Skip to content

Latest commit

 

History

History
112 lines (88 loc) · 4.42 KB

README.md

File metadata and controls

112 lines (88 loc) · 4.42 KB

Cyral IdP Integration Module for Okta

This module provides the complete configuration to integrate Okta as an Identity Provider to Cyral Control Plane. It applies an equivalent configuration as described in the Cyral documentation for Okta SSO.

-> Minimum required Control Plane version: v2.25.0

Usage

terraform {
  required_providers {
    okta = {
      source = "okta/okta"
      version = "~> 3.17"
    }
    cyral = {
      source = "cyralinc/cyral"
      version = "~> 4.3"
    }
    random = {
      source = "hashicorp/random"
      version = ">= 3.1.0"
    }
  }
}

provider "cyral" {
  # client_id and client_secret may also be declared as env vars.
  # Please see provider docs for more info.
  client_id = ""
  client_secret = ""

  control_plane = "mytenant.cyral.com"
}

provider "okta" {
  org_name  = "your-organization-name"
  base_url  = "okta.com" # your organization url
  api_token = ""
}

module "cyral_idp_okta" {
  source = "cyralinc/idp/okta"
  version = "~> 4.0"

  okta_app_name = "Cyral"
  okta_groups = ["Everyone"]
  
  idp_integration_name = "Okta"
}

output "integration_idp_okta_id" {
  description = "The ID (Alias) of the Okta IdP Integration resource."
  value = module.cyral_idp_okta.integration_idp_okta_id
}

output "okta_app_saml_id" {
  description = "The ID of the Okta SAML Application resource."
  value = module.cyral_idp_okta.okta_app_saml_id
}

Requirements

Name Version
cyral ~> 4.3
okta ~> 3.17
random >= 3.1.0

Providers

Name Version
cyral ~> 4.3
okta ~> 3.17
random >= 3.1.0

Modules

No modules.

Resources

Name Type
cyral_integration_idp_saml.this resource
cyral_integration_idp_saml_draft.this resource
okta_app_group_assignments.this resource
okta_app_saml.this resource
random_uuid.this resource
cyral_saml_certificate.this data source
cyral_saml_configuration.this data source
okta_group.this data source

Inputs

Name Description Type Default Required
idp_integration_name IdP integration name that will be shown in Control Plane. string n/a yes
okta_app_name The name of the Okta Application that will be created. string n/a yes
okta_groups Groups that will be assigned in the Okta Application. list(string) [] no
okta_groups_filter The type and value of the filter that will be applied to Okta groups. 
object({
    type  = string
    value = string
  })
 
{
  "type": "REGEX",
  "value": ".*"
}
 no

Outputs

Name Description
integration_idp_okta_id The ID (Alias) of the Okta IdP Integration resource.
okta_app_saml_id The ID of the Okta SAML Application resource.