65 lines
1.3 KiB
HCL
65 lines
1.3 KiB
HCL
variable "component" {
|
|
type = string
|
|
}
|
|
|
|
variable "instance" {
|
|
type = string
|
|
}
|
|
|
|
variable "domain" {
|
|
type = string
|
|
}
|
|
|
|
variable "namespace" {
|
|
type = string
|
|
}
|
|
|
|
variable "labels" {
|
|
type = map(string)
|
|
}
|
|
|
|
variable "dns_name" {
|
|
type = string
|
|
}
|
|
|
|
variable "access_token_validity" {
|
|
type = string
|
|
default = "hours=10" // ;minutes=10
|
|
}
|
|
|
|
variable "response_headers" {
|
|
type = list(string)
|
|
description = "List of sended headers from authentik to web application"
|
|
default = [
|
|
"X-authentik-username",
|
|
"X-authentik-email",
|
|
"X-authentik-groups",
|
|
"X-authentik-name",
|
|
"X-authentik-uid",
|
|
"X-authentik-jwt",
|
|
"X-authentik-meta-jwks",
|
|
"X-authentik-meta-outpost",
|
|
"X-authentik-meta-provider",
|
|
"X-authentik-meta-app",
|
|
"X-authentik-meta-version",
|
|
]
|
|
validation {
|
|
condition = alltrue(
|
|
[for header in var.response_headers : contains([
|
|
"X-authentik-username",
|
|
"X-authentik-email",
|
|
"X-authentik-groups",
|
|
"X-authentik-name",
|
|
"X-authentik-uid",
|
|
"X-authentik-jwt",
|
|
"X-authentik-meta-jwks",
|
|
"X-authentik-meta-outpost",
|
|
"X-authentik-meta-provider",
|
|
"X-authentik-meta-app",
|
|
"X-authentik-meta-version",
|
|
], header)]
|
|
)
|
|
error_message = "Only som headers are allowed by authentik"
|
|
}
|
|
}
|