From 9cc037559b5af4d2a4d37c1cb688889c131107c7 Mon Sep 17 00:00:00 2001 From: badra001 Date: Mon, 5 Apr 2021 10:52:16 -0400 Subject: [PATCH] v1.9.0: create module ldap-get-attribute --- ldap-get-attribute/README.md | 90 ++++++++++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 ldap-get-attribute/README.md diff --git a/ldap-get-attribute/README.md b/ldap-get-attribute/README.md new file mode 100644 index 0000000..462b700 --- /dev/null +++ b/ldap-get-attribute/README.md @@ -0,0 +1,90 @@ +# aws-inf-setup :: ldap-get-attribute + +This allows for a simple LDAP search filter against, by default eDirectory ldap.tco.census.gov. +It returns an object with count, status, the attribute, the dn(s) and the attribute value(s). +DN and values are returned in a list. This is intended to search for only a single attribute, +which may be multi-value. It also returns the DN and CN. + +For a query that returns multiple entries, where those entries do all not possess the same +attribute, the DN to attibute value will not match. That is, it returns only a list of +the attributes for the objects which have them in no particular order. + +# Usage +Here is a simple example to get the email address of use `badra001`. + +```hcl +module "user_badra001" { + source = "git@github.e.it.census.gov:terraform-modules/aws-inf-setup.git//ldap-get-attribute" + + filter = "cn=badra001" + attribute = "mail" + # optional + # ldap_uri = "ldaps://ldap.tco.census.gov" + # ldap_base_dn = "o=U.S. Census Bureau,c=US" + + # TBD + # ldap_user = + # ldap_pass = +} +``` + +# Sample Output +```json +search_results = { + "attribute" = "mail" + "attribute_value" = [ + "donald.e.badrak.ii@census.gov", + ] + "count" = "1" + "dn" = [ + "cn=badra001,ou=People,o=U.S. Census Bureau,c=US", + ] + "cn" = [ + "badra001" + ] + "status" = "0" +} +``` + +## Requirements + +No requirements. + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | n/a | +| [external](#provider\_external) | n/a | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [aws_arn.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source | +| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | +| [external_external.search](https://registry.terraform.io/providers/hashicorp/external/latest/docs/data-sources/external) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [account\_alias](#input\_account\_alias) | AWS Account Alias | `string` | `""` | no | +| [account\_id](#input\_account\_id) | AWS Account ID (default will pull from current user) | `string` | `""` | no | +| [attribute](#input\_attribute) | LDAP attibute to return | `string` | `"dn"` | no | +| [filter](#input\_filter) | LDAP search filter | `string` | n/a | yes | +| [ldap\_base\_dn](#input\_ldap\_base\_dn) | LDAP base DN for search | `string` | `"o=U.S. Census Bureau,c=US"` | no | +| [ldap\_uri](#input\_ldap\_uri) | LDAP URI {scheme}://{hostname}:{port} | `string` | `"ldaps://ldap.tco.census.gov"` | no | +| [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component (efs, s3, ebs, kms, role, policy, security-group). This should be used primarily for common infrastructure things | `map(string)` | `{}` | no | +| [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS). Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [search\_result](#output\_search\_result) | n/a |