mirror of
https://github.com/gravitational/teleport
synced 2024-10-20 17:23:22 +00:00
docs: remove multi level claim reference (#32613)
* docs: remove multi level claim reference * fix ref
This commit is contained in:
parent
cf3bf183b9
commit
b654e1d0b1
|
@ -207,7 +207,7 @@ email: "alice@example.com"
|
|||
# Alice is a member of groups admins and devs
|
||||
groups: ["admins", "devs"]
|
||||
# She can access prod and staging environments
|
||||
access: {"env": ["prod", "staging"]}
|
||||
env: ["prod", "staging"]
|
||||
```
|
||||
|
||||
Let's create a role template called `sso-users` that expects external attribute
|
||||
|
@ -319,7 +319,7 @@ email: "alice@example.com"
|
|||
# Alice is a member of groups admins and devs
|
||||
groups: ["admins", "devs"]
|
||||
# She can access prod and staging environments
|
||||
access: {"env": ["prod", "staging"]}
|
||||
env: ["prod", "staging"]
|
||||
```
|
||||
|
||||
Let's see how these variables are used with role template `interpolation`:
|
||||
|
@ -343,11 +343,11 @@ spec:
|
|||
# Functions transform variables.
|
||||
database_users: ['{{email.local(external.email)}}']
|
||||
db_labels:
|
||||
'env': '{{regexp.replace(external.access["env"], "^(staging)$", "$1")}}'
|
||||
'env': '{{regexp.replace(external.env, "^(staging)$", "$1")}}'
|
||||
|
||||
# Labels can mix template and hard-coded values.
|
||||
node_labels:
|
||||
'env': '{{external.access["env"]}}'
|
||||
'env': '{{external.env}}'
|
||||
'region': 'us-west-2'
|
||||
|
||||
kubernetes_labels:
|
||||
|
|
|
@ -218,7 +218,7 @@ spec:
|
|||
db_names: ['{{external.db_names}}']
|
||||
db_roles: ['{{external.db_roles}}']
|
||||
db_labels:
|
||||
'env': '{{regexp.replace(external.access["env"], "^(staging)$", "$1")}}'
|
||||
'env': '{{regexp.replace(external.env, "^(staging)$", "$1")}}'
|
||||
|
||||
# app_labels: a user with this role will be allowed to connect to
|
||||
# applications with labels matching below.
|
||||
|
|
Loading…
Reference in a new issue