From a89e78bf12909ff9eadb02e61b214d667447a757 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Thu, 29 Feb 2024 13:40:14 -0500
Subject: [PATCH] add to group

---
 group-assignment/README.md |  1 +
 group-assignment/main.tf   | 13 +++++++++++++
 2 files changed, 14 insertions(+)

diff --git a/group-assignment/README.md b/group-assignment/README.md
index 995fd64..d14b957 100644
--- a/group-assignment/README.md
+++ b/group-assignment/README.md
@@ -25,6 +25,7 @@ No modules.
 | [aws_identitystore_group_membership.group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/identitystore_group_membership) | resource |
 | [aws_ssoadmin_account_assignment.accounts](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssoadmin_account_assignment) | resource |
 | [ldap_object.group](https://registry.terraform.io/providers/trevex/ldap/latest/docs/resources/object) | resource |
+| [ldap_object_attributes.group](https://registry.terraform.io/providers/trevex/ldap/latest/docs/resources/object_attributes) | resource |
 | [aws_arn.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
 | [aws_identitystore_user.users](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/identitystore_user) | data source |
diff --git a/group-assignment/main.tf b/group-assignment/main.tf
index 0f593b0..7745b3f 100644
--- a/group-assignment/main.tf
+++ b/group-assignment/main.tf
@@ -94,6 +94,17 @@ resource "ldap_object" "group" {
   }
 }
 
+# add object to access group
+resource "ldap_object_attributes" "group" {
+  provider = ldap
+  count    = var.create_ldap_group ? 1 : 0
+
+  dn = local.ldap_access_dn
+  attributes = [
+    { groupMember = local.ldap_dn },
+  ]
+}
+
 ## gov.census.tco:CPASS_APP=CSVD_CSVD IC lab
 ## gov.census.tco:CPASS_FullPath=Administration/AdminUI/Production Group Support/CSVD/CSVD IC lab/Users
 ## gov.census.tco:CPASS_ApprovalGroup=cn=CSVD IC lab_Approvers
@@ -119,3 +130,5 @@ resource "ldap_object" "group" {
 ## cn: inf-admin-t4
 ## member: cn=badra001,ou=People,o=U.S. Census Bureau,c=US
 ## 
+
+