From e5345d2fb2fb46316b930b2dd92e85cb4f885783 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Tue, 5 Aug 2025 15:29:02 -0400
Subject: [PATCH] update

---
 rolesanywhere/aws_config.tf  | 5 +++++
 rolesanywhere/aws_config.tpl | 2 +-
 rolesanywhere/certificate.tf | 2 ++
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/rolesanywhere/aws_config.tf b/rolesanywhere/aws_config.tf
index 377e1c1..4dffdcc 100644
--- a/rolesanywhere/aws_config.tf
+++ b/rolesanywhere/aws_config.tf
@@ -1,3 +1,7 @@
+locals {
+  filename_prefix = var.filename_prefix != null ? format("%v%v", var.filename_prefix, var.filename_prefix_separator) : ""
+}
+
 resource "local_file" "aws_config_file" {
   filename             = format("%v/%v/%v.%v", path.root, "certs", local.role_name, "aws_config")
   file_permission      = "0644"
@@ -10,5 +14,6 @@ resource "local_file" "aws_config_file" {
     trust_anchor_arn = local.this_trust_arn
     profile_arn      = aws_rolesanywhere_profile.role.arn
     region           = local.region
+    prefix           = local.filename_prefix
   })
 }
diff --git a/rolesanywhere/aws_config.tpl b/rolesanywhere/aws_config.tpl
index c081c19..d40b90a 100644
--- a/rolesanywhere/aws_config.tpl
+++ b/rolesanywhere/aws_config.tpl
@@ -1,3 +1,3 @@
 [profile ${account_id}-${account_alias}.${role_name}]
 region = ${region}
-credential_process = aws_signing_helper credential-process --certificate CERTPATH/${role_name}.crt --private-key CERTPATH/${role_name}.key --trust-anchor-arn ${trust_anchor_arn} --profile-arn ${profile_arn} --role-arn ${role_arn} --region ${region}
+credential_process = aws_signing_helper credential-process --certificate CERTPATH/${prefix}${role_name}.crt --private-key CERTPATH/${prefix}${role_name}.key --trust-anchor-arn ${trust_anchor_arn} --profile-arn ${profile_arn} --role-arn ${role_arn} --region ${region}
diff --git a/rolesanywhere/certificate.tf b/rolesanywhere/certificate.tf
index 7fc0436..afaf416 100644
--- a/rolesanywhere/certificate.tf
+++ b/rolesanywhere/certificate.tf
@@ -6,6 +6,8 @@ module "certificate" {
   certificate_subject_ou = local.certificate_subject_ou["x509Subject/OU"]
   validity_days          = var.validity_days
   import_to_acm          = var.import_to_acm
+  file_prefix            = var.file_prefix
+  file_prefix_separator  = var.file_prefix_separator
 }
 
 locals {