Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
EC2 SSH allows secure remote access to Amazon EC2 instances for configuration, management, and troubleshooting.
resource "apono_integration" "aws-ec2-ssh-integration" {
name = "AWS EC2 SSH"
type = "aws-ec2-ssh"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-ec2-ssh-server"]
metadata = {
region = "<Region>"
user = "<User>"
groups = "<User Groups>"
shell = "<User's Login Shell>"
user_key_name = "<User Key Name>"
ip_type_preference = "<IP Type Preference>"
cross_account_role_arn = "<Cross Account Role ARN>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
aws_secret = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}resource "apono_resource_integration" "aws-ec2-ssh-integration" {
name = "AWS EC2 SSH"
type = "aws-ec2-ssh"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-ec2-ssh-server"]
integration_config = {
region = "<Region>"
user = "<User>"
groups = "<User Groups>"
shell = "<User's Login Shell>"
user_key_name = "<User Key Name>"
ip_type_preference = "<IP Type Preference>"
cross_account_role_arn = "<Cross Account Role ARN>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
aws = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}{
"aws-ec2-ssh-integration": {
"name": "AWS EC2 SSH",
"type": "aws-ec2-ssh",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"aws-ec2-ssh-server"
],
"integration_config": {
"region": "<Region>",
"user": "<User>",
"groups": "<User Groups>",
"shell": "<User's Login Shell>",
"user_key_name": "<User Key Name>",
"ip_type_preference": "<IP Type Preference>",
"cross_account_role_arn": "<Cross Account Role ARN>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"region": "aws_region_template_value",
"secret_id": "aws_secret_id_template_value"
}
}
}type aws-ec2-ssh
connected_resource_types List of resource types to sync.
region (Required | String) Region
Possible values: us-east-1, us-east-2, us-west-1, us-west-2, eu-central-1, eu-central-2, eu-west-1, eu-west-2, eu-south-1, eu-south-2, eu-west-3, eu-north-1, af-south-1, ap-east-1, ap-southeast-3, ap-southeast-4, ap-southeast-5, ap-southeast-7, ap-south-1, ap-south-2, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, ca-west-1, me-south-1, me-central-1, sa-east-1, il-central-1, mx-central-1
user (Required | String) User
groups (Optional | String) User Groups
shell (Optional | String) User's Login Shell
user_key_name (Optional | String) User Key Name
ip_type_preference (Optional | String) IP Type Preference
Default value: public
Possible values: public, private
cross_account_role_arn (Optional | String) Cross Account Role ARN
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
AWS Lambda Custom Integration allows use AWS Lambda as a custom implementation for resource integration
resource "apono_integration" "aws-lambda-custom-integration-integration" {
name = "AWS Lambda Custom Integration"
type = "aws-lambda-custom-integration"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-lambda-custom-integration"]
metadata = {
access_details = "<Access Details>"
custom_parameters = "<Custom Parameters>"
region = "<Region>"
function_name = "<Function Name>"
}
}resource "apono_resource_integration" "aws-lambda-custom-integration-integration" {
name = "AWS Lambda Custom Integration"
type = "aws-lambda-custom-integration"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-lambda-custom-integration"]
integration_config = {
access_details = "<Access Details>"
custom_parameters = "<Custom Parameters>"
region = "<Region>"
function_name = "<Function Name>"
}
}{
"aws-lambda-custom-integration-integration": {
"name": "AWS Lambda Custom Integration",
"type": "aws-lambda-custom-integration",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"aws-lambda-custom-integration"
],
"integration_config": {
"access_details": "<Access Details>",
"custom_parameters": "<Custom Parameters>",
"region": "<Region>",
"function_name": "<Function Name>",
}
}
}type aws-lambda-custom-integration
connected_resource_types List of resource types to sync.
access_details (Required | String) Access Details
custom_parameters (Required | String) Custom Parameters
region (Required | String) Region
Possible values: us-east-1, us-east-2, us-west-1, us-west-2, eu-central-1, eu-central-2, eu-west-1, eu-west-2, eu-south-1, eu-south-2, eu-west-3, eu-north-1, af-south-1, ap-east-1, ap-southeast-3, ap-southeast-4, ap-southeast-5, ap-southeast-7, ap-south-1, ap-south-2, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, ca-west-1, me-south-1, me-central-1, sa-east-1, il-central-1, mx-central-1
function_name (Required | String) Function Name
Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service, providing group and role management to securely control and streamline user access to enterpris
resource "apono_integration" "azure-ad-integration" {
name = "Entra ID (Azure AD) Groups"
type = "azure-ad"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-ad-group"]
metadata = {
cloud_type = "<Cloud Type>"
}
}resource "apono_resource_integration" "azure-ad-integration" {
name = "Entra ID (Azure AD) Groups"
type = "azure-ad"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-ad-group"]
integration_config = {
cloud_type = "<Cloud Type>"
}
}{
"azure-ad-integration": {
"name": "Entra ID (Azure AD) Groups",
"type": "azure-ad",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"azure-ad-group"
],
"integration_config": {
"cloud_type": "<Cloud Type>",
}
}
}type azure-ad
connected_resource_types List of resource types to sync.
cloud_type (Optional | String) Cloud Type
Default value: azure
Possible values: azure, azure-gov
Amazon Relational Database Service (Amazon RDS) is a collection of managed services that makes it simple to set up, operate, and scale databases in the cloud.
resource "apono_integration" "aws-rds-integration" {
name = "Amazon RDS"
type = "aws-rds"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-rds-instance"]
metadata = {
cross_account_role_arn = "<Cross Account Role ARN>"
region = "<Region>"
}
}resource "apono_resource_integration" "aws-rds-integration" {
name = "Amazon RDS"
type = "aws-rds"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-rds-instance"]
integration_config = {
cross_account_role_arn = "<Cross Account Role ARN>"
region = "<Region>"
}
}{
"aws-rds-integration": {
"name": "Amazon RDS",
"type": "aws-rds",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"aws-rds-instance"
],
"integration_config": {
"cross_account_role_arn": "<Cross Account Role ARN>",
"region": "<Region>",
}
}
}type aws-rds
connected_resource_types List of resource types to sync.
cross_account_role_arn (Optional | String) Cross Account Role ARN
region (Required | String) Region
Possible values: us-east-1, us-east-2, us-west-1, us-west-2, eu-central-1, eu-central-2, eu-west-1, eu-west-2, eu-south-1, eu-south-2, eu-west-3, eu-north-1, af-south-1, ap-east-1, ap-southeast-3, ap-southeast-4, ap-southeast-5, ap-southeast-7, ap-south-1, ap-south-2, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, ca-west-1, me-south-1, me-central-1, sa-east-1, il-central-1, mx-central-1
Integrate a specific account and its resources
type aws-account
connected_resource_types List of resource types to sync.
region (Required | String) Region
Possible values: us-east-1, us-east-2, us-west-1, us-west-2, eu-central-1, eu-central-2, eu-west-1, eu-west-2, eu-south-1, eu-south-2, eu-west-3, eu-north-1, af-south-1, ap-east-1, ap-southeast-3, ap-southeast-4, ap-southeast-5, ap-southeast-7, ap-south-1, ap-south-2, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, ca-west-1, me-south-1, me-central-1, sa-east-1, il-central-1, mx-central-1
profile (Required | String) AWS Profile Name (Optional)
Default value: apono
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
enable_audit (Optional | String) Enable Audit
Default value: false
Possible values: true, false
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes that automatically syncs applications from a Git repository to a cluster.
type argocd
connected_resource_types List of resource types to sync.
k8s_server_url (Optional | String) Kubernetes Server URL
argocd_ui_url (Required | String) ArgoCD UI URL
k8s_certificate_authority (Optional | String) Kubernetes Certificate Authority
argo_namespace (Required | String) ArgoCD Namespace
Default value: argocd
{
"aws-account-integration": {
"name": "Amazon Account",
"type": "aws-account",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"aws-account-s3-bucket"
],
"integration_config": {
"region": "<Region>",
"profile": "<AWS Profile Name (Optional)>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
"enable_audit": "<Enable Audit>",
}
}
}resource "apono_integration" "aws-account-integration" {
name = "Amazon Account"
type = "aws-account"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-account-s3-bucket"]
metadata = {
region = "<Region>"
profile = "<AWS Profile Name (Optional)>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
enable_audit = "<Enable Audit>"
}
}resource "apono_resource_integration" "aws-account-integration" {
name = "Amazon Account"
type = "aws-account"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-account-s3-bucket"]
integration_config = {
region = "<Region>"
profile = "<AWS Profile Name (Optional)>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
enable_audit = "<Enable Audit>"
}
}{
"argocd-integration": {
"name": "ArgoCD",
"type": "argocd",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"argocd-global-role"
],
"integration_config": {
"k8s_server_url": "<Kubernetes Server URL>",
"argocd_ui_url": "<ArgoCD UI URL>",
"k8s_certificate_authority": "<Kubernetes Certificate Authority>",
"argo_namespace": "<ArgoCD Namespace>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "argocd-integration" {
name = "ArgoCD"
type = "argocd"
connector_id = "apono-connector-id"
connected_resource_types = ["argocd-global-role"]
metadata = {
k8s_server_url = "<Kubernetes Server URL>"
argocd_ui_url = "<ArgoCD UI URL>"
k8s_certificate_authority = "<Kubernetes Certificate Authority>"
argo_namespace = "<ArgoCD Namespace>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "argocd-integration" {
name = "ArgoCD"
type = "argocd"
connector_id = "apono-connector-id"
connected_resource_types = ["argocd-global-role"]
integration_config = {
k8s_server_url = "<Kubernetes Server URL>"
argocd_ui_url = "<ArgoCD UI URL>"
k8s_certificate_authority = "<Kubernetes Certificate Authority>"
argo_namespace = "<ArgoCD Namespace>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management.
resource "apono_integration" "azure-aks-integration" {
name = "Azure Kubernetes Service (AKS)"
type = "azure-aks"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-aks-cluster"]
metadata = {
server_url = "<Server URL>"
certificate_authority = "<Certificate Authority>"
resource_group = "<Resource Group>"
cluster_name = "<Cluster Name>"
subscription_id = "<Subscription ID>"
}
}resource "apono_resource_integration" "azure-aks-integration" {
name = "Azure Kubernetes Service (AKS)"
type = "azure-aks"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-aks-cluster"]
integration_config = {
server_url = "<Server URL>"
certificate_authority = "<Certificate Authority>"
resource_group = "<Resource Group>"
cluster_name = "<Cluster Name>"
subscription_id = "<Subscription ID>"
}
secret_store_config = {
azure = {
vault_url = "vault_url_template_value"
name = "name_template_value"
}
}{
"azure-aks-integration": {
"name": "Azure Kubernetes Service (AKS)",
"type": "azure-aks",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"azure-aks-cluster"
],
"integration_config": {
"server_url": "<Server URL>",
"certificate_authority": "<Certificate Authority>",
"resource_group": "<Resource Group>",
"cluster_name": "<Cluster Name>",
"subscription_id": "<Subscription ID>",
},
"azure": {
"vault_url": "vault_url_template_value",
"name": "name_template_value"
}
}
}type azure-aks
connected_resource_types List of resource types to sync.
server_url (Optional | String) Server URL
certificate_authority (Optional | String) Certificate Authority
resource_group (Optional | String) Resource Group
cluster_name (Optional | String) Cluster Name
subscription_id (Optional | String) Subscription ID
Azure Database for MySQL is a relational database service powered by the MySQL community edition. It's a fully managed database as a service offering that can handle mission-critical workloads wit
resource "apono_integration" "azure-mysql-integration" {
name = "Azure MySQL"
type = "azure-mysql"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-mysql-instance"]
metadata = {
hostname = "<Hostname>"
port = "<Port>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "azure-mysql-integration" {
name = "Azure MySQL"
type = "azure-mysql"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-mysql-instance"]
integration_config = {
hostname = "<Hostname>"
port = "<Port>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"azure-mysql-integration": {
"name": "Azure MySQL",
"type": "azure-mysql",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"azure-mysql-instance"
],
"integration_config": {
"hostname": "<Hostname>",
"port": "<Port>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type azure-mysql
connected_resource_types List of resource types to sync.
hostname (Required | String) Hostname
port (Required | String) Port
Default value: 3306
Azure Subscription
resource "apono_integration" "azure-subscription-integration" {
name = "Azure Subscription"
type = "azure-subscription"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-subscription"]
metadata = {
subscription_id = "<Azure Subscription Id>"
directory = "<Azure Primary Domain>"
disable_locks = "<Disable Locks>"
cloud_type = "<Cloud Type>"
}
}resource "apono_resource_integration" "azure-subscription-integration" {
name = "Azure Subscription"
type = "azure-subscription"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-subscription"]
integration_config = {
subscription_id = "<Azure Subscription Id>"
directory = "<Azure Primary Domain>"
disable_locks = "<Disable Locks>"
cloud_type = "<Cloud Type>"
}
}{
"azure-subscription-integration": {
"name": "Azure Subscription",
"type": "azure-subscription",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"azure-subscription"
],
"integration_config": {
"subscription_id": "<Azure Subscription Id>",
"directory": "<Azure Primary Domain>",
"disable_locks": "<Disable Locks>",
"cloud_type": "<Cloud Type>",
}
}
}type azure-subscription
connected_resource_types List of resource types to sync.
subscription_id (Optional | String) Azure Subscription Id
directory (Optional | String) Azure Primary Domain
disable_locks (Optional | String) Disable Locks
Default value: false
Possible values: true, false
cloud_type (Optional | String) Cloud Type
Default value: azure
Possible values: azure, azure-gov
Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management.
type aws-eks
connected_resource_types List of resource types to sync.
server_url (Optional | String) Server URL
certificate_authority (Optional | String) Certificate Authority
cluster_name (Required | String) EKS Cluster Name
aws_role_name (Optional | String) AWS Role Name
region (Optional | String) Region
Possible values: us-east-1, us-east-2, us-west-1, us-west-2, eu-central-1, eu-central-2, eu-west-1, eu-west-2, eu-south-1, eu-south-2, eu-west-3, eu-north-1, af-south-1, ap-east-1, ap-southeast-3, ap-southeast-4, ap-southeast-5, ap-southeast-7, ap-south-1, ap-south-2, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, ca-west-1, me-south-1, me-central-1, sa-east-1, il-central-1, mx-central-1
eks_identity_mapping_type (Optional | String) Identity Mapping Type
Possible values: access-entries, config-map
An open-source relational database management system.
type aws-rds-mysql
connected_resource_types List of resource types to sync.
auth_type (Required | String) Auth Type
Possible values: aws-iam-auth, user-password
aws_region (Required | String) Region
Possible values: us-east-1, us-east-2, us-west-1, us-west-2, eu-central-1, eu-central-2, eu-west-1, eu-west-2, eu-south-1, eu-south-2, eu-west-3, eu-north-1, af-south-1, ap-east-1, ap-southeast-3, ap-southeast-4, ap-southeast-5, ap-southeast-7, ap-south-1, ap-south-2, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, ca-west-1, me-south-1, me-central-1, sa-east-1, il-central-1, mx-central-1
aws_instance_id (Required | String) Instance ID
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
Azure Management Group
type azure-management-group
connected_resource_types List of resource types to sync.
management_group_id (Required | String) Azure Management Group Id
directory (Optional | String) Azure Primary Domain
disable_locks (Optional | String) Disable Locks
Default value: false
Possible values: true, false
cloud_type (Optional | String) Cloud Type
Default value: azure
Possible values: azure, azure-gov
Azure Database for PostgreSQL is a relational database service based on the open-source Postgres database engine. It's a fully managed database-as-a-service that can handle mission-critical worklo
type azure-postgresql
connected_resource_types List of resource types to sync.
hostname (Required | String) Hostname
port (Required | String) Port
Default value: 5432
dbname (Required | String) Database Name
Default value: postgres
sslmode (Required | String) SSL Mode
Default value: disable
Possible values: disable, allow, prefer, require, verify-ca, verify-full
{
"aws-eks-integration": {
"name": "Elastic Kubernetes Service (EKS)",
"type": "aws-eks",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"aws-eks-cluster"
],
"integration_config": {
"server_url": "<Server URL>",
"certificate_authority": "<Certificate Authority>",
"cluster_name": "<EKS Cluster Name>",
"aws_role_name": "<AWS Role Name>",
"region": "<Region>",
"eks_identity_mapping_type": "<Identity Mapping Type>",
},
"secret_store_config": {
"region": "aws_region_template_value",
"secret_id": "aws_secret_id_template_value"
}
}
}resource "apono_integration" "aws-eks-integration" {
name = "Elastic Kubernetes Service (EKS)"
type = "aws-eks"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-eks-cluster"]
metadata = {
server_url = "<Server URL>"
certificate_authority = "<Certificate Authority>"
cluster_name = "<EKS Cluster Name>"
aws_role_name = "<AWS Role Name>"
region = "<Region>"
eks_identity_mapping_type = "<Identity Mapping Type>"
}
aws_secret = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}resource "apono_resource_integration" "aws-eks-integration" {
name = "Elastic Kubernetes Service (EKS)"
type = "aws-eks"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-eks-cluster"]
integration_config = {
server_url = "<Server URL>"
certificate_authority = "<Certificate Authority>"
cluster_name = "<EKS Cluster Name>"
aws_role_name = "<AWS Role Name>"
region = "<Region>"
eks_identity_mapping_type = "<Identity Mapping Type>"
}
secret_store_config = {
aws = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}{
"aws-rds-mysql-integration": {
"name": "AWS RDS MySQL",
"type": "aws-rds-mysql",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"aws-rds-mysql-instance"
],
"integration_config": {
"auth_type": "<Auth Type>",
"aws_region": "<Region>",
"aws_instance_id": "<Instance ID>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"region": "aws_region_template_value",
"secret_id": "aws_secret_id_template_value"
}
}
}resource "apono_integration" "aws-rds-mysql-integration" {
name = "AWS RDS MySQL"
type = "aws-rds-mysql"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-rds-mysql-instance"]
metadata = {
auth_type = "<Auth Type>"
aws_region = "<Region>"
aws_instance_id = "<Instance ID>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
aws_secret = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}resource "apono_resource_integration" "aws-rds-mysql-integration" {
name = "AWS RDS MySQL"
type = "aws-rds-mysql"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-rds-mysql-instance"]
integration_config = {
auth_type = "<Auth Type>"
aws_region = "<Region>"
aws_instance_id = "<Instance ID>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
aws = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}{
"azure-management-group-integration": {
"name": "Azure Management Group",
"type": "azure-management-group",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"azure-management-group"
],
"integration_config": {
"management_group_id": "<Azure Management Group Id>",
"directory": "<Azure Primary Domain>",
"disable_locks": "<Disable Locks>",
"cloud_type": "<Cloud Type>",
}
}
}resource "apono_integration" "azure-management-group-integration" {
name = "Azure Management Group"
type = "azure-management-group"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-management-group"]
metadata = {
management_group_id = "<Azure Management Group Id>"
directory = "<Azure Primary Domain>"
disable_locks = "<Disable Locks>"
cloud_type = "<Cloud Type>"
}
}resource "apono_resource_integration" "azure-management-group-integration" {
name = "Azure Management Group"
type = "azure-management-group"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-management-group"]
integration_config = {
management_group_id = "<Azure Management Group Id>"
directory = "<Azure Primary Domain>"
disable_locks = "<Disable Locks>"
cloud_type = "<Cloud Type>"
}
}{
"azure-postgresql-integration": {
"name": "Azure PostgreSQL",
"type": "azure-postgresql",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"azure-postgresql-instance"
],
"integration_config": {
"hostname": "<Hostname>",
"port": "<Port>",
"dbname": "<Database Name>",
"sslmode": "<SSL Mode>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "azure-postgresql-integration" {
name = "Azure PostgreSQL"
type = "azure-postgresql"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-postgresql-instance"]
metadata = {
hostname = "<Hostname>"
port = "<Port>"
dbname = "<Database Name>"
sslmode = "<SSL Mode>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "azure-postgresql-integration" {
name = "Azure PostgreSQL"
type = "azure-postgresql"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-postgresql-instance"]
integration_config = {
hostname = "<Hostname>"
port = "<Port>"
dbname = "<Database Name>"
sslmode = "<SSL Mode>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}VM SSH allows secure remote access to Azure VM instances for configuration, management, and troubleshooting.
resource "apono_integration" "azure-vm-ssh-integration" {
name = "Azure VM SSH"
type = "azure-vm-ssh"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-vm-ssh-server"]
metadata = {
region = "<Region>"
user = "<User>"
groups = "<User Groups>"
shell = "<User's Login Shell>"
user_key_name = "<User Key Name>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "azure-vm-ssh-integration" {
name = "Azure VM SSH"
type = "azure-vm-ssh"
connector_id = "apono-connector-id"
connected_resource_types = ["azure-vm-ssh-server"]
integration_config = {
region = "<Region>"
user = "<User>"
groups = "<User Groups>"
shell = "<User's Login Shell>"
user_key_name = "<User Key Name>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"azure-vm-ssh-integration": {
"name": "Azure VM SSH",
"type": "azure-vm-ssh",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"azure-vm-ssh-server"
],
"integration_config": {
"region": "<Region>",
"user": "<User>",
"groups": "<User Groups>",
"shell": "<User's Login Shell>",
"user_key_name": "<User Key Name>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type azure-vm-ssh
connected_resource_types List of resource types to sync.
region (Optional | String) Region
Possible values: eastus, eastus2, centralus, northcentralus, southcentralus, westus, westus2, westus3, canadacentral, canadaeast, brazilsouth, brazilsoutheast, northeurope, westeurope, uksouth, ukwest, francecentral, germanywestcentral, norwayeast, swedencentral, switzerlandnorth, switzerlandwest, uaenorth, mecentral, mesouth, israelcentral, southafricanorth, eastasia, southeastasia, australiaeast, australiasoutheast, japaneast, japanwest, koreacentral, centralindia, southindia, westindia
user (Required | String) User
groups (Optional | String) User Groups
shell (Optional | String) User's Login Shell
user_key_name (Optional | String) User Key Name
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
An open-source relational database management system emphasizing extensibility and SQL compliance.
resource "apono_integration" "aws-rds-postgresql-integration" {
name = "AWS RDS PostgreSQL"
type = "aws-rds-postgresql"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-rds-postgresql-instance"]
metadata = {
auth_type = "<Auth Type>"
aws_region = "<Region>"
aws_instance_id = "<Instance ID>"
dbname = "<Database Name>"
sslmode = "<SSL Mode>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
enable_audit = "<Enable Audit>"
}
aws_secret = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}resource "apono_resource_integration" "aws-rds-postgresql-integration" {
name = "AWS RDS PostgreSQL"
type = "aws-rds-postgresql"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-rds-postgresql-instance"]
integration_config = {
auth_type = "<Auth Type>"
aws_region = "<Region>"
aws_instance_id = "<Instance ID>"
dbname = "<Database Name>"
sslmode = "<SSL Mode>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
enable_audit = "<Enable Audit>"
}
secret_store_config = {
aws = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}{
"aws-rds-postgresql-integration": {
"name": "AWS RDS PostgreSQL",
"type": "aws-rds-postgresql",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"aws-rds-postgresql-instance"
],
"integration_config": {
"auth_type": "<Auth Type>",
"aws_region": "<Region>",
"aws_instance_id": "<Instance ID>",
"dbname": "<Database Name>",
"sslmode": "<SSL Mode>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
"enable_audit": "<Enable Audit>",
},
"secret_store_config": {
"region": "aws_region_template_value",
"secret_id": "aws_secret_id_template_value"
}
}
}type aws-rds-postgresql
connected_resource_types List of resource types to sync.
auth_type (Required | String) Auth Type
Possible values: aws-iam-auth, user-password
aws_region (Required | String) Region
Possible values: us-east-1, us-east-2, us-west-1, us-west-2, eu-central-1, eu-central-2, eu-west-1, eu-west-2, eu-south-1, eu-south-2, eu-west-3, eu-north-1, af-south-1, ap-east-1, ap-southeast-3, ap-southeast-4, ap-southeast-5, ap-southeast-7, ap-south-1, ap-south-2, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, ca-west-1, me-south-1, me-central-1, sa-east-1, il-central-1, mx-central-1
aws_instance_id (Required | String) Instance ID
dbname (Required | String) Database Name
Default value: postgres
sslmode (Optional | String) SSL Mode
Default value: require
Possible values: disable, allow, prefer, require, verify-ca, verify-full
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
enable_audit (Optional | String) Enable Audit
Default value: false
Possible values: true, false
Integrate all accounts and resources, and manage access with IAM Identity Center (SSO)
type aws-organization
connected_resource_types List of resource types to sync.
region (Required | String) Region
Possible values: us-east-1, us-east-2, us-west-1, us-west-2, eu-central-1, eu-central-2, eu-west-1, eu-west-2, eu-south-1, eu-south-2, eu-west-3, eu-north-1, af-south-1, ap-east-1, ap-southeast-3, ap-southeast-4, ap-southeast-5, ap-southeast-7, ap-south-1, ap-south-2, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, ca-west-1, me-south-1, me-central-1, sa-east-1, il-central-1, mx-central-1
aws_sso_region (Required | String) AWS SSO Region
Default value: us-east-1
Possible values: us-east-1, us-east-2, us-west-1, us-west-2, eu-central-1, eu-central-2, eu-west-1, eu-west-2, eu-south-1, eu-south-2, eu-west-3, eu-north-1, af-south-1, ap-east-1, ap-southeast-3, ap-southeast-4, ap-southeast-5, ap-southeast-7, ap-south-1, ap-south-2, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, ca-west-1, me-south-1, me-central-1, sa-east-1, il-central-1, mx-central-1
aws_sso_portal (Required | String) SSO Portal
management_account_role_arn (Optional | String) Management Account Role ARN
filter_not_organizational_unit_ids (Optional | String) Exclude Organizational Unit IDs
user_assuming_role_arns (Optional | String) Assumable Roles
session_duration_hours (Optional | String) Session Duration (in Hours)
Possible values: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12
filter_not_account_ids (Optional | String) Exclude Account IDs
enable_audit (Optional | String) Enable Audit
Default value: false
Possible values: true, false
Elastic Cloud is the official managed Elasticsearch service that provides a fully managed Elasticsearch, Kibana, and APM solution in the cloud
A search engine based on the Lucene library that provides a distributed, multitenant-capable full-text search engine.
OneLogin roles membership facilitates the organization of users into logical units, enabling streamlined management of access permissions and policies.
{
"aws-organization-integration": {
"name": "Amazon Organization",
"type": "aws-organization",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"aws-organization-account"
],
"integration_config": {
"region": "<Region>",
"aws_sso_region": "<AWS SSO Region>",
"aws_sso_portal": "<SSO Portal>",
"management_account_role_arn": "<Management Account Role ARN>",
"filter_not_organizational_unit_ids": "<Exclude Organizational Unit IDs>",
"user_assuming_role_arns": "<Assumable Roles>",
"session_duration_hours": "<Session Duration (in Hours)>",
"filter_not_account_ids": "<Exclude Account IDs>",
"enable_audit": "<Enable Audit>",
}
}
}resource "apono_integration" "aws-organization-integration" {
name = "Amazon Organization"
type = "aws-organization"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-organization-account"]
metadata = {
region = "<Region>"
aws_sso_region = "<AWS SSO Region>"
aws_sso_portal = "<SSO Portal>"
management_account_role_arn = "<Management Account Role ARN>"
filter_not_organizational_unit_ids = "<Exclude Organizational Unit IDs>"
user_assuming_role_arns = "<Assumable Roles>"
session_duration_hours = "<Session Duration (in Hours)>"
filter_not_account_ids = "<Exclude Account IDs>"
enable_audit = "<Enable Audit>"
}
}resource "apono_resource_integration" "aws-organization-integration" {
name = "Amazon Organization"
type = "aws-organization"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-organization-account"]
integration_config = {
region = "<Region>"
aws_sso_region = "<AWS SSO Region>"
aws_sso_portal = "<SSO Portal>"
management_account_role_arn = "<Management Account Role ARN>"
filter_not_organizational_unit_ids = "<Exclude Organizational Unit IDs>"
user_assuming_role_arns = "<Assumable Roles>"
session_duration_hours = "<Session Duration (in Hours)>"
filter_not_account_ids = "<Exclude Account IDs>"
enable_audit = "<Enable Audit>"
}
}{
"databricks-integration": {
"name": "Databricks",
"type": "databricks",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"databricks-group"
],
"integration_config": {
"address": "<Databricks Accounts URL>",
"account_id": "<Account Id>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "databricks-integration" {
name = "Databricks"
type = "databricks"
connector_id = "apono-connector-id"
connected_resource_types = ["databricks-group"]
metadata = {
address = "<Databricks Accounts URL>"
account_id = "<Account Id>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "databricks-integration" {
name = "Databricks"
type = "databricks"
connector_id = "apono-connector-id"
connected_resource_types = ["databricks-group"]
integration_config = {
address = "<Databricks Accounts URL>"
account_id = "<Account Id>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"github-integration": {
"name": "Github",
"type": "github",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"github-repository"
],
"integration_config": {
"org": "<Organization>",
},
"secret_store_config": {
"region": "aws_region_template_value",
"secret_id": "aws_secret_id_template_value"
}
}
}resource "apono_integration" "github-integration" {
name = "Github"
type = "github"
connector_id = "apono-connector-id"
connected_resource_types = ["github-repository"]
metadata = {
org = "<Organization>"
}
aws_secret = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}resource "apono_resource_integration" "github-integration" {
name = "Github"
type = "github"
connector_id = "apono-connector-id"
connected_resource_types = ["github-repository"]
integration_config = {
org = "<Organization>"
}
secret_store_config = {
aws = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}{
"elastic-cloud-integration": {
"name": "Elastic Cloud",
"type": "elastic-cloud",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"elastic-cloud-deployment"
],
"integration_config": {
"organization_id": "<Organization ID>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "elastic-cloud-integration" {
name = "Elastic Cloud"
type = "elastic-cloud"
connector_id = "apono-connector-id"
connected_resource_types = ["elastic-cloud-deployment"]
metadata = {
organization_id = "<Organization ID>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "elastic-cloud-integration" {
name = "Elastic Cloud"
type = "elastic-cloud"
connector_id = "apono-connector-id"
connected_resource_types = ["elastic-cloud-deployment"]
integration_config = {
organization_id = "<Organization ID>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"harmony-integration": {
"name": "Harmony",
"type": "harmony",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"harmony-group"
],
"integration_config": {
"region": "<Region>",
},
"secret_store_config": {
"region": "aws_region_template_value",
"secret_id": "aws_secret_id_template_value"
}
}
}resource "apono_integration" "harmony-integration" {
name = "Harmony"
type = "harmony"
connector_id = "apono-connector-id"
connected_resource_types = ["harmony-group"]
metadata = {
region = "<Region>"
}
aws_secret = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}resource "apono_resource_integration" "harmony-integration" {
name = "Harmony"
type = "harmony"
connector_id = "apono-connector-id"
connected_resource_types = ["harmony-group"]
integration_config = {
region = "<Region>"
}
secret_store_config = {
aws = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}resource "apono_integration" "web-app-integration" {
name = "Web App"
type = "web-app"
connector_id = "apono-connector-id"
connected_resource_types = ["envoy-web-app"]
metadata = {
proxy_address = "<Proxy Address>"
addresses = "<Addresses>"
}
}resource "apono_resource_integration" "web-app-integration" {
name = "Web App"
type = "web-app"
connector_id = "apono-connector-id"
connected_resource_types = ["envoy-web-app"]
integration_config = {
proxy_address = "<Proxy Address>"
addresses = "<Addresses>"
}
}{
"web-app-integration": {
"name": "Web App",
"type": "web-app",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"envoy-web-app"
],
"integration_config": {
"proxy_address": "<Proxy Address>",
"addresses": "<Addresses>",
}
}
}resource "apono_integration" "gcp-project-integration" {
name = "Google Project"
type = "gcp-project"
connector_id = "apono-connector-id"
connected_resource_types = ["gcp-project"]
metadata = {
project_id = "<Project ID>"
}
}resource "apono_resource_integration" "gcp-project-integration" {
name = "Google Project"
type = "gcp-project"
connector_id = "apono-connector-id"
connected_resource_types = ["gcp-project"]
integration_config = {
project_id = "<Project ID>"
}
}{
"gcp-project-integration": {
"name": "Google Project",
"type": "gcp-project",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"gcp-project"
],
"integration_config": {
"project_id": "<Project ID>",
}
}
}{
"jumpcloud-integration": {
"name": "JumpCloud",
"type": "jumpcloud",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"jumpcloud-group"
],
"integration_config": {
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "jumpcloud-integration" {
name = "JumpCloud"
type = "jumpcloud"
connector_id = "apono-connector-id"
connected_resource_types = ["jumpcloud-group"]
metadata = {
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "jumpcloud-integration" {
name = "JumpCloud"
type = "jumpcloud"
connector_id = "apono-connector-id"
connected_resource_types = ["jumpcloud-group"]
integration_config = {
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_integration" "openvpn-integration" {
name = "OpenVPN"
type = "openvpn"
connector_id = "apono-connector-id"
connected_resource_types = ["openvpn-tunnel"]
metadata = {
}
}resource "apono_resource_integration" "openvpn-integration" {
name = "OpenVPN"
type = "openvpn"
connector_id = "apono-connector-id"
connected_resource_types = ["openvpn-tunnel"]
integration_config = {
}
}{
"openvpn-integration": {
"name": "OpenVPN",
"type": "openvpn",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"openvpn-tunnel"
],
"integration_config": {
}
}
}{
"onepassword-integration": {
"name": "1Password",
"type": "onepassword",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"onepassword-secret"
],
"integration_config": {
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "onepassword-integration" {
name = "1Password"
type = "onepassword"
connector_id = "apono-connector-id"
connected_resource_types = ["onepassword-secret"]
metadata = {
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "onepassword-integration" {
name = "1Password"
type = "onepassword"
connector_id = "apono-connector-id"
connected_resource_types = ["onepassword-secret"]
integration_config = {
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"grafana-integration": {
"name": "Grafana",
"type": "grafana",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"grafana-datasource"
],
"integration_config": {
"address": "<Grafana Portal URL>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "grafana-integration" {
name = "Grafana"
type = "grafana"
connector_id = "apono-connector-id"
connected_resource_types = ["grafana-datasource"]
metadata = {
address = "<Grafana Portal URL>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "grafana-integration" {
name = "Grafana"
type = "grafana"
connector_id = "apono-connector-id"
connected_resource_types = ["grafana-datasource"]
integration_config = {
address = "<Grafana Portal URL>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"onelogin-group-integration": {
"name": "OneLogin Group",
"type": "onelogin-group",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"onelogin-role"
],
"integration_config": {
"subdomain": "<Subdomain>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "onelogin-group-integration" {
name = "OneLogin Group"
type = "onelogin-group"
connector_id = "apono-connector-id"
connected_resource_types = ["onelogin-role"]
metadata = {
subdomain = "<Subdomain>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "onelogin-group-integration" {
name = "OneLogin Group"
type = "onelogin-group"
connector_id = "apono-connector-id"
connected_resource_types = ["onelogin-role"]
integration_config = {
subdomain = "<Subdomain>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}This integration allows user to request temporary membership to Okta groups
resource "apono_integration" "okta-group-integration" {
name = "Okta Group"
type = "okta-group"
connector_id = "apono-connector-id"
connected_resource_types = ["okta-group"]
metadata = {
org_url = "<Okta Organization URL>"
}
aws_secret = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}resource "apono_resource_integration" "okta-group-integration" {
name = "Okta Group"
type = "okta-group"
connector_id = "apono-connector-id"
connected_resource_types = ["okta-group"]
integration_config = {
org_url = "<Okta Organization URL>"
}
secret_store_config = {
aws = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}{
"okta-group-integration": {
"name": "Okta Group",
"type": "okta-group",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"okta-group"
],
"integration_config": {
"org_url": "<Okta Organization URL>",
},
"secret_store_config": {
"region": "aws_region_template_value",
"secret_id": "aws_secret_id_template_value"
}
}
}type okta-group
connected_resource_types List of resource types to sync.
org_url (Required | String) Okta Organization URL
Fully managed MongoDB service
resource "apono_integration" "mongodb-atlas-integration" {
name = "MongoDB Atlas"
type = "mongodb-atlas"
connector_id = "apono-connector-id"
connected_resource_types = ["mongodb-atlas-cluster"]
metadata = {
project_id = "<Project Id>"
cluster_name = "<Cluster Name>"
connection_type = "<Connection Type>"
private_endpoint_id = "<Private Endpoint Id>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "mongodb-atlas-integration" {
name = "MongoDB Atlas"
type = "mongodb-atlas"
connector_id = "apono-connector-id"
connected_resource_types = ["mongodb-atlas-cluster"]
integration_config = {
project_id = "<Project Id>"
cluster_name = "<Cluster Name>"
connection_type = "<Connection Type>"
private_endpoint_id = "<Private Endpoint Id>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"mongodb-atlas-integration": {
"name": "MongoDB Atlas",
"type": "mongodb-atlas",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"mongodb-atlas-cluster"
],
"integration_config": {
"project_id": "<Project Id>",
"cluster_name": "<Cluster Name>",
"connection_type": "<Connection Type>",
"private_endpoint_id": "<Private Endpoint Id>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type mongodb-atlas
connected_resource_types List of resource types to sync.
project_id (Required | String) Project Id
cluster_name (Required | String) Cluster Name
connection_type (Required | String) Connection Type
Default value: Standard
Possible values: Standard, Private, PrivateEndpoint
private_endpoint_id (Optional | String) Private Endpoint Id
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
RabbitMQ is an open-source message-broker software that implements the Advanced Message Queuing Protocol (AMQP)
resource "apono_integration" "rabbitmq-integration" {
name = "RabbitMQ"
type = "rabbitmq"
connector_id = "apono-connector-id"
connected_resource_types = ["rabbitmq-cluster-management"]
metadata = {
url = "<Url>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "rabbitmq-integration" {
name = "RabbitMQ"
type = "rabbitmq"
connector_id = "apono-connector-id"
connected_resource_types = ["rabbitmq-cluster-management"]
integration_config = {
url = "<Url>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"rabbitmq-integration": {
"name": "RabbitMQ",
"type": "rabbitmq",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"rabbitmq-cluster-management"
],
"integration_config": {
"url": "<Url>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type rabbitmq
connected_resource_types List of resource types to sync.
url (Required | String) Url
Cloud Function Custom Integration allows use GCP Cloud Function as a custom implementation for resource integration
resource "apono_integration" "cloudfunction-custom-integration-integration" {
name = "Cloud Function Custom Integration"
type = "cloudfunction-custom-integration"
connector_id = "apono-connector-id"
connected_resource_types = ["custom-cloud-function"]
metadata = {
access_details = "<Access Details>"
custom_parameters = "<Custom Parameters>"
project_id = "<Project ID>"
region = "<Region>"
function_name = "<Function Name>"
}
}resource "apono_resource_integration" "cloudfunction-custom-integration-integration" {
name = "Cloud Function Custom Integration"
type = "cloudfunction-custom-integration"
connector_id = "apono-connector-id"
connected_resource_types = ["custom-cloud-function"]
integration_config = {
access_details = "<Access Details>"
custom_parameters = "<Custom Parameters>"
project_id = "<Project ID>"
region = "<Region>"
function_name = "<Function Name>"
}
}{
"cloudfunction-custom-integration-integration": {
"name": "Cloud Function Custom Integration",
"type": "cloudfunction-custom-integration",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"custom-cloud-function"
],
"integration_config": {
"access_details": "<Access Details>",
"custom_parameters": "<Custom Parameters>",
"project_id": "<Project ID>",
"region": "<Region>",
"function_name": "<Function Name>",
}
}
}type cloudfunction-custom-integration
connected_resource_types List of resource types to sync.
access_details (Required | String) Access Details
custom_parameters (Required | String) Custom Parameters
project_id (Required | String) Project ID
region (Required | String) Region
function_name (Required | String) Function Name
Redis Cloud delivers a fully managed Redis database offering hosted on major public cloud services.
resource "apono_integration" "redislabs-integration" {
name = "Redis Cloud (Redislabs)"
type = "redislabs"
connector_id = "apono-connector-id"
connected_resource_types = ["redislabs-database"]
metadata = {
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "redislabs-integration" {
name = "Redis Cloud (Redislabs)"
type = "redislabs"
connector_id = "apono-connector-id"
connected_resource_types = ["redislabs-database"]
integration_config = {
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"redislabs-integration": {
"name": "Redis Cloud (Redislabs)",
"type": "redislabs",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"redislabs-database"
],
"integration_config": {
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type redislabs
connected_resource_types List of resource types to sync.
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
resource "apono_integration" "hashicorp-vault-integration" {
name = "HashiCorp Vault"
type = "hashicorp-vault"
connector_id = "apono-connector-id"
connected_resource_types = ["hashicorp-vault-kv-secret"]
metadata = {
address = "<Vault URL>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "hashicorp-vault-integration" {
name = "HashiCorp Vault"
type = "hashicorp-vault"
connector_id = "apono-connector-id"
connected_resource_types = ["hashicorp-vault-kv-secret"]
integration_config = {
address = "<Vault URL>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"hashicorp-vault-integration": {
"name": "HashiCorp Vault",
"type": "hashicorp-vault",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"hashicorp-vault-kv-secret"
],
"integration_config": {
"address": "<Vault URL>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type hashicorp-vault
connected_resource_types List of resource types to sync.
address (Required | String) Vault URL
Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management.
type k8s-roles
connected_resource_types List of resource types to sync.
cluster_name (Required | String) kubeconfig Cluster Name
kubeconfig_api_server_url (Required | String) kubeconfig Server URL
server_url (Optional | String) Server URL
certificate_authority (Optional | String) Certificate Authority
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
Google Cloud AlloyDB is a fully managed, high-performance PostgreSQL-compatible database service. It offers low-latency, automatic scaling, and integrates with Google Cloud’s AI/ML tools, making
type gcp-alloydb
connected_resource_types List of resource types to sync.
auth_type (Required | String) Auth Type
Possible values: gcp-alloydb-iam-auth, user-password
gcp_project_id (Required | String) Project ID
gcp_region (Required | String) Location
gcp_alloydb_cluster (Required | String) Cluster ID
gcp_instance_id (Required | String) Primary Instance ID
port (Required | String) Port
Default value: 5432
dbname (Required | String) Database Name
Default value: postgres
sslmode (Optional | String) SSL Mode
Possible values: disable, allow, prefer, require, verify-ca, verify-full
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
An open-source relational database management system emphasizing extensibility and SQL compliance.
type postgresql
connected_resource_types List of resource types to sync.
hostname (Required | String) Hostname
port (Required | String) Port
Default value: 5432
dbname (Required | String) Database Name
Default value: postgres
sslmode (Required | String) SSL Mode
Default value: disable
Possible values: disable, allow, prefer, require, verify-ca, verify-full
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management.
type gcp-gke
connected_resource_types List of resource types to sync.
server_url (Optional | String) Server URL
certificate_authority (Optional | String) Certificate Authority
project_id (Optional | String) Project ID
region (Optional | String) Region
cluster_name (Optional | String) Cluster Name
Amazon Redshift is a fully managed, petabyte-scale data warehouse service in the cloud.
type redshift
connected_resource_types List of resource types to sync.
hostname (Required | String) Hostname
port (Required | String) Port
Default value: 5439
db_name (Required | String) Database Name
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
Vertica is a high-performance, scalable analytics database designed for fast querying and analytics on large datasets.
type vertica
connected_resource_types List of resource types to sync.
hostname (Required | String) Hostname
port (Required | String) Port
Default value: 5433
dbname (Required | String) Database Name
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
A Windows Domain Controller is the hub of network management in a Windows domain, handling user authentication, resource access, and security policies.
type windows-domain-controller
connected_resource_types List of resource types to sync.
host (Required | String) Host
port (Required | String) WinRM Port
Default value: 5985
rdp_port (Optional | String) RDP Port
Default value: 3389
ssl (Required | String) Use SSL connection
Default value: false
Possible values: false, true
email_selector_field_name_override (Optional | String) User Email Attribute Name
Default value: UserPrincipalName
Elasticsearch is a distributed, RESTful search and analytics engine capable of addressing a growing number of use cases
type elasticsearch
connected_resource_types List of resource types to sync.
url (Required | String) Url
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
Allow proxy using kubernetes port forward to socat tunnel
type k8s-port-forward-proxy
connected_resource_types List of resource types to sync.
target_host (Required | String) Target Host
target_port (Required | String) Target Port
local_port (Required | String) Local Port
proxy_id (Required | String) Proxy ID
server_url (Optional | String) Server URL
certificate_authority (Optional | String) Certificate Authority
cluster_name (Required | String) kubeconfig Cluster Name
kubeconfig_api_server_url (Optional | String) kubeconfig Server URL
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
Rancher is a Kubernetes management tool to deploy and run clusters anywhere and on any provider.
type rancher
connected_resource_types List of resource types to sync.
host (Required | String) Host
port (Required | String) Port
certificate_authority (Optional | String) Certificate Authority
rancher_ui_url (Optional | String) Rancher UI URL
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
Microsoft SQL Server Integration
type mssql
connected_resource_types List of resource types to sync.
hostname (Required | String) Hostname
port (Required | String) Port
Default value: 1433
dbname (Required | String) Database Name
Default value: master
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
{
"k8s-roles-integration": {
"name": "Kubernetes",
"type": "k8s-roles",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"k8s-cluster"
],
"integration_config": {
"cluster_name": "<kubeconfig Cluster Name>",
"kubeconfig_api_server_url": "<kubeconfig Server URL>",
"server_url": "<Server URL>",
"certificate_authority": "<Certificate Authority>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "k8s-roles-integration" {
name = "Kubernetes"
type = "k8s-roles"
connector_id = "apono-connector-id"
connected_resource_types = ["k8s-cluster"]
metadata = {
cluster_name = "<kubeconfig Cluster Name>"
kubeconfig_api_server_url = "<kubeconfig Server URL>"
server_url = "<Server URL>"
certificate_authority = "<Certificate Authority>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "k8s-roles-integration" {
name = "Kubernetes"
type = "k8s-roles"
connector_id = "apono-connector-id"
connected_resource_types = ["k8s-cluster"]
integration_config = {
cluster_name = "<kubeconfig Cluster Name>"
kubeconfig_api_server_url = "<kubeconfig Server URL>"
server_url = "<Server URL>"
certificate_authority = "<Certificate Authority>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "gcp-alloydb-integration" {
name = "Google AlloyDB"
type = "gcp-alloydb"
connector_id = "apono-connector-id"
connected_resource_types = ["gcp-alloydb-database"]
integration_config = {
auth_type = "<Auth Type>"
gcp_project_id = "<Project ID>"
gcp_region = "<Location>"
gcp_alloydb_cluster = "<Cluster ID>"
gcp_instance_id = "<Primary Instance ID>"
port = "<Port>"
dbname = "<Database Name>"
sslmode = "<SSL Mode>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
gcp = {
project = "project_template_value"
secret_id = "gcp_secret_id_template_value"
}
}{
"gcp-alloydb-integration": {
"name": "Google AlloyDB",
"type": "gcp-alloydb",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"gcp-alloydb-database"
],
"integration_config": {
"auth_type": "<Auth Type>",
"gcp_project_id": "<Project ID>",
"gcp_region": "<Location>",
"gcp_alloydb_cluster": "<Cluster ID>",
"gcp_instance_id": "<Primary Instance ID>",
"port": "<Port>",
"dbname": "<Database Name>",
"sslmode": "<SSL Mode>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"project": "project_template_value",
"secret_id": "gcp_secret_id_template_value"
}
}
}resource "apono_integration" "gcp-alloydb-integration" {
name = "Google AlloyDB"
type = "gcp-alloydb"
connector_id = "apono-connector-id"
connected_resource_types = ["gcp-alloydb-database"]
metadata = {
auth_type = "<Auth Type>"
gcp_project_id = "<Project ID>"
gcp_region = "<Location>"
gcp_alloydb_cluster = "<Cluster ID>"
gcp_instance_id = "<Primary Instance ID>"
port = "<Port>"
dbname = "<Database Name>"
sslmode = "<SSL Mode>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
gcp_secret = {
project = "project_template_value"
secret_id = "gcp_secret_id_template_value"
}
}{
"postgresql-integration": {
"name": "PostgreSQL",
"type": "postgresql",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"postgresql-instance"
],
"integration_config": {
"hostname": "<Hostname>",
"port": "<Port>",
"dbname": "<Database Name>",
"sslmode": "<SSL Mode>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "postgresql-integration" {
name = "PostgreSQL"
type = "postgresql"
connector_id = "apono-connector-id"
connected_resource_types = ["postgresql-instance"]
metadata = {
hostname = "<Hostname>"
port = "<Port>"
dbname = "<Database Name>"
sslmode = "<SSL Mode>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "postgresql-integration" {
name = "PostgreSQL"
type = "postgresql"
connector_id = "apono-connector-id"
connected_resource_types = ["postgresql-instance"]
integration_config = {
hostname = "<Hostname>"
port = "<Port>"
dbname = "<Database Name>"
sslmode = "<SSL Mode>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"gcp-gke-integration": {
"name": "Google Kubernetes Engine (GKE)",
"type": "gcp-gke",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"gcp-gke-cluster"
],
"integration_config": {
"server_url": "<Server URL>",
"certificate_authority": "<Certificate Authority>",
"project_id": "<Project ID>",
"region": "<Region>",
"cluster_name": "<Cluster Name>",
},
"secret_store_config": {
"project": "project_template_value",
"secret_id": "gcp_secret_id_template_value"
}
}
}resource "apono_integration" "gcp-gke-integration" {
name = "Google Kubernetes Engine (GKE)"
type = "gcp-gke"
connector_id = "apono-connector-id"
connected_resource_types = ["gcp-gke-cluster"]
metadata = {
server_url = "<Server URL>"
certificate_authority = "<Certificate Authority>"
project_id = "<Project ID>"
region = "<Region>"
cluster_name = "<Cluster Name>"
}
gcp_secret = {
project = "project_template_value"
secret_id = "gcp_secret_id_template_value"
}
}resource "apono_resource_integration" "gcp-gke-integration" {
name = "Google Kubernetes Engine (GKE)"
type = "gcp-gke"
connector_id = "apono-connector-id"
connected_resource_types = ["gcp-gke-cluster"]
integration_config = {
server_url = "<Server URL>"
certificate_authority = "<Certificate Authority>"
project_id = "<Project ID>"
region = "<Region>"
cluster_name = "<Cluster Name>"
}
secret_store_config = {
gcp = {
project = "project_template_value"
secret_id = "gcp_secret_id_template_value"
}
}{
"redshift-integration": {
"name": "Amazon Redshift",
"type": "redshift",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"aws-redshift-database"
],
"integration_config": {
"hostname": "<Hostname>",
"port": "<Port>",
"db_name": "<Database Name>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "redshift-integration" {
name = "Amazon Redshift"
type = "redshift"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-redshift-database"]
metadata = {
hostname = "<Hostname>"
port = "<Port>"
db_name = "<Database Name>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "redshift-integration" {
name = "Amazon Redshift"
type = "redshift"
connector_id = "apono-connector-id"
connected_resource_types = ["aws-redshift-database"]
integration_config = {
hostname = "<Hostname>"
port = "<Port>"
db_name = "<Database Name>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"vertica-integration": {
"name": "Vertica Database",
"type": "vertica",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"vertica-role"
],
"integration_config": {
"hostname": "<Hostname>",
"port": "<Port>",
"dbname": "<Database Name>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "vertica-integration" {
name = "Vertica Database"
type = "vertica"
connector_id = "apono-connector-id"
connected_resource_types = ["vertica-role"]
metadata = {
hostname = "<Hostname>"
port = "<Port>"
dbname = "<Database Name>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "vertica-integration" {
name = "Vertica Database"
type = "vertica"
connector_id = "apono-connector-id"
connected_resource_types = ["vertica-role"]
integration_config = {
hostname = "<Hostname>"
port = "<Port>"
dbname = "<Database Name>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_integration" "gcp-organization-integration" {
name = "Google Organization"
type = "gcp-organization"
connector_id = "apono-connector-id"
connected_resource_types = ["gcp-organization"]
metadata = {
organization_id = "<Organization ID>"
customer_id = "<Customer ID>"
}
}resource "apono_resource_integration" "gcp-organization-integration" {
name = "Google Organization"
type = "gcp-organization"
connector_id = "apono-connector-id"
connected_resource_types = ["gcp-organization"]
integration_config = {
organization_id = "<Organization ID>"
customer_id = "<Customer ID>"
}
}{
"gcp-organization-integration": {
"name": "Google Organization",
"type": "gcp-organization",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"gcp-organization"
],
"integration_config": {
"organization_id": "<Organization ID>",
"customer_id": "<Customer ID>",
}
}
}{
"windows-domain-controller-integration": {
"name": "Windows Domain Controller",
"type": "windows-domain-controller",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"windows-domain-controller-server"
],
"integration_config": {
"host": "<Host>",
"port": "<WinRM Port>",
"rdp_port": "<RDP Port>",
"ssl": "<Use SSL connection>",
"email_selector_field_name_override": "<User Email Attribute Name>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "windows-domain-controller-integration" {
name = "Windows Domain Controller"
type = "windows-domain-controller"
connector_id = "apono-connector-id"
connected_resource_types = ["windows-domain-controller-server"]
metadata = {
host = "<Host>"
port = "<WinRM Port>"
rdp_port = "<RDP Port>"
ssl = "<Use SSL connection>"
email_selector_field_name_override = "<User Email Attribute Name>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "windows-domain-controller-integration" {
name = "Windows Domain Controller"
type = "windows-domain-controller"
connector_id = "apono-connector-id"
connected_resource_types = ["windows-domain-controller-server"]
integration_config = {
host = "<Host>"
port = "<WinRM Port>"
rdp_port = "<RDP Port>"
ssl = "<Use SSL connection>"
email_selector_field_name_override = "<User Email Attribute Name>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"elasticsearch-integration": {
"name": "Elasticsearch",
"type": "elasticsearch",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"elasticsearch-role"
],
"integration_config": {
"url": "<Url>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "elasticsearch-integration" {
name = "Elasticsearch"
type = "elasticsearch"
connector_id = "apono-connector-id"
connected_resource_types = ["elasticsearch-role"]
metadata = {
url = "<Url>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "elasticsearch-integration" {
name = "Elasticsearch"
type = "elasticsearch"
connector_id = "apono-connector-id"
connected_resource_types = ["elasticsearch-role"]
integration_config = {
url = "<Url>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "k8s-port-forward-proxy-integration" {
name = "Kubernetes Proxy"
type = "k8s-port-forward-proxy"
connector_id = "apono-connector-id"
connected_resource_types = ["k8s-port-forward-proxy"]
integration_config = {
target_host = "<Target Host>"
target_port = "<Target Port>"
local_port = "<Local Port>"
proxy_id = "<Proxy ID>"
server_url = "<Server URL>"
certificate_authority = "<Certificate Authority>"
cluster_name = "<kubeconfig Cluster Name>"
kubeconfig_api_server_url = "<kubeconfig Server URL>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
aws = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}{
"k8s-port-forward-proxy-integration": {
"name": "Kubernetes Proxy",
"type": "k8s-port-forward-proxy",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"k8s-port-forward-proxy"
],
"integration_config": {
"target_host": "<Target Host>",
"target_port": "<Target Port>",
"local_port": "<Local Port>",
"proxy_id": "<Proxy ID>",
"server_url": "<Server URL>",
"certificate_authority": "<Certificate Authority>",
"cluster_name": "<kubeconfig Cluster Name>",
"kubeconfig_api_server_url": "<kubeconfig Server URL>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"region": "aws_region_template_value",
"secret_id": "aws_secret_id_template_value"
}
}
}resource "apono_integration" "k8s-port-forward-proxy-integration" {
name = "Kubernetes Proxy"
type = "k8s-port-forward-proxy"
connector_id = "apono-connector-id"
connected_resource_types = ["k8s-port-forward-proxy"]
metadata = {
target_host = "<Target Host>"
target_port = "<Target Port>"
local_port = "<Local Port>"
proxy_id = "<Proxy ID>"
server_url = "<Server URL>"
certificate_authority = "<Certificate Authority>"
cluster_name = "<kubeconfig Cluster Name>"
kubeconfig_api_server_url = "<kubeconfig Server URL>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
aws_secret = {
region = "aws_region_template_value"
secret_id = "aws_secret_id_template_value"
}
}{
"rancher-integration": {
"name": "Rancher",
"type": "rancher",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"rancher-cluster"
],
"integration_config": {
"host": "<Host>",
"port": "<Port>",
"certificate_authority": "<Certificate Authority>",
"rancher_ui_url": "<Rancher UI URL>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "rancher-integration" {
name = "Rancher"
type = "rancher"
connector_id = "apono-connector-id"
connected_resource_types = ["rancher-cluster"]
metadata = {
host = "<Host>"
port = "<Port>"
certificate_authority = "<Certificate Authority>"
rancher_ui_url = "<Rancher UI URL>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "rancher-integration" {
name = "Rancher"
type = "rancher"
connector_id = "apono-connector-id"
connected_resource_types = ["rancher-cluster"]
integration_config = {
host = "<Host>"
port = "<Port>"
certificate_authority = "<Certificate Authority>"
rancher_ui_url = "<Rancher UI URL>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"mssql-integration": {
"name": "Microsoft SQL Server",
"type": "mssql",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"mssql-server-role"
],
"integration_config": {
"hostname": "<Hostname>",
"port": "<Port>",
"dbname": "<Database Name>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "mssql-integration" {
name = "Microsoft SQL Server"
type = "mssql"
connector_id = "apono-connector-id"
connected_resource_types = ["mssql-server-role"]
metadata = {
hostname = "<Hostname>"
port = "<Port>"
dbname = "<Database Name>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "mssql-integration" {
name = "Microsoft SQL Server"
type = "mssql"
connector_id = "apono-connector-id"
connected_resource_types = ["mssql-server-role"]
integration_config = {
hostname = "<Hostname>"
port = "<Port>"
dbname = "<Database Name>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}MongoDB Atlas UI is a user-friendly platform for managing and deploying MongoDB databases in the cloud.
resource "apono_integration" "mongodb-atlas-organization-integration" {
name = "Mongo Atlas Portal"
type = "mongodb-atlas-organization"
connector_id = "apono-connector-id"
connected_resource_types = ["mongodb-atlas-organization"]
metadata = {
organization_id = "<Organization Id>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "mongodb-atlas-organization-integration" {
name = "Mongo Atlas Portal"
type = "mongodb-atlas-organization"
connector_id = "apono-connector-id"
connected_resource_types = ["mongodb-atlas-organization"]
integration_config = {
organization_id = "<Organization Id>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"mongodb-atlas-organization-integration": {
"name": "Mongo Atlas Portal",
"type": "mongodb-atlas-organization",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"mongodb-atlas-organization"
],
"integration_config": {
"organization_id": "<Organization Id>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type mongodb-atlas-organization
connected_resource_types List of resource types to sync.
organization_id (Required | String) Organization Id
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
Oracle Database is a powerful and widely-used relational database management system known for its robustness, scalability, and comprehensive feature set, developed and maintained by Oracle Corporation
resource "apono_integration" "oracle-db-integration" {
name = "Oracle Database"
type = "oracle-db"
connector_id = "apono-connector-id"
connected_resource_types = ["oracle-db-role"]
metadata = {
hostname = "<Hostname>"
port = "<Port>"
service_name = "<Sarvice Name>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "oracle-db-integration" {
name = "Oracle Database"
type = "oracle-db"
connector_id = "apono-connector-id"
connected_resource_types = ["oracle-db-role"]
integration_config = {
hostname = "<Hostname>"
port = "<Port>"
service_name = "<Sarvice Name>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"oracle-db-integration": {
"name": "Oracle Database",
"type": "oracle-db",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"oracle-db-role"
],
"integration_config": {
"hostname": "<Hostname>",
"port": "<Port>",
"service_name": "<Sarvice Name>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type oracle-db
connected_resource_types List of resource types to sync.
hostname (Required | String) Hostname
port (Required | String) Port
Default value: 1521
service_name (Required | String) Sarvice Name
Default value: ORCL
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
An open-source relational database management system.
resource "apono_integration" "mysql-integration" {
name = "MySQL"
type = "mysql"
connector_id = "apono-connector-id"
connected_resource_types = ["mysql-instance"]
metadata = {
hostname = "<Hostname>"
port = "<Port>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
custom_permissions_json = "<Custom Permissions (JSON array that maps custom permissions to actions)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "mysql-integration" {
name = "MySQL"
type = "mysql"
connector_id = "apono-connector-id"
connected_resource_types = ["mysql-instance"]
integration_config = {
hostname = "<Hostname>"
port = "<Port>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
custom_permissions_json = "<Custom Permissions (JSON array that maps custom permissions to actions)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"mysql-integration": {
"name": "MySQL",
"type": "mysql",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"mysql-instance"
],
"integration_config": {
"hostname": "<Hostname>",
"port": "<Port>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
"custom_permissions_json": "<Custom Permissions (JSON array that maps custom permissions to actions)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type mysql
connected_resource_types List of resource types to sync.
hostname (Required | String) Hostname
port (Required | String) Port
Default value: 3306
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
custom_permissions_json (Optional | String) Custom Permissions (JSON array that maps custom permissions to actions)
This integration allows user to request temporary SSH access
resource "apono_integration" "ssh-integration" {
name = "SSH"
type = "ssh"
connector_id = "apono-connector-id"
connected_resource_types = ["ssh-server"]
metadata = {
servers = "<Servers>"
groups = "<User Groups>"
shell = "<User's Login Shell>"
user_key_name = "<User Key Name>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "ssh-integration" {
name = "SSH"
type = "ssh"
connector_id = "apono-connector-id"
connected_resource_types = ["ssh-server"]
integration_config = {
servers = "<Servers>"
groups = "<User Groups>"
shell = "<User's Login Shell>"
user_key_name = "<User Key Name>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"ssh-integration": {
"name": "SSH",
"type": "ssh",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"ssh-server"
],
"integration_config": {
"servers": "<Servers>",
"groups": "<User Groups>",
"shell": "<User's Login Shell>",
"user_key_name": "<User Key Name>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type ssh
connected_resource_types List of resource types to sync.
servers (Required | String) Servers
groups (Optional | String) User Groups
shell (Optional | String) User's Login Shell
user_key_name (Optional | String) User Key Name
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
OpenSearch is a search engine based on Apache Lucene, a free and open-source search engine
resource "apono_integration" "opensearch-integration" {
name = "OpenSearch"
type = "opensearch"
connector_id = "apono-connector-id"
connected_resource_types = ["opensearch-role"]
metadata = {
auth_type = "<Auth Type>"
url = "<Url>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
sso_url = "<SSO Portal URL>"
}
}resource "apono_resource_integration" "opensearch-integration" {
name = "OpenSearch"
type = "opensearch"
connector_id = "apono-connector-id"
connected_resource_types = ["opensearch-role"]
integration_config = {
auth_type = "<Auth Type>"
url = "<Url>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
sso_url = "<SSO Portal URL>"
}
}{
"opensearch-integration": {
"name": "OpenSearch",
"type": "opensearch",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"opensearch-role"
],
"integration_config": {
"auth_type": "<Auth Type>",
"url": "<Url>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
"sso_url": "<SSO Portal URL>",
}
}
}type opensearch
connected_resource_types List of resource types to sync.
auth_type (Optional | String) Auth Type
Default value: user-password
Possible values: sso-auth, user-password
url (Required | String) Url
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
sso_url (Optional | String) SSO Portal URL
An open-source relational database management system emphasizing extensibility and SQL compliance.
resource "apono_integration" "gcp-cloud-sql-postgresql-integration" {
name = "Google Cloud SQL - PostgreSQL"
type = "gcp-cloud-sql-postgresql"
connector_id = "apono-connector-id"
connected_resource_types = ["gcp-cloud-sql-postgresql-instance"]
metadata = {
auth_type = "<Auth Type>"
gcp_project_id = "<Project ID>"
gcp_region = "<Region>"
gcp_instance_id = "<Instance ID>"
gcp_instance_id_user_override = "<Instance ID User Override>"
dbname = "<Database Name>"
sslmode = "<SSL Mode>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
gcp_secret = {
project = "project_template_value"
secret_id = "gcp_secret_id_template_value"
}
}resource "apono_resource_integration" "gcp-cloud-sql-postgresql-integration" {
name = "Google Cloud SQL - PostgreSQL"
type = "gcp-cloud-sql-postgresql"
connector_id = "apono-connector-id"
connected_resource_types = ["gcp-cloud-sql-postgresql-instance"]
integration_config = {
auth_type = "<Auth Type>"
gcp_project_id = "<Project ID>"
gcp_region = "<Region>"
gcp_instance_id = "<Instance ID>"
gcp_instance_id_user_override = "<Instance ID User Override>"
dbname = "<Database Name>"
sslmode = "<SSL Mode>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
gcp = {
project = "project_template_value"
secret_id = "gcp_secret_id_template_value"
}
}{
"gcp-cloud-sql-postgresql-integration": {
"name": "Google Cloud SQL - PostgreSQL",
"type": "gcp-cloud-sql-postgresql",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"gcp-cloud-sql-postgresql-instance"
],
"integration_config": {
"auth_type": "<Auth Type>",
"gcp_project_id": "<Project ID>",
"gcp_region": "<Region>",
"gcp_instance_id": "<Instance ID>",
"gcp_instance_id_user_override": "<Instance ID User Override>",
"dbname": "<Database Name>",
"sslmode": "<SSL Mode>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"project": "project_template_value",
"secret_id": "gcp_secret_id_template_value"
}
}
}type gcp-cloud-sql-postgresql
connected_resource_types List of resource types to sync.
auth_type (Required | String) Auth Type
Possible values: gcp-iam-auth, user-password
gcp_project_id (Required | String) Project ID
gcp_region (Required | String) Region
gcp_instance_id (Required | String) Instance ID
gcp_instance_id_user_override (Optional | String) Instance ID User Override
dbname (Required | String) Database Name
Default value: postgres
sslmode (Optional | String) SSL Mode
Possible values: disable, allow, prefer, require, verify-ca, verify-full
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
Integration that allows users to request access to a F5 Webtop
resource "apono_integration" "f5-webtop-integration" {
name = "F5 Network"
type = "f5-webtop"
connector_id = "apono-connector-id"
connected_resource_types = ["f5-webtop-policy"]
metadata = {
hostname = "<F5 Hostname>"
access_profile_id = "<Access Profile Id>"
resource_assign_id = "<Resource Assign Id>"
webtop = "<Webtop>"
webtop_sections = "<Webtop Sections (Optional)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "f5-webtop-integration" {
name = "F5 Network"
type = "f5-webtop"
connector_id = "apono-connector-id"
connected_resource_types = ["f5-webtop-policy"]
integration_config = {
hostname = "<F5 Hostname>"
access_profile_id = "<Access Profile Id>"
resource_assign_id = "<Resource Assign Id>"
webtop = "<Webtop>"
webtop_sections = "<Webtop Sections (Optional)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"f5-webtop-integration": {
"name": "F5 Network",
"type": "f5-webtop",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"f5-webtop-policy"
],
"integration_config": {
"hostname": "<F5 Hostname>",
"access_profile_id": "<Access Profile Id>",
"resource_assign_id": "<Resource Assign Id>",
"webtop": "<Webtop>",
"webtop_sections": "<Webtop Sections (Optional)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type f5-webtop
connected_resource_types List of resource types to sync.
hostname (Required | String) F5 Hostname
access_profile_id (Required | String) Access Profile Id
resource_assign_id (Required | String) Resource Assign Id
webtop (Required | String) Webtop
webtop_sections (Optional | String) Webtop Sections (Optional)
An opensource NoSQL database program. MongoDB uses JSON-like documents with optional schemas.
resource "apono_integration" "mongodb-integration" {
name = "MongoDB"
type = "mongodb"
connector_id = "apono-connector-id"
connected_resource_types = ["mongodb-cluster"]
metadata = {
hostname = "<Hostname>"
port = "<Port>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "mongodb-integration" {
name = "MongoDB"
type = "mongodb"
connector_id = "apono-connector-id"
connected_resource_types = ["mongodb-cluster"]
integration_config = {
hostname = "<Hostname>"
port = "<Port>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"mongodb-integration": {
"name": "MongoDB",
"type": "mongodb",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"mongodb-cluster"
],
"integration_config": {
"hostname": "<Hostname>",
"port": "<Port>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type mongodb
connected_resource_types List of resource types to sync.
hostname (Required | String) Hostname
port (Required | String) Port
Default value: 27017
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
LDAP (Lightweight Directory Access Protocol) is a standardized protocol for accessing and managing directory services, crucial for centralized authentication and data storage in networks.
resource "apono_integration" "ldap-directory-integration" {
name = "LDAP Group"
type = "ldap-directory"
connector_id = "apono-connector-id"
connected_resource_types = ["ldap-directory-group"]
metadata = {
url = "<LDAP Server URL>"
custom_ca_cert = "<Self signed server or CA certificate>"
domain = "<Domain>"
groups_scope = "<Groups Scope>"
users_scope = "<Users Scope>"
user_email_attribute = "<User Email Attribute>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "ldap-directory-integration" {
name = "LDAP Group"
type = "ldap-directory"
connector_id = "apono-connector-id"
connected_resource_types = ["ldap-directory-group"]
integration_config = {
url = "<LDAP Server URL>"
custom_ca_cert = "<Self signed server or CA certificate>"
domain = "<Domain>"
groups_scope = "<Groups Scope>"
users_scope = "<Users Scope>"
user_email_attribute = "<User Email Attribute>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"ldap-directory-integration": {
"name": "LDAP Group",
"type": "ldap-directory",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"ldap-directory-group"
],
"integration_config": {
"url": "<LDAP Server URL>",
"custom_ca_cert": "<Self signed server or CA certificate>",
"domain": "<Domain>",
"groups_scope": "<Groups Scope>",
"users_scope": "<Users Scope>",
"user_email_attribute": "<User Email Attribute>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type ldap-directory
connected_resource_types List of resource types to sync.
url (Required | String) LDAP Server URL
custom_ca_cert (Optional | String) Self signed server or CA certificate
domain (Required | String) Domain
groups_scope (Optional | String) Groups Scope
users_scope (Optional | String) Users Scope
user_email_attribute (Optional | String) User Email Attribute
An open-source relational database management system.
resource "apono_integration" "gcp-cloud-sql-mysql-integration" {
name = "Google Cloud SQL - MySQL"
type = "gcp-cloud-sql-mysql"
connector_id = "apono-connector-id"
connected_resource_types = ["gcp-cloud-sql-mysql-instance"]
metadata = {
auth_type = "<Auth Type>"
gcp_project_id = "<Project ID>"
gcp_region = "<Region>"
gcp_instance_id = "<Instance ID>"
gcp_instance_id_user_override = "<Instance ID User Override>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
gcp_secret = {
project = "project_template_value"
secret_id = "gcp_secret_id_template_value"
}
}resource "apono_resource_integration" "gcp-cloud-sql-mysql-integration" {
name = "Google Cloud SQL - MySQL"
type = "gcp-cloud-sql-mysql"
connector_id = "apono-connector-id"
connected_resource_types = ["gcp-cloud-sql-mysql-instance"]
integration_config = {
auth_type = "<Auth Type>"
gcp_project_id = "<Project ID>"
gcp_region = "<Region>"
gcp_instance_id = "<Instance ID>"
gcp_instance_id_user_override = "<Instance ID User Override>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
gcp = {
project = "project_template_value"
secret_id = "gcp_secret_id_template_value"
}
}{
"gcp-cloud-sql-mysql-integration": {
"name": "Google Cloud SQL - MySQL",
"type": "gcp-cloud-sql-mysql",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"gcp-cloud-sql-mysql-instance"
],
"integration_config": {
"auth_type": "<Auth Type>",
"gcp_project_id": "<Project ID>",
"gcp_region": "<Region>",
"gcp_instance_id": "<Instance ID>",
"gcp_instance_id_user_override": "<Instance ID User Override>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"project": "project_template_value",
"secret_id": "gcp_secret_id_template_value"
}
}
}type gcp-cloud-sql-mysql
connected_resource_types List of resource types to sync.
auth_type (Required | String) Auth Type
Possible values: gcp-iam-auth, user-password
gcp_project_id (Required | String) Project ID
gcp_region (Required | String) Region
gcp_instance_id (Required | String) Instance ID
gcp_instance_id_user_override (Optional | String) Instance ID User Override
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
Snowflake is a fully managed SaaS (software as a service) that provides a single platform for data warehousing, data lakes, data engineering, data science, data application development, and secure sha
resource "apono_integration" "snowflake-integration" {
name = "Snowflake"
type = "snowflake"
connector_id = "apono-connector-id"
connected_resource_types = ["snowflake-role"]
metadata = {
hostname = "<Hostname>"
auth_type = "<Select Auth Type>"
role = "<Role>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
sso_url = "<SSO Portal URL>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "snowflake-integration" {
name = "Snowflake"
type = "snowflake"
connector_id = "apono-connector-id"
connected_resource_types = ["snowflake-role"]
integration_config = {
hostname = "<Hostname>"
auth_type = "<Select Auth Type>"
role = "<Role>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
sso_url = "<SSO Portal URL>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"snowflake-integration": {
"name": "Snowflake",
"type": "snowflake",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"snowflake-role"
],
"integration_config": {
"hostname": "<Hostname>",
"auth_type": "<Select Auth Type>",
"role": "<Role>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
"sso_url": "<SSO Portal URL>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}type snowflake
connected_resource_types List of resource types to sync.
hostname (Required | String) Hostname
auth_type (Optional | String) Select Auth Type
Default value: user-password
Possible values: sso-auth, user-password
role (Optional | String) Role
Default value: ACCOUNTADMIN
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
sso_url (Optional | String) SSO Portal URL
An open-source relational database management system.
type mariadb
connected_resource_types List of resource types to sync.
hostname (Required | String) Hostname
port (Required | String) Port
Default value: 3306
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
custom_permissions_json (Optional | String) Custom Permissions (JSON array that maps custom permissions to actions)
This integration allows user to request temporary RDP access
type rdp
connected_resource_types List of resource types to sync.
host (Required | String) Host
port (Required | String) WinRM Port
Default value: 5985
rdp_port (Optional | String) RDP Port
Default value: 3389
ssl (Required | String) Use SSL connection
Default value: false
Possible values: false, true
credentials_rotation_period_in_days (Optional | String) Credentials rotation period (in days)
credentials_cleanup_period_in_days (Optional | String) User cleanup after access is revoked (in days)
{
"mariadb-integration": {
"name": "MariaDB",
"type": "mariadb",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"mariadb-instance"
],
"integration_config": {
"hostname": "<Hostname>",
"port": "<Port>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
"custom_permissions_json": "<Custom Permissions (JSON array that maps custom permissions to actions)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "mariadb-integration" {
name = "MariaDB"
type = "mariadb"
connector_id = "apono-connector-id"
connected_resource_types = ["mariadb-instance"]
metadata = {
hostname = "<Hostname>"
port = "<Port>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
custom_permissions_json = "<Custom Permissions (JSON array that maps custom permissions to actions)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "mariadb-integration" {
name = "MariaDB"
type = "mariadb"
connector_id = "apono-connector-id"
connected_resource_types = ["mariadb-instance"]
integration_config = {
hostname = "<Hostname>"
port = "<Port>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
custom_permissions_json = "<Custom Permissions (JSON array that maps custom permissions to actions)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}{
"rdp-integration": {
"name": "RDP",
"type": "rdp",
"connector_id": "apono-connector-id",
"connected_resource_types": [
"rdp-server"
],
"integration_config": {
"host": "<Host>",
"port": "<WinRM Port>",
"rdp_port": "<RDP Port>",
"ssl": "<Use SSL connection>",
"credentials_rotation_period_in_days": "<Credentials rotation period (in days)>",
"credentials_cleanup_period_in_days": "<User cleanup after access is revoked (in days)>",
},
"secret_store_config": {
"name": "name_template_value",
"namespace": "namespace_template_value"
}
}
}resource "apono_integration" "rdp-integration" {
name = "RDP"
type = "rdp"
connector_id = "apono-connector-id"
connected_resource_types = ["rdp-server"]
metadata = {
host = "<Host>"
port = "<WinRM Port>"
rdp_port = "<RDP Port>"
ssl = "<Use SSL connection>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
kubernetes_secret = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}resource "apono_resource_integration" "rdp-integration" {
name = "RDP"
type = "rdp"
connector_id = "apono-connector-id"
connected_resource_types = ["rdp-server"]
integration_config = {
host = "<Host>"
port = "<WinRM Port>"
rdp_port = "<RDP Port>"
ssl = "<Use SSL connection>"
credentials_rotation_period_in_days = "<Credentials rotation period (in days)>"
credentials_cleanup_period_in_days = "<User cleanup after access is revoked (in days)>"
}
secret_store_config = {
kubernetes = {
name = "name_template_value"
namespace = "namespace_template_value"
}
}