Skip to content

Commit

Permalink
Merge pull request #55 from ministryofjustice/feat/auzres-ad-connecti…
Browse files Browse the repository at this point in the history 
…on-creation

Modification to the documentation and module
  • Loading branch information
@markgov
markgov authored Mar 6, 2024
2 parents 0e8c4d7 + a12941f commit c6cb411
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 12 deletions.
30 changes: 18 additions & 12 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,9 @@ module "sso" {
auth0_allowed_domains = "@example.com"
auth0_aws_sso_acs_url = "https://${region}.signin.aws.amazon.com/platform/saml/acs/${random_key}"
auth0_aws_sso_issuer_url = "https://${region}.signin.aws.amazon.com/platform/saml/${random_key}"
auth0_azure_entraid_client_id = ""
auth0_azure_entraid_client_secret = ""
auth0_azure_entraid_domain = "example.com"
}
```

Expand Down Expand Up @@ -59,18 +62,21 @@ No modules.

## Inputs

| Name | Description | Type | Default | Required |
| --------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------- | -------------- | ------- | :------: |
| <a name="input_auth0_allowed_domains"></a> [auth0_allowed_domains](#input_auth0_allowed_domains) | A list of authorised domains a user must have as part of their GitHub email addresses | `string` | n/a | yes |
| <a name="input_auth0_aws_sso_acs_url"></a> [auth0_aws_sso_acs_url](#input_auth0_aws_sso_acs_url) | AWS SSO: ACS URL | `string` | n/a | yes |
| <a name="input_auth0_aws_sso_issuer_url"></a> [auth0_aws_sso_issuer_url](#input_auth0_aws_sso_issuer_url) | AWS SSO: Issuer URL | `string` | n/a | yes |
| <a name="input_auth0_client_id"></a> [auth0_client_id](#input_auth0_client_id) | Auth0 client ID (from a Machine to Machine application) | `string` | n/a | yes |
| <a name="input_auth0_client_secret"></a> [auth0_client_secret](#input_auth0_client_secret) | Auth0 client secret (from a Machine to Machine application) | `string` | n/a | yes |
| <a name="input_auth0_debug"></a> [auth0_debug](#input_auth0_debug) | Auth0 debug flag | `bool` | `false` | no |
| <a name="input_auth0_github_allowed_orgs"></a> [auth0_github_allowed_orgs](#input_auth0_github_allowed_orgs) | A list of GitHub organisations a user has to be part of | `list(string)` | n/a | yes |
| <a name="input_auth0_github_client_id"></a> [auth0_github_client_id](#input_auth0_github_client_id) | Auth0: GitHub client ID | `string` | n/a | yes |
| <a name="input_auth0_github_client_secret"></a> [auth0_github_client_secret](#input_auth0_github_client_secret) | Auth0: GitHub client secret | `string` | n/a | yes |
| <a name="input_auth0_tenant_domain"></a> [auth0_tenant_domain](#input_auth0_tenant_domain) | Auth0 tenant domain | `string` | n/a | yes |
| Name | Description | Type | Default | Required |
| ------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------- | -------------- | ------- | :------: |
| <a name="input_auth0_allowed_domains"></a> [auth0_allowed_domains](#input_auth0_allowed_domains) | A list of authorised domains a user must have as part of their GitHub email addresses | `string` | n/a | yes |
| <a name="input_auth0_aws_sso_acs_url"></a> [auth0_aws_sso_acs_url](#input_auth0_aws_sso_acs_url) | AWS SSO: ACS URL | `string` | n/a | yes |
| <a name="input_auth0_aws_sso_issuer_url"></a> [auth0_aws_sso_issuer_url](#input_auth0_aws_sso_issuer_url) | AWS SSO: Issuer URL | `string` | n/a | yes |
| <a name="input_auth0_client_id"></a> [auth0_client_id](#input_auth0_client_id) | Auth0 client ID (from a Machine to Machine application) | `string` | n/a | yes |
| <a name="input_auth0_client_secret"></a> [auth0_client_secret](#input_auth0_client_secret) | Auth0 client secret (from a Machine to Machine application) | `string` | n/a | yes |
| <a name="input_auth0_debug"></a> [auth0_debug](#input_auth0_debug) | Auth0 debug flag | `bool` | `false` | no |
| <a name="input_auth0_github_allowed_orgs"></a> [auth0_github_allowed_orgs](#input_auth0_github_allowed_orgs) | A list of GitHub organisations a user has to be part of | `list(string)` | n/a | yes |
| <a name="input_auth0_github_client_id"></a> [auth0_github_client_id](#input_auth0_github_client_id) | Auth0: GitHub client ID | `string` | n/a | yes |
| <a name="input_auth0_github_client_secret"></a> [auth0_github_client_secret](#input_auth0_github_client_secret) | Auth0: GitHub client secret | `string` | n/a | yes |
| <a name="input_auth0_tenant_domain"></a> [auth0_tenant_domain](#input_auth0_tenant_domain) | Auth0 tenant domain | `string` | n/a | yes |
| <a name="auth0_azure_entraid_client_id"></a> [auth0_azure_entraid_client_id](#input_auth0_azure_entraid_client_id) | Client id for the azures application | `string` | n/a | yes |
| <a name="auth0_azure_entraid_client_secret"></a> [auth0_azure_entraid_client_secret](#input_auth0_azure_entraid_client_secret) | Client secret for the azures application | `string` | n/a | yes |
| <a name="auth0_azure_entraid_domain"></a> [auth0_azure_entraid_domain](#input_auth0_azure_entraid_domain) | Azures application domain name | `string` | n/a | yes |

## Outputs

Expand Down
1 change: 1 addition & 0 deletions auth0.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,7 @@ resource "auth0_connection" "azure_entraid_connection" {
client_secret = var.auth0_azure_entraid_client_secret
app_id = auth0_client.saml.id
domain = var.auth0_azure_entraid_domain
tenant_domain = var.auth0_azure_entraid_domain

waad_protocol = "openid-connect"
max_groups_to_retrieve = 50
Expand Down

0 comments on commit c6cb411

Please sign in to comment.