Перейти к основному содержимому

servercore_iam_saml_federation_group_mappings_v1

Manages SAML federation group mappings for Servercore products using public API v1. Servercore products support Identity and Access Management (IAM). For more information about federations, see the official Servercore documentation.

Example Usage

resource "servercore_iam_group_v1" "group_1" {
  name = "example-group"

  role {
    role_name = "reader"
    scope     = "account"
  }
}

resource "servercore_iam_saml_federation_v1" "federation_1" {
  name                  = "Federation name"
  description           = "Federation description"
  issuer                = "https://idp.example.com/realms/master"
  sso_url               = "https://idp.example.com/realms/master/protocol/saml"
  session_max_age_hours = 24
}

resource "servercore_iam_saml_federation_group_mappings_v1" "group_mappings_1" {
  federation_id = servercore_iam_saml_federation_v1.federation_1.id

  group_mapping {
    internal_group_id = servercore_iam_group_v1.group_1.id
    external_group_id = "external-group-1"
  }
}

Argument Reference

  • federation_id - (Required) Federation ID to manage group mappings.

  • group_mapping - (Required) Defines mappings between internal IAM groups and external identity provider groups. You can add multiple mappings – each mapping in a separate block.

    • internal_group_id - (Required) Internal IAM group ID.

    • external_group_id - (Required) External identity provider group ID.

Attributes Reference

  • id - Resource ID. Equals the federation_id value.

Import

You can import SAML Federation group mappings:

export OS_DOMAIN_NAME=<account_id>
export OS_USERNAME=<username>
export OS_PASSWORD=<password>
terraform import servercore_iam_saml_federation_group_mappings_v1.group_mappings_1 <federation_id>

where:

  • <account_id> — Servercore account ID. The account ID is in the top right corner of the Control panel. Learn more about Registration.

  • <username> — Name of the service user. To get the name, in the Control panel, go to Account ⟶ the Service users tab ⟶ copy the name of the required user. Learn more about Service Users.

  • <password> — Password of the service user.

  • <federation_id> — Unique identifier of the federation, for example, abc1bb378ac84e1234b869b77aadd2ab. To get the federation ID, use either Control Panel or Federations API.