SSH

This integration allows user to request temporary SSH access

Example Usage

ssh-integration.tf

resource "apono_integration" "ssh-integration" {
  name                     = "SSH"
  type                     = "ssh"
  connector_id             = "apono-connector-id"
  connected_resource_types = ["ssh-server"]
  metadata = {
    servers = "<Servers>"
    groups = "<User Groups>"
    shell = "<User&#39;s Login Shell>"
    user_key_name = "<User Key Name>"
    credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
    credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
  }
  kubernetes_secret = {
    name      = "name_template_value"
    namespace = "namespace_template_value"
  }
}

ssh-integration.tf

resource "apono_resource_integration" "ssh-integration" {
  name                     = "SSH"
  type                     = "ssh"
  connector_id             = "apono-connector-id"
  connected_resource_types = ["ssh-server"]
  integration_config = {
    servers = "<Servers>"
    groups = "<User Groups>"
    shell = "<User&#39;s Login Shell>"
    user_key_name = "<User Key Name>"
    credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
    credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
  }
  secret_store_config = {
    kubernetes = {
      name      = "name_template_value"
      namespace = "namespace_template_value"
    }
}

ssh-integration.json

{
    "ssh-integration": {
        "name": "SSH",
        "type": "ssh",
        "connector_id": "apono-connector-id",
        "connected_resource_types": [
            "ssh-server"
        ],
        "integration_config": {
            "servers": "<Servers>",
            "groups": "<User Groups>",
            "shell": "<User&#39;s Login Shell>",
            "user_key_name": "<User Key Name>",
            "credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
            "credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
        },
	"secret_store_config": {
    	    "name": "name_template_value",
    	    "namespace": "namespace_template_value"
  	    }
    }
}

Schema

type ssh
connected_resource_types List of resource types to sync.

Available resource types you can use

ssh-server

Integration Config

servers (Required | String) Servers
groups (Optional | String) User Groups
shell (Optional | String) User's Login Shell
user_key_name (Optional | String) User Key Name
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)

PreviousSnowflake NextVertica Database

Last updated 6 months ago

Was this helpful?