Merge pull request #8 from clouddrove/issue-3

Issue 3

Author: Nikita Dugar

main.tf

@@ -25,7 +25,7 @@ resource "tls_self_signed_cert" "ca" {
     organization = var.organization_name
   }
 
-  dns_names = ["clouddrove.com"]
+  dns_names = var.dns_names
 
   validity_period_hours = 87600
   is_ca_certificate     = true
@@ -57,7 +57,7 @@ resource "tls_cert_request" "root" {
     organization = var.organization_name
   }
 
-  dns_names = ["clouddrove.com"]
+  dns_names = var.dns_names
 }
 
 resource "tls_locally_signed_cert" "root" {
@@ -98,7 +98,7 @@ resource "tls_cert_request" "server" {
     organization = var.organization_name
   }
 
-  dns_names = ["clouddrove.com"]
+  dns_names = var.dns_names
 }
 
 resource "tls_locally_signed_cert" "server" {
@@ -131,7 +131,9 @@ resource "aws_ec2_client_vpn_endpoint" "default" {
   client_cidr_block      = var.cidr_block
 
   authentication_options {
-    type                       = "certificate-authentication"
+    type                            = var.type
+    saml_provider_arn               = var.saml_arn
+    self_service_saml_provider_arn  = var.self_saml_arn
     root_certificate_chain_arn = join("", aws_acm_certificate.root.*.arn)
   }
 

variables.tf

@@ -86,4 +86,28 @@ variable "network_cidr" {
   type        = list(any)
   default     = []
   description = "Client Network CIDR"
+}
+
+variable "dns_names" {
+  type        = list(any)
+  default     = ["clouddrove.com"]
+  description = "List of DNS names for which a certificate is being requested."
+}
+
+variable "type" {
+  type        = string
+  default     = "certificate-authentication"
+  description = "The type of client authentication to be used. "
+}
+
+variable "saml_arn" {
+  type        = string
+  default     = ""
+  description = "The ARN of the IAM SAML identity provider. "
+}
+
+variable "self_saml_arn" {
+  type        = string
+  default     = ""
+  description = "The ARN of the IAM SAML identity provider for the self service portal. "
 }