This Terraform module creates an Auth0 application and associated integrations to enable AWS SSO.
module "sso" {
source = "github.com/ministryofjustice/moj-terraform-aws-sso"
auth0_tenant_domain = ""
auth0_client_id = ""
auth0_client_secret = ""
auth0_debug = false
auth0_github_client_id = ""
auth0_github_client_secret = ""
auth0_github_allowed_orgs = ["example"]
auth0_allowed_domains = "@example.com"
auth0_aws_sso_acs_url = "https://${region}.signin.aws.amazon.com/platform/saml/acs/${random_key}"
auth0_aws_sso_issuer_url = "https://${region}.signin.aws.amazon.com/platform/saml/${random_key}"
auth0_azure_entraid_client_id = ""
auth0_azure_entraid_client_secret = ""
auth0_azure_entraid_domain = "example.com"
}
| Name | Version |
|---|---|
| terraform | >= 1.0.0 |
| auth0 | >= 1.0.0 |
| aws | >= 5.0.0 |
| Name | Version |
|---|---|
| auth0 | >= 1.0.0 |
| aws | >= 5.0.0 |
No modules.
| Name | Type |
|---|---|
| auth0_action.allow_github_organisations | resource |
| auth0_action.saml_mappings | resource |
| auth0_client.idp_token | resource |
| auth0_client.saml | resource |
| auth0_client_grant.idp_grant | resource |
| auth0_connection.github_saml_connection | resource |
| auth0_trigger_actions.flow | resource |
| auth0_client.idp_token | data source |
| aws_iam_account_alias.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| auth0_allowed_domains | A list of authorised domains a user must have as part of their GitHub email addresses | string |
n/a | yes |
| auth0_aws_sso_acs_url | AWS SSO: ACS URL | string |
n/a | yes |
| auth0_aws_sso_issuer_url | AWS SSO: Issuer URL | string |
n/a | yes |
| auth0_client_id | Auth0 client ID (from a Machine to Machine application) | string |
n/a | yes |
| auth0_client_secret | Auth0 client secret (from a Machine to Machine application) | string |
n/a | yes |
| auth0_debug | Auth0 debug flag | bool |
false |
no |
| auth0_github_allowed_orgs | A list of GitHub organisations a user has to be part of | list(string) |
n/a | yes |
| auth0_github_client_id | Auth0: GitHub client ID | string |
n/a | yes |
| auth0_github_client_secret | Auth0: GitHub client secret | string |
n/a | yes |
| auth0_tenant_domain | Auth0 tenant domain | string |
n/a | yes |
| auth0_azure_entraid_client_id | Client id for the azures application | string |
n/a | yes |
| auth0_azure_entraid_client_secret | Client secret for the azures application | string |
n/a | yes |
| auth0_azure_entraid_domain | Azures application domain name | string |
n/a | yes |
No outputs.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "github-actions[bot]")
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent