我正在尝试通过地形图来创建AD连接器,并为我的AWS Orgs启用SSO。这是我使用的terraform模块的示例:
resource "aws_directory_service_directory" "connector" {
name = "${var.ad_domain_name}"
password = "${var.ad_password}"
size = "${var.ad_size}"
type = "ADConnector"
enable_sso = "${var.enable_sso}"
alias = "${var.ad_alias}"
connect_settings {
customer_dns_ips = "${var.ad_dns_ips}"
customer_username = "${var.ad_username}"
subnet_ids = [ "${var.ad_subnet_ids}" ]
vpc_id = "${var.vpc_id}"
}
}
当我应用此选项时,将正确创建AD连接器并使其活动,等等,但是未将SSO配置为使用AD连接器。 SSO仍指向默认的AWS SSO目录。我必须手动选择Microsoft AD Directory-> AD Connector来启用它。
是否可以通过terraform完全创建和配置AWS SSO以使用AD Connector,还是需要手动配置带有AD Connector的AWS SSO?
答案 0 :(得分:0)
否。
即使我很想看到Terraform / AWS API的支持,但“单点登录常见问题”页面仍说
Is there an API available for AWS SSO?
No. You can use the AWS SSO console to perform all necessary operations.