Skip to content

Latest commit

 

History

History

oidc-config-and-provider

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

README.md

oidc-provider

Introduction

This Terraform sub-module manages the OpenID Connect (OIDC) provider and configuration for ROSA Classic clusters. It allows you to define and configure the OIDC provider settings necessary for authentication within the ROSA Classic cluster environment. With this module, you can easily set up OIDC integration tailored to your requirements, enabling seamless authentication and access control mechanisms for ROSA Classic clusters.

For more information, see OpenID Connect Overview in the ROSA documentation.

Example Usage

module "oidc_config_and_provider" {
  source = "terraform-redhat/rosa-classic/rhcs/modules/oidc-config-and-provider"

  managed = true
}

Requirements

Name Version
terraform >= 1.0
aws >= 4.0
null >= 3.0.0
rhcs >= 1.6.2
time >= 0.9

Providers

Name Version
aws >= 4.0
null >= 3.0.0
rhcs >= 1.6.2
time >= 0.9

Modules

Name Source Version
aws_s3_bucket terraform-aws-modules/s3-bucket/aws >=4.1.0
aws_secrets_manager terraform-aws-modules/secrets-manager/aws >=1.1.1

Resources

Name Type
aws_iam_openid_connect_provider.oidc_provider resource
aws_s3_object.discrover_doc_object resource
aws_s3_object.s3_object resource
null_resource.unmanaged_vars_validation resource
rhcs_rosa_oidc_config.oidc_config resource
rhcs_rosa_oidc_config_input.oidc_input resource
time_sleep.wait_10_seconds resource
aws_iam_policy_document.allow_access_from_another_account data source
aws_partition.current data source
aws_region.current data source

Inputs

Name Description Type Default Required
installer_role_arn The Amazon Resource Name (ARN) associated with the AWS IAM role used by the ROSA installer. Applicable exclusively to unmanaged OIDC; otherwise, leave empty. string null no
managed Indicates whether it is a Red Hat managed or unmanaged (customer hosted) OIDC Configuration bool true no
tags List of AWS resource tags to apply. map(string) null no

Outputs

Name Description
oidc_config_id The unique identifier associated with users authenticated through OpenID Connect (OIDC) generated by this OIDC config.
oidc_endpoint_url Registered OIDC configuration issuer URL, generated by this OIDC config.