  auth0_client_secret        = ""
  auth0_debug                = false
  auth0_github_client_id     = ""
  auth0_github_client_secret = ""
  auth0_github_allowed_orgs  = ["example"]
  auth0_allowed_domains      = "@example.com"
  auth0_aws_sso_acs_url      = "https://${region}.signin.aws.amazon.com/platform/saml/acs/${random_key}"
  auth0_aws_sso_issuer_url   = "https://${region}.signin.aws.amazon.com/platform/saml/${random_key}"
  auth0_azure_entraid_client_id = ""
  auth0_azure_entraid_client_secret = ""
  auth0_azure_entraid_domain = "example.com"
}

Requirements

Name	Version
terraform	>= 1.0.0
auth0	>= 1.0.0
aws	>= 5.0.0

Providers

Name	Version
auth0	>= 1.0.0
aws	>= 5.0.0

Modules

No modules.

Resources

Name	Type
auth0_action.allow_github_organisations	resource
auth0_action.saml_mappings	resource
auth0_client.idp_token	resource
auth0_client.saml	resource
auth0_client_grant.idp_grant	resource
auth0_connection.github_saml_connection	resource
auth0_trigger_actions.flow	resource
auth0_client.idp_token	data source
aws_iam_account_alias.current	data source

Inputs

Name	Description	Type	Default	Required
auth0_allowed_domains	A list of authorised domains a user must have as part of their GitHub email addresses	`string`	n/a	yes
auth0_aws_sso_acs_url	AWS SSO: ACS URL	`string`	n/a	yes
auth0_aws_sso_issuer_url	AWS SSO: Issuer URL	`string`	n/a	yes
auth0_client_id	Auth0 client ID (from a Machine to Machine application)	`string`	n/a	yes
auth0_client_secret	Auth0 client secret (from a Machine to Machine application)	`string`	n/a	yes
auth0_debug	Auth0 debug flag	`bool`	`false`	no
auth0_github_allowed_orgs	A list of GitHub organisations a user has to be part of	`list(string)`	n/a	yes
auth0_github_client_id	Auth0: GitHub client ID	`string`	n/a	yes
auth0_github_client_secret	Auth0: GitHub client secret	`string`	n/a	yes
auth0_tenant_domain	Auth0 tenant domain	`string`	n/a	yes
auth0_azure_entraid_client_id	Client id for the azures application	`string`	n/a	yes
auth0_azure_entraid_client_secret	Client secret for the azures application	`string`	n/a	yes
auth0_azure_entraid_domain	Azures application domain name	`string`	n/a	yes

Outputs

No outputs.

Name		Name	Last commit message	Last commit date
Latest commit History 106 Commits
.github		.github
auth0-actions		auth0-actions
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
auth0.tf		auth0.tf
main.tf		main.tf
outputs.tf		outputs.tf
variables.tf		variables.tf
versions.tf		versions.tf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.github

.github

auth0-actions

auth0-actions

.gitignore

.gitignore

LICENSE

LICENSE

README.md

README.md

auth0.tf

auth0.tf

main.tf

main.tf

outputs.tf

outputs.tf

variables.tf

variables.tf

versions.tf

versions.tf

Repository files navigation

moj-terraform-aws-sso

Usage

Requirements

Providers

Modules

Resources

Inputs

Outputs

About

Releases 11

Packages

Contributors 11

Languages

License

ministryofjustice/moj-terraform-aws-sso

Folders and files

Latest commit

History

Repository files navigation

moj-terraform-aws-sso

Usage

Requirements

Providers

Modules

Resources

Inputs

Outputs

About

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Languages