Fix provider schema for goauthentik/authentik 2026.5.0
- group: parent → parents (list) - saml/oauth2: add required invalidation_flow - oauth2: remove redirect_uris (use allowed_redirect_uris via config) - ldap: replace authorization_flow/search_group with bind_flow/unbind_flow - Add versions.tf with required_providers block - Remove service_connection from outpost (auto-discovered)
This commit is contained in:
@@ -1,9 +1,9 @@
|
||||
variable "groups" {
|
||||
type = map(object({
|
||||
name = string
|
||||
name = string
|
||||
is_superuser = optional(bool, false)
|
||||
parent = optional(string, null)
|
||||
attributes = optional(map(string), {})
|
||||
parents = optional(list(string), null)
|
||||
attributes = optional(map(string), {})
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
@@ -12,9 +12,9 @@ variable "providers_saml" {
|
||||
type = map(object({
|
||||
name = string
|
||||
authorization_flow = string
|
||||
invalidation_flow = string
|
||||
acs_url = string
|
||||
issuer = optional(string, null)
|
||||
sp_binding = optional(string, "post")
|
||||
sp_binding = optional(string, "redirect")
|
||||
audience = optional(string, "")
|
||||
name_id_mapping = optional(string, null)
|
||||
signing_kp = optional(string, null)
|
||||
@@ -24,33 +24,32 @@ variable "providers_saml" {
|
||||
|
||||
variable "providers_oauth2" {
|
||||
type = map(object({
|
||||
name = string
|
||||
authorization_flow = string
|
||||
client_type = optional(string, "confidential")
|
||||
client_id = optional(string, null)
|
||||
client_secret = optional(string, null)
|
||||
redirect_uris = optional(list(string), [])
|
||||
property_mappings = optional(list(string), [])
|
||||
signing_key = optional(string, null)
|
||||
access_token_validity = optional(string, "minutes=5")
|
||||
name = string
|
||||
authorization_flow = string
|
||||
invalidation_flow = string
|
||||
client_type = optional(string, "confidential")
|
||||
client_id = string
|
||||
client_secret = optional(string, null)
|
||||
property_mappings = optional(list(string), [])
|
||||
signing_key = optional(string, null)
|
||||
access_token_validity = optional(string, "minutes=10")
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "providers_ldap" {
|
||||
type = map(object({
|
||||
name = string
|
||||
authorization_flow = string
|
||||
base_dn = string
|
||||
bind_flow = optional(string, null)
|
||||
search_group = optional(string, null)
|
||||
certificate = optional(string, null)
|
||||
tls_server_name = optional(string, null)
|
||||
uid_start_number = optional(number, 2000)
|
||||
gid_start_number = optional(number, 4000)
|
||||
search_mode = optional(string, "cached")
|
||||
bind_mode = optional(string, "cached")
|
||||
mfa_support = optional(bool, true)
|
||||
name = string
|
||||
bind_flow = string
|
||||
unbind_flow = string
|
||||
base_dn = string
|
||||
certificate = optional(string, null)
|
||||
tls_server_name = optional(string, null)
|
||||
uid_start_number = optional(number, 2000)
|
||||
gid_start_number = optional(number, 4000)
|
||||
search_mode = optional(string, "direct")
|
||||
bind_mode = optional(string, "direct")
|
||||
mfa_support = optional(bool, true)
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user