homelab/terraform/authentik/modules/saml-provider/variables.tf

variable "name" {
  description = "Name of the SAML provider"
  type        = string
}

variable "app_name" {
  description = "Name of the application"
  type        = string
}

variable "app_slug" {
  description = "Slug of the application"
  type        = string
}

variable "app_group" {
  description = "Group of the application"
  type        = string
  default     = ""
}

variable "authorization_flow" {
  description = "Authorization flow ID"
  type        = string
}

variable "invalidation_flow" {
  description = "Invalidation flow ID"
  type        = string
}

variable "acs_url" {
  description = "Assertion Consumer Service URL"
  type        = string
}

variable "issuer" {
  description = "SAML Issuer"
  type        = string
}

variable "audience" {
  description = "SAML Audience"
  type        = string
}

variable "sp_binding" {
  description = "Service Provider binding (post or redirect)"
  type        = string
  default     = "post"
}

variable "signing_key" {
  description = "Certificate key pair ID for signing"
  type        = string
  default     = null
}

variable "property_mappings" {
  description = "List of property mapping IDs"
  type        = list(string)
  default     = []
}

variable "name_id_mapping" {
  description = "Property mapping ID for NameID"
  type        = string
  default     = null
}

variable "assertion_valid_not_before" {
  description = "Assertion valid not before"
  type        = string
  default     = "minutes=-5"
}

variable "assertion_valid_not_on_or_after" {
  description = "Assertion valid not on or after"
  type        = string
  default     = "minutes=5"
}

variable "session_valid_not_on_or_after" {
  description = "Session valid not on or after"
  type        = string
  default     = "minutes=86400"
}

variable "policy_engine_mode" {
  description = "Policy engine mode"
  type        = string
  default     = "all"
}

variable "meta_description" {
  description = "Application description"
  type        = string
  default     = ""
}

variable "meta_launch_url" {
  description = "Application launch URL"
  type        = string
  default     = ""
}

variable "meta_icon" {
  description = "Application icon URL"
  type        = string
  default     = ""
}

variable "access_policies" {
  description = "Access policies for the application"
  type = map(object({
    policy_id      = string
    order          = number
    enabled        = optional(bool, true)
    timeout        = optional(number, 30)
    negate         = optional(bool, false)
    failure_result = optional(bool, true)
  }))
  default = {}
}
Added Authentik TF code 2025-09-16 15:28:42 +03:00			`variable "name" {`
			`description = "Name of the SAML provider"`
			`type = string`
			`}`

			`variable "app_name" {`
			`description = "Name of the application"`
			`type = string`
			`}`

			`variable "app_slug" {`
			`description = "Slug of the application"`
			`type = string`
			`}`

			`variable "app_group" {`
			`description = "Group of the application"`
			`type = string`
			`default = ""`
			`}`

			`variable "authorization_flow" {`
			`description = "Authorization flow ID"`
			`type = string`
			`}`

			`variable "invalidation_flow" {`
			`description = "Invalidation flow ID"`
			`type = string`
			`}`

			`variable "acs_url" {`
			`description = "Assertion Consumer Service URL"`
			`type = string`
			`}`

			`variable "issuer" {`
			`description = "SAML Issuer"`
			`type = string`
			`}`

			`variable "audience" {`
			`description = "SAML Audience"`
			`type = string`
			`}`

			`variable "sp_binding" {`
			`description = "Service Provider binding (post or redirect)"`
			`type = string`
			`default = "post"`
			`}`

			`variable "signing_key" {`
			`description = "Certificate key pair ID for signing"`
			`type = string`
			`default = null`
			`}`

			`variable "property_mappings" {`
			`description = "List of property mapping IDs"`
			`type = list(string)`
			`default = []`
			`}`

			`variable "name_id_mapping" {`
			`description = "Property mapping ID for NameID"`
			`type = string`
			`default = null`
			`}`

			`variable "assertion_valid_not_before" {`
			`description = "Assertion valid not before"`
			`type = string`
			`default = "minutes=-5"`
			`}`

			`variable "assertion_valid_not_on_or_after" {`
			`description = "Assertion valid not on or after"`
			`type = string`
			`default = "minutes=5"`
			`}`

			`variable "session_valid_not_on_or_after" {`
			`description = "Session valid not on or after"`
			`type = string`
			`default = "minutes=86400"`
			`}`

			`variable "policy_engine_mode" {`
			`description = "Policy engine mode"`
			`type = string`
			`default = "all"`
			`}`

			`variable "meta_description" {`
			`description = "Application description"`
			`type = string`
			`default = ""`
			`}`

			`variable "meta_launch_url" {`
			`description = "Application launch URL"`
			`type = string`
			`default = ""`
			`}`

			`variable "meta_icon" {`
			`description = "Application icon URL"`
			`type = string`
			`default = ""`
			`}`

			`variable "access_policies" {`
			`description = "Access policies for the application"`
			`type = map(object({`
			`policy_id = string`
			`order = number`
			`enabled = optional(bool, true)`
			`timeout = optional(number, 30)`
			`negate = optional(bool, false)`
			`failure_result = optional(bool, true)`
			`}))`
			`default = {}`
			`}`