teleport/github연결.md

github 연결

기본적으로 SSO를 지원하지만, community version에서는 github 만 지원

Enterprise : AD, OIDC, google workspace, GitLab, Okta, OneLogin

순서

github OAuth Apps 등록

GITHUB_CONNECTOR 생성

kind: github
metadata:
  name: new_github_connector
spec:
  api_endpoint_url: ""
  client_id: <Client ID>
  client_secret: <Client Secrets>
  display: GitHub
  endpoint_url: ""
  redirect_url: https://teleport.datasaker.io/v1/webapi/github/callback
  teams_to_logins: null
  teams_to_roles:
  - organization: CloudMOA
    roles:
    - bastion
    - dsk_dev_master
    team: dev2-datasaker
  - organization: CloudMOA
    roles:
    - bastion
    - agent_test
    - agent_node
    - agent_master
    - dsk_dev_master
    - management
    team: dev2_teleport
version: v3

client_id: Client ID
client_secert: Client Secrets
teams_to_roles.organization: github repo명
roles: teleport roles (github login 시 적용)
team: github teams

agent 배포를 위한 ansible

바로가기 참조