From 54c1e8b01cb9d97476dc8aad92b6e33ace297662 Mon Sep 17 00:00:00 2001 From: Liam MacPherson Date: Thu, 14 Mar 2024 11:24:07 +0000 Subject: [PATCH] fix: update to just use shortname and prefix specifics --- modules/aws/permission_sets/README.md | 4 ++-- modules/aws/permission_sets/main.tf | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/aws/permission_sets/README.md b/modules/aws/permission_sets/README.md index 5c7be7c..e618b8e 100644 --- a/modules/aws/permission_sets/README.md +++ b/modules/aws/permission_sets/README.md @@ -14,7 +14,7 @@ module "permission_sets" { description = identity_store_arn = inline_policies = ARRAY() - managed_policies = ARRAY() + managed_policies = ARRAY() } ``` @@ -25,7 +25,7 @@ This module expects the variables to conform to the following: - `description` - Must be a string between 1 and 256 characters. - `identity_store_arn` - Must be a valid Identity Store ARN. - `inline_policies` - Must be a list of objects that conforms to [Inline Policy](#inline-policy) schema. Can be empty. -- `managed_policies` - Must be a list of strings that are valid managed policy ARNs. Can be empty. +- `managed_policies` - Must be a list of strings that are valid managed policy names. Can be empty. ### Inline Policy diff --git a/modules/aws/permission_sets/main.tf b/modules/aws/permission_sets/main.tf index 1b647e2..3f256bc 100644 --- a/modules/aws/permission_sets/main.tf +++ b/modules/aws/permission_sets/main.tf @@ -34,7 +34,7 @@ resource "aws_ssoadmin_permission_set_inline_policy" "permission_set_inline_poli resource "aws_ssoadmin_managed_policy_attachment" "permission_set_managed_policy" { for_each = toset(var.managed_policies) - managed_policy_arn = each.value + managed_policy_arn = "arn:aws:iam::aws:policy/${each.value}" permission_set_arn = aws_ssoadmin_permission_set.identity_store_permission_set.arn instance_arn = var.identity_store_arn }