unkinben 00a122135e
ci/woodpecker/pr/plan Pipeline failed
ci/woodpecker/pr/pre-commit Pipeline was successful
Use identity.k8s.syd1.au.unkin.net as provider endpoint
2026-06-28 12:11:47 +10:00
2026-06-28 11:55:26 +10:00
2026-06-28 11:55:26 +10:00
2026-06-28 11:55:26 +10:00
2026-06-28 11:55:26 +10:00
2026-06-28 11:55:26 +10:00
2026-06-28 11:55:26 +10:00

terraform-authentik

Terraform configuration for managing the Authentik identity provider at identity.unkin.net.

Managed Resources

  • Groups — roles and group hierarchy (users are invited manually)
  • SAML providers — SAML application integrations
  • OAuth2/OIDC providers — OAuth2 and OpenID Connect integrations
  • LDAP providers — LDAP provider and outpost configuration
  • Applications — application definitions linked to providers

Configuration

Resources are defined as YAML files under config/:

config/
├── groups/              # Group definitions
├── providers_saml/      # SAML provider definitions
├── providers_oauth2/    # OAuth2/OIDC provider definitions
└── providers_ldap/      # LDAP provider definitions

Usage

make plan     # init + plan
make apply    # init + plan + apply
make format   # format all .tf and .hcl files

Authentication

Set VAULT_ROLEID for local AppRole auth, or VAULT_AUTH_METHOD=kubernetes for CI.

S
Description
Terraform configuration for managing Authentik identity provider
Readme 37 KiB