diff --git a/vault/resource_jwt_auth_backend.go b/vault/resource_jwt_auth_backend.go index 06801caaf..4f07d5247 100644 --- a/vault/resource_jwt_auth_backend.go +++ b/vault/resource_jwt_auth_backend.go @@ -121,6 +121,14 @@ func jwtAuthBackendResource() *schema.Resource { Computed: true, Description: "The accessor of the JWT auth backend", }, + "provider_config": { + Type: schema.TypeMap, + Optional: true, + Description: "Provider specific handling configuration", + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, "tune": authMountTuneSchema(), }, } @@ -131,6 +139,7 @@ func jwtCustomizeDiff(d *schema.ResourceDiff, meta interface{}) error { "oidc_discovery_url", "jwks_url", "jwt_validation_pubkeys", + "provider_config", } for _, attr := range attributes { @@ -159,6 +168,7 @@ var ( "bound_issuer", "jwt_supported_algs", "default_role", + "provider_config", } ) diff --git a/website/docs/r/jwt_auth_backend.html.md b/website/docs/r/jwt_auth_backend.html.md index 98564550e..3ee7e4099 100644 --- a/website/docs/r/jwt_auth_backend.html.md +++ b/website/docs/r/jwt_auth_backend.html.md @@ -71,6 +71,8 @@ The following arguments are supported: * `default_role` - (Optional) The default role to use if none is provided during login +* `provider_config` - (Optional) Provider specific handling configuration + * tune - (Optional) Extra configuration block. Structure is documented below. The `tune` block is used to tune the auth backend: