No requirements.
No providers.
Name | Source | Version |
---|---|---|
azuread | ../modules/aws-iam-azuread-saml-sso | n/a |
No resources.
Name | Description | Type | Default | Required |
---|---|---|---|---|
Azure_AD_SSO_Roles | List of IAM Roles to be created. These roles will be federated wih Azure AD SAML 2.0 Auth | list(object({ |
[] |
no |
additional_tags | Tags as Key/Value pair map. These tags are attached all the resources created by module | map(string) |
{} |
no |
aws_region | AWS Region where resources will be created | string |
"us-east-1" |
no |
azure_ad_provisioner_user | IAM user to create for Azure AD SSO provisioning, If not specified user will be auto generated | string |
"" |
no |
enable_kms_key_rotation | Specifies whether KMS key rotation is enabled | bool |
true |
no |
kms_description | The description of the KMS key as viewed in AWS console | string |
"SSM Parameter Store KMS master key used for AzureAD user secret" |
no |
kms_key_deletion_days | Duration in days after which the key is deleted after destruction of the resource | number |
10 |
no |
namespace | Namespace used as one of the combination for tags prefix. Usually goes to Name tag | string |
"example" |
no |
pgp_key_file | PGP key file path to encrypt the AzureAD user secret_access_key, so that state file will not save them in plain text | string |
n/a | yes |
saml_xml_file_path | An XML document generated by an identity provider that supports SAML 2.0 | string |
n/a | yes |
stage | Stage used as one of the combination for tags prefix. Usually goes to Name tag and helps identify environment. Default is set to dev |
string |
"dev" |
no |
use_ssm_store_sso_secrets | When set to true, SSM parameter store will be used for storing the secrets for AzureAD user instead of secrets manager | bool |
false |
no |
No outputs.