# Reference for the teleport\_github\_connector Terraform data-source

This page describes the supported values of the `teleport_github_connector` data source of the Teleport Terraform provider.

## Schema

### Required

- `spec` (Attributes) Spec is an Github connector specification. (see [below for nested schema](#nested-schema-for-spec))
- `version` (String) Version is the resource version. It must be specified. Supported values are: `v3`.

### Optional

- `metadata` (Attributes) Metadata holds resource metadata. (see [below for nested schema](#nested-schema-for-metadata))
- `sub_kind` (String) SubKind is an optional resource sub kind, used in some resources.

### Nested Schema for `spec`

Required:

- `client_id` (String) ClientID is the Github OAuth app client ID.
- `client_secret` (String, Sensitive) ClientSecret is the Github OAuth app client secret.

Optional:

- `api_endpoint_url` (String) APIEndpointURL is the URL of the API endpoint of the Github instance this connector is for.
- `client_redirect_settings` (Attributes) ClientRedirectSettings defines which client redirect URLs are allowed for non-browser SSO logins other than the standard localhost ones. (see [below for nested schema](#nested-schema-for-specclient_redirect_settings))
- `display` (String) Display is the connector display name.
- `endpoint_url` (String) EndpointURL is the URL of the GitHub instance this connector is for.
- `redirect_url` (String) RedirectURL is the authorization callback URL.
- `teams_to_logins` (Attributes List) TeamsToLogins maps Github team memberships onto allowed logins/roles. DELETE IN 11.0.0 Deprecated: use GithubTeamsToRoles instead. (see [below for nested schema](#nested-schema-for-specteams_to_logins))
- `teams_to_roles` (Attributes List) TeamsToRoles maps Github team memberships onto allowed roles. (see [below for nested schema](#nested-schema-for-specteams_to_roles))
- `user_matchers` (List of String) UserMatchers is a set of glob patterns to narrow down which username(s) this auth connector should match for identifier-first login.

### Nested Schema for `spec.client_redirect_settings`

Optional:

- `allowed_https_hostnames` (List of String) a list of hostnames allowed for https client redirect URLs
- `insecure_allowed_cidr_ranges` (List of String) a list of CIDRs allowed for HTTP or HTTPS client redirect URLs

### Nested Schema for `spec.teams_to_logins`

Optional:

- `kubernetes_groups` (List of String) KubeGroups is a list of allowed kubernetes groups for this org/team.
- `kubernetes_users` (List of String) KubeUsers is a list of allowed kubernetes users to impersonate for this org/team.
- `logins` (List of String) Logins is a list of allowed logins for this org/team.
- `organization` (String) Organization is a Github organization a user belongs to.
- `team` (String) Team is a team within the organization a user belongs to.

### Nested Schema for `spec.teams_to_roles`

Optional:

- `organization` (String) Organization is a Github organization a user belongs to.
- `roles` (List of String) Roles is a list of allowed logins for this org/team.
- `team` (String) Team is a team within the organization a user belongs to.

### Nested Schema for `metadata`

Required:

- `name` (String) Name is an object name

Optional:

- `description` (String) Description is object description
- `expires` (String) Expires is a global expiry time header can be set on any resource in the system.
- `labels` (Map of String) Labels is a set of labels