Add documentation for exclude_roles settings for LDAP security config (#6399)

* Add documentation for exclude_roles settings for LDAP security config

Signed-off-by: Craig Perkins <cwperx@amazon.com>

* Match skip_users language

Signed-off-by: Craig Perkins <cwperx@amazon.com>

---------

Signed-off-by: Craig Perkins <cwperx@amazon.com>
This commit is contained in:
Craig Perkins 2024-02-15 15:48:13 -05:00 committed by GitHub
parent f2835853c0
commit 9c8180eff1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 0 deletions

View File

@ -509,6 +509,7 @@ Name | Description
`resolve_nested_roles` | Boolean. Whether or not to resolve nested roles. Default is `false`.
`max_nested_depth` | Integer. When `resolve_nested_roles` is `true`, this defines the maximum number of nested roles to traverse. Setting smaller values can reduce the amount of data retrieved from LDAP and improve authentication times at the cost of failing to discover deeply nested roles. Default is `30`.
`skip_users` | Array of users that should be skipped when retrieving roles. Wildcards and regular expressions are supported.
`exclude_roles` | Array of roles that should be excluded when retrieving roles. Wildcards are supported.
`nested_role_filter` | Array of role DNs that should be filtered before resolving nested roles. Wildcards and regular expressions are supported.
`rolesearch_enabled` | Boolean. Enable or disable the role search. Default is `true`.
`custom_attr_allowlist` | String array. Specifies the LDAP attributes that should be made available for variable substitution.