Added variable overridable_team_permission_set_name_pattern to match the capability of aws-account-map (#45)

petabook · web-flow · commit 44ebe216fed2 · 2025-10-14T14:07:58.000Z
* update

* Update policy-Identity-role-TeamAccess.tf
diff --git a/src/policy-Identity-role-TeamAccess.tf b/src/policy-Identity-role-TeamAccess.tf
@@ -41,8 +41,9 @@ data "aws_iam_policy_document" "assume_aws_team" {
 module "role_map" {
   source = "../account-map/modules/roles-to-principals"
 
-  teams      = var.aws_teams_accessible
-  privileged = var.privileged
+  teams                                        = var.aws_teams_accessible
+  privileged                                   = var.privileged
+  overridable_team_permission_set_name_pattern = var.overridable_team_permission_set_name_pattern
 
   context = module.this.context
 }
diff --git a/src/variables.tf b/src/variables.tf
@@ -69,4 +69,11 @@ variable "account_map_component_name" {
   type        = string
   description = "The name of the account-map component"
   default     = "account-map"
-}
+}
+
+variable "overridable_team_permission_set_name_pattern" {
+  type        = string
+  description = "The pattern used to generate the AWS SSO PermissionSet name for each team"
+  default     = "Identity%sTeamAccess"
+}
+
