terraform.aws-baseline-infra/modules/security_identity_compliance/sso-aws-id-store/main.tf
2022-12-08 14:34:42 +08:00

33 lines
994 B
HCL

data "aws_ssoadmin_instances" "sso1" {}
resource "aws_identitystore_user" "sso-user" {
identity_store_id = tolist(data.aws_ssoadmin_instances.sso1.identity_store_ids)[0]
display_name = "${var.firstName} ${var.lastName}"
user_name = var.username
nickname = var.username
emails {
primary = true
value = var.email
}
name {
family_name = var.lastName
given_name = var.firstName
}
}
data "aws_identitystore_group" "sso-group" {
identity_store_id = tolist(data.aws_ssoadmin_instances.sso1.identity_store_ids)[0]
alternate_identifier {
unique_attribute {
attribute_path = "DisplayName"
attribute_value = var.groupName
}
}
}
resource "aws_identitystore_group_membership" "sso-group-membership" {
identity_store_id = tolist(data.aws_ssoadmin_instances.sso1.identity_store_ids)[0]
group_id = data.aws_identitystore_group.sso-group.group_id
member_id = aws_identitystore_user.sso-user.user_id
}