Merge pull request #32 from DNXLabs/feature/directory-service-authent…

…ication Add azure_diretory_id
DNXLabs · May 22, 2024 · 244f92f · 244f92f
2 parents c67482f + eb3d1df
commit 244f92f
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -29,6 +29,7 @@ The following resources will be created:
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| active\_directory\_id | The ID of the Active Directory to be used for authentication. If not provided, the default directory will be used. | `string` | `null` | no |
 | allowed\_access\_groups | List of Access group IDs to allow access. Leave empty to allow all groups | `list(string)` | `[]` | no |
 | allowed\_cidr\_ranges | List of CIDR ranges from which access is allowed | `list(string)` | `[]` | no |
 | authentication\_saml\_provider\_arn | (Optional) The ARN of the IAM SAML identity provider if type is federated-authentication. | `any` | `null` | no |

diff --git a/_variables.tf b/_variables.tf
@@ -76,12 +76,18 @@ variable "enable_self_service_portal" {
 }
 
 variable "client_connect_options" {
-  type = bool
-  default = false
-  description = "Indicates whether client connect options are enabled"  
+  type        = bool
+  default     = false
+  description = "Indicates whether client connect options are enabled"
 }
 
 variable "connection_authorization_lambda_function_arn" {
-  default = null
-  description = "The Amazon Resource Name (ARN) of the Lambda function used for connection authorization."  
-}
+  default     = null
+  description = "The Amazon Resource Name (ARN) of the Lambda function used for connection authorization."
+}
+
+variable "active_directory_id" {
+  type        = string
+  default     = null
+  description = "The ID of the Active Directory to be used for authentication. If not provided, the default directory will be used."
+}
diff --git a/vpn-endpoint.tf b/vpn-endpoint.tf
@@ -12,6 +12,7 @@ resource "aws_ec2_client_vpn_endpoint" "default" {
     type                       = var.authentication_type
     root_certificate_chain_arn = var.authentication_type != "certificate-authentication" ? null : aws_acm_certificate.root.arn
     saml_provider_arn          = var.authentication_saml_provider_arn
+    active_directory_id        = var.active_directory_id
   }
 
   connection_log_options {
@@ -24,7 +25,7 @@ resource "aws_ec2_client_vpn_endpoint" "default" {
     enabled             = var.client_connect_options
     lambda_function_arn = var.client_connect_options != true ? null : var.connection_authorization_lambda_function_arn
   }
-  
+
   tags = merge(
     var.tags,
     tomap({