# Reference for the teleport\_access\_list Terraform data-source This page describes the supported values of the `teleport_access_list` data source of the Teleport Terraform provider. ## Schema ### Optional - `header` (Attributes) header is the header for the resource. (see [below for nested schema](#nested-schema-for-header)) - `spec` (Attributes) spec is the specification for the Access List. (see [below for nested schema](#nested-schema-for-spec)) ### Nested Schema for `header` Required: - `version` (String) Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by "v". For example: `v1` Optional: - `kind` (String) kind is a resource kind. - `metadata` (Attributes) metadata is resource metadata. (see [below for nested schema](#nested-schema-for-headermetadata)) - `sub_kind` (String) sub\_kind is an optional resource sub kind, used in some resources. ### Nested Schema for `header.metadata` Required: - `name` (String) name is an object name. Optional: - `description` (String) description is object description. - `expires` (String) expires is a global expiry time header can be set on any resource in the system. - `labels` (Map of String) labels is a set of labels. - `namespace` (String) namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. - `revision` (String) revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. ### Nested Schema for `spec` Required: - `owners` (Attributes List) owners is a list of owners of the Access List. (see [below for nested schema](#nested-schema-for-specowners)) Optional: - `audit` (Attributes) audit describes the frequency that this Access List must be audited. (see [below for nested schema](#nested-schema-for-specaudit)) - `description` (String) description is an optional plaintext description of the Access List. - `grants` (Attributes) grants describes the access granted by membership to this Access List. (see [below for nested schema](#nested-schema-for-specgrants)) - `membership_requires` (Attributes) membership\_requires describes the requirements for a user to be a member of the Access List. For a membership to an Access List to be effective, the user must meet the requirements of Membership\_requires and must be in the members list. (see [below for nested schema](#nested-schema-for-specmembership_requires)) - `owner_grants` (Attributes) owner\_grants describes the access granted by owners to this Access List. (see [below for nested schema](#nested-schema-for-specowner_grants)) - `ownership_requires` (Attributes) ownership\_requires describes the requirements for a user to be an owner of the Access List. For ownership of an Access List to be effective, the user must meet the requirements of ownership\_requires and must be in the owners list. (see [below for nested schema](#nested-schema-for-specownership_requires)) - `title` (String) title is a plaintext short description of the Access List. - `type` (String) type can be an empty string which denotes a regular Access List, "scim" which represents an Access List created from SCIM group or "static" for Access Lists managed by IaC tools. ### Nested Schema for `spec.owners` Optional: - `description` (String) description is the plaintext description of the owner and why they are an owner. - `membership_kind` (Number) membership\_kind describes the type of membership, either `MEMBERSHIP_KIND_USER` or `MEMBERSHIP_KIND_LIST`. - `name` (String) name is the username of the owner. ### Nested Schema for `spec.audit` Optional: - `next_audit_date` (String) next\_audit\_date is when the next audit date should be done by. - `notifications` (Attributes) notifications is the configuration for notifying users. (see [below for nested schema](#nested-schema-for-specauditnotifications)) - `recurrence` (Attributes) recurrence is the recurrence definition (see [below for nested schema](#nested-schema-for-specauditrecurrence)) ### Nested Schema for `spec.audit.notifications` Optional: - `start` (String) start specifies when to start notifying users that the next audit date is coming up. ### Nested Schema for `spec.audit.recurrence` Optional: - `day_of_month` (Number) day\_of\_month is the day of month that reviews will be scheduled on. Supported values are 0, 1, 15, and 31. - `frequency` (Number) frequency is the frequency of reviews. This represents the period in months between two reviews. Supported values are 0, 1, 3, 6, and 12. ### Nested Schema for `spec.grants` Optional: - `roles` (List of String) roles are the names of roles to be granted to users. - `scoped_roles` (Attributes List) scoped\_roles are scoped roles to be granted to users. (see [below for nested schema](#nested-schema-for-specgrantsscoped_roles)) - `traits` (Attributes List) traits are the traits to be granted to users. (see [below for nested schema](#nested-schema-for-specgrantstraits)) ### Nested Schema for `spec.grants.scoped_roles` Optional: - `role` (String) role is the name of the scoped role to be granted. - `scope` (String) scope is the scope the role will be assigned at. It must be an assignable scope of the role. ### Nested Schema for `spec.grants.traits` Optional: - `key` (String) key is the name of the trait. - `values` (List of String) values is the list of trait values. ### Nested Schema for `spec.membership_requires` Optional: - `roles` (List of String) roles are the user roles that must be present for the user to obtain access. - `traits` (Attributes List) traits are the traits that must be present for the user to obtain access. (see [below for nested schema](#nested-schema-for-specmembership_requirestraits)) ### Nested Schema for `spec.membership_requires.traits` Optional: - `key` (String) key is the name of the trait. - `values` (List of String) values is the list of trait values. ### Nested Schema for `spec.owner_grants` Optional: - `roles` (List of String) roles are the names of roles to be granted to users. - `scoped_roles` (Attributes List) scoped\_roles are scoped roles to be granted to users. (see [below for nested schema](#nested-schema-for-specowner_grantsscoped_roles)) - `traits` (Attributes List) traits are the traits to be granted to users. (see [below for nested schema](#nested-schema-for-specowner_grantstraits)) ### Nested Schema for `spec.owner_grants.scoped_roles` Optional: - `role` (String) role is the name of the scoped role to be granted. - `scope` (String) scope is the scope the role will be assigned at. It must be an assignable scope of the role. ### Nested Schema for `spec.owner_grants.traits` Optional: - `key` (String) key is the name of the trait. - `values` (List of String) values is the list of trait values. ### Nested Schema for `spec.ownership_requires` Optional: - `roles` (List of String) roles are the user roles that must be present for the user to obtain access. - `traits` (Attributes List) traits are the traits that must be present for the user to obtain access. (see [below for nested schema](#nested-schema-for-specownership_requirestraits)) ### Nested Schema for `spec.ownership_requires.traits` Optional: - `key` (String) key is the name of the trait. - `values` (List of String) values is the list of trait values.