From 49916a4ea1d4c522fee1164ca6c06014647e44c7 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Fri, 8 Sep 2023 16:15:57 -0400
Subject: [PATCH] add file capability

---
 group-assignment/accounts.tf | 7 ++++---
 group-assignment/users.tf    | 3 ++-
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/group-assignment/accounts.tf b/group-assignment/accounts.tf
index 0f7ae32..cbf1279 100644
--- a/group-assignment/accounts.tf
+++ b/group-assignment/accounts.tf
@@ -1,9 +1,10 @@
 locals {
   settings                  = var.settings_file != null && fileexists(var.settings_file) ? yamldecode(file(var.settings_file)) : {}
+  group                     = length(local.settings) > 0 ? try(local.settings.group, null) : var.name
   org_all                   = length(local.settings) > 0 ? try(local.settings.all, false) : var.org_all
-  org_account_names         = length(local.settings) > 0 ? local.settings.account_names : var.org_account_names
-  org_account_ids           = length(local.settings) > 0 ? local.settings.account_ids : var.org_account_ids
-  organizational_unit_names = length(local.settings) > 0 ? local.settings.org_ous : var.organizational_unit_names
+  org_account_names         = length(local.settings) > 0 ? try(local.settings.account_names, []) : var.org_account_names
+  org_account_ids           = length(local.settings) > 0 ? try(local.settings.account_ids, []) : var.org_account_ids
+  organizational_unit_names = length(local.settings) > 0 ? try(local.settings.org_ous, []) : var.organizational_unit_names
 
   active_accounts_map = { for account in data.aws_organizations_organizational_unit_descendant_accounts.accounts.accounts : account.name => account if account.status == "ACTIVE" }
   active_accounts     = { for k, v in local.active_accounts_map : k => v.id }
diff --git a/group-assignment/users.tf b/group-assignment/users.tf
index 8d38c6f..3eacc6e 100644
--- a/group-assignment/users.tf
+++ b/group-assignment/users.tf
@@ -1,10 +1,11 @@
 locals {
   user_base_dn         = "ou=People,o=U.S. Census Bureau,c=US"
   ldap_user_attributes = { for k, v in data.ldap_object.users : k => { for kk, vv in v.attributes_json : kk => jsondecode(vv)[0] } }
+  users                = length(local.settings) > 0 ? try(local.settings.users, []) : var.users
 }
 
 data "ldap_object" "users" {
-  for_each = toset(var.users)
+  for_each = toset(local.users)
   provider = ldap
 
   base_dn           = local.user_base_dn