Skip to main content
Version: 18.x (unreleased)

Reference for the teleport_access_monitoring_rule Terraform data-source

Schema

Required

  • spec (Attributes) Spec is an AccessMonitoringRule specification (see below for nested schema)
  • version (String) version is version

Optional

  • metadata (Attributes) metadata is the rules's metadata. (see below for nested schema)
  • sub_kind (String) sub_kind is an optional resource sub kind, used in some resources

Nested Schema for spec

Required:

  • subjects (List of String) subjects the rule operates on, can be a resource kind or a particular resource property.

Optional:

  • automatic_review (Attributes) automatic_review defines automatic review configurations for access requests. Both notification and automatic_review may be set within the same access_monitoring_rule. If both fields are set, the rule will trigger both notifications and automatic reviews for the same set of access events. Separate plugins may be used if both notifications and automatic_reviews is set. (see below for nested schema)
  • condition (String) condition is a predicate expression that operates on the specified subject resources, and determines whether the subject will be moved into desired state.
  • desired_state (String) desired_state defines the desired state of the subject. For access request subjects, the desired_state may be set to reviewed to indicate that the access request should be automatically reviewed.
  • notification (Attributes) notification defines the plugin configuration for notifications if rule is triggered. Both notification and automatic_review may be set within the same access_monitoring_rule. If both fields are set, the rule will trigger both notifications and automatic reviews for the same set of access events. Separate plugins may be used if both notifications and automatic_reviews is set. (see below for nested schema)
  • states (List of String) states are the desired state which the monitoring rule is attempting to bring the subjects matching the condition to.

Nested Schema for spec.automatic_review

Optional:

  • decision (String) decision specifies the proposed state of the access review. This can be either 'approved' or 'denied'.
  • integration (String) integration is the name of the integration that is responsible for monitoring the rule. Set this value to builtin to monitor the rule with Teleport.

Nested Schema for spec.notification

Optional:

  • name (String) name is the name of the plugin to which this configuration should apply.
  • recipients (List of String) recipients is the list of recipients the plugin should notify.

Nested Schema for metadata

Required:

  • name (String) name is an object name.

Optional:

  • description (String) description is object description.
  • expires (String) expires is a global expiry time header can be set on any resource in the system.
  • labels (Map of String) labels is a set of labels.