teleport/github연결.md

# github 연결

기본적으로 SSO를 지원하지만, community version에서는 github 만 지원

Enterprise : AD, OIDC, google workspace, GitLab, Okta, OneLogin

  

## 순서

### github OAuth Apps 등록

![](https://t25540965.p.clickup-attachments.com/t25540965/208fc7af-ad62-4c8c-8013-b41eb4be31c7/image.png)

![](https://t25540965.p.clickup-attachments.com/t25540965/a48f30fc-090f-4a18-b1e2-e5a5687c0e9b/image.png)

![](https://t25540965.p.clickup-attachments.com/t25540965/2494519b-d229-4ed3-8830-64909514002e/image.png)

  

### GITHUB\_CONNECTOR 생성

```yaml
kind: github
metadata:
  name: new_github_connector
spec:
  api_endpoint_url: ""
  client_id: <Client ID>
  client_secret: <Client Secrets>
  display: GitHub
  endpoint_url: ""
  redirect_url: https://teleport.datasaker.io/v1/webapi/github/callback
  teams_to_logins: null
  teams_to_roles:
  - organization: CloudMOA
    roles:
    - bastion
    - dsk_dev_master
    team: dev2-datasaker
  - organization: CloudMOA
    roles:
    - bastion
    - agent_test
    - agent_node
    - agent_master
    - dsk_dev_master
    - management
    team: dev2_teleport
version: v3
```

  

client_id: `Client ID`<br>
client_secert: `Client Secrets`<br>
teams_to_roles.organization: `github repo명`<br>
roles: `teleport roles` (github login 시 적용)<br>
team: `github teams`<br>

## agent 배포를 위한 ansible
[바로가기](https://lab.jhcloud.kr/sa_8001/dsk-iac/-/tree/main/ansible/teleport_setting?ref_type=heads) 참조