Skip to main content

Reference for the teleport_access_monitoring_rule Terraform data-source

Schema

Required

  • spec (Attributes) Spec is an AccessMonitoringRule specification (see below for nested schema)
  • version (String) version is version

Optional

  • metadata (Attributes) metadata is the rules's metadata. (see below for nested schema)
  • sub_kind (String) sub_kind is an optional resource sub kind, used in some resources

Nested Schema for spec

Required:

  • subjects (List of String) subjects the rule operates on, can be a resource kind or a particular resource property.

Optional:

  • automatic_approval (Attributes) automatic_approval defines the plugin configuration for automatic approvals. Both notification and automatic_approval may be set within the same access_monitoring_rule. If both fields are set, the rule handler will manage notifications and automatic approvals for the same set of access events. Separate plugins may be used if both notifications and automatic_approvals is set. (see below for nested schema)
  • condition (String) condition is a predicate expression that operates on the specified subject resources, and determines whether the subject will be moved into desired state.
  • notification (Attributes) notification defines the plugin configuration for notifications if rule is triggered. Both notification and automatic_approval may be set within the same access_monitoring_rule. If both fields are set, the rule handler will manage notifications and automatic approvals for the same set of access events. Separate plugins may be used if both notifications and automatic_approvals is set. (see below for nested schema)
  • states (List of String) states are the desired state which the monitoring rule is attempting to bring the subjects matching the condition to.

Nested Schema for spec.automatic_approval

Optional:

  • name (String) name is the name of the plugin to which this configuration should apply. Set this value to teleport to manage automatic approvals natively within Teleport.

Nested Schema for spec.notification

Optional:

  • name (String) name is the name of the plugin to which this configuration should apply.
  • recipients (List of String) recipients is the list of recipients the plugin should notify.

Nested Schema for metadata

Required:

  • name (String) name is an object name.

Optional:

  • description (String) description is object description.
  • expires (String) expires is a global expiry time header can be set on any resource in the system.
  • labels (Map of String) labels is a set of labels.