[v17] Add Spacelift to join token reference page (#52974)

strideynet · ptgott · web-flow · commit 96138d6fe01c · 2025-03-11T18:36:03.000Z
* Add spacelift to join token reference page

* Fix join_method

* Update docs/pages/reference/join-methods.mdx

Co-authored-by: Paul Gottschling &lt;paul.gottschling@goteleport.com&gt;

* simplify

---------

Co-authored-by: Paul Gottschling &lt;paul.gottschling@goteleport.com&gt;
diff --git a/docs/pages/includes/provision-token/spacelift-spec.mdx b/docs/pages/includes/provision-token/spacelift-spec.mdx
@@ -0,0 +1,29 @@
+```yaml
+kind: token
+version: v2
+metadata:
+  name: spacelift
+spec:
+  roles: [Bot]
+  join_method: spacelift
+
+  # This must match a bot name, created either with `tctl bots add` or by
+  # creating a `bot` resource.
+  bot_name: spacelift
+
+  spacelift:
+    # hostname should be the hostname of your Spacelift tenant.
+    hostname: example.app.spacelift.io
+    # allow specifies rules that control which Spacelift executions will be
+    # granted access. Those not matching any allow rule will be denied.
+    allow:
+      # space_id identifies the space that the module or stack resides within.
+    - space_id: root
+      # caller_type is the type of caller_id. This must be `stack` or `module`.
+      caller_type: stack
+      # caller_id is the id of the caller. e.g the name of the stack or module.
+      caller_id: my-stack
+      # scope is the scope of the token - either `read` or `write`.
+      # See https://docs.spacelift.io/integrations/cloud-providers/oidc/#about-scopes
+      scope: read
+```
diff --git a/docs/pages/reference/join-methods.mdx b/docs/pages/reference/join-methods.mdx
@@ -440,6 +440,18 @@ Support for self-hosted Terraform Enterprise requires Teleport Enterprise.
 - [Run the Teleport Terraform Provider on Terraform Cloud](../admin-guides/infrastructure-as-code/terraform-provider/terraform-cloud.mdx)
 </Admonition>
 
+### Spacelift: `spacelift`
+
+This join method is used to authenticate using Spacelift. It is typically used
+by the Teleport Terraform provider on Spacelift (including self-hosted
+deployments).
+
+(!docs/pages/includes/provision-token/spacelift-spec.mdx!)
+
+<Admonition type="note" title="See Also">
+    - [Run the Teleport Terraform Provider on Spacelift](../admin-guides/infrastructure-as-code/terraform-provider/spacelift.mdx)
+</Admonition>
+
 ### Bitbucket Pipelines: `bitbucket`
 
 This join method is used to authenticate using Bitbucket's support for OpenID
