From 3b8b928dad4027971e016a44e002125061c5c98c Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Fri, 1 Aug 2025 16:45:36 -0400
Subject: [PATCH] fix account_id

---
 rolesanywhere/README.md      | 1 +
 rolesanywhere/aws_config.tf  | 1 +
 rolesanywhere/aws_config.tpl | 2 +-
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/rolesanywhere/README.md b/rolesanywhere/README.md
index 64918c1..817fae6 100644
--- a/rolesanywhere/README.md
+++ b/rolesanywhere/README.md
@@ -90,6 +90,7 @@ module "myrole3" {
 | [local_file.aws_config_file](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
 | [aws_arn.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_iam_account_alias.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_account_alias) | data source |
 | [aws_iam_policy_document.role_anywhere_assume](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 | [aws_ssm_parameters_by_path.trust_east](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ssm_parameters_by_path) | data source |
diff --git a/rolesanywhere/aws_config.tf b/rolesanywhere/aws_config.tf
index 83fa2ec..377e1c1 100644
--- a/rolesanywhere/aws_config.tf
+++ b/rolesanywhere/aws_config.tf
@@ -3,6 +3,7 @@ resource "local_file" "aws_config_file" {
   file_permission      = "0644"
   directory_permission = "0755"
   content = templatefile("${path.module}/aws_config.tpl", {
+    account_id       = local.account_id
     account_alias    = local.account_alias
     role_name        = local.role_name
     role_arn         = aws_iam_role.role.arn
diff --git a/rolesanywhere/aws_config.tpl b/rolesanywhere/aws_config.tpl
index 351a0e8..c081c19 100644
--- a/rolesanywhere/aws_config.tpl
+++ b/rolesanywhere/aws_config.tpl
@@ -1,3 +1,3 @@
-[profile ${account_alias}.${role_name}]
+[profile ${account_id}-${account_alias}.${role_name}]
 region = ${region}
 credential_process = aws_signing_helper credential-process --certificate CERTPATH/${role_name}.crt --private-key CERTPATH/${role_name}.key --trust-anchor-arn ${trust_anchor_arn} --profile-arn ${profile_arn} --role-arn ${role_arn} --region ${region}