{"token_count": 1072} # Reference for the teleport\_bot Terraform resource This page describes the supported values of the teleport\_bot resource of the Teleport Terraform provider. ## Example Usage **Standard** ``` # Teleport Machine ID Bot creation example resource "teleport_bot" "example" { metadata = { name = "example" } spec = { roles = ["access"] } } ``` **Scoped** See the [scopes documentation](https://goteleport.com/docs/zero-trust-access/rbac-get-started/scopes.md) for more details. ``` # Teleport Machine ID Bot creation example locals { bot_name_scoped = "scope-bot-admin" scope_path = "/test-scope" } # Create the bot role resource "teleport_scoped_role" "scoped_admin" { version = "v1" metadata = { name = "scoped-admin" description = "Manages scoped roles, tokens, and assignments in the test scope." } scope = local.scope_path spec = { assignable_scopes = [local.scope_path] rules = [{ resources = ["scoped_role", "scoped_token", "scoped_role_assignment"] verbs = ["create", "readnosecrets", "list", "update", "delete"] }] } } # Create the bot resource "teleport_bot" "test_scoped" { version = "v1" metadata = { name = local.bot_name_scoped } spec = { roles = [] } scope = local.scope_path } # Assign the role to the bot resource "teleport_scoped_role_assignment" "bot_assignment" { version = "v1" sub_kind = "dynamic" metadata = { name = "test-bot-assignment" } scope = local.scope_path spec = { bot_name = teleport_bot.test_scoped.metadata.name bot_scope = teleport_bot.test_scoped.scope assignments = [{ role = teleport_scoped_role.scoped_admin.metadata.name scope = local.scope_path }] } } ``` ## Schema ### Optional - `metadata` (Attributes) Common metadata that all resources share (see [below for nested schema](#nested-schema-for-metadata)) - `name` (String, Deprecated) The name of the bot, i.e. the unprefixed User name - `roles` (List of String, Deprecated) A list of roles the created bot should be allowed to assume via role impersonation. - `scope` (String) Scope is the scope of the bot resource. Leave empty for unscoped bots. - `spec` (Attributes) The configured properties of a bot. (see [below for nested schema](#nested-schema-for-spec)) - `sub_kind` (String) Differentiates variations of the same kind. All resources should contain one, even if it is never populated. - `token_id` (String, Sensitive, Deprecated) - `token_ttl` (String, Deprecated) - `traits` (Map of List of String, Deprecated) - `version` (String) The version of the resource being represented. ### Read-Only - `role_name` (String, Deprecated) The name of the generated bot role - `status` (Attributes) Fields that are set by the server as results of operations. These should not be modified by users. (see [below for nested schema](#nested-schema-for-status)) - `user_name` (String, Deprecated) The name of the generated bot user ### Nested Schema for `metadata` Required: - `name` (String) Name is an object name Optional: - `description` (String) Description is object description - `expires` (String) Expires is a global expiry time header can be set on any resource in the system. - `labels` (Map of String) Labels is a set of labels ### Nested Schema for `spec` Optional: - `max_session_ttl` (String) The max session TTL value for the bot's internal role. Unless specified, bots may not request a value beyond the default maximum TTL of 12 hours. This value may not be larger than 7 days (168 hours). - `roles` (List of String) A list of roles the created bot should be allowed to assume via role impersonation. - `traits` (Map of List of String) The traits that will be associated with the bot for the purposes of role templating. Where multiple specified with the same name, these will be merged by the server. ### Nested Schema for `status` Read-Only: - `role_name` (String) The name of the role associated with the bot. - `user_name` (String) The name of the user associated with the bot.