add to group

terraform-modules · Feb 29, 2024 · a89e78b · a89e78b
1 parent 1bc94c6
commit a89e78b
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 0 deletions.
diff --git a/group-assignment/README.md b/group-assignment/README.md
@@ -25,6 +25,7 @@ No modules.
 | [aws_identitystore_group_membership.group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/identitystore_group_membership) | resource |
 | [aws_ssoadmin_account_assignment.accounts](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssoadmin_account_assignment) | resource |
 | [ldap_object.group](https://registry.terraform.io/providers/trevex/ldap/latest/docs/resources/object) | resource |
+| [ldap_object_attributes.group](https://registry.terraform.io/providers/trevex/ldap/latest/docs/resources/object_attributes) | resource |
 | [aws_arn.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
 | [aws_identitystore_user.users](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/identitystore_user) | data source |

diff --git a/group-assignment/main.tf b/group-assignment/main.tf
@@ -94,6 +94,17 @@ resource "ldap_object" "group" {
   }
 }
 
+# add object to access group
+resource "ldap_object_attributes" "group" {
+  provider = ldap
+  count    = var.create_ldap_group ? 1 : 0
+
+  dn = local.ldap_access_dn
+  attributes = [
+    { groupMember = local.ldap_dn },
+  ]
+}
+
 ## gov.census.tco:CPASS_APP=CSVD_CSVD IC lab
 ## gov.census.tco:CPASS_FullPath=Administration/AdminUI/Production Group Support/CSVD/CSVD IC lab/Users
 ## gov.census.tco:CPASS_ApprovalGroup=cn=CSVD IC lab_Approvers
@@ -119,3 +130,5 @@ resource "ldap_object" "group" {
 ## cn: inf-admin-t4
 ## member: cn=badra001,ou=People,o=U.S. Census Bureau,c=US
 ## 
+
+