Respond to thedevelopnik feedback

Note that you can skip the SSO step in the RBAC guide. Include links to relevant docs.
gravitational · Aug 30, 2024 · cb35ffb · cb35ffb
1 parent b274ce4
commit cb35ffb
Showing 1 changed file with 18 additions and 1 deletion.
diff --git a/docs/pages/admin-guides/infrastructure-as-code/terraform-starter/rbac.mdx b/docs/pages/admin-guides/infrastructure-as-code/terraform-starter/rbac.mdx
@@ -254,12 +254,29 @@ module "prod_role" {
 }
 ```
 
-## Step 3/4. Configure the single sign-on connector
+## Step 3/4. [Optional] Configure the single sign-on connector
 
 In this step, you will configure your Terraform module to enable authentication
 through your organization's IdP. Configure the `saml` or `oidc` module you
 declared in Step 1 by following the instructions.
 
+<Admonition type="tip">
+
+You can skip this step for now if you want to assign the `dev_access` and
+`prod_access` roles to local Teleport users instead of single sign-on users. To
+do so, you can:
+
+- Import existing `teleport_user` resources and modify them to include the
+  `dev_access` and `prod_access` roles (see the
+  [documentation](../terraform-provider.mdx#step-44-optional-import-existing-resources)).
+- Create a new `teleport_user` resource that includes the roles
+  ([documentation](../managing-resources/user-and-role.mdx).
+
+If you plan to skip this stip, make sure to remove the `module "saml"` or
+`module "oidc"` block from your Terraform configuration.
+
+</Admonition>
+
 1. Register your Teleport cluster with your IdP as a relying party. The
    instructions depend on your IdP.