diff --git a/terraform/addons/saml-auth-proxy/README.md b/terraform/addons/saml-auth-proxy/README.md
index cae388b2b368..baaa39bac427 100644
--- a/terraform/addons/saml-auth-proxy/README.md
+++ b/terraform/addons/saml-auth-proxy/README.md
@@ -32,6 +32,7 @@ No requirements.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
+| [alb\_access\_logs](#input\_alb\_access\_logs) | n/a | `map(string)` | `{}` | no |
| [alb\_target\_group\_arn](#input\_alb\_target\_group\_arn) | n/a | `string` | n/a | yes |
| [base\_url](#input\_base\_url) | n/a | `string` | n/a | yes |
| [cookie\_max\_age](#input\_cookie\_max\_age) | n/a | `string` | `"1h"` | no |
@@ -53,6 +54,7 @@ No requirements.
|------|-------------|
| [fleet\_extra\_execution\_policies](#output\_fleet\_extra\_execution\_policies) | n/a |
| [lb](#output\_lb) | n/a |
+| [lb\_security\_group](#output\_lb\_security\_group) | n/a |
| [lb\_target\_group\_arn](#output\_lb\_target\_group\_arn) | Keep for legacy support for now |
| [name](#output\_name) | n/a |
| [secretsmanager\_secret\_id](#output\_secretsmanager\_secret\_id) | n/a |
diff --git a/terraform/addons/saml-auth-proxy/main.tf b/terraform/addons/saml-auth-proxy/main.tf
index 2148e41c4f1e..6daa975d441a 100644
--- a/terraform/addons/saml-auth-proxy/main.tf
+++ b/terraform/addons/saml-auth-proxy/main.tf
@@ -82,7 +82,7 @@ module "saml_auth_proxy_alb" {
subnets = var.subnets
security_groups = [aws_security_group.saml_auth_proxy_alb.id]
# FIXME: Get this working eventually.
- # access_logs = var.alb_config.access_logs
+ access_logs = var.alb_access_logs
internal = true
target_groups = [
diff --git a/terraform/addons/saml-auth-proxy/outputs.tf b/terraform/addons/saml-auth-proxy/outputs.tf
index cea09cf5b3f7..afc268f9c812 100644
--- a/terraform/addons/saml-auth-proxy/outputs.tf
+++ b/terraform/addons/saml-auth-proxy/outputs.tf
@@ -17,6 +17,10 @@ output "lb" {
value = module.saml_auth_proxy_alb
}
+output "lb_security_group" {
+ value = aws_security_group.saml_auth_proxy_alb.id
+}
+
output "secretsmanager_secret_id" {
value = aws_secretsmanager_secret.saml_auth_proxy_cert.id
}
diff --git a/terraform/addons/saml-auth-proxy/variables.tf b/terraform/addons/saml-auth-proxy/variables.tf
index 66aa6677d700..f441c643e362 100644
--- a/terraform/addons/saml-auth-proxy/variables.tf
+++ b/terraform/addons/saml-auth-proxy/variables.tf
@@ -7,6 +7,11 @@ variable "alb_target_group_arn" {
type = string
}
+variable "alb_access_logs" {
+ type = map(string)
+ default = {}
+}
+
# variable "public_alb_security_group_id" {
# type = string
# }