feat: Add path variable to IAM group module (#390)

Co-authored-by: Charles Lariviere <charles.lariviere@avidbots.com> Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
terraform-aws-modules · Jun 29, 2023 · e5c42c3 · e5c42c3
1 parent e3d9cc6
commit e5c42c3
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 0 deletions.
diff --git a/examples/iam-group-with-policies/main.tf b/examples/iam-group-with-policies/main.tf
@@ -45,6 +45,7 @@ module "iam_group_with_custom_policies" {
   source = "../../modules/iam-group-with-policies"
 
   name = "custom"
+  path = "/custom/"
 
   group_users = [
     module.iam_user1.iam_user_name,

diff --git a/modules/iam-group-with-policies/README.md b/modules/iam-group-with-policies/README.md
@@ -48,6 +48,7 @@ No modules.
 | <a name="input_group_users"></a> [group\_users](#input\_group\_users) | List of IAM users to have in an IAM group which can assume the role | `list(string)` | `[]` | no |
 | <a name="input_iam_self_management_policy_name_prefix"></a> [iam\_self\_management\_policy\_name\_prefix](#input\_iam\_self\_management\_policy\_name\_prefix) | Name prefix for IAM policy to create with IAM self-management permissions | `string` | `"IAMSelfManagement-"` | no |
 | <a name="input_name"></a> [name](#input\_name) | Name of IAM group | `string` | `""` | no |
+| <a name="input_path"></a> [path](#input\_path) | Desired path for the IAM group | `string` | `"/"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | A map of tags to add to all resources. | `map(string)` | `{}` | no |
 
 ## Outputs

diff --git a/modules/iam-group-with-policies/main.tf b/modules/iam-group-with-policies/main.tf
@@ -6,6 +6,7 @@ resource "aws_iam_group" "this" {
   count = var.create_group ? 1 : 0
 
   name = var.name
+  path = var.path
 }
 
 resource "aws_iam_group_membership" "this" {

diff --git a/modules/iam-group-with-policies/variables.tf b/modules/iam-group-with-policies/variables.tf
@@ -10,6 +10,12 @@ variable "name" {
   default     = ""
 }
 
+variable "path" {
+  description = "Desired path for the IAM group"
+  type        = string
+  default     = "/"
+}
+
 variable "group_users" {
   description = "List of IAM users to have in an IAM group which can assume the role"
   type        = list(string)

diff --git a/wrappers/iam-group-with-policies/main.tf b/wrappers/iam-group-with-policies/main.tf
@@ -5,6 +5,7 @@ module "wrapper" {
 
   create_group                           = try(each.value.create_group, var.defaults.create_group, true)
   name                                   = try(each.value.name, var.defaults.name, "")
+  path                                   = try(each.value.path, var.defaults.path, "/")
   group_users                            = try(each.value.group_users, var.defaults.group_users, [])
   custom_group_policy_arns               = try(each.value.custom_group_policy_arns, var.defaults.custom_group_policy_arns, [])
   custom_group_policies                  = try(each.value.custom_group_policies, var.defaults.custom_group_policies, [])