This module is based off of slashdevops/idp-scim-sync and allows you to deploy the idp-scim-sync lambda function using terraform.
| Name | Version |
|---|---|
| aws | >= 5.0.0 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| semantic_version | The semantic version of the module | string |
n/a | yes |
| bucket_name_prefix | Prefix used in the bucket name where the state data will be stored. | string |
"idp-scim-sync-state" |
no |
| gws_groups_filter | The Google Workspace group filter query parameter | string |
"" |
no |
| gws_service_account_file_secret_name | The Google Workspace credentials file secret name | string |
"IDPSCIM_GWSServiceAccountFile" |
no |
| gws_user_email_secret_name | The Google Workspace user email secret name | string |
"IDPSCIM_GWSUserEmail" |
no |
| lambda_function_name | Name of the created Lambda function | string |
"idp-scim-sync" |
no |
| log_format | Log format for Lambda function logging | string |
"json" |
no |
| log_group_name | The name of the CloudWatch log group | string |
"/aws/lambda/idp-scim-sync" |
no |
| log_group_retention_days | The number of days you want to keep logs for the lambda function | number |
7 |
no |
| log_level | Log level for Lambda function logging | string |
"info" |
no |
| memory_size | The amount of memory to allocate to the Lambda function. | number |
256 |
no |
| schedule_expression | Schedule for trigger the execution of idp-scim-sync (see EventBridge rule schedule expressions) | string |
"rate(15 minutes)" |
no |
| scim_access_token_secret_name | The AWS SSO SCIM AccessToken secret name | string |
"IDPSCIM_SCIMAccessToken" |
no |
| scim_endpoint_secret_name | The AWS SSO SCIM Endpoint Url secret name | string |
"IDPSCIM_SCIMEndpoint" |
no |
| state_file_key | The key 'file' where the state data will be stored | string |
"data/state.json" |
no |
| sync_method | The sync method to use | string |
"groups" |
no |
| tags | A map of tags to add to all resources | map(string) |
{} |
no |
| timeout | The amount of time that AWS Lambda service allows a function to run before terminating it. | number |
300 |
no |
| Name | Description |
|---|---|
| bucket_arn | The ARN of the S3 bucket |
| bucket_name | The name of the S3 bucket |
| kms_key_arn | The ARN of the KMS key |
| kms_key_id | The ID of the KMS key |
| lambda_function_arn | The ARN of the Lambda function |