website/integrations: add hcp docs (#4281)

add hcp docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens L 2022-12-24 22:27:33 +01:00 committed by GitHub
parent 700a4cb72c
commit 8195e6d4ff
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 58 additions and 0 deletions

View File

@ -0,0 +1,57 @@
---
title: HashiCorp Cloud Platform
---
<span class="badge badge--secondary">Support level: Community</span>
## What is HashiCorp Cloud
From https://cloud.hashicorp.com/
:::note
HashiCorp Cloud Platform is a fully managed platform for Terraform, Vault, Consul, and more.
:::
## Preparation
The following placeholders will be used:
- `authentik.company` is the FQDN of authentik.
### Step 1 - HashiCorp Cloud
Login in under https://portal.cloud.hashicorp.com. Navigate to the _Settings_ entry in the sidebar, then _SSO_. Enable SSO and configure domain verification for the domain your users email have.
Under _Initiate SAML integration_, copy _SSO Sign-On URL_ and _Entity ID_.
### Step 2 - authentik
In authentik, under _Providers_, create a _SAML Provider_ with these settings:
:::note
Only settings that have been modified from default have been listed.
:::
**Protocol Settings**
- Name: HashiCorp Cloud
- ACS URL: _Value of **SSO Sign-On URL** from above_
- Issuer: _Value of **Entity ID** from above_
- Service Provider Binding: Post
- Audience: _Value of **Entity ID** from above_
Open _Advanced protocol settings_, and ensure a signing certificate is selected, and all default property mappings are selected.
Create an application which uses this provider. Optionally apply access restrictions to the application using policy bindings.
- Name: HashiCorp Cloud
- Slug: hashicorp-cloud
- Provider: HashiCorp Cloud
### Step 3 - HashiCorp Cloud
Open the Application's page in authentik and click on the provider name. Copy the value of _SSO URL (Redirect)_ and paste it into the _SAML IDP Single Sign-On URL_ field in the HashiCorp Cloud settings.
Download the certificate, open it in a text editor, and paste the contents into _SAML IDP Certificate_ in the HashiCorp Cloud settings.
Afterwards, logging in to HashiCorp Cloud with any email address ending in the domains verified above will redirect to your authentik instance, if those email addresses don't have an existing account.

View File

@ -32,6 +32,7 @@ module.exports = {
label: "Cloud Providers",
items: [
"services/aws/index",
"services/hashicorp-cloud/index",
"services/oracle-cloud/index",
],
},