You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Yes IAM Identity Store, it was all manually managed. Now I'm trying to bring it all into Terraform. I have a bunch of existing users. But will create new groups, new permission sets, and new account assignments. This is so the old ones aren't changed yet. But I need to get existing users into the new groups so that they now have the new permissions.
leonkatz
changed the title
Can I add an existing user to a new group with new permissions_sets and new account_assignments or AWS.
Can I add an existing user to a new group with new permissions_sets and new account_assignments on AWS.
Sep 4, 2024
sso_groups = {
test : {
group_name = "test"
group_description = "test group"
}
test-leads : {
group_name = "test-leads"
group_description = "test group"
}
test-limited : {
group_name = "test-limited"
group_description = "test group"
}
}
existing_permission_sets = {
AdministratorAccess = {
permission_set_name = "AdministratorAccess"
},
ReadOnlyAccess = {
permission_set_name = "ReadOnlyAccess"
}
existing_sso_users = {
TesterDev : {
user_name = "TesterTesterDev"
group_membership = ["test-limited"]
}
}
sso_users = {
terraform : {
group_membership = ["test", "test-leads"]
user_name = "terraform"
given_name = "Terraform"
family_name = "test"
email = "email@example.com
}
}
account_assignments = {
test = {
principal_name = "test"
principal_type = "GROUP"
principal_idp = "INTERNAL"
permission_sets = ["AdministratorAccess", "ReadOnlyAccess"]
account_ids = [
"111111111111",
]
}
TesterDev = {
principal_name = "TesterDev"
principal_type = "USER"
principal_idp = "EXTERNAL"
permission_sets = ["ReadOnlyAccess"]
account_ids = [
"111111111111",
}
The text was updated successfully, but these errors were encountered: