Skip to content

Commit 136ae00

Browse files
Stretch96Stretch96
authored
Merge pull request #24 from chris-qa-org/allow-user-and-group-assignments-to-be-undefined
Allow `user_assignments` and `group_assignments` to be undefined
2 parents 0bfca17 + 8917793 commit 136ae00

File tree

1 file changed

+6
-6
lines changed

1 file changed

+6
-6
lines changed

sso.tf

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ data "aws_identitystore_group" "aws" {
77
for unit_name, unit in local.organization_config["units"] : [
88
for account_name in keys(local.organization_config["units"][unit_name]["accounts"]) : local.organization_config["units"][unit_name]["accounts"][account_name]
99
]
10-
]) : keys(account["group_assignments"])
10+
]) : keys(lookup(account, "group_assignments", {}))
1111
])
1212
) : toset([])
1313

@@ -26,7 +26,7 @@ data "aws_identitystore_user" "aws" {
2626
for unit_name, unit in local.organization_config["units"] : [
2727
for account_name in keys(local.organization_config["units"][unit_name]["accounts"]) : local.organization_config["units"][unit_name]["accounts"][account_name]
2828
]
29-
]) : keys(account["user_assignments"])
29+
]) : keys(lookup(account, "user_assignments", {}))
3030
])
3131
) : toset([])
3232

@@ -82,8 +82,8 @@ resource "aws_ssoadmin_account_assignment" "group_assignment" {
8282
for assignment in flatten([
8383
for unit_name, unit in local.organization_config["units"] : [
8484
for account_name in keys(local.organization_config["units"][unit_name]["accounts"]) : [
85-
for group_name, group_assignments in local.organization_config["units"][unit_name]["accounts"][account_name]["group_assignments"] : {
86-
for permission_set in local.organization_config["units"][unit_name]["accounts"][account_name]["group_assignments"][group_name]["permission_sets"] : "${account_name}_${group_name}_${permission_set}" => {
85+
for group_name, group_assignments in lookup(local.organization_config["units"][unit_name]["accounts"][account_name], "group_assignments", {}) : {
86+
for permission_set in group_assignments["permission_sets"] : "${account_name}_${group_name}_${permission_set}" => {
8787
account_name = account_name
8888
group_name = group_name
8989
permission_set = permission_set
@@ -109,8 +109,8 @@ resource "aws_ssoadmin_account_assignment" "user_assignment" {
109109
for assignment in flatten([
110110
for unit_name, unit in local.organization_config["units"] : [
111111
for account_name in keys(local.organization_config["units"][unit_name]["accounts"]) : [
112-
for user_name, user_assignments in local.organization_config["units"][unit_name]["accounts"][account_name]["user_assignments"] : {
113-
for permission_set in local.organization_config["units"][unit_name]["accounts"][account_name]["user_assignments"][user_name]["permission_sets"] : "${account_name}_${user_name}_${permission_set}" => {
112+
for user_name, user_assignments in lookup(local.organization_config["units"][unit_name]["accounts"][account_name], "user_assignments", {}) : {
113+
for permission_set in user_assignments["permission_sets"] : "${account_name}_${user_name}_${permission_set}" => {
114114
account_name = account_name
115115
user_name = user_name
116116
permission_set = permission_set

0 commit comments

Comments
 (0)