Inputs
The following input variables are supported:
authentik_namespace
Description: The kubernetes namespace where Authentik is deployed
Type: string
Default: n/a
default_groups_enabled
Description: Whether to create the default Panfactum RBAC groups
Type: bool
Default: true
email_templates_configmap
Description: The configmap holding the email templates that Authentik will use
Type: string
Default: n/a
extra_groups
Description: Whether to create the default Panfactum RBAC groups
Type:
map(object({ parent = optional(string) require_webauthn = optional(bool, false) }))Default: {}
favicon_ico_b64
Description: A stringified ico image for displaying on the Authentik web UI (base64 encoded)
Type: string
Default: null
logo_svg_b64
Description: A stringified svg logo for displaying on the Authentik UI (base64 encoded)
Type: string
Default: null
media_configmap
Description: The configmap holding the static media that Authentik will use
Type: string
Default: n/a
organization_domain
Description: The domain name of the organization for which Authentik serves as the IdP
Type: string
Default: n/a
organization_name
Description: The name of the organization for which Authentik serves as the IdP
Type: string
Default: n/a
recovery_session_duration
Description: The session duration for recovery flow logins. See https://docs.goauthentik.io/docs/flow/stages/user_login/
Type: string
Default: "hours=8;minutes=0;seconds=0"
session_duration
Description: The session duration for user logins. See https://docs.goauthentik.io/docs/flow/stages/user_login/
Type: string
Default: "days=30;hours=0;minutes=0;seconds=0"
superusers_require_webauthn
Description: True iff superusers must use webauthn MFA to authenticate
Type: bool
Default: true
Outputs
The following outputs are exported:
groups
Description: n/a
organization_name
Description: n/a
Providers
The following providers are needed by this module:
authentik (2024.10.2)
kubectl (2.1.6)
kubernetes (2.35.0)
pf (0.0.7)
time (0.13.1)